OFAC Compliance: What It Is & Why It Matters for Global Businesses

The United States of America, with its unmatched military and economic strength, maintains sway over the rapidly changing geopolitical scenarios. Sanctions are one prominent tool it uses to keep this dominant position. These sanctions are enforced by the Office of Foreign Assets Control of the U.S. Department of the Treasury. 

But how does OFAC influence people within and outside the U.S.? This is what we explore with the help of this article.

In this guide, you'll learn what OFAC compliance is, the key regulations it enforces, and the three types of sanctions it monitors. You'll also discover who must comply (including non-US entities transacting in USD), screening best practices, reporting obligations, penalties for violations, and practical steps Indian exporters can take to stay compliant with US sanctions.

Key Takeaways

• Understanding OFAC compliance helps Indian businesses that trade with US entities, process USD transactions, or work with US-based fintech partners avoid secondary sanctions, frozen assets, and loss of access to US markets.
• OFAC (Office of Foreign Assets Control) administers US trade and economic sanctions under statutes like IEEPA, CAATSA, and the Foreign Narcotics Kingpin Designation Act.
• Sanctions fall into three categories: comprehensive (country-wide), targeted (SDN list individuals/entities), and sectoral (industry-specific).
• Non-compliance can result in civil penalties up to ~$377,700 per violation (or 2x transaction value), criminal fines up to $1 million per transaction, and 20-year imprisonment.
• All USD-denominated transactions, including those routed through Indian exporters to US buyers - must be screened against OFAC's SDN and Non-SDN lists.

OFAC (Office of Foreign Assets Control) is part of the U.S. Department of the Treasury. It upholds the duty to administer and enforce trade and economic sanctions in accordance with U.S. foreign policy and national security goals.

All U.S. residents, businesses and their foreign subsidiaries and entities conducting transactions in U.S. dollars must comply with OFAC regulations. It requires blocking assets and rejecting all transactions of individuals, entities, groups and countries sanctioned by OFAC and the U.S. government.

OFAC regulations are based on a series of federal statutes and executive authorities. These are :

1. International Emergency Economic Powers Act (IEEPA) under which the President gets the authority to regulate commerce during national emergencies.

2. The Foreign Narcotics Kingpin Designation Act that prohibits trade and transactions between significant foreign narcotics traffickers and U.S. companies and individuals. 

3. United Nations Participation Act, which requires implementing sanctions adopted by the UN Security Council.

4. Global Magnitsky Sanctions that imposes financial penalties and visa restrictions on individuals involved in human rights violations and corruption. 

5. Countering America’s Adversaries Through Sanctions Act, which imposes sanctions on Iran, North Korea and Russia.

As an entity responsible for administering and enforcing economic and trade sanctions, OFAC publishes several lists of sanctioned individuals, entities, foreign jurisdictions and regimes. It helps U.S. residents and non-residents who trade with the U.S. identify the entities with whom transactions are blocked or prohibited and whose assets must be frozen. These lists are 

Special Designated Nationals List (SDN)

SDN list contains names of individuals, entities, groups, maritime vessels and aircrafts that are blocked by OFAC. These entities have been identified by the OFAC for their involvement in terrorism, narcotics trafficking, proliferation of weapons of mass destruction and other issues that threaten U.S. foreign policy, economy or national security.

Non-SDN Consolidated Sanctions List

Non-SDN consolidated sanctions lists consist of data on individuals and entities, with some restrictions, but not a full asset freeze. They target key sectors of a country’s economy and impose export controls or financial transaction limits. 

Non-SDN consolidated sanctions include:

1. Sectoral Sanctions Identification (SSI) List

2. Foreign Sanctions Evaders (FSE) List

3. Non-SDN Palestinian Legislative Council (NS-PLC) List

4. CAPTA List

5. Non-SDN Menu-Based Sanctions List (NS-MBS List)

6. Non-SDN Chinese Military-Industrial Complex Companies List

The sanctions monitored by OFAC can be categorised into three types. These are: 

1. Comprehensive sanctions

Comprehensive sanctions cover an entire country or geographic region and prohibits all commercial and financial transactions with them. Unless permitted by a General license or Specific license, imports, exports, financial transfers and other dealings are prohibited with countries and regions under comprehensive sanctions. It currently includes Cuba, North Korea and Iran. 

2. Targeted sanctions

Targeted sanctions focus on individuals, entities, groups, maritime vessels and aircrafts mentioned in the SDN list. It restricts U.S. citizens from engaging in transactions with blocked entities and requires freezing their assets in the U.S. jurisdiction. 

3. Sectoral sanctions

As the name suggests, sectoral transactions target certain sectors of a country’s economy but do not warrant a full asset freeze. It is based on the SSI list and restricts specific transactions in sectors like energy, defence or finance.

