SlideShare a Scribd company logo

scce-cep-2015-05-Ward-1

B
Bob Ward JD/LLM/LCB/CUSECO/CFE/CCEP
1 of 7
Download to read offline
Compliance & Ethics Professional a publication of the society of corporate compliance and ethics www.corporatecompliance.org May 2015 41 Data in the cloud: A primer for compliance, security, and privacy officers Janet K. Himmelreich 31 If you build it, will they come? Sarah Morrow 35 When you say “yes,” are you simply opting to not to say “no”? Jeremy Beakley 21 Amnesty works for the government. Can it work for your company? Robert E. Connolly Meet Phyllis Skene-Stimac Executive Vice President Chief Compliance Officer at MoneyGram International See page 14 This article, published in Compliance Ethics Professional, appears here with permission from the Society of Corporate Compliance Ethics. Call SCCE at +1 952 933 4977 or 888 277 4977 with reprint requests.
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  65 ComplianceEthicsProfessional  May2015 Ward by Robert J. Ward, Jr., Esq., CCEP M uch attention has been focused, and rightfully so, on Foreign Corrupt Practices Act (FCPA) compliance. With well-publicized US penalties in the hundreds of millions of dollars (e.g., Siemens at $800 million in 20081 and, more recently, Alstom at $772 million in December 2014),2 there has been plenty of incentive to get it right. Could there be a global compliance headache on par with the FCPA? OFAC introduction and impact Another compliance area exists where the penalties have been equally, if not more, punitive with the potential fallout set to cause just as much of a headache as the FCPA. Said area comprises global sanctions principally administered by the U.S. Treasury’s Office of Foreign Asset Controls (OFAC). These are the economic embargoes imposed for foreign policy and national security reasons against different countries, such as Iran, North Korea, Sudan, and Syria. Cuba is expected to be removed from this list of harshly sanctioned countries, given President Obama’s December 2014 remarks.3 The US government targets other countries in a limited fashion, such as Russia, the Balkans, Belarus, Burma, Iraq, Ivory Coast, The Democratic Republic of the Congo, the former Liberian regime of Charles Taylor, The Palestinian Authority, Libya, Lebanon, Somalia, Yemen, Zimbabwe, etc.4 In June 2014, BNP Paribas SA agreed to pay OFAC $964 million (out of a total of almost $9 billion in penalties to US regulators for various offenses).5,6 Additionally, in June 2012, ING Bank N.V. settled OFAC violations for $619 million.7 In December 2012, HSBC Global OFAC’s global sanctions: A greater headache than the FCPA? »» The largest OFAC penalties levied on banks have matched and even exceeded the largest FCPA penalties against industry. »» The collateral impact of this is that financial institutions can be expected to blow the whistle to OFAC on customers who make USD wire transfers that involve sanctioned targets. »» Particularly at-risk global companies include those under non-western ownership that are not accustomed to compliance with US and EU sanctions laws, but that operate and/or have assets within the U.S./European Union. »» To avoid violations, preventive measures to deal with known vulnerabilities will be critical and targeted training will be essential. »» Sanctions laws are constantly changing in response to world developments, so keeping policies, procedures, operations playbooks, and training materials up-to-date will be necessary to mitigate penalties if a violation occurs.
66   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 Holdings plc settled OFAC violations for $375 million (out of a total $1.9 billion HSBC paid in penalties to US regulators for various offenses).8 As is the case for the FCPA in often targeting foreign owned industry, the fact that the highest OFAC penalties have been levied against foreign banks is not all that surprising. The US government, through OFAC, assiduously monitors US dollar (USD) wire transactions that are all routed through clearing banks within the U.S. (e.g., New York City) with a view that the US currency itself is US property, and thus, cannot be legally used to facilitate or support transactions involving a harshly sanctioned country. Indeed, with the banks taking the initial brunt from penalties, one can expect future actions will stem from the banks blowing the whistle, either on each other or on customers who do not properly monitor and screen their transactions. A few years back, I discovered (through visits with a couple of bank compliance officers in New York City) that their greatest fear was potentially being turned in to OFAC by their counterpart compliance officers at another bank for missing an ill-fated transaction involving a harshly sanctioned country! When one steps back to think, if not for effective implementation of US sanctions laws, the U.S. would have to have military boots on the ground in armed conflict, or expensive airstrikes at a minimum, the reasons for strict enforcement quickly become understandable. With the total costs of the Afghan and Iraqi war estimated to approach between $4 and $6 trillion,9 it can be expected that vigorous and strict enforcement will only continue to get tougher and tougher. This article will review critical preventive measures for avoiding OFAC violations, examine possible bad case scenarios that can potentially happen at any globally operating company, and will conclude with recommendations for keeping up with this highly dynamic and moving target. Critical preventive measures for avoiding OFAC penalties Without question, like FCPA compliance, OFAC compliance is an area that behooves globally operating companies to do what they can to anticipate risk areas and prevent violations. Perhaps the biggest incentive for compliance, aside from penalty exposure, is the possibility that egregious violations will lead to being blacklisted as a Specially Designated National (SDN), where others will not do business with the SDN. Moreover, for publicly-traded companies, there is the SEC requirement effective fiscal year 2012 to disclose whether, “during the period covered by” the issuer’s report, “the issuer or any affiliate of the issuer” worldwide knowingly engaged in certain types of “transaction[s] or dealing[s],” involving Iran, the government of Iran, or certain individuals and entities on the list of SDNs published by the US government.10 Risk-based assessments The first step in prevention is to perform a risk-based assessment of one’s vulnerabilities. Questions to delve into at key regional offices include: ·· Are we in an industry where the harshly sanctioned countries could be implicated, even if inadvertently? (e.g., banking and financial sectors; oil, gas, and extractive industries; high tech and telecommunications industries; foreign- based agency businesses such as sales, maritime, aircraft, customs broker, and freight forwarding; and even tax and visa processing agents). ·· Does our US parent company have a controlling interest in subsidiaries located in known trans-shipment countries, such
