5 Crucial Lessons Learned From Sanctions Violations in 2023
When regulators punish organizations for sanctions compliance failings, they do something valuable for everyone else: Detailed reports are published illustrating everything that went wrong. In 2023, sanctions.io has been busy dissecting these lengthy documents for a series of posts. But in this article - as we close the year - we pull all the learning points together and reveal the top five sanctions compliance takeaways you need to know about.
Here's a sneak peek of what we'll be covering:
- Compliance Culture Failings Contribute Greatly to Sanctions Violations
- VSD in Sanctions Penalties Mitigation Is More Important Than Ever
- Real-Time Sanctions Screening Is Increasingly Crucial
- Correspondent Banking and Sanctions Violation Risk
- The Importance of Proactivity and Cooperation in Sanctions Penalty Mitigation
And remember that our 2023 sanctions penalties review analysis accompanies this report. You can read it here:
2023 in Review: Noteworthy Sanctions List Violation Penalties
With no further ado, here are sanctions.io's top five lessons learned from sanctions violations over the last year.
1. Compliance Culture Failings Contribute Greatly to Sanctions Violations
Before diving into this point, it's essential to consider the following: Regulators, law enforcement, and the broader regulatory community cannot always point fingers at compliance teams for sanctions failings.
Why? Usually, they are not the ones setting the tone for the overall compliance culture within an organization. The appetite (from a high to low-risk tolerance to compliance) is more than often laid out by the C-suite, such as the CEO and CFO.
In 2023, sanctions.io reported that being a compliance officer with personal liability concerns is increasingly risky, especially for those employed by high-risk tolerance organizations.
But returning to sanctions compliance.
In 2023, poor compliance cultures came up time and time again within sanctions violation reports. For example, in sanctions violation cases involving Deutsche Bank, British American Tobacco (BAT), Swedbank, and Binance, failing compliance cultures (at some level within the organization) were aggravating factors.
2. VSD in Sanctions Penalties Mitigation Is More Important Than Ever
The next crucial sanctions compliance lesson from 2023 involves voluntary self-disclosure (VSD). For example, here are some of the prominent cases where VSD appeared in the sanctions penalty report published by the regulatory body:
But what can we glean from these cases?
In 2023, especially in the US, voluntary self-disclosure became more critical than ever. Why? You can read about it in the following sanctions.io blog post: Voluntary Self-Disclosure in the US Is Changing: What It Means for Sanctions Compliance.
But in essence, the US government is doubling down on the "carrot and the stick" approach to voluntary self-disclosure. The carrot for sanctions compliance is this: Greater incentives for organizations to submit a voluntary self-disclosure to OFAC.
Similar messages came from the UK's Office of Financial Sanctions Implementation (OFSI). In its comprehensive report (click for PDF) regarding the Wise penalty, the presence of voluntary disclosure was succinctly communicated as a mitigating factor in favor of Wise (reducing the punishment).
3. Real-Time Sanctions Screening Is Increasingly Crucial
The next important lesson that sanctions compliance professionals learned in 2023 regards real-time sanctions screening.
As most readers know, sanctions screening allows companies to efficiently screen customers, clients, or suppliers against sanctions lists. The process is part of a broader anti-money laundering (AML) compliance plan that all companies and organizations with international exposure should incorporate.
Over the last 12 months, government agencies that enforce economic sanctions programs, such as OFAC in the US, have repeatedly hammered home the following message in sanctions violations reports:
Real-time transaction monitoring from third-party vendors, including screening for sanctioned customers and business partners, is imperative.
For example, in one of the most significant cases in 2023 (Binance), OFAC's enforcement release stated that an essential remedial measure is the implementation of real-time sanctions screening.
4. Correspondent Banking and Sanctions Violation Risk
The fourth vital lesson sanctions compliance teams can learn from 2023 is this: Correspondent banking comes with elevated sanctions violation risks.
You can learn more about correspondent banking in this sanctions.io blog post. But to briefly provide some context for this end-of-year review, according to the Financial Action Task Force (FATF), correspondent banks offer financial services to another bank - the respondent bank. Here are some of them:
- International wire transfers
- Check clearing
- Payable-through accounts (PTAs)
- Foreign exchange services
But what transpired in the last 12 months that increased the risk factor for sanctions compliance teams in dealing with this form of banking?
In a nutshell, numerous sanctions (and AML) penalties in 2023 involved respondent banks working with correspondent banking partners.
For example, Deutsche Bank faced a $186 million penalty for sanctions and AML violations, while Swedbank received a $3.4 million OFAC fine - both cases were linked to correspondent banking relationships.
5. The Importance of Proactivity and Cooperation in Sanctions Penalty Mitigation
The final lesson that sanctions compliance teams can take on board involves a fundamental trait almost always sought by governmental agencies enforcing sanctions laws: proactivity and cooperation.
But let's get into the specifics.
In 2023 especially, in many sanctions violation reports (this author has read many), there is a pattern by regulators to dish out lower penalties when they find evidence that the penalized company has demonstrated a proactive and cooperative approach in promptly addressing and rectifying sanctions violations.
For example, even in Binance's jaw-dropping $4.3 billion penalty (almost $1 billion of that figure was for OFAC sanctions violations), the US Department of Justice said the crypto firm was given a 20% reduction in its fine in exchange for cooperating in the investigation and remediating its compliance operations.
A key takeaway from 2023 is this: Government agencies enforcing sanctions are increasingly rewarding organizations that voluntarily self-disclose and show proactivity to rectify issues.
Closing Thoughts and How sanctions.io Supports Sanctions Compliance
One of the best ways for companies to fortify their sanctions compliance efforts - and not to become a case study for others to learn from in 2024 and beyond - is to invest in real-time sanctions screening technology.
sanctions.io is a highly reliable and cost-effective solution for sanction checking. AI-powered and with an enterprise-grade API with 99.99% uptime are reasons why customers globally trust us with their sanctions screening needs.
To learn more about how our sanctions, PEP, and criminal watchlist screening service can support your organization's compliance program:
We also encourage you to take advantage of our free 7-day trial (no credit card is required).