Two Non-U.S. Banks Agree to Pay Penalties Totaling $160 Million for Violations of U.S. Sanctions Laws Resulting from Omnibus Account and Related Services

Recent enforcement actions brought by the U.S. Government against non-U.S. banks for violations of U.S. sanctions laws demonstrate the need for financial institutions, particularly those that act as custodians or financial intermediaries, to implement measures to ensure compliance with those laws. These actions highlight the significant compliance risks faced by non-U.S. financial institutions that conduct business through the U.S. financial system while maintaining accounts on behalf of entities subject to U.S. sanctions. In addition, the cases represent the latest in a series of regulatory actions highlighting the anti-money laundering (“AML”) and sanctions compliance risks presented when U.S. financial institutions maintain omnibus accounts in the United States for non-U.S. financial institutions.

On January 24, 2014, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) released details regarding a settlement agreement with Clearstream Banking S.A. (“Clearstream”), a Luxembourg financial entity, under which Clearstream agreed to pay a penalty of approximately $152 million and undertake remedial compliance measures in connection with violations of the Iranian Transactions and Sanctions Regulations (“ITSR”). OFAC charged that Clearstream maintained an omnibus account at a U.S. financial institution through which the Central Bank of Iran (“CBI”) maintained a beneficial ownership in certain U.S. securities.

Clearstream met with OFAC officials in 2007 and 2008 to discuss the closure of all Clearstream accounts that it maintained for Iranian customers, including accounts for the CBI. Following those meetings, Clearstream transferred the U.S. securities entitlements held by the CBI to a newly-opened custodian account maintained for another European bank customer. However, while this transfer resulted in a change in the record ownership of the securities entitlements held through Clearstream, the CBI continued to be the beneficial owner of the U.S. securities.

Given that Clearstream maintained an omnibus account with the U.S. financial institution, the beneficial owner of the securities ultimately held by CBI was not known to the U.S. financial institution. OFAC alleged that Clearstream unlawfully exported custody and related services from the United States to the CBI in violation of the ITSR.1 In addition to paying the nearly $152 million penalty, Clearstream agreed to implement policies and procedures intended to prevent the reoccurrence of such violations.

Separately, on January 27, 2014, OFAC announced a settlement agreement with the Joint-Stock Commercial Bank “Bank of Moscow” (“Bank of Moscow”) related to violations of U.S. sanctions laws. Bank of Moscow agreed to pay a penalty of approximately $9.5 million to settle charges that it processed numerous funds transfers through the United States on behalf of Bank Melli Iran ZAO, an entity that was designated on the List of Specially Designated Nationals and Blocked Persons. None of the SWIFT payment messages sent by Bank of Moscow included specific references to Bank Melli Iran ZAO, and instead used abbreviations that caused U.S. financial institutions to automatically process the transfers as they were not aware of the involvement of the designated bank.

In connection with these matters, OFAC issued guidance regarding the steps that financial institutions, including those that act as custodians and securities intermediaries, should take in order to accurately identify the beneficial ownership of assets and prevent sanctions violations. The measures recommended by OFAC include, among others: 

  • Making customers/omnibus account owners aware of the institution’s sanctions compliance obligations and requiring certifications from the customer to comply with such obligations; 
  • Conducting due diligence to identify customers/firms who do business in or with entities subject to U.S. sanctions; and
  • Considering restrictions on the use of certain services that pose a higher risk of sanctions violations, such as limitations on the use of omnibus accounts.

These cases represent the latest in the series of regulatory actions highlighting the AML and sanctions compliance risks presented when U.S. financial institutions maintain omnibus accounts for the benefit of non-U.S. firms. For example, in 2010 the U.S. Securities and Exchange Commission and the Financial Crimes Enforcement Network (“FinCEN”) charged U.S. broker-dealer Pinnacle Capital Markets LLC (“Pinnacle”) with violating the customer identification program rules under the U.S. Bank Secrecy Act (“BSA”) when it failed to verify the identity of sub-account holders in omnibus accounts held by non-U.S. financial institutions, even though the sub-account holders had “direct, unfiltered control” over securities transactions in the accounts.2 FinCEN noted that the “[f]irm’s business model encompassed heightened AML risk due to concentrated exposure to high risk foreign jurisdictions.” Separately, in 2012, FinCEN issued an advanced notice of proposed rulemaking seeking comments regarding the concept of requiring financial institutions to obtain information about beneficial owners of assets in accounts held by intermediaries.3 FinCEN acknowledged the difficulty in obtaining information about the beneficial owner of assets held in an omnibus account, and requested comments on “whether a potential explicit obligation to identify the beneficial owners of assets in an account should be based upon the financial institution’s risk assessment of the customer, or whether a more specific obligation would be appropriate.”

Taken together, these regulatory actions underscore the need for appropriate, risk-based due diligence when non-U.S. financial intermediaries maintain omnibus accounts with financial institutions in the United States. U.S. financial institutions should assess the risks posed by such omnibus accounts, including the regulated status of the accountholders, the jurisdictions in which they operate, and the overall AML and sanctions risks posed by the accounts. The recent OFAC settlements demonstrate that appropriate due diligence on non-U.S. omnibus accounts is imperative from both an AML/BSA perspective and for complying with OFAC-administered sanctions programs.

Footnotes

1) 31 C.F.R. 560.204 (providing that “the exportation, … directly or indirectly, from the United States, … of any goods, technology, or services to Iran or the Government of Iran is prohibited”).

2) See, e.g., In the Matter of Pinnacle Capital Markets, LLC, FinCEN Release 2010-4 (Sept. 1, 2010).

3) Customer Due Diligence Requirements for Financial Institutions, 77 Fed. Reg. 13046 (Mar. 5, 2012).