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  67 ComplianceEthicsProfessional  May2015 as the United Arab Emirates, Hong Kong, and Singapore? ·· Even if our parent company is foreign- owned, do we use the US dollar as our functional currency with transaction payments approved by US persons and/or wire transfers cleared through US-based clearing banks? ·· Is there the potential of facilitating transactions with sanctioned countries or SDNs by US persons, including foreign expatriates working in the U.S. as well as green card holders? ·· Is there the potential of evasion of sanctions through US persons making referrals to third parties or even merely suggesting payments be made in currencies other than the US dollar? Such inquiries into potential vulnerabilities will readily provide a road map for the needed focus of policy, procedures, and training efforts. Crafting relevant policies and procedures Once it is determined what the proper focus should be, it is imperative to have relevant policies and procedures that cover known vulnerabilities. It is typical to include global sanctions policies and procedures, along with export control and anti- boycott subject matter. The key headings for such policies and procedures usually cover the following: ·· Purpose ·· Scope and applicability ·· Policy statement ·· Contact information If the company has had prior violations or is anticipated to have issues given particular difficulties in establishing effective internal controls, it will be worthwhile to create an operations playbook to supplement any policies and procedures. The playbook should cover likely scenarios and how best to handle them. Training sessions should cover the playbook scenarios as well as afford an opportunity to add more relevant scenarios as those in the field may bring up. Screening software is a must Because OFAC concerns itself not only with country embargoes, but also with SDNs, it is imperative to have effective screening software. OFAC’s SDN List contains many thousands of individuals, entities, vessels, and banks all over the globe including: ·· Specially Designated Terrorists (SDTs), Global Terrorists (SDGTs), and Foreign Terrorist Organizations (FTOs) ·· Specially Designated Narcotics Traffickers (SDNTs) and Kingpins (SDNTKs) ·· Weapons of Mass Destruction (WMD) Proliferators (NPWMDs) As long as one is going to the trouble to implement screening software, one should, at a minimum, screen against the lists in Table 1. This list comes from OFAC Analyzer11 —a screening software program. Gov’t Agency List Description Last Update # of Records in List OFAC (SDN) Specially Designated Nationals List 03/25/15 25,385 (OFCL) Consolidated List 12/23/14 416 BIS BIS Denied Persons/Unverified List 02/18/15 874 FBI Most Wanted Terrorist List 09/12/14 42 Canada (OSFI) 11/25/14 3,527 Europe HM Treasury Sanction List 03/23/15 7,838 European Union Sanction List 02/21/15 13,607 UN United Nations 1267 List 09/12/14 2,336 Table 1: Lists that screening software should cover at a minimum
68   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 As can be readily seen, OFAC maintains the most extensive list. Depending on where one’s company does business, it might behoove one to include other lists from other countries (and it goes without saying that banks and financial institutions have to undertake Anti- Money Laundering List checks). A best practice is to screen customers, joint venture partners, agents, suppliers, and even employees and contract workers. In short, it is critical to screen every person and legal entity with whom one’s company does business, and, just in case someone has turned into a bad apple in the interim, it is important to conduct regular batch screens (e.g., on a monthly basis) of all such business partners. There are software screening programs that can be integrated into a company’s Enterprise Resource Planning (ERP) system for real-time continuous screening. Banks and financial institutions that have to process hundreds of thousands of transactions in a single day will go to the trouble for such integrated real-time and continuous screening capabilities. Tailor training for worst-case scenarios The number of ways things have gone wrong and can go wrong can surprise even the most experienced compliance professional. Based on personal experience, the author can readily describe a couple of bad headache cases. One instance involved a US Accounts Payable person who did not realize agency expenses paid via US dollar wire-transfer for services rendered at the port of Bandar Mahshahr would violate US sanctions against Iran.12 (Bandar Mahshahr is a port city in Khuzestan province in southwestern Iran.) Unfortunately, on the wire transfer supporting documents, there was no mention of the country of Iran. This case suggests, aside from rigorous screening, it will be important to train personnel on the geography of these areas to prevent these types of mistakes and to reduce company vulnerability. Aside from outside counsel fees, this mistake cost the involved maritime agency an $84,000 USD penalty and months of strict due-diligence follow-up by US dollar clearing banks in New York City that took notice of the publicized penalty. Another instance involved a US-based company that rented equipment as part of a managed service. This case has already been self-disclosed to the government and reported in SEC filings per Section 219 of the National Defense Authorization Act (NDAA). The company provided a Chinese customer the rented equipment in Singapore. However, the Chinese customer later advised they were planning to take the equipment to Iran for work to be performed there. Attempts to retrieve the equipment were to no avail. Meanwhile, a high-performing engineer, based in Singapore, took it upon himself to continue to provide the managed service as a subcontractor to a Singapore-owned vendor. Remarkably, the Australian general manager of the Singapore office approved this arrangement without consulting headquarters in the U.S. Besides representing an OFAC violation, this activity also constituted potential violations of US export control laws (given the US-origin components in the equipment), not to mention a violation of the US company’s code of conduct forbidding activities that amount to a conflict of interest. Put another way, the Singapore office evidently attempted to keep their revenue numbers up and did so by joining with a vendor to serve a customer operating in a forbidden, harshly sanctioned jurisdiction (i.e., earning revenues from a vendor). The investigation yielded the dismissal of both the general manager and the high- performing engineer for violating US laws applicable to their US-controlled subsidiary,
