By Khaled Nabulsi, The Red Flag Group®
Exploring sanction lists
Due to the rapidly changing sanctions regulations and laws, adhering and complying to sanction regulations is becoming a more complex and demanding task. Thus, companies and financial institutions are obliged to adhere to the internationally imposed sanctions to avoid financial and reputational risks. In general, sanction lists are created to combat serious crimes or to achieve foreign policy targets or a diplomatic aim. These lists are issued by countries or international regulatory bodies such as the United Nations.
The most notable and extraterritorial reached sanction lists include: Office of Foreign Asset Control list (OFAC list issued by the United States Government), United Nations list, Her Majesty’s Treasury Sanctions List (HM list issued by the United Kingdom Government), European Union list (EU list issued by the European Union Authorities), and Department of Foreign Affairs and Trade list (DFAT list issued by the Australian Authorities). Those lists are generic and includes several sanctioned entities and individuals which are classified into different categories.
Recently, sanctions regulations are becoming the new phenomena, however, addressing sanctions specifications and categories have not yet been discussed thoroughly. The lack of detailed understanding of sanctioned programs, sanctioned categories, and sanctioned individuals and entities might hurdle proper assessment and restrict better business decision making.
The Office of Foreign Asset Control (OFAC) sanctions remains the most comprehensive sanctions due to the high number of sanction programs and sanctioned individuals and entities. The OFAC sanction programs varies in scope, some OFAC sanctions programs are broad and comprehensive such as the sanctions imposed on countries; Iran, Syria, and North Korea. Other OFAC sanction programs are specific and aimed against targeted individuals and entities. Those includes sanctioned individuals in non-sanctioned who represents an ongoing challenge, thus, an enhanced approach must be applied to identify those individuals and execute appropriate measurements if a company was engaged with a sanction individual in non-sanctioned country.
In focus: sanctioned individuals in non-sanctioned countries
Sanctioned individuals in non-sanctioned countries are mainly designated for terrorism, narcotic trafficking, and serious human right violation. Furthermore, they are usually designated under the Specifically Designated Nationals and Blocked Person list (SDN). As of today, the SDN list contains approximately 6,300 names from different sanction programs. The biggest category pertaining to listed individuals on SDN is the Specially Designated Global Terrorist (SDGT). Individuals under the (SDGT) category are usually found linked to terrorist classified organizations such as ISIS (Islamic State Iraq and Syria) and Hezbollah or they are linked to a sanctioned regime.
Several Lebanese individuals were found designated under the SDGT. One of these individuals, is a well-known political and economic figure in Lebanon, a former chairperson and majority shareholder in a Lebanese bank prior to the OFAC sanctions. In 2015, this individual was sanctioned by the OFAC due to his connection to Hezbollah, which has exerted pressure on him and eventually forced him to step down from the Lebanese bank’s board of directors along with transferring his shares to his son. However, he remains to be a current President of a Lebanese Municipality. Moreover, he formerly held the position of the Gabon Consulate to Lebanon. In addition, this individual appears to be an ultimate beneficiary for several businesses located in the Gabon, Syria, and Equatorial Guinea.
Another Lebanese individual who holds the Belgium nationality also has been designated in 2018 by the OFAC for his connection to Hezbollah. This individual was found to own and control several entities located in Belgium, Gambia, Congo and Lebanon.
Outside the Middle East and Africa jurisdiction another Lebanese individual who was described by the OFAC as a major financier for Hezbollah has been subject to OFAC sanctions in 2009. The individual was operational in the tri-border area, an area that spans across Argentina, Brazil, and Paraguay. Furthermore, he was found to own and control several businesses in Latin America namely in Argentina, Chile, Paraguay, and Brazil. The individual was arrested by the Brazilian authorities in 2018, and whether he will be facing terrorism charges in Brazil or he will be extradited to the United States remains unclear.
All the above examples were found related to Hezbollah and subsequently they were subject to OFAC sanctions under SDN list within the SDGT category. Thus, all the above individuals appeared to run business inside and outside their residential jurisdictions even after the imposition of OFAC sanctions. The extent to which the individuals and their related entities were impacted by the OFAC sanctions remains unclear, but serious financial and reputational risks will be incurred if a company was found to be engaged in a business with any of those individuals and their related entities.
Pursuant to executive order 13582 regarding blocking property of the Government of Syria, a well-known Lebanese businessman has been sanctioned under SDN within the category of the Syria program. The latter was sanctioned for providing material support to a Syrian governmental entity. The individual is the chairman, managing director and 80% shareholder for a company that facilitated fuel shipments to the Syrian governmental entity. Such individuals tend to act on the behalf of sanctioned regimes and governments to carry out certain prohibited transactions, as such they will use their names and front companies to facilitate such transactions.
More recently and under Executive Order 13818 of December 20, 2017, the OFAC has introduced and implemented a new sanction category under Global Magnitsky Human Rights Accountability Act (GLOMAG). The newly imposed sanction category aims to sanction foreign governmental officials involved in serious human rights violations. On 15 November 2018, the OFAC added several individuals to its SDN list under GLOMAG category, those were Saudi nationals sanctioned in relation to Jamal Khashoggi’s murder. One of those is a well-known high-ranking Saudi politician who used to serve as an advisor at the Saudi Royal Court. He is also a board member and chairman for various Saudi state-owned entities.
The above-mentioned scenarios and real-life cases pulled from the SDN-OFAC list provides an illustration that sanctioned individuals are widely operational around the globe and in certain cases those individuals maintain power and influence in their countries and other non-sanctioned territories. This will impose additional challenges to companies in identifying and verifying sanctioned individuals.
