Who would have ever guessed that the largest corporate penalty paid in 2012 would be an OFAC enforcement action. The Justice Department has many major FCPA enforcement actions in the queue awaiting approval and public release, but it will be hard to match the penalty paid by ING Bank for $619 million.
Two days after the ING Bank settlement was announced, OFAC also settled a case with National Bank of Abu Dhabi for $855,000.
The significance of these two recent OFAC enforcement actions is not just the amount of the fines but the exercise of enforcement authority for misconduct and deficiencies which occurred outside the United States. We are witnessing the ever-expanding long-arm of the law reaching around the globe.
FCPA enforcers have been criticized for enforcement actions based on conduct which occurs wholly outside the United States. OFAC enforcers have now joined the club. But is the extraterritorial reach of the law something new? Not really.
In the 1990s, the Justice Department brought several high-profile prosecutions against members of an international cartel involving vitamins and dietary supplements where the impact of the price-fixing conspiracy had an impact on United States consumers. Even where the actions – cartel meeting and illegal price fixing and territorial allocations – occurred outside the United States, the impact of the cartel agreement was direct and significant on United States businesses and consumers.
Congress regularly exercises authority over conduct outside the United States. Its authority can be stretched far so long as the offending conduct has an impact on the United States or regulating such conduct serves a national interest. If Congress stretches too far and does not satisfy this test, the law is at risk as a violation of the Due Process Clause of the Constitution.
In both of the OFAC enforcement actions, the violations involved conduct which occurred outside the United States designed to evade United States sanctions, which are clearly in our national interest, and which involved financial transactions with non-affiliated United States financial institutions.
Add this new wrinkle to the Chief Compliance Officer’s risk responsibilities. OFAC is a growing threat to businesses operating in the global marketplace. Companies need to ensure that foreign operations handling US-origin goods or services are conducted in compliance with United States economic sanctions.
The OFAC risk is relevant to international companies in all sectors. The risk is not limited to financial institutions. Sanction enforcement is a risk for all global companies involved in United States origin goods and services. Nor are such sanctions limited to countries such as Iran and Cuba. Sanctions extend to a number of other countries such as Sudan, Somalia, Syria, North Korea, and Myanmar. The list of sanctioned countries is not a steady-state (e.g. Libya) so compliance officers have to keep a close eye on the sanctions list and make sure they have implemented appropriate controls to guard against potential violations.