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  69 ComplianceEthicsProfessional  May2015 as well as for the unreported conflict of interest. This case militated toward creating an operations playbook to alert personnel to be on the look-out for customers that might be at risk for operating in harshly sanctioned countries. In addition, personnel are now requiring customer certifications that any contemplated work in a harshly sanctioned country will require sufficient notice for return of the rented equipment. On more than one occasion, I have seen failures by companies to have anything other than one-page agency powers of attorney and failing to limit such powers, including standard FCPA as well as global sanctions and export control protective clauses. Other ways things can conceivably go wrong include the following (all of which should be included in due diligence processes, protective contractual clauses, customer certifications, training, and potentially in operations playbooks to avoid trouble down the road)13 : a. Because OFAC generally prohibits “evasion and facilitation” by US persons of transactions by non-US persons with sanctions targets, training should advise against the following in such circumstances: –– Advising, assisting, approving, authorizing, supporting, referring, brokering, financing, or making decisions for a transaction by a foreign person that in any way involves a sanctions target other than activities of a purely clerical or reporting nature; –– Altering operating policies or procedures, or those of a foreign subsidiary or affiliate, to permit the foreign subsidiary to engage in transactions with sanctions targets that previously required US person approval; –– Referring to a foreign person purchase orders, requests for bids, or similar business opportunities involving a sanctions target; b. Parent company facilitation can arise in many ways (e.g., providing various types of financial or legal assistance or mandatory approval for certain contracts); c. Risks arise with foreign subsidiaries that are not sufficiently independent or if there is a divergence of operational structure from legal structure; d. Facilitation risks exist with other relationships, such as joint development, joint ventures, clients, and customers as noted in the above examples from the author’s personnel experience; and e. Referring business to a third-party vendor related to transactions in a sanctions target. Specific, conceivable bad-case scenarios might also include: ·· A US citizen employee of the Cairo office engages in business planning in support of Sudanese investments by a Norwegian client; ·· A French employee of the Dubai office prepares and emails comments on a Swiss client’s Iranian investments while attending a conference in Hawaii; ·· A British national employed by an entity in the U.S. receives an inquiry from a customer in Europe about trade advisory services needed in Syria and forwards that inquiry to the firm’s Geneva office with a recommendation and tips on how best to pursue this new business opportunity; ·· A Swiss employee of an entity in Geneva calls the firm’s commodities expert in the U.S. for commercial advice in connection with structuring a Swiss-Iranian transaction; ·· A Swiss trader for an entity in Geneva asks an executive in the U.S. to authorize the export of non–US-origin rice to Iran without the benefit of a license covering that consultation or shipment (humanitarian
70   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 aid is permitted but requires an OFAC license); and ·· OFAC also prohibits “evasion” of sanctions by concealing information or other means to enable the completion of a transaction through the United States that could not occur on a transparent basis (banks have run afoul here by suppressing or outright misrepresenting details in US dollar wire-transfer requests). Conclusion: How best to keep up with this dynamic area of the law The key point is that the high OFAC penalties imposed on banks will trigger the financial industry to blow the whistle on their customers who attempt, even if inadvertently, to facilitate or support any transactions involving a sanctions target. OFAC has penalized the banking industry severely, so financial industry finger–pointing will surely occur to those undertaking global operations without adequate compliance due-diligence processes in place. Traps for the unwary can involve OFAC penalties, damage to reputation, a high level of clearing-bank scrutiny on all payment and receipt requests, and even potential SDN designation! Just in the past year, we have witnessed the rolling back of Cuban sanctions, while Russia experienced a significant imposition of multilateral sanctions stemming from Russia’s annexation of Crimea and Russia’s continued support (including militarily) to separatists in Eastern Ukraine. Along with those country- level sanctions have been numerous additions to the SDN and other blacklists. Keeping one’s policies, procedures, training materials, and monitoring processes up-to-date can be daunting. Certainly, implementing a solid screening software program, where list updates are uploaded as close to real-time as possible, is a critical first step. The author subscribes to two major newspapers, one US-based and the other European based, as well as covering a number of different blogs in order to keep up with the ever changing global political, social, and economic landscape. In the end, the key is to focus on the risks of one’s company having involvement with sanctions targets. Updates will have to be made as soon after executive orders are released regarding new sanctions for any parts of the world where the company may be operating in close proximity, or where there is a risk of a customer or agent doing business involving a sanctions target. ✵ 1. Department of Justice, Office of Public Affairs, press release: “Siemens AG and Three Subsidiaries Plead Guilty to Foreign Corrupt Practices Act Violations and Agree to Pay $450 Million in Combined Criminal Fines.” December 15, 2008. Available at http://bit.ly/siemens-ag 2. Department of Justice, Office of Public Affairs, press release: “Alstom Pleads Guilty and Agrees to Pay $772 Million Criminal Penalty to Resolve Foreign Bribery Charges.” December 22, 2014. Available at http://bit.ly/alstom-guilty 3. CNN Money website: “The promise for American businesses if Cuba sanctions are lifted.” January 20, 2015. Available at http://bit.ly/cuba-trade 4. OFAC Guide Compliance Regulations for 2015. Available at http://bit.ly/ofac-guide 5. Department of the Treasury: Settlement Agreement with PNP Paribas, June 30, 2014. Available at http://bit.ly/treasury-sactions 6. Noamie Bisserbe: “BNP Paribas Assures It Has Ample Cash to Cover U.S. Penalties.” July, 1, 2014. Available at http://bit.ly/bnp-paribas 7. Department of the Treasury: Settlement Agreement with ING Bank N.V. June 12, 2012. MUL-565595. Available at http://bit.ly/treasury-civpen 8. Department of the Treasury: Settlement Agreement with HSBC Global Holdings plc. December 11, 2012. MUL-615225. Available at http://bit.ly/treasury-civpen2 9. Ernesto Londono: “Study: Iraq, Afghan war costs to top $4 trillion.” Washington Post, National Security section. March 28, 2013. Available at http://bit.ly/afghan-4-trillion 10. Section 219 of the National Defense Authorization Act for Fiscal Year 2012. Public Law 112–81, December 31, 2011. Available at http://bit.ly/treasury-programs 11. OFAC Analyzer screening software. Available at http://bit.ly/ofac-analyser 12. http://bit.ly/treasury-afac 13. Norton Rose Fulbright: Phoenix – Our slides and WebEx recordings. Slide deck from a March 2013 presentation. Available at http://bit.ly/norton-roseful Robert J. Ward, Jr. (robertjwardjr@gmail.com) is Vice President Global Compliance at Houston International Business Corp in Houston and is a Certified U.S. Export Compliance Officer. In the end, the key is to focus on the risks of one’s company having involvement with sanctions targets.

