woman sitting at desk working on computer

Sanctions Compliance Tutorial – OFAC Checking and More

The United States requires sanctions compliance by U.S. companies engaged in international trade. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals. This tutorial will guide you through checking your company’s vendors against OFAC’s and other relevant sanction lists to ensure compliance.

Compliance Step-by-Step

Step 1: Understanding OFAC and Other Sanction Lists

The primary list to know is the Specially Designated Nationals and Blocked Persons (SDN) List maintained and enforced by OFAC. Entities on this list are subject to asset blocking and other prohibitions. Other relevant lists depend on your industry and where your organization operates in the world.

Depending on your organization’s business and scope, you may also need to check specific lists from other agencies, such as:

  • Bureau of Industry and Security (BIS) Denied Persons List
  • Department of State’s Nonproliferation Sanctions
  • U.S. Department of Commerce International Trade Administration

Furthermore, internationally, the E.U., U.K. and U.N. also have sanction programs. The United Nations (U.N.) sanctions are enforced by its member countries, including the U.S., U.K. and E.U. The U.N. does not directly enforce sanctions but relies on member states to implement and enforce them according to their national regulations. But the U.K. and E.U. protocols for compliance and reporting are similar to the U.S.

Step 2: Accessing the Sanction Lists

Step 3: Gathering Vendor Information

To check your vendors against sanctions lists, you need a vendor’s full legal name, country of incorporation, any known aliases, address(es) and contact information. All this information should be in your vendor master file. If it is not, review and modify your vendor data-gathering process to ensure you have the data you need.

Step 4: Screening Vendors

Manual Screening: You can manually compare your vendor list against the sanction lists. However, manual review is time consuming and error prone and may not happen with adequate regularity to catch changes.

  • Automation: Utilize software tools for automated screening offered by third-party screeners:
  • Dow Jones Risk & Compliance
  • LexisNexis Bridger Insight
  • VendorInfo
  • AEB Compliance Screening
  • Visual Compliance

Step 5: Interpreting the Results

What to do when a vendor is an apparent match to a sanctioned entity:

  • Exact Matches: If a vendor’s name exactly matches a name on the sanction list, further investigation is required.
  • False Positives: Common names may appear on the list without any actual connection. Investigate further to confirm.
  • Due Diligence: For potential matches, gather more information and conduct due diligence to determine whether the vendor is the sanctioned entity as best as possible.

Step 6: Taking Action

For Positive Matches: If you confirm a vendor is on a sanction list, you must 1. cease all business activities with them and 2. report the finding to OFAC.

For Negative Matches: Document the screening process and results as part of your compliance records and “greenlight” the false match.

Step 7: Continuous Monitoring

Real-Time Monitoring: Continuous monitoring is highly recommended, as sanctions lists are updated frequently and can change anytime. Some automated tools provide real-time tracking and alerts for new additions to the sanction lists.

You must monitor your existing vendors. Continuous monitoring should apply to all vendors in your vendor master file. Implementing a system for constant monitoring ensures that any changes in sanctions status are immediately flagged and addressed.

Continuous Monitoring As a Process

Continuous monitoring is essential because sanctions lists can change without notice. The government can add new entities and modify or remove existing entries. To ensure ongoing compliance:

  • Real-Time Alerts: Utilize tools that provide real-time updates and alerts when changes occur in sanctions lists. This allows for immediate action if a vendor is newly sanctioned.
  • Automated Screening: Implement automated screening solutions that continuously monitor your vendor master file against updated sanctions lists.
  • Audit Trails: Maintain detailed records of all screening activities, including dates, results and actions. This documentation can be crucial for demonstrating compliance with regulatory authorities.
  • Risk Assessment: Continuously assess your vendors’ risk profiles. High-risk vendors (e.g., those in regions with frequent sanctions activity) may require more frequent monitoring.
  • Vendor Communication: Inform your vendors about your compliance requirements and the necessity of ongoing monitoring. This transparency helps maintain strong business relationships.

OFAC Guidance

The Treasury Department has never been prescriptive; rather, it maintains the sanction lists and enforces compliance. However, OFAC has issued guidelines to provide a framework for compliance programs. The guidelines help organizations assess whether their compliance program is well-designed, intentionally and effectively applied (important in penalty abatement) and works in practice. See A Framework for OFAC Compliance Commitments.

Compliance with U.S. sanctions is a continuous process that requires diligence and regular updates. By following these steps, you can ensure your company remains compliant and avoids the risks associated with doing business with sanctioned entities.

For information on VendorInfo’s automatic sanctions checking, contact us.

Lets Talk!

Please enable JavaScript in your browser to complete this form.