SANCTIONS RISK and compliance MANAGEMENT

Sanctions Risk and Compliance Management



Economic and trade sanctions can achieve domestic and foreign policy goals, set by governments and international bodies. They are effective in addressing a range of threats to the national security, foreign policy, and economy, in diminishing the power of regimes, and in cutting off criminals from the financial system. Companies and organizations must know who is the subject to sanctions (including individuals, entities and countries), and ensure they do not conduct transactions involving sanctioned parties.

Targeted sanctions make risk and compliance management more complex and difficult for firms and organizations, especially for financial institutions. Digital currencies add another level of complexity, and they can limit the effectiveness of sanctions.


Sanctions, United Nations Security Council

The Security Council can take action to maintain or restore international peace and security under Chapter VII of the United Nations Charter. Sanctions measures, under Article 41, encompass a broad range of enforcement options that do not involve the use of armed force. Since 1966, the Security Council has established 30 sanctions regimes.

Security Council sanctions have taken a number of different forms, in pursuit of a variety of goals. The measures have ranged from comprehensive economic and trade sanctions to more targeted measures such as arms embargoes, travel bans, and financial or commodity restrictions. The Security Council has applied sanctions to support peaceful transitions, deter non-constitutional changes, constrain terrorism, protect human rights and promote non-proliferation.

Sanctions do not operate, succeed or fail in a vacuum. The measures are most effective at maintaining or restoring international peace and security when applied as part of a comprehensive strategy encompassing peacekeeping, peacebuilding and peacemaking. Contrary to the assumption that sanctions are punitive, many regimes are designed to support governments and regions working towards peaceful transition. The Libyan and Guinea-Bissau sanctions regimes all exemplify this approach.

Today, there are 14 ongoing sanctions regimes which focus on supporting political settlement of conflicts, nuclear non-proliferation, and counter-terrorism. Each regime is administered by a sanctions committee chaired by a non-permanent member of the Security Council. There are 10 monitoring groups, teams and panels that support the work of 11 of the 14 sanctions committees.

The Council applies sanctions with ever-increasing cognisance of the rights of those targeted. In the 2005 World Summit declaration, the General Assembly called on the Security Council, with the support of the Secretary-General, to ensure that fair and clear procedures are in place for the imposition and lifting of sanctions measures.


Charter of the United Nations, Article 41.

"The Security Council may decide what measures not involving the use of armed force are to be employed to give effect to its decisions, and it may call upon the Members of the United Nations to apply such measures. These may include complete or partial interruption of economic relations and of rail, sea, air, postal, telegraphic, radio, and other means of communication, and the severance of diplomatic relations."


Using the ‘threat’ of sanctions.

A sanction’s life-cycle often starts with the Security Council taking up a situation of concern. The Council or the UN Secretary-General and his representatives will usually employ peaceful means to prevent the escalation, or outbreak of, conflict.

At this stage, even the hint of Security Council sanctions may be enough to encourage conflict parties to enter into dialogue. This is sometimes what the Council means when it signals that it will “consider all measures at the Council’s disposal, including the use of enforcement measures.”

Sanctions are meant to be a last resort when it comes to addressing massive human rights violations, curbing illegal smuggling or stopping extremism groups. Increasingly, sanctions are also being used to support peace efforts, to ensure that elections are held, or to demobilize armed groups.


Imposing sanctions – the what, who and how.

Sometimes the threat of sanctions does not work, and it is up to the Security Council to decide to impose sanctions on individuals, entities or States who bear responsibility for conflict.

At this stage, the Security Council adopts a resolution establishing a new sanctions regime, where it determines the precise sanctions measure – such as arms embargoes, assets freezes or travel bans, for example – that it is imposing on the situation.

In some cases, the Council decides to also identify the individuals or entities that are subject to these ‘targeted’ sanctions measures. In other cases, the relevant Sanctions Committee, established as part of a sanctions resolution, will do so.

The individuals or entities sanctioned can change – with new names being added or removed from the list.


Implementing sanctions.

Sanctions Committees are subsidiary organs of the Council and are composed of all 15 of the Council’s members. Their role is to implement, monitor and provide recommendations to the Council on particular sanctions regimes. They meet regularly to consider reports from expert panels and to hold meetings with Member States, UN actors and international organizations.

In some cases, an expert panel is created to assist the sanctions committee. An expert panel monitors the implementation of the sanctions measures and reports its findings to the committee, or in some cases directly to the Council. Expert panels are usually comprised of between five to eight technical experts, all of whom are appointed by the Secretary-General. Expertise in these panels depends on the sanctions imposed, but may include arms, natural resources or human rights / humanitarian experts.

Of central concern to the Council is that sanctions are implemented with due regard for human rights.

De-listing requests from the other sanctions committee are managed by the Focal Point for De-Listing. The post of Focal Point, which was established by resolution 1730 (2006), is based in the UN Department of Political Affairs.


Ending a sanctions regime.

The Security Council can remove UN sanctions once a conflict situation improves. UN sanctions have been lifted in different ways. In some cases, benchmarks contained in sanctions resolutions have been achieved; in others, peace processes have achieved the desired outcome.


Sanctions Risk and Compliance Management Training


Target Audience

The program is beneficial to the board of directors and senior management. We can tailor the program to meet the needs of risk and compliance managers, and those involved in the sanctions screening process.


Duration

One hour to one day, depending on the needs, the content of the program and the case studies. We always tailor the program to the needs of each client.


Instructor

Our instructors are working professionals that have the necessary knowledge and experience in the fields in which they teach. They can lead full-time, part-time, and short-form programs that are tailored to your needs. You will always know up front who the instructor of the training program will be.


Course synopsis (modules to be considered).


Introduction.

- Understanding sanctions.

- Understanding extraterritoriality.

- Who imposes sanctions to whom?

- Types of sanctions.

- Purpose of sanctions.

- Consequences for non-compliance for firms, their employees, and their customers.

- Avoiding breaches of sanctions regulations that result in substantial financial penalties and reputational damage.

- Sanctions terminology.


Major sanctions regimes - the United Nations, the European Union, the United States, the United Kingdom.

- EU’s common foreign and security policy (CFSP).

- The EU’s sanctions regimes, mandated by the United Nations Security Council, or adopted autonomously by the EU.

- The role of the European Commission, and the Directorate-General for Financial Stability, Financial Services and Capital Markets Union (DG FISMA).

- Adoption, renewal, or lifting of sanctions regimes, the Council of the European Union, and the High Representative of the Union for Foreign Affairs and Security Policy.

- EU sanctions map.


- The US Office of Foreign Assets Control (OFAC) of the US Department of the Treasury.

- Consolidated Sanctions List (Non-SDN Lists).

- Specially Designated Nationals And Blocked Persons List (SDN).

- Sanctions List Search.

- The US Treasury 2021 Sanctions Review.

- Adoption, renewal, or lifting of sanctions in the USA.


- The UK’s range of sanctions regimes under the Sanctions and Anti-Money Laundering Act 2018 (the Sanctions Act).

- The Sanctions Regulations Report on Annual Reviews for 2021.Section 30 of the Sanctions Act, the Foreign, Commonwealth and Development Office published the Sanctions Regulations Report on Annual Reviews for 2021.

- How do UK sanctions work?

- Trade Sanctions.

- Financial Sanctions.

- Transport Sanctions.

- Immigration Sanctions.


The Framework from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).

- The five essential components of compliance:

- (1) management commitment;

- (2) risk assessment;

- (3) internal controls;

- (4) testing and auditing; and

- (5) training.

- Investigations, civil monetary penalties (“CMPs”), and the Economic Sanctions Enforcement Guidelines.


Management Commitment

I. Senior management has reviewed and approved the organization’s SCP.

II. Senior management ensures that its compliance unit(s) is/are delegated sufficient authority and autonomy to deploy its policies and procedures in a manner that effectively controls the organization’s OFAC risk.

III. Senior management has taken, and will continue to take, steps to ensure that the organization’s compliance unit(s) receive adequate resources.

Criteria:

A. The organization has appointed a dedicated OFAC sanctions compliance officer;

B. The quality and experience of the personnel dedicated to the SCP, including:

C. Sufficient control functions exist that support the organization’s SCP—including but not limited to information technology software and systems—that adequately address the organization’s OFAC-risk assessment and levels.

IV. Senior management promotes a “culture of compliance” throughout the organization.

Criteria:

A. The ability of personnel to report sanctions related misconduct by the organization or its personnel to senior management without fear of reprisal.

B. Senior management messages and takes actions that discourage misconduct and prohibited activities, and highlight the potential repercussions of non-compliance with OFAC sanctions; and

C. The ability of the SCP to have oversight over the actions of the entire organization, including but not limited to senior management, for the purposes of compliance with OFAC sanctions.

V. Senior management demonstrates recognition of the seriousness of apparent violations of the laws and regulations administered by OFAC, or malfunctions, deficiencies, or failures by the organization and its personnel to comply with the SCP’s policies and procedures, and implements necessary measures to reduce the occurrence of apparent violations in the future.


Risk Assessment

Risks in sanctions compliance are potential threats or vulnerabilities that, if ignored or not properly handled, can lead to violations of OFAC’s regulations and negatively affect an organization’s reputation and business.

The routine, and if appropriate, ongoing “risk assessment” for the purposes of identifying potential OFAC issues they are likely to encounter.

Assessment of the following:

(i) customers, supply chain, intermediaries, and counter-parties;

(ii) the products and services offered, including how and where such items fit into other financial or commercial products, services, networks, or systems; and

(iii) the geographic locations of the organization, as well as its customers, supply chain, intermediaries, and counter-parties. Risk assessments and sanctions-related due diligence is also important during mergers and acquisitions, particularly in scenarios involving non-U.S. companies or corporations.


Internal Controls

An effective SCP should include internal controls, including policies and procedures, in order to identify, interdict, escalate, report (as appropriate), and keep records pertaining to activity that may be prohibited by the regulations and laws administered by OFAC.

Adjusting rapidly to changes published by OFAC. These include the following:

(i) updates to OFAC’s List of Specially Designated Nationals and Blocked Persons (the “SDN List”), the Sectoral Sanctions Identification List (“SSI List”), and other sanctionsrelated lists;

(ii) new, amended, or updated sanctions programs or prohibitions imposed on targeted foreign countries, governments, regions, or persons, through the enactment of new legislation, the issuance of new Executive orders, regulations, or published OFAC guidance or other OFAC actions; and

(iii) the issuance of general licenses.


Testing and Auditing

Audits assess the effectiveness of current processes and check for inconsistencies between these and day-to-day operations.


International standards and best practices in sanctions risk and compliance management.

- Building an effective sanctions risk and compliance program.

- The Know Your Customer (KYC) obligation and sanctions compliance.

- Following the risk management framework from the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in sanctions risk and compliance management.


1. Control Environment.

- Integrity and ethical values.

- Philosophy and operating style.

- Assignment of authority and responsibility.

- Policies and procedures.


2. Risk Assessment.

- Creating sanctions management objectives.

- Risk identification and analysis.

- Managing change.


3. Control Activities.

- Procedures against the identified risks.


4. Information and Communication.

- Proper and well-defined channels for communications.

- Measuring quality and effectiveness of communication.


5. Monitoring.

- Ongoing monitoring.

- Separate evaluations.


Sanctions stress testing.

- What is stress testing?

- What is sanctions stress testing?

- What is financial stress testing?

- Qualitative Assessments.

- Quantitative Assessments.

- Scenario sanctions tests.

- A. The portfolio-driven approach.

- B. The event-driven approach.

- The adverse and severely adverse scenarios.

- The baseline scenario.

- Sensitivity sanctions tests.

- Berkowitz and stress testing.

- Regulatory stress tests.

- Micro stress tests.

- Macro stress tests.

- Stress testing scenarios based on a higher correlation environment.

- Correlation coefficient.

- Endogenous and Exogenous risks.

- Heisenberg's uncertainty principle and stress testing.


Closing remarks.

- The importance or due diligence and record keeping.

- Summary of what we have covered, and what has to be done.


For more information you may contact us.


Sanctions Risk and Compliance Management, news and alerts

This website belongs to Cyber Risk GmbH (established in Horgen, Switzerland, Handelsregister des Kantons Zürich, Firmennummer: CHE-244.099.341). We are carefully monitoring the new legal and regulatory obligations that follow sanctions. We learn the requirements for firms and organizations in the USA, the EU, and other countries, update our training programs accordingly, and inform our clients and recipients of our monthly newsletter. For news and developments, you can receive our monthly newsletter at no cost (you may visit Cyber Risk GmbH, Reading Room, links at the top of the page).