Recommended

ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIES
ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIESANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIES
ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIESKim_Marsh1
 
Economic Sanctions and Financial Crime 2016
Economic Sanctions and Financial Crime 2016Economic Sanctions and Financial Crime 2016
Economic Sanctions and Financial Crime 2016Sofiane Guerni "قرني سفيان"
 
Risk management presentation May 13 2013
Risk management presentation May 13 2013Risk management presentation May 13 2013
Risk management presentation May 13 2013Compliance LLC
 
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...PwC France
 
Lexis nexis risk solutions true cost of financial crime compliance global rep...
Lexis nexis risk solutions true cost of financial crime compliance global rep...Lexis nexis risk solutions true cost of financial crime compliance global rep...
Lexis nexis risk solutions true cost of financial crime compliance global rep...Hannes Bezuidenhout
 
AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14ACFCS
 
ESAAMLG Zambia Mutual Evaluation Ratings - 2019
ESAAMLG Zambia Mutual Evaluation Ratings - 2019ESAAMLG Zambia Mutual Evaluation Ratings - 2019
ESAAMLG Zambia Mutual Evaluation Ratings - 2019FATF - Financial Action Task Force
 
International Business Strategies for Credit Professionals
International Business Strategies for Credit ProfessionalsInternational Business Strategies for Credit Professionals
International Business Strategies for Credit ProfessionalsKegler Brown Hill + Ritter
 

Recommended

ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIES
ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIESANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIES
ANTI-BRIBERY & CORRUPTION FOR EMERGING ECONOMIESKim_Marsh1
 
Economic Sanctions and Financial Crime 2016
Economic Sanctions and Financial Crime 2016Economic Sanctions and Financial Crime 2016
Economic Sanctions and Financial Crime 2016Sofiane Guerni "قرني سفيان"
 
Risk management presentation May 13 2013
Risk management presentation May 13 2013Risk management presentation May 13 2013
Risk management presentation May 13 2013Compliance LLC
 
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...
Etude PwC/CSFI "Banking Banana Skins" sur les risques dans le secteur bancair...PwC France
 
Lexis nexis risk solutions true cost of financial crime compliance global rep...
Lexis nexis risk solutions true cost of financial crime compliance global rep...Lexis nexis risk solutions true cost of financial crime compliance global rep...
Lexis nexis risk solutions true cost of financial crime compliance global rep...Hannes Bezuidenhout
 
AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14AML Meets ABC Webinar Deck 2-19-14
AML Meets ABC Webinar Deck 2-19-14ACFCS
 
ESAAMLG Zambia Mutual Evaluation Ratings - 2019
ESAAMLG Zambia Mutual Evaluation Ratings - 2019ESAAMLG Zambia Mutual Evaluation Ratings - 2019
ESAAMLG Zambia Mutual Evaluation Ratings - 2019FATF - Financial Action Task Force
 
International Business Strategies for Credit Professionals
International Business Strategies for Credit ProfessionalsInternational Business Strategies for Credit Professionals
International Business Strategies for Credit ProfessionalsKegler Brown Hill + Ritter
 
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...Craig Taggart MBA
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers BDO_Consulting
 
OFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction TechniquesOFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction TechniquesCognizant
 
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...Craig Taggart MBA
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
 
Igor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured LenderIgor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured LenderIgor Zax (Zaks)
 
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-201520 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015Jeff Otteson
 
CS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & FraudCS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & FraudPaige Rasid
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 
FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017Gillian Faichnie
 
Cyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide InsuranceCyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide InsuranceStatewide Insurance Brokers
 
Drones and Personal Liability Worth Magazine
Drones and Personal Liability Worth MagazineDrones and Personal Liability Worth Magazine
Drones and Personal Liability Worth MagazineSharon Kauls, CIC, CRM, CRIS,AAI, AU, AIS
 
100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont group100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont groupKYCMap.com
 
can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948Cheryl Goldberg
 
EBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentationEBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentationFrancis Rowland
 
Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79Yash Realtors
 
State and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a ManufacturerState and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a ManufacturerBrandon Ferris
 
Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?Wolny Ptak
 
My Weight Loss Story!
My Weight Loss Story!My Weight Loss Story!
My Weight Loss Story!jamesmarc1
 
Que son blogs educativos..
Que son blogs educativos..Que son blogs educativos..
Que son blogs educativos..sandrisuarez
 

More Related Content

What's hot

ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...Craig Taggart MBA
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers BDO_Consulting
 
OFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction TechniquesOFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction TechniquesCognizant
 
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...Craig Taggart MBA
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
 
Igor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured LenderIgor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured LenderIgor Zax (Zaks)
 
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-201520 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015Jeff Otteson
 
CS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & FraudCS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & FraudPaige Rasid
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Ethisphere
 
Cyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide InsuranceCyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide InsuranceStatewide Insurance Brokers
 
100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont group100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont groupKYCMap.com
 
can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948Cheryl Goldberg
 

What's hot (16)

ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
ComplianceOnline PPT Format AMLOFAC Risk Assessment The Cornerstone of an Eff...
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
 
OFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction TechniquesOFAC Name Matching and False-Positive Reduction Techniques
OFAC Name Matching and False-Positive Reduction Techniques
 
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
ComplianceOnline PPT Format 2015 Developing an Effective Fraud Risk Managemen...
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment Report
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
 
Igor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured LenderIgor Zax interviewed on Credit Insurance for Secured Lender
Igor Zax interviewed on Credit Insurance for Secured Lender
 
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-201520 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015
 
CS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & FraudCS3: Cybersecurity Extortion & Fraud
CS3: Cybersecurity Extortion & Fraud
 
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
Best Practices in Anti-Corruption Diligence on M&A Targets, Joint Venture Par...
 
FCR Report 2017
FCR Report 2017FCR Report 2017
FCR Report 2017
 
Cyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide InsuranceCyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
Cyber Insurance, A Novel of 2017, Q1. By Statewide Insurance
 
Drones and Personal Liability Worth Magazine
Drones and Personal Liability Worth MagazineDrones and Personal Liability Worth Magazine
Drones and Personal Liability Worth Magazine
 
100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont group100 Money Laundering cases from the Egmont group
100 Money Laundering cases from the Egmont group
 
can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948can-you-think-like-a-fraudster-106948
can-you-think-like-a-fraudster-106948
 

Viewers also liked

EBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentationEBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentationFrancis Rowland
 
Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79Yash Realtors
 
State and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a ManufacturerState and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a ManufacturerBrandon Ferris
 
Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?Wolny Ptak
 
My Weight Loss Story!
My Weight Loss Story!My Weight Loss Story!
My Weight Loss Story!jamesmarc1
 
Que son blogs educativos..
Que son blogs educativos..Que son blogs educativos..
Que son blogs educativos..sandrisuarez
 
Vet 2300 internship imaging review powerpoints
Vet 2300 internship imaging review powerpointsVet 2300 internship imaging review powerpoints
Vet 2300 internship imaging review powerpointsstanbridge
 
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025IndexBox Marketing
 

Viewers also liked (10)

EBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentationEBI Interfaces - Introductory presentation
EBI Interfaces - Introductory presentation
 
Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79Mapsko Mount Ville Gurgaon Sector 79
Mapsko Mount Ville Gurgaon Sector 79
 
State and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a ManufacturerState and Local Tax Issues Facing a Manufacturer
State and Local Tax Issues Facing a Manufacturer
 
Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?Jaki system wentylacyjny wybrać do swojego domu?
Jaki system wentylacyjny wybrać do swojego domu?
 
