QUESTION
We know that you were among the first to provide anti-money laundering tests, which is required by statute. So, we think you would know the answer to our question. A banking examiner told us that our AML program needs more procedures for OFAC compliance. What is the difference between AML compliance and OFAC compliance?
ANSWER
We were the first to offer AML tests for non-banks and bank mortgage divisions.
This is a good question about AML and OFAC, as it highlights an important component of the AML program itself. Anti-Money Laundering (AML) compliance, often referred to as “AML compliance,” focuses on detecting and deterring money laundering and terrorist abuses in the financial system. AML programs are mandated for certain financial institutions by law under the Bank Secrecy Act (BSA). In fact, it is also suggested for other organizations under the Federal Sentencing Guidelines of the U. S. Sentencing Commission. [FFIEC Exam Manual]
Failure to comply with BSA requirements may result in civil monetary penalties and exposure to criminal liability. Violations of AML caused by non-compliance, as well as not implementing terrorist financing laws, can result in civil and criminal penalties, imprisonment, and asset forfeiture. [18 USC §§ 981, 982, 1956, 1957, 2339A, 2339B, 2339C]
Office of Foreign Assets Control (OFAC) compliance, commonly referred to as “OFAC compliance,” is derived from rules set forth by OFAC, which is part of the U.S. Department of the Treasury. Its purpose is to administer and enforce economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to national security, foreign policy or the economy of the United States.
Under national emergency powers and specific legislation, OFAC can impose controls on transactions and freeze assets subject to the jurisdiction of the United States. OFAC administers programs against targeted foreign countries and regimes, terrorists, international narcotics traffickers, entities involved in proliferation of weapons of mass destruction, and, in effect, other threats to national security, foreign policy or the U.S economy.
OFAC prepares and maintains a unique list, called the Specially Designated Nationals list, which is a compilation of names of persons, entities, and countries that are restricted or prohibited from transacting or dealing with U.S. persons. [U.S. Department of Treasury, Sanctions Programs] Failure to comply with OFAC’s restrictions or prohibitions can result in substantial civil penalties and potential fines. [U.S. Department of Treasure, Civil Penalties and Enforcement Information; also, Economic Sanctions Enforcement Guidelines, 31 CFR, Part 501, Appendix A]
Unlike BSA mandates, which requires an AML compliance program, OFAC does not require an organization to maintain an OFAC compliance program. However, OFAC has indicated that should a violation of law occur, the presence of a program could be a substantial mitigating factor in determining the nature and amount, if any, of a penalty. [31 CFR, Part 501, Appendix A] Consequently, federal financial institution regulators have determined that failure to maintain an OFAC compliance program is considered an unsafe and unsound banking practice.
Although BSA and OFAC requirements are distinct, the requirements are viewed as supporting the common policy goal of national security. Therefore, financial institutions that are subject to the BSA’s AML compliance program requirement are expected to treat OFAC compliance as related, especially with respect to the need to collect and analyze certain customer information.
Jonathan Foxx
Managing Director
Lenders Compliance Group
