OFAC penalties and enforcement actions show greater focus on violations linked to weapons of mass destruction
Date: March 22, 2016
An enduring consequence of the horror inflicted by the terrorist attacks of September 11, 2001, is the dread that a future terrorist attack on the United States could involve “weapons of mass destruction.”
The growing number of penalties imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC) for sanctions violations underscore that foreboding. In recent years, more OFAC penalties on a wide variety of businesses are linked to sanctions violations tied to “weapons of mass destruction” in one form or another. These WMD have included atomic weapons.
On February 27, 2016, Warren Buffet, whose insights on risk and opportunity are widely respected, gave a chilling assessment in his annual letter to the stockholders of Berkshire Hathaway. He said a “cyber, biological, nuclear or chemical attack in the United States” is a “clear, present and enduring danger” and that his company is “powerless” to protect against it.
OFAC regulations and a presidential Executive Order provide impetus
OFAC confronts this life-and-death danger through diverse sanctions programs aimed at combating the proliferation of weapons of mass destruction (WMD). The programs are specified in regulations, such as the Weapons of Mass Destruction Proliferators Sanctions Regulations (WMDPSR), 31 CFR Part 544, and the 2005 presidential Executive Order 13382, “BlockingProperty of Weapons of Mass Destruction Proliferators and Their Supporters”.
OFAC issues enforcement actions and imposes penalties against entities or individuals that are detected as not complying with these and other sanctions programs.
SanctionsAlert.com reviewed 913 OFAC announced enforcement actions announced between April 2003 and Feb. 8, 2016, and analyzed them for violations of the WMD sanctions programs. The analysis yields interesting findings.
Granular review of WMD sanctions cases paint a picture
Overview of OFAC enforcement and penalty actions for WMD regulatory violations
Number of cases that included violations of WMD sanctions programs: 15, or roughly 1% of all published OFAC enforcement actions.
Number of cases with WMD sanctions program violations exclusively: 9
Number of cases that combined WMD sanctions program violations with other program violations: 6
The total amount paid in the 15 OFAC enforcement actions imposed for violations that included WMD sanctions programs: $365 million
The largest amount paid in one sanctions program violation case: Commerzbank AG of Germany (the US city where the violation occurred was New York): $258 million in 2015.
The smallest amount paid in a WMD sanctions program violation case: International Union of Pure & Applied Chemistry (IUPAC), chemical business, North Carolina: $500 in 2003. This was the first published OFAC enforcement action for WMD sanctions program violations.
The 15 cases, from highest penalty to lowest penalty:
March 12, 2015
The Iranian Transactions and Sanctions Regulations, the Sudanese Sanctions Regulations,Executive Order 13382 “BlