"Iran, Non-U.S. Banks and Secondary Sanctions: Understanding the Trends"

by Skadden, Arps, Slate, Meagher & Flom LLP

[author: Sean M. Thornton]

Many non-U.S. financial institutions have expressed concern — and, at times, confusion — regarding their exposure under U.S. economic sanctions laws, especially with respect to Iran. The complex U.S. framework for secondary sanctions is no longer properly understood as sanctions “against” Iran, but rather U.S. sanctions against third-country companies that do business with Iran. Over the past several years, there has been a series of settlements, each exceeding $100 million, between U.S. authorities and non-U.S. banks — including ABN AMRO, Barclays, Credit Suisse, ING, Lloyds and Standard Chartered — alleging violations of U.S. sanctions against Iran and other countries.

As remarkable as these settlements may be, they are fairly conventional in the sense that they concern transactions that had a connection to U.S. territory, and the allegations were that the banks directly violated U.S. law by conducting business with Iran from the United States. A more noteworthy trend in U.S. law has been to threaten, and occasionally impose, so-called secondary sanctions against non-U.S. persons that do business with Iran, whether or not that business has a U.S. nexus. To best understand this trend, it is necessary to review the context for secondary sanctions, the substance of the new laws and the lessons non-U.S. financial institutions appear to be drawing.

Secondary Sanctions and Iran – A Recent History

Iran-related secondary sanctions are not new to U.S. policy. The Iran-Libya Sanctions Act of 1996 — amended over the years and now known as the Iran Sanctions Act (ISA) — authorizes sanctions on businesses or individuals engaging in various transactions related to Iran’s energy sector or advanced Iranian weapons programs. Several non-U.S. companies in the energy and shipping sectors have been subjected to various secondary sanctions under ISA in recent years.

The current wave of secondary sanctions can be traced to 2006, when U.S authorities began a concerted effort to dissuade non-U.S. financial institutions from doing business with Iranian banks — not because of their nationality or affiliation with the Iranian state, but because of their conduct.

To begin, the U.S Treasury Department’s Office of Foreign Assets Control (OFAC) amended a provision in its Iranian sanctions regulations that had authorized so-called U-turn payments, or funds transfers originating and terminating outside the United States, effectively to prohibit any such payments involving Iran’s Bank Saderat, which OFAC stated was serving as a conduit between the Iranian government and terrorist organizations. OFAC’s 2007 sanctions on Iran’s Bank Sepah for its role in Iran’s missile procurement was the next in a series of U.S. government actions imposing various economic sanctions on large Iranian commercial enterprises because of their alleged conduct. By late 2008, the U-turn authorization for Iranian parties had been revoked altogether, and by 2012 it seemed as if almost every major Iranian commercial enterprise had been accused of a role in Iran’s nuclear program or support for international terrorism.

Outside American media and policy circles, the primary audience for these conduct-based sanctions on Iranian entities has been non-U.S. financial institutions. U.S. persons already had been prohibited from engaging in most business with Iran through broad U.S. economic sanctions dating back to 1995. Revoking the U-turn authorization had the most direct impact on non-U.S. financial institutions that previously had been permitted to conduct dollar-clearing transactions for Iranian clients. U.S. authorities may not have expected to compel the non-U.S. banks to drop such business altogether, but they appealed to the reputational concerns of these entities, and authorities intended to close off access to the U.S. financial system for such business. Many non-U.S. financial institutions responded favorably, and some announced that they were voluntarily terminating their Iran-related business.

New Secondary Sanction Efforts

Starting in 2010, the U.S. government sharpened the choice for non-U.S. financial institutions: If they continued to conduct certain business with Iran, they risked losing access to the U.S. financial system. New legal authorities were developed to restrict correspondent banking services or impose broader sanctions on non-U.S. banks that continued to conduct certain business with Iran.

Correspondent Banking Sanctions

The Comprehensive Iran Sanctions, Accountability, and Divestment Act of 2010 (CISADA), which enables the U.S. Treasury Secretary to prohibit or impose conditions on opening or maintaining U.S. correspondent or payable-through accounts for a non-U.S. financial institution found to knowingly engage in sanctionable activities. This includes those entities that facilitate (i) Iran’s WMD acquisition or development, or Iran’s support for international terrorism; or (ii) significant transactions or providing significant financial services for designated banks or for Iran’s Islamic Revolutionary Guard Corps or its affiliates, which include large commercial enterprises. In July 2012, the Treasury Department first exercised its CISADA authorities when it announced that U.S. financial institutions would be prohibited from opening or maintaining accounts for two institutions: China’s Bank of Kunlun and Iraq’s Elaf Islamic Bank. The public record is not clear about the specific conduct of these banks, but it does not suggest that Kunlun or Elaf did anything more than simply provide arms-length financial services to designated Iranian banks.

The National Defense Authorization Act for Fiscal Year 2012 (NDAA), which includes a new authority to impose secondary sanctions on non-U.S. banks. Signed into law on December 31, 2011, the NDAA essentially replicates CISADA’s focus on transactions with designated banks but adds the Central Bank of Iran as a new criterion for sanctions. It also includes a unique provision for “exceptions” to the sanctions: If the president finds that a country made significant reductions in Iranian crude oil purchases, then that country’s financial institutions can receive a 180-day exception from sanctions under the NDAA — even if they otherwise meet the criteria for such sanctions. These exceptions, however, generally have no bearing on other sanctions authorities; China received an NDAA exception in June 2012 and, one month later, a Chinese bank suffered exactly the same consequences under CISADA as it would have under the NDAA.