Parties that are required to follow OFAC compliance include

1. All U.S. citizens and permanent residents, regardless of where they are located

2. Individuals and entities within the U.S.

3. All U.S. incorporated entities and their foreign branches

4. Foreign subsidiaries owned or controlled by U.S. persons

5. Foreign persons reexporting certain goods, technology or services from the United States

OFAC compliance ensures that businesses avoid transactions with sanctioned countries, entities and individuals and block their assets. Businesses that fail to comply with OFAC threaten the U.S. national security and disrupt its economic activities, which can result in

Legal penalties

Violating OFAC sanctions regulations carries civil and criminal penalties for businesses, including fines of up to $1 million and imprisonment.

Reputational damage

The aim of OFAC sanctions is to combat terrorism, human rights violations and global instability. An organisation implicated in violation of OFAC regulations damages its credibility and reputation among its customers and stakeholders who would turn away from doing business with it.

Secondary sanctions

International businesses that conduct trade with the U.S also need to ensure OFAC compliance. Failing to do so can result in losing access to the U.S. market or having secondary sanctions imposed on them.

Compliance with OFAC is mandatory if you want to continue doing business in the U.S. This underscores the need to establish a well-structured due diligence and risk assessment process. It starts with:

1. Use the SDN and non-SDN lists for screening

You need to screen not only your customers' details but also all intermediaries involved in the transaction against the SDN and non-SDN lists. Screening should not be limited to direct name matching, but it should also consider fuzzy, phonetic, and token-based matching as names can be spelt differently or altered to avoid detection. 

2. Investigate matches

When a match is detected, carefully compare all details of this entity against the identifiers in OFAC lists to determine whether it is a true positive or a false positive. 

3. Take immediate action for true positives

If the match is a true positive, you need to take immediate action. This would include blocking assets and transactions of individuals from the SDN list, while taking program-specific action for non-SDN entities. All true positives and the actions you take must be reported to OFAC within the specified timeline.

OFAC has 3 types of reporting obligations. These are:

1. Mandatory reporting of blocked property

Blocked property refers to frozen assets or interests in assets of the sanctioned persons, within the U.S. jurisdiction or in control of a U.S. person. It requires filing two reports under 31 C.F.R. 501. 

a. An initial blocking report with the holder’s contact information, a description of the blocked property, and its estimated value. This must be submitted to OFAC within 10 days of the asset being blocked.

b. An Annual Report of Blocked Property (ARBP) that covers all blocked property held as of June 30. It has to be filed by September 30 each year.

2. Mandatory reporting of rejected transactions

Rejected transactions refer to financial and non-financial transactions that are prohibited under certain sanctions, but do not include blocking property. These need to be reported to OFAC within 10 business days of rejection. 

3. Voluntary self-disclosure of violation

If a person believes they have accidentally violated OFAC sanctions regulations, they can submit a voluntary self-disclosure to OFAC. It needs to be submitted before or at the same time as any violation is discovered by OFAC or a government agency. While an amnesty is not provided for OFAC violations, submitting a VSD can still significantly reduce civil penalties.

Non-compliance with OFAC-administered sanctions can result in civil and criminal penalties with fines and imprisonment. These penalties are not limited to U.S. entities but also extend to Non-U.S. who cause or conspire to cause U.S. entities to violate OFAC sanctions or they themselves engage in conduct that violates OFAC sanctions. The penalties for OFAC non-compliance are:

1. Civil Penalties

Civil penalties are financial in nature which vary based on the sanction program. These are applicable even if you accidentally deal with a sanctioned party. These can result in hefty fines, with the highest penalty being $377,700 per violation or twice the transaction amount, whichever is greater. A voluntary self-disclosure of violation can help reduce the base amount of civil penalty. 

2. Criminal Penalties

Criminal penalties require proof of violators willfulness for engaging in sanctioned activity. It results in a $1 million fine per transaction and imprisonment of up to 20 years.

Risk scenarios keep on changing, and so do the OFAC sanctions to tackle them. Falling behind in compliance can result in severe penalties. So here are some best practices to make things easier for businesses.

1. Make use of all OFAC lists

Oftentimes, businesses screen their customer against the SDN list alone. This creates a compliance gap, and you may end up processing sanctioned transactions. Screening should include not just the SDN list but also the consolidated non-SDN lists.

2. Screen beyond just names

Sanctioned individuals and groups often use aliases or indirect means to process their transactions. That means that your customer screening should include checking transliterations, typos and other details. You should also ensure that you screen your customers' subsidiaries, affiliates and ownership structure. 

3. Make use of automated software

OFAC updates its list of sanctioned parties at irregular intervals. Manually screening can often lead to missed updates and to the accidental processing of sanctioned transactions. To avoid non-compliance risks, use software that automates the screening process and goes beyond direct name matching.

One accidental compliance mistake can turn into a huge turmoil for your business. Seeking to establish trade with the U.S. means that you must verify who you partner with for exporting your goods and services.

This would include avoiding shipping vessels and business partners listed on SDN lists, checking for sanctions applicable to your trade, and choosing a secure payment solution like Xflow to give your U.S.-based customers a hassle-free payment experience.

Sign-Up with Xflow today and bring efficiency to your cross-border payments!