Compliance Blog

Dec 12, 2016
Categories: BSA

OFAC 2016 Fall Symposium: Round-Up of Recent Sanctions

By Stephanie Lyon, Regulatory Compliance Counsel

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) held its fall symposium in Washington DC, on Wednesday, December 7th. Among the items discussed in this meeting were the recent changes to the Iran and Cuba sanctions and the elimination of the Burma and Cote d'Ivoire sanctions. As the end of the year is approaching, this is the perfect time to highlight some of OFAC's recent activities. For a comprehensive list of active OFAC sanctions, visit the Sanctions Programs and Country Information Resource Center. Guidance documents are constantly updated so remember to check back with OFAC for up-to-date information.

Iran Sanctions and JCPOA Announcement

Back in 2015, key nations reached a Joint Comprehensive Plan of Action (JCPOA) to ensure that Iran's nuclear program was implemented with only peaceful intent. On January 16, 2016, the International Atomic Energy Agency (IAEA) verified Iran's implementation of key nuclear-related measures specified in the JCPOA. Upon verification from the IAEA, the United States lifted nuclear-related sanctions on Iran. What does this mean for credit unions? The JCPOA provisions included removals of Specially Designated Nationals (SDNs) and Blocked Persons List, the Foreign Sanctions Evaders List and the Non-SDN Iran Sanctions Lists which hopefully translates to less false positives. For more information on Iran's sanctions and the JCPOA, visit the Iran Sanctions Resource Center webpage.

Cuba Sanctions

In 2014, President Obama historically announced the re-establishment of diplomatic relations and an easing of economic and travel restrictions on Cuba. As more Americans are able to travel to Cuba, credit unions began asking a question not considered in 5 decades, whether a credit union can serve members while in Cuba. To assist financial institutions, OFAC published over 100 FAQs that were recently revised in October of this year. Here are a couple of questions pertaining to financial institutions answered in the FAQ guidance:

46. Are authorized travelers in Cuba permitted to use credit or debit cards issued by a U.S. financial institution?

Yes. Travelers are advised to check with their financial institution before traveling to Cuba to determine whether the institution has established the necessary mechanisms for its issued credit or debit cards to be used in Cuba. See 31 CFR § 515.560(c)(5) and 515.584(c).

61. Is a financial institution required to independently verify that an individual's travel is authorized when processing Cuba travel-related transactions?

No. A financial institution may rely on U.S. travelers to provide their certifications of authorized travel directly to the person providing travel or carrier services when processing Cuba travel-related transactions, unless the financial institution knows or has reason to know that the travel is not authorized by a general or specific license.

The [Cuban Assets Control Regulations] (CACR) requires persons subject to U.S. jurisdiction providing travel or carrier services to retain for at least five years from the date of the transaction a certification from each customer indicating the section of the CACR that authorizes the person to travel to Cuba. See § 515.572(b). U.S. travelers utilizing a general or specific license are also required to retain for five years records associated with their travel to Cuba.

For more information, guidance and resources on the Cuban Assets Control Regulations, visit the Cuba Sanctions Resource Center.

Elimination of Cote d'Ivoire and of Burma Sanctions

Years ago, Burma and Cote d'Ivoire were plagued with national security, human rights and other internal issues that prompted the United States to enact sanctions against these countries. After lengthy work by several international organizations both countries held successful presidential elections and moved towards the stabilization of their nations. On September 14, 2016, after the United Nations Security Council determined Cote d'Ivoire's emergency situation was resolved, President Obama ended the sanctions program against this nation. See, Cote d'Ivoire Sanctions Resource Center. Similarly, in October 7, 2016, the President signed an Executive Order terminating the emergency with respect to the actions and policies of Burma. See, Burma Sanctions Resource Center.

My favorite quote of Wednesday's meeting occurred when a panelist discussing the recent elimination of OFAC sanctions simplified the conversation by stating: the sanctions for Burma and Cote d'Ivoire are over, let's just move on.  For credit unions, this means these two countries can now participate in financial markets again which may mean an increase in wire transfers to and from these countries.

OFAC ProTips

Apart from the updates concerning sanctions there were other key takeaways from the symposium:

  1. OFAC does not have a requirement that credit unions have a compliance program; rather it recommends a risk-based approach to OFAC compliance. Credit unions may want to keep in mind that regardless of its OFAC approach, if the credit union facilitates a prohibited transaction it will have an OFAC violation. Some resource credit unions may use when assessing an OFAC program are: 
    • NCUA Examiner's Guide, Ch. 18 (OFAC specific guidance within Bank Secrecy Act section)
       
    • NCUA FCU Handbook, pp. 54-55 (lists NCUA expectations for OFAC compliance)
       
    • NCUA Letter to Credit Unions 05-CU-09 (NCUA acknowledged that while both BSA and OFAC compliance are integral to any anti-money laundering program)
       
    • NCUA Letter to Credit Unions 01-CU-25 (NCUA developed an examiner checklist that may be use to document the review of a credit union'[s OFAC compliance program)
       
    • FFIEC BSA/AML Examination Manual, OFAC section & App. M. (OFAC core examination procedures and risk matrix)
  2. When identifying names on the SDN or other lists, it may be necessary to search more than just OFAC provided information or resources. This is where the credit union's risk assessment and subsequent due diligence is key in determining its policies and procedures.
  3. If unsure, ask! OFAC has published many resources such as interpretative documents and FAQs to its sanctions programs. It also has an OFAC Compliance Hotline ready to assist. The speakers did emphasize the need for credit unions to provide as much detail as possible when submitting questions to the helpline, especially if the credit union wants to receive a timely response. You can find the contact information for the Hotline here.

***

Upcoming NAFCU Webcast

What's New in the updated FFIEC Cybersecurity Handbook

Live Webcast Tuesday, December 13, 2016 | 2:00-3:30 p.m. ET

  • Explore governance of the Information Security Program, including security culture, responsibility and accountability, and resources
  • Learn about Information Security Program management, including identification, measurement, mitigation and monitoring
  • Discuss Security Operations such as identification, assessment, and threat monitoring
  • Measure Information Security Program effectiveness