My Weight Loss Story!
My Weight Loss Story!My Weight Loss Story!
My Weight Loss Story!
 
Que son blogs educativos..
Que son blogs educativos..Que son blogs educativos..
Que son blogs educativos..
 
Vet 2300 internship imaging review powerpoints
Vet 2300 internship imaging review powerpointsVet 2300 internship imaging review powerpoints
Vet 2300 internship imaging review powerpoints
 
Lavavajillas AEG F56312M0
Lavavajillas AEG F56312M0Lavavajillas AEG F56312M0
Lavavajillas AEG F56312M0
 
Encimera AEG HK624010XB
Encimera AEG HK624010XBEncimera AEG HK624010XB
Encimera AEG HK624010XB
 
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025
Uganda: Pigeon Peas - Market Report. Analysis And Forecast To 2025
 

Similar to scce-cep-2015-05-Ward-1

Managing sanctions compliance challenges
Managing sanctions compliance challengesManaging sanctions compliance challenges
Managing sanctions compliance challengesGrant Thornton LLP
 
Best Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramBest Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramMyComplianceOffice
 
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14Kara Bombach
 
PwC Global Financial Sanctions
PwC Global Financial SanctionsPwC Global Financial Sanctions
PwC Global Financial SanctionsKevin Kirst
 
Risks Of A Dos Attack
Risks Of A Dos AttackRisks Of A Dos Attack
Risks Of A Dos AttackAshley Thomas
 
170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition InvestigationJaya Patten
 
170116 newsletter
170116 newsletter170116 newsletter
170116 newsletterJaya Patten
 
170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition InvestigationJaya Patten
 
Is your company prepared for the new era of fcpa... (para mi primer debate...)
Is your company prepared for the new era of fcpa... (para mi primer debate...)Is your company prepared for the new era of fcpa... (para mi primer debate...)
Is your company prepared for the new era of fcpa... (para mi primer debate...)Andres Baytelman
 
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarForeign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarMyComplianceOffice
 
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia Partners
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia PartnersFinancial Services Insight NYSDFS Whistleblowing Guidance - Sia Partners
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia PartnersDaniel Connor
 
PRI_Engaging on anti-bribery and corruption
PRI_Engaging on anti-bribery and corruptionPRI_Engaging on anti-bribery and corruption
PRI_Engaging on anti-bribery and corruptionOlivia Mooney
 
Preventing financial fraud
Preventing financial fraudPreventing financial fraud
Preventing financial fraudRishalHalid1
 
Fraud Seminar Presentation Feb 2009 (2)
Fraud Seminar Presentation Feb 2009 (2)Fraud Seminar Presentation Feb 2009 (2)
Fraud Seminar Presentation Feb 2009 (2)andrewrmarshall
 
Fcpa enforcement-aerospace-defense-industry
Fcpa enforcement-aerospace-defense-industryFcpa enforcement-aerospace-defense-industry
Fcpa enforcement-aerospace-defense-industryAlberto Garcia Romera
 
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...PECB
 
Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Paul Hamilton
 

Similar to scce-cep-2015-05-Ward-1 (20)

Managing sanctions compliance challenges
Managing sanctions compliance challengesManaging sanctions compliance challenges
Managing sanctions compliance challenges
 
Best Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramBest Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance Program
 
Selection of publications 2
Selection of publications 2Selection of publications 2
Selection of publications 2
 
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14
RC_GREENBERG_Ofac enforcement compliance_ReprintFeb14
 
PwC Global Financial Sanctions
PwC Global Financial SanctionsPwC Global Financial Sanctions
PwC Global Financial Sanctions
 
Risks Of A Dos Attack
Risks Of A Dos AttackRisks Of A Dos Attack
Risks Of A Dos Attack
 
William J. Kolasky Antitrust Compliance Programs The Governm
William J. Kolasky Antitrust Compliance Programs The GovernmWilliam J. Kolasky Antitrust Compliance Programs The Governm
William J. Kolasky Antitrust Compliance Programs The Governm
 
William j. kolasky antitrust compliance programs the governm
William j. kolasky antitrust compliance programs the governmWilliam j. kolasky antitrust compliance programs the governm
William j. kolasky antitrust compliance programs the governm
 
170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation
 
170116 newsletter
170116 newsletter170116 newsletter
170116 newsletter
 
170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation170116 newsletter FinGuard - Regulatory Competition Investigation
170116 newsletter FinGuard - Regulatory Competition Investigation
 
Is your company prepared for the new era of fcpa... (para mi primer debate...)
Is your company prepared for the new era of fcpa... (para mi primer debate...)Is your company prepared for the new era of fcpa... (para mi primer debate...)
Is your company prepared for the new era of fcpa... (para mi primer debate...)
 
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarForeign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
 
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia Partners
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia PartnersFinancial Services Insight NYSDFS Whistleblowing Guidance - Sia Partners
Financial Services Insight NYSDFS Whistleblowing Guidance - Sia Partners
 
PRI_Engaging on anti-bribery and corruption
PRI_Engaging on anti-bribery and corruptionPRI_Engaging on anti-bribery and corruption
PRI_Engaging on anti-bribery and corruption
 
Preventing financial fraud
Preventing financial fraudPreventing financial fraud
Preventing financial fraud
 
Fraud Seminar Presentation Feb 2009 (2)
Fraud Seminar Presentation Feb 2009 (2)Fraud Seminar Presentation Feb 2009 (2)
Fraud Seminar Presentation Feb 2009 (2)
 
Fcpa enforcement-aerospace-defense-industry
Fcpa enforcement-aerospace-defense-industryFcpa enforcement-aerospace-defense-industry
Fcpa enforcement-aerospace-defense-industry
 
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
Protecting Against Bribery Risk in Business Transactions: Developing an Effec...
 
Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey Mind the Gaps: AML and Fraud Global Benchmark Survey
Mind the Gaps: AML and Fraud Global Benchmark Survey
 

scce-cep-2015-05-Ward-1

  • 1. Compliance & Ethics Professional a publication of the society of corporate compliance and ethics www.corporatecompliance.org May 2015 41 Data in the cloud: A primer for compliance, security, and privacy officers Janet K. Himmelreich 31 If you build it, will they come? Sarah Morrow 35 When you say “yes,” are you simply opting to not to say “no”? Jeremy Beakley 21 Amnesty works for the government. Can it work for your company? Robert E. Connolly Meet Phyllis Skene-Stimac Executive Vice President Chief Compliance Officer at MoneyGram International See page 14 This article, published in Compliance Ethics Professional, appears here with permission from the Society of Corporate Compliance Ethics. Call SCCE at +1 952 933 4977 or 888 277 4977 with reprint requests.
  • 2. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  65 ComplianceEthicsProfessional  May2015 Ward by Robert J. Ward, Jr., Esq., CCEP M uch attention has been focused, and rightfully so, on Foreign Corrupt Practices Act (FCPA) compliance. With well-publicized US penalties in the hundreds of millions of dollars (e.g., Siemens at $800 million in 20081 and, more recently, Alstom at $772 million in December 2014),2 there has been plenty of incentive to get it right. Could there be a global compliance headache on par with the FCPA? OFAC introduction and impact Another compliance area exists where the penalties have been equally, if not more, punitive with the potential fallout set to cause just as much of a headache as the FCPA. Said area comprises global sanctions principally administered by the U.S. Treasury’s Office of Foreign Asset Controls (OFAC). These are the economic embargoes imposed for foreign policy and national security reasons against different countries, such as Iran, North Korea, Sudan, and Syria. Cuba is expected to be removed from this list of harshly sanctioned countries, given President Obama’s December 2014 remarks.3 The US government targets other countries in a limited fashion, such as Russia, the Balkans, Belarus, Burma, Iraq, Ivory Coast, The Democratic Republic of the Congo, the former Liberian regime of Charles Taylor, The Palestinian Authority, Libya, Lebanon, Somalia, Yemen, Zimbabwe, etc.4 In June 2014, BNP Paribas SA agreed to pay OFAC $964 million (out of a total of almost $9 billion in penalties to US regulators for various offenses).5,6 Additionally, in June 2012, ING Bank N.V. settled OFAC violations for $619 million.7 In December 2012, HSBC Global OFAC’s global sanctions: A greater headache than the FCPA? »» The largest OFAC penalties levied on banks have matched and even exceeded the largest FCPA penalties against industry. »» The collateral impact of this is that financial institutions can be expected to blow the whistle to OFAC on customers who make USD wire transfers that involve sanctioned targets. »» Particularly at-risk global companies include those under non-western ownership that are not accustomed to compliance with US and EU sanctions laws, but that operate and/or have assets within the U.S./European Union. »» To avoid violations, preventive measures to deal with known vulnerabilities will be critical and targeted training will be essential. »» Sanctions laws are constantly changing in response to world developments, so keeping policies, procedures, operations playbooks, and training materials up-to-date will be necessary to mitigate penalties if a violation occurs.
  • 3. 66   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 Holdings plc settled OFAC violations for $375 million (out of a total $1.9 billion HSBC paid in penalties to US regulators for various offenses).8 As is the case for the FCPA in often targeting foreign owned industry, the fact that the highest OFAC penalties have been levied against foreign banks is not all that surprising. The US government, through OFAC, assiduously monitors US dollar (USD) wire transactions that are all routed through clearing banks within the U.S. (e.g., New York City) with a view that the US currency itself is US property, and thus, cannot be legally used to facilitate or support transactions involving a harshly sanctioned country. Indeed, with the banks taking the initial brunt from penalties, one can expect future actions will stem from the banks blowing the whistle, either on each other or on customers who do not properly monitor and screen their transactions. A few years back, I discovered (through visits with a couple of bank compliance officers in New York City) that their greatest fear was potentially being turned in to OFAC by their counterpart compliance officers at another bank for missing an ill-fated transaction involving a harshly sanctioned country! When one steps back to think, if not for effective implementation of US sanctions laws, the U.S. would have to have military boots on the ground in armed conflict, or expensive airstrikes at a minimum, the reasons for strict enforcement quickly become understandable. With the total costs of the Afghan and Iraqi war estimated to approach between $4 and $6 trillion,9 it can be expected that vigorous and strict enforcement will only continue to get tougher and tougher. This article will review critical preventive measures for avoiding OFAC violations, examine possible bad case scenarios that can potentially happen at any globally operating company, and will conclude with recommendations for keeping up with this highly dynamic and moving target. Critical preventive measures for avoiding OFAC penalties Without question, like FCPA compliance, OFAC compliance is an area that behooves globally operating companies to do what they can to anticipate risk areas and prevent violations. Perhaps the biggest incentive for compliance, aside from penalty exposure, is the possibility that egregious violations will lead to being blacklisted as a Specially Designated National (SDN), where others will not do business with the SDN. Moreover, for publicly-traded companies, there is the SEC requirement effective fiscal year 2012 to disclose whether, “during the period covered by” the issuer’s report, “the issuer or any affiliate of the issuer” worldwide knowingly engaged in certain types of “transaction[s] or dealing[s],” involving Iran, the government of Iran, or certain individuals and entities on the list of SDNs published by the US government.10 Risk-based assessments The first step in prevention is to perform a risk-based assessment of one’s vulnerabilities. Questions to delve into at key regional offices include: ·· Are we in an industry where the harshly sanctioned countries could be implicated, even if inadvertently? (e.g., banking and financial sectors; oil, gas, and extractive industries; high tech and telecommunications industries; foreign- based agency businesses such as sales, maritime, aircraft, customs broker, and freight forwarding; and even tax and visa processing agents). ·· Does our US parent company have a controlling interest in subsidiaries located in known trans-shipment countries, such
