To print this article, all you need is to be registered or login on Mondaq.com.
On July 21, 2022, the Office of Foreign Assets Control
(“OFAC“) of the U.S. Department of the
Treasury issued a Finding of Violation
(“FOV“) to MidFirst Bank
(“MidFirst“) for violations of the
Weapons of Mass Destruction Proliferators Sanctions Regulations
The violations stemmed from MidFirst’s maintaining of
accounts for and processing of 34 payments on behalf of individuals
added to the OFAC’s List of Specially Designated Nationals and
Blocked Persons (“SDN List“) 14 days
post-designation. These violations apparently were connected to a
misunderstanding on MidFirst’s behalf regarding the frequency
of scans a third-party vendor conducted on the SDN List against its
existing customer base.
The violations occurred after OFAC added two individuals to the
SDN List pursuant to the WMDPSR on September 21, 2020. Despite
their SDN designations, MidFirst processed five transactions
totaling $604,000 on behalf of the two individuals on the same day,
and another 29 transactions on behalf of the same individuals
between September 22, 2020, and October 5, 2020. Once
MidFirst’s screening vendor notified them of the individuals
being added to the SDN List on October 5, 2020, MidFirst blocked
the accounts and transactions of those individuals.
The deficiencies in scanning and reporting by the screening
vendor to MidFirst grew from a misunderstanding of the terms of an
agreement between the two parties. Although the screening vendor
conducted daily screenings of new customers and of existing
customers who made changes to their accounts, they did not actually
scan the entire customer base against the SDN List daily. MidFirst
was mistakenly under the assumption that the screening vendor was
scanning the entire customer base daily, when in fact the actual
screening of the entire existing customer base against the SDN List
only occurred once a month. Thus, depending on the timing of
additions to the SDN List, MidFirst could have been unaware for up
to a month that it was maintaining an account for blocked
MidFirst has since implemented a “manual process to be
notified ‘of all OFAC list updates’ and to manually
rescreen the entire customer base whenever there are any updates to
the SDN List. Further, as of December 2020, their screening vendor
has updated the frequency of screening the entire account base
against the SDN List.
OFAC issued a FOV on this matter to reaffirm that financial
institutions should take a risk-based approach to sanctions
compliance, part of which is ensuring that screening services,
whether outsourced or not, are adequate to ensure compliance. The
determination to issue a FOV reflects OFAC’s consideration of
all the information provided by MidFirst in accordance with the
General Factors Affecting Administrative Action set forth in
OFAC’s Economic Sanctions Enforcement Guidelines, 31 C.F.R.
part 501, app. A.
We summarize the factors OFAC considered when deciding to issue
this FOV below.
OFAC determined the following to be aggravating factors:
- According to their agreement and conduct MidFirst had reason to
know that the screening vendor was only scanning the entire
customer base against the SDN List once a month.
- By allowing blocked individuals to operate for two weeks
post-designation to the SDN List there were sanctions harm and a
significant risk of asset flight.
OFAC determined the following to be mitigating factors:
- The violations occurred within two weeks post-designation and
98% of the value associated with the violations took place just
hours after designation.
- The sanctions harm was less than the facial amount of the
violations considering the largest transactions were internal
transfers between one individual’s accounts.
Financial institutions should generally ensure they are
screening their entire customer list against the SDN List
regularly, or otherwise ensuring that additions to the SDN List are
promptly reflected in the Bank’s compliance posture. In
addition, companies should be well informed of the frequency and
types of screening procedures being implemented by an outsourced
screening vendor they rely upon to ensure compliance.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: International Law from United States