Executive Order 13622, issued by President Obama on July 30, 2012, relies on other statutory authorities to replicate the banking sanctions available under CISADA and the NDAA to cover a bank’s knowing transactions with the National Iranian Oil Company (NIOC) or Naftiran Intertrade Company (NICO), or for the purchase or acquisition of petroleum, petroleum products or petrochemicals from Iran. NIOC and NICO are defined in this order to include their subsidiaries, which include entities such as the National Iranian Tanker Company.

The order includes overlapping and somewhat inconsistent authorities to impose sanctions on banks that conduct transactions with NIOC or NICO. Section 1 authorizes sanctions against a non-U.S. financial institution for engaging in or facilitating a significant transaction with NIOC or NICO; Section 5 authorizes an asset freeze against anyone who provides financial support or services to NIOC or NICO. Section 1 incorporates the NDAA exceptions, such as are currently in effect for a variety of countries including China, Japan and most European countries, but Section 5 does not.

In other words, a bank that conducts a significant transaction with NIOC or NICO, and is based in a country that enjoys an NDAA exception, may still face sanctions under Section 5 of Executive Order 13622, because the NDAA exception is relevant only to Section 1. To make it even more confusing, the NDAA exception is relevant only to part of Section 1. Section 1, among other things, provides for banking sanctions for knowingly conducting or facilitating a significant financial transaction for the purchase or acquisition of petroleum, petroleum products or petrochemical products from Iran, but its NDAA exception is limited to such transactions involving petroleum or petroleum products, not petrochemical products.

More General Secondary Sanctions

Executive Order 13608, issued by President Obama on May 1, 2012, makes violating U.S. economic sanctions against Iran or Syria a basis for imposing sanctions against the responsible party. Whereas traditionally a violation of U.S. economic sanctions could result in a criminal or civil monetary penalty, now such violations can subject the responsible party to a range of sanctions, short of an asset freeze. The order also authorizes sanctions against a non-U.S. person who has “facilitated deceptive transactions for or on behalf of any person subject to United States sanctions concerning Iran or Syria.” OFAC publicly announced that it “may use this authority where it appears that a foreign person violated U.S. sanctions on Iran or Syria but may not meet criteria for designation under existing Executive Orders,” which on its face seems to describe every non-U.S. company that has settled Iran- or Syria-related charges with U.S. authorities in recent years.

Iran Threat Reduction and Syria Human Rights Act of 2012

This act, which was enacted August 10, 2012, amends ISA to add new criteria for the imposition of secondary sanctions on persons doing business in Iran’s energy and weapons sectors. It authorizes additional sanctions against persons who conduct certain business with NIOC and NITC, similar to Executive Order 13622, but with a focus on underwriting and insurance services; and authorizes sanctions for the purchase, subscription to, or facilitation of the issuance of Iranian sovereign debt or the debt of any entity owned or controlled by the government of Iran. There are Iran-related disclosure requirements for securities issuers, including those that are not based in the United States, and secondary sanctions even on agencies of third-country governments that knowingly provide financial support or services to designated IRGC affiliates. Notably, Section 311 of the Act makes it harder for non-U.S. companies to compete for federal contracts if they do business with Iran.

The act also imposes liability on U.S. companies for the Iran-related business of entities they own or “control.” Control is not defined, and U.S. authorities seem likely to keep the concept vague. U.S. financial institutions have already been subjected to a vicarious liability provision in Section 104(d) of CISADA for IRGC-related transactions of non-U.S. entities they own or control. These vicarious-liability provisions may be best understood as secondary sanctions, as they intend to discourage business between Iran and a third country — even if lawful in the latter.


The U.S. government’s stated purpose for these sanctions has been to increase pressure on Iran to alter or abandon its nuclear program. While the secondary sanctions appear to have some recent success in adversely affecting Iran’s economy, as shown by the dramatic decline in Iran’s oil exports and the value of its currency in 2012, it is too soon to say whether they ultimately will have an effect on Iran’s nuclear program. There remains strong legislative interest in secondary sanctions in the United States, and the U.S. seems to be rolling out new authorities at a much brisker pace than it is actually employing them. Exceptions to the NDAA sanctions have been granted to every major country, only two banks have been subject to sanctions under CISADA, there has been relatively restrained use of ISA, and no use (as of this writing) of the NDAA, the executive orders or the new Iran Threat Reduction and Syria Human Rights Act.

While U.S. authorities have been relatively restrained in their use of secondary sanctions, they are not always predictable when it comes to U.S. sanctions policy, particularly as to Iran, and many non-U.S. companies want to avoid engaging in conduct that meets the criteria for economic sanctions. But this is complicated by confusion about what U.S. secondary sanctions actually target. There are now so many different legal authorities, which overlap and occasionally contradict themselves.

Because these lines at times seem almost purposefully confusing, many non-U.S. financial institutions are carefully scrutinizing business because of the mere possibility, however remote, that an attenuated Iranian interest in a transaction would expose the bank to sanctions, possibly to a significant fine, and to adverse publicity. The strongest impact of these sanctions may be their mere existence rather than their exercise, as highly-regulated and risk-averse financial institutions steer well clear of the line.

Download PDF

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Skadden, Arps, Slate, Meagher & Flom LLP | Attorney Advertising

Written by:

Skadden, Arps, Slate, Meagher & Flom LLP

Skadden, Arps, Slate, Meagher & Flom LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.