  • 4. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  67 ComplianceEthicsProfessional  May2015 as the United Arab Emirates, Hong Kong, and Singapore? ·· Even if our parent company is foreign- owned, do we use the US dollar as our functional currency with transaction payments approved by US persons and/or wire transfers cleared through US-based clearing banks? ·· Is there the potential of facilitating transactions with sanctioned countries or SDNs by US persons, including foreign expatriates working in the U.S. as well as green card holders? ·· Is there the potential of evasion of sanctions through US persons making referrals to third parties or even merely suggesting payments be made in currencies other than the US dollar? Such inquiries into potential vulnerabilities will readily provide a road map for the needed focus of policy, procedures, and training efforts. Crafting relevant policies and procedures Once it is determined what the proper focus should be, it is imperative to have relevant policies and procedures that cover known vulnerabilities. It is typical to include global sanctions policies and procedures, along with export control and anti- boycott subject matter. The key headings for such policies and procedures usually cover the following: ·· Purpose ·· Scope and applicability ·· Policy statement ·· Contact information If the company has had prior violations or is anticipated to have issues given particular difficulties in establishing effective internal controls, it will be worthwhile to create an operations playbook to supplement any policies and procedures. The playbook should cover likely scenarios and how best to handle them. Training sessions should cover the playbook scenarios as well as afford an opportunity to add more relevant scenarios as those in the field may bring up. Screening software is a must Because OFAC concerns itself not only with country embargoes, but also with SDNs, it is imperative to have effective screening software. OFAC’s SDN List contains many thousands of individuals, entities, vessels, and banks all over the globe including: ·· Specially Designated Terrorists (SDTs), Global Terrorists (SDGTs), and Foreign Terrorist Organizations (FTOs) ·· Specially Designated Narcotics Traffickers (SDNTs) and Kingpins (SDNTKs) ·· Weapons of Mass Destruction (WMD) Proliferators (NPWMDs) As long as one is going to the trouble to implement screening software, one should, at a minimum, screen against the lists in Table 1. This list comes from OFAC Analyzer11 —a screening software program. Gov’t Agency List Description Last Update # of Records in List OFAC (SDN) Specially Designated Nationals List 03/25/15 25,385 (OFCL) Consolidated List 12/23/14 416 BIS BIS Denied Persons/Unverified List 02/18/15 874 FBI Most Wanted Terrorist List 09/12/14 42 Canada (OSFI) 11/25/14 3,527 Europe HM Treasury Sanction List 03/23/15 7,838 European Union Sanction List 02/21/15 13,607 UN United Nations 1267 List 09/12/14 2,336 Table 1: Lists that screening software should cover at a minimum
  • 5. 68   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 As can be readily seen, OFAC maintains the most extensive list. Depending on where one’s company does business, it might behoove one to include other lists from other countries (and it goes without saying that banks and financial institutions have to undertake Anti- Money Laundering List checks). A best practice is to screen customers, joint venture partners, agents, suppliers, and even employees and contract workers. In short, it is critical to screen every person and legal entity with whom one’s company does business, and, just in case someone has turned into a bad apple in the interim, it is important to conduct regular batch screens (e.g., on a monthly basis) of all such business partners. There are software screening programs that can be integrated into a company’s Enterprise Resource Planning (ERP) system for real-time continuous screening. Banks and financial institutions that have to process hundreds of thousands of transactions in a single day will go to the trouble for such integrated real-time and continuous screening capabilities. Tailor training for worst-case scenarios The number of ways things have gone wrong and can go wrong can surprise even the most experienced compliance professional. Based on personal experience, the author can readily describe a couple of bad headache cases. One instance involved a US Accounts Payable person who did not realize agency expenses paid via US dollar wire-transfer for services rendered at the port of Bandar Mahshahr would violate US sanctions against Iran.12 (Bandar Mahshahr is a port city in Khuzestan province in southwestern Iran.) Unfortunately, on the wire transfer supporting documents, there was no mention of the country of Iran. This case suggests, aside from rigorous screening, it will be important to train personnel on the geography of these areas to prevent these types of mistakes and to reduce company vulnerability. Aside from outside counsel fees, this mistake cost the involved maritime agency an $84,000 USD penalty and months of strict due-diligence follow-up by US dollar clearing banks in New York City that took notice of the publicized penalty. Another instance involved a US-based company that rented equipment as part of a managed service. This case has already been self-disclosed to the government and reported in SEC filings per Section 219 of the National Defense Authorization Act (NDAA). The company provided a Chinese customer the rented equipment in Singapore. However, the Chinese customer later advised they were planning to take the equipment to Iran for work to be performed there. Attempts to retrieve the equipment were to no avail. Meanwhile, a high-performing engineer, based in Singapore, took it upon himself to continue to provide the managed service as a subcontractor to a Singapore-owned vendor. Remarkably, the Australian general manager of the Singapore office approved this arrangement without consulting headquarters in the U.S. Besides representing an OFAC violation, this activity also constituted potential violations of US export control laws (given the US-origin components in the equipment), not to mention a violation of the US company’s code of conduct forbidding activities that amount to a conflict of interest. Put another way, the Singapore office evidently attempted to keep their revenue numbers up and did so by joining with a vendor to serve a customer operating in a forbidden, harshly sanctioned jurisdiction (i.e., earning revenues from a vendor). The investigation yielded the dismissal of both the general manager and the high- performing engineer for violating US laws applicable to their US-controlled subsidiary,
