In an increasingly integrated global economy, and as businesses shift to online sales and a broader client base, it is important to have a clear understanding of, among other things, the U.S. sanctions in place, and the specific business transactions to ensure compliance. In particular, global companies should take reasonable, risk-based steps to ensure that their processes and protocols are appropriately configured to screen relevant sanctions and customer information and to ensure compliance with U.S. sanctions.
Amazon Inc. (“Amazon”), the Seattle, Washington-based company that provides retail, ecommerce, and digital services to millions of customers worldwide, recently settled with the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) to resolve its potential civil fines for apparent violations of multiple OFAC sanctions programs, as a result of sending products and processing orders for persons located in, or employed by foreign missions of prohibited countries including Crimea, Cuba, Iran, Syria, North Korea and Sudan.
On July 8, 2020, the U.S. Treasury issued an enforcement release describing the penalty. According to the U.S. Treasury, the online retailer “accepted and processed orders on its websites for persons located in or employed by the foreign missions of Cuba, Iran, North Korea, Sudan, and Syria...” OFAC also advised that Amazon “failed to timely report several hundred transactions conducted pursuant to a general license issued by OFAC that included a mandatory reporting requirement, thereby nullifying that authorization with respect to those transactions.” This action by OFAC emphasizes the importance of knowing the relevant sanctions in place, having an accurate system and protocol for ensuring that foreign business transactions comply with the sanctions, and timely complying with OFAC requirements, such as reporting transactions pursuant to specific and/or general licenses issued by OFAC.
Overall, the apparent violations consisted primarily of transactions involving low-value retail goods and services for which the total transaction value of the apparent violations was approximately $269,000. However, Amazon was able to settle with OFAC for an amount of half of the value of the total alleged violations ($134,523), partly because: (i) Amazon had not previously received a penalty notice during the last five years preceding the earliest transaction; (ii) Amazon voluntarily self-disclosed the apparent violations to OFAC, cooperated with OFAC’s investigation, and conducted an internal investigation on its own; (iii) and Amazon “undertook significant remedial measures to address its sanctions screening deficiencies and has also agreed as part of its settlement with OFAC to undertake various additional sanctions compliance commitments designed to minimize the risk of recurrence of similar conduct in the future.”
According to the U.S. Department of Treasury, this case “demonstrates the importance of implementing and maintaining effective, risk-based sanctions compliance controls, including sanctions screening measures appropriate for ecommerce and other internet-based businesses that operate on a global scale. Such large and sophisticated businesses should implement and employ compliance tools and programs that are commensurate with the speed and scale of their business operations.” In addition, this case “demonstrates the importance of compliance with all aspects of the terms of OFAC’s general licenses, including the timely fulfillment of any reporting obligations pursuant to those licenses.”
While knowing the existing OFAC sanctions programs is usually relevant, the list of countries and individuals should not be relied on alone. There may be other sanctions programs which may affect the proposed business transactions, such as the Bureau of Industry and Security, U.S. Department of Commerce (“BIS”), as well as specific regulations regarding licenses necessary to export items on the Commerce Control List (“CCL”), and other sanctions regulations. Ultimately, it is critically important to analyze the potential business transactions, as well as the existing applicable United States sanctions programs, to develop an internal system and protocol for specific export control and sanctions programs, to analyze any specific types of licenses required, and to obtain appropriate disclosures from parties participating in the transaction, all of which may affect whether the proposed business transactions implicate any sanctions regulations.