On 07/26/2023, the U.S. Department of Justice (DOJ), the U.S. Department of Commerce’s Bureau of Industry and Security (BIS), and the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), issued a Tri-Seal Compliance Note: Voluntary Self-Disclosure of Potential Violations. The Compliance Note focuses on the voluntary self-disclosure policies that apply to U.S. sanctions, export controls and other national security laws. In addition, the Compliance Note states that: “If a company discovers a potential violation, whether it is an administrative or criminal violation, that company should promptly disclose and remediate. This is especially true for potential violations of U.S. national security laws, including those governing sanctions and export controls. Self-disclosing potential violations can provide significant mitigation of civil or criminal liability, the extent of which depends on the agency, but may extend so far as a non-prosecution agreement or a reduction of 50 percent in the base penalty amount for civil or criminal penalties”. The Compliance Note signals upcoming increased enforcement activity from the U.S. authorities.

BIS

BIS strongly encourages disclosures by companies and other entities who believe that they may have violated the Export Administration Regulations (EAR) or any order, license, or authorization issued. BIS stated that a “disclosure that is timely and comprehensive and involves full cooperation of the disclosing party substantially reduces the applicable civil penalty under the BIS settlement guidelines.” BIS encourages the submission of Voluntary Self Disclosures (VSDs) by parties who believe they may have violated the EAR. BIS states that VSDs are an excellent indicator of a party’s intent to comply with U.S. export control requirements and may provide BIS important information on other ongoing violations. BIS carefully reviews VSDs received from disclosing parties to determine if violations of the EAR have occurred and to determine the appropriate corrective action when violations have taken place.

BIS has a policy on VSDs and disclosures concerning others. First, a deliberate nondisclosure of a significant possible violation of the EAR will be considered an aggravating factor under BIS penalty guidelines. Second, if an entity becomes aware that another party is potentially violating the EAR and submits a tip to the Office of Export Enforcement (OEE), the OEE will consider that a mitigating factor under the penalty guidelines if the information leads to an enforcement action and if the disclosing entity faces an enforcement action in the future. Moreover, companies cannot sidestep the “should we voluntarily self-disclose or not” decision by self-blinding and choosing not to do an internal investigation in the first place. The existence, nature, and adequacy of a company’s compliance program, including its success at self-identifying and rectifying compliance gaps, is itself considered a factor under the settlement guidelines.

DOJ

The Department of Justice’s National Security Division (NSD) issued an updated VSD policy covering potential criminal violations of export control and sanctions laws. The Compliance Note states that NSD’s policy is designed to provide incentives for companies and other organizations to come forward promptly when they identify or otherwise become aware of potential criminal violations of U.S. sanctions and export control laws. A prompt voluntary self-disclosure provides a means for a company to reduce—and, in some cases, avoid altogether—the potential for criminal liability.

If a company voluntarily self-discloses potentially criminal violations, fully cooperates, and timely and appropriately remediates the violations, NSD generally will not seek a guilty plea, and there will be a presumption that the company will receive a non-prosecution agreement and will not pay a fine. Companies that qualify for a non-prosecution agreement (or declination, where appropriate) are not permitted to retain any of the unlawfully obtained gain from the underlying misconduct. The presumption in favor of a non-prosecution agreement does not apply, however, where there are aggravating factors. Those factors include egregious or pervasive criminal misconduct within the company, concealment, or involvement by upper management, repeated administrative and/or criminal violations of national security laws, the export of items that are particularly sensitive or to end users of heightened concern, and a significant profit to the company from the misconduct. Where such aggravating factors are present, NSD has the discretion to seek a different resolution, such as a deferred prosecution agreement or guilty plea.

OFAC

OFAC published guidance titled “A Framework for OFAC Compliance Commitments”. The purpose of the OFAC Framework guidance is to encourage a “risk-based” approach to “Sanctions Compliance” through developing, implementing, and routinely updating a Sanctions Compliance Program (SCP).

The Compliance Note states that OFAC considers VSDs to be a mitigating factor when determining appropriate enforcement action to take in response to a particular case. In cases where a civil monetary penalty is warranted, a qualifying VSD can result in a 50 percent reduction in the base amount of a proposed civil penalty. In reviewing the underlying conduct in a VSD, OFAC considers the totality of the circumstances surrounding the apparent violation, including, among other factors, the existence, nature, and adequacy of the subject’s compliance program at the time of the apparent violation and the corrective actions taken in response to an apparent violation.

The Compliance Note discusses how certain disclosures to OFAC will not qualify as VSDs in situations in which:

• a third party is required to and does notify OFAC of the apparent violation because the transaction was blocked or rejected by that third party (regardless of when OFAC receives such notice or whether the subject person was aware of the third party’s disclosure);
• the disclosure includes false or misleading information;
• the disclosure is not self-initiated (including when the disclosure results from a suggestion or order of a federal or state agency or official; or, when the subject person is an entity, the disclosure is made by an individual in a subject person entity without the authorization of the entity’s senior management. Responding to an administrative subpoena or other inquiry from, or filing a license application with, OFAC is not a VSD.); or
• the disclosure (when considered alongside supplemental information) is materially incomplete.

There are financial incentives and legal protections for whistleblowers to report violations of U.S. anti-money laundering and sanctions laws and regulations

The Compliance Note also address FinCEN’s whistleblower program that is designed to incentivize individuals in the United States and abroad to provide information to the government about violations of U.S. trade and economic sanctions, in addition to violations of the Bank Secrecy Act (BSA). Individuals who provide information to FinCEN or the Department of Justice may be eligible for awards totaling between 10 to 30 percent of the monetary sanctions collected in an enforcement action if the information they provide ultimately leads to a successful enforcement action. FinCEN is currently accepting whistleblower tips.

How robust is your compliance program?

Voluntary Self Disclosure is the pathway to making entities eligible for mitigation.

How do you evaluate transactions or activities that could violate U.S. security laws?

Can you respond quickly to a potential violation?

Do you have a self-disclosure program in place?

Who is your Corporate Governance advisor?