OFAC reaches $1.4 million settlement with money transmitter
On July 23, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $1.4 million settlement with a New York-based online money transmitter for 2,260 apparent violations of multiple sanctions programs. According to OFAC’s web notice, between February 4, 2013 and February 20, 2018, the company allegedly processed 2,241 payments for parties located in sanctioned jurisdictions and regions, including the Crimea region of Ukraine, Iran, Sudan, and Syria, as well as 19 payments on behalf of sanctioned persons identified on OFAC’s List of Specially Designated Nationals and Blocked Persons. Identified deficiencies in the company’s sanctions compliance program related to screening, testing, auditing, and transaction review procedures allowed persons in these jurisdictions and regions and those on the SDN List to engage in roughly $802,117.36 worth of transactions, OFAC stated. The apparent violations—related to commercial transactions that the company processed on behalf of its corporate customers and card-issuing financial institutions—allegedly occurred as a result of weak algorithms, business identifier code screening failures, backlogs, and a failure to monitor IP addresses or flag addresses in sanctioned locations.
In arriving at the settlement amount, OFAC considered various aggravating factors, including that (i) the company failed to exercise sufficient caution or care for its sanctions compliance obligations; (ii) the company had reason to know users were located in sanctioned jurisdictions and regions based on common indications it had within its possession; and (iii) the apparent violations harmed six different sanctions program.
OFAC also considered various mitigating factors, including that (i) senior management quickly self-disclosed the apparent violations upon discovery and provided substantial cooperation during the investigation; (ii) the company has not received a penalty notice from OFAC in the preceding five years; and (iii) the company has taken remedial measures to minimize the risk of recurrence, including terminating the conduct leading to the apparent violations, retraining compliance employees, enhancing screening software, putting flagged transactions into a pending status rather than completing them, and conducting a daily review of customers’ and counter-parties’ identification documents.