  • 6. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  69 ComplianceEthicsProfessional  May2015 as well as for the unreported conflict of interest. This case militated toward creating an operations playbook to alert personnel to be on the look-out for customers that might be at risk for operating in harshly sanctioned countries. In addition, personnel are now requiring customer certifications that any contemplated work in a harshly sanctioned country will require sufficient notice for return of the rented equipment. On more than one occasion, I have seen failures by companies to have anything other than one-page agency powers of attorney and failing to limit such powers, including standard FCPA as well as global sanctions and export control protective clauses. Other ways things can conceivably go wrong include the following (all of which should be included in due diligence processes, protective contractual clauses, customer certifications, training, and potentially in operations playbooks to avoid trouble down the road)13 : a. Because OFAC generally prohibits “evasion and facilitation” by US persons of transactions by non-US persons with sanctions targets, training should advise against the following in such circumstances: –– Advising, assisting, approving, authorizing, supporting, referring, brokering, financing, or making decisions for a transaction by a foreign person that in any way involves a sanctions target other than activities of a purely clerical or reporting nature; –– Altering operating policies or procedures, or those of a foreign subsidiary or affiliate, to permit the foreign subsidiary to engage in transactions with sanctions targets that previously required US person approval; –– Referring to a foreign person purchase orders, requests for bids, or similar business opportunities involving a sanctions target; b. Parent company facilitation can arise in many ways (e.g., providing various types of financial or legal assistance or mandatory approval for certain contracts); c. Risks arise with foreign subsidiaries that are not sufficiently independent or if there is a divergence of operational structure from legal structure; d. Facilitation risks exist with other relationships, such as joint development, joint ventures, clients, and customers as noted in the above examples from the author’s personnel experience; and e. Referring business to a third-party vendor related to transactions in a sanctions target. Specific, conceivable bad-case scenarios might also include: ·· A US citizen employee of the Cairo office engages in business planning in support of Sudanese investments by a Norwegian client; ·· A French employee of the Dubai office prepares and emails comments on a Swiss client’s Iranian investments while attending a conference in Hawaii; ·· A British national employed by an entity in the U.S. receives an inquiry from a customer in Europe about trade advisory services needed in Syria and forwards that inquiry to the firm’s Geneva office with a recommendation and tips on how best to pursue this new business opportunity; ·· A Swiss employee of an entity in Geneva calls the firm’s commodities expert in the U.S. for commercial advice in connection with structuring a Swiss-Iranian transaction; ·· A Swiss trader for an entity in Geneva asks an executive in the U.S. to authorize the export of non–US-origin rice to Iran without the benefit of a license covering that consultation or shipment (humanitarian
  • 7. 70   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  May2015 aid is permitted but requires an OFAC license); and ·· OFAC also prohibits “evasion” of sanctions by concealing information or other means to enable the completion of a transaction through the United States that could not occur on a transparent basis (banks have run afoul here by suppressing or outright misrepresenting details in US dollar wire-transfer requests). Conclusion: How best to keep up with this dynamic area of the law The key point is that the high OFAC penalties imposed on banks will trigger the financial industry to blow the whistle on their customers who attempt, even if inadvertently, to facilitate or support any transactions involving a sanctions target. OFAC has penalized the banking industry severely, so financial industry finger–pointing will surely occur to those undertaking global operations without adequate compliance due-diligence processes in place. Traps for the unwary can involve OFAC penalties, damage to reputation, a high level of clearing-bank scrutiny on all payment and receipt requests, and even potential SDN designation! Just in the past year, we have witnessed the rolling back of Cuban sanctions, while Russia experienced a significant imposition of multilateral sanctions stemming from Russia’s annexation of Crimea and Russia’s continued support (including militarily) to separatists in Eastern Ukraine. Along with those country- level sanctions have been numerous additions to the SDN and other blacklists. Keeping one’s policies, procedures, training materials, and monitoring processes up-to-date can be daunting. Certainly, implementing a solid screening software program, where list updates are uploaded as close to real-time as possible, is a critical first step. The author subscribes to two major newspapers, one US-based and the other European based, as well as covering a number of different blogs in order to keep up with the ever changing global political, social, and economic landscape. In the end, the key is to focus on the risks of one’s company having involvement with sanctions targets. Updates will have to be made as soon after executive orders are released regarding new sanctions for any parts of the world where the company may be operating in close proximity, or where there is a risk of a customer or agent doing business involving a sanctions target. ✵ 1. Department of Justice, Office of Public Affairs, press release: “Siemens AG and Three Subsidiaries Plead Guilty to Foreign Corrupt Practices Act Violations and Agree to Pay $450 Million in Combined Criminal Fines.” December 15, 2008. Available at http://bit.ly/siemens-ag 2. Department of Justice, Office of Public Affairs, press release: “Alstom Pleads Guilty and Agrees to Pay $772 Million Criminal Penalty to Resolve Foreign Bribery Charges.” December 22, 2014. Available at http://bit.ly/alstom-guilty 3. CNN Money website: “The promise for American businesses if Cuba sanctions are lifted.” January 20, 2015. Available at http://bit.ly/cuba-trade 4. OFAC Guide Compliance Regulations for 2015. Available at http://bit.ly/ofac-guide 5. Department of the Treasury: Settlement Agreement with PNP Paribas, June 30, 2014. Available at http://bit.ly/treasury-sactions 6. Noamie Bisserbe: “BNP Paribas Assures It Has Ample Cash to Cover U.S. Penalties.” July, 1, 2014. Available at http://bit.ly/bnp-paribas 7. Department of the Treasury: Settlement Agreement with ING Bank N.V. June 12, 2012. MUL-565595. Available at http://bit.ly/treasury-civpen 8. Department of the Treasury: Settlement Agreement with HSBC Global Holdings plc. December 11, 2012. MUL-615225. Available at http://bit.ly/treasury-civpen2 9. Ernesto Londono: “Study: Iraq, Afghan war costs to top $4 trillion.” Washington Post, National Security section. March 28, 2013. Available at http://bit.ly/afghan-4-trillion 10. Section 219 of the National Defense Authorization Act for Fiscal Year 2012. Public Law 112–81, December 31, 2011. Available at http://bit.ly/treasury-programs 11. OFAC Analyzer screening software. Available at http://bit.ly/ofac-analyser 12. http://bit.ly/treasury-afac 13. Norton Rose Fulbright: Phoenix – Our slides and WebEx recordings. Slide deck from a March 2013 presentation. Available at http://bit.ly/norton-roseful Robert J. Ward, Jr. (robertjwardjr@gmail.com) is Vice President Global Compliance at Houston International Business Corp in Houston and is a Certified U.S. Export Compliance Officer. In the end, the key is to focus on the risks of one’s company having involvement with sanctions targets.