Challenges encountered and The Red Flag Group® advice
Breaching any of the OFAC sanctions regulations might impose serious financial and reputational risks pertaining to individuals and entities. Those risks might include but not limited to, blocking certain USD transactions, high fines and penalties, asset freeze and seizure in the United States, and in certain cases individuals may be prosecuted and imprisoned. Moreover, individuals and corporates who are found breaching OFAC sanctions might face some serious business continuity risks arising from the lack of confidence from their business partners and clients. Furthermore, individuals and companies who violate OFAC sanctions regulations might get involved in legal proceedings which could cause the termination of the business due to high penalties or major reputational damages.
Due to the severe measurements applied by the OFAC on individuals and corporates who breaches OFAC sanctions and due to its complexity, companies are encouraged to apply an enhanced due diligence approach when dealing with new and existing third parties. The Red Flag Group has a variety of products dedicated to aid companies to screen and manage their third parties. The most notable key products are IntegraCheck and Compliance Managed Services. IntegraCheck consists of high-end and enhanced due diligence reports that aims to identify, analyse and assess third parties’ integrity and business risks. Additionally, IntegraCheck provides general industry insights about third parties in terms of their operations, corporate profile, ownership, key principals and financial information. Compliance Managed Services provides companies with a thoroughly thought of process combined of best technologies and business practices to enable companies to better handle their compliance process and its management needs.
The most applicable tool in dealing with such situation is to apply an ongoing screening for third parties either by acquiring a compatible screening system or outsourcing the screening process to a professional services company. Any third party shall be subject to continuous monitoring and screening as international lists are subject to changes frequently. The Red Flag Group has an extensively developed and inclusive database and dashboard originating from its expertise in the compliance industry. IntegraWatch is a screening platform and services that enables companies to scan their third parties against a large number of international lists and other key risk areas. ComplianceDesktop is a multifaceted dashboard used to obtain the network of varies services that have aided multiple fortune 500 companies in their efforts to better manage, screen, order, analyse and record their compliance needs and various third parties.
The process of screening might be challenging and difficult at times; thus, a knowledgeable sanction officer might be required to perform this task. It is worth mentioning that some of the difficulties faced during screening process might include transliterating issues as at times names are not originally written in Roman alphabets.
All the above-mentioned scenarios for sanctioned individuals in non-sanctioned countries maintain Arabic names that are not originally written in Roman Alphabets. Thus, their names might not be understood for non-Arabic speakers. Additionally, those names might be transliterated in different forms, which might increase the chance of missing a genuine hit while screening against an international sanction list. Accordingly, understanding Arabic naming protocols may be helpful in overcoming those challenges.
When companies might face scenarios in which they are currently engaged with an entity that is owned or controlled by a sanctioned individual, an enhanced due diligence approach and proper risk mitigation plan and mechanism are advised to avoid any possible financial and reputational impact. Companies are strongly recommended to assess dealings in such scenarios on a case by case approach.
Thus, it is ideal when engaging in a business with a third party to perform a full Know Your Customer (KYC) approach. This will include a disclosure of a company’s ownership, its business partners, affiliates, and clients. Furthermore, if goods are involved in a certain business transaction, a detailed shipment plan which includes shipment route, and shipment mechanism shall be disclosed to ensure the absence of a sanctioned element.
For instance, Company A is an international company with wide operations in different regions and it is owned and controlled by several major shareholders. OFAC has recently added one of Company A’s shareholder on SDN list. To comprehend how to deal with the situation and take the necessary further steps, Company A decided to engage its board members, legal experts, compliance officers and third-party experts. Company A proceeded to publish a public official statement addressing its stakeholders stating that it will continue to abide by international regulations and will impose the necessary measures to mitigate any possible related ramifications. Company A has refused to pay dividends to the sanctioned individual as Company A feared to face secondary OFAC sanction implications. Furthermore, Company A is trying to persuade and pressure the sanctioned individual to decrease his shares in the Company by selling his shares to a level where he no longer appears as one of the major shareholders, ultimately depriving his voting rights.
On the other hand, Company B faced the same situation where the OFAC has added one of its major shareholders on the SDN list. However, Company B’s management were not welling to address the situation and they decided to continue their operations neglecting the newly imposed decision by the OFAC. After a short time, Company B sent a notice of its shareholding details to a financial institution, which recognised the sanctioned individual and became reluctant to deal with Company B. Moreover, Company B’s business partner, a well-known international supplier, conducted extensive research on Company B with the aid of local experts as part of this business partner’s regular due diligence process. The business partner was able to identify the sanctioned element and continued to implement and enforce the necessary compliance procedures concerning its third party, Company B. This eventually caused a business lost for Company B.
The above two examples illustrate the difference in handling sanction regulations. It is advised when identifying a sanctioned element in an existing business relation to approach the business partner to fully obtain their statement on this matter and what are the policies in place to overcome the sanction challenge. It is also advised to refer the matter to a compliance, sanction and a legal expert to evaluate whether the existing business relation would entail any implication on a company or not and how to further handle such a situation.
Adhering to sanction regulations might be always a difficult task to handle, and with a lack of proper identification of sanctioned individuals or entities and failure to address the issue in a timely manner could cause serious consequences to be faced. Companies are encouraged to invest in a comprehensive sanction protocol to avoid and mitigate related risks. This can be done either internally by recruiting top notch compliance officers accompanied with appropriate training and smart solutions, or companies might decide to outsource this task to a well-known third-party expert who will be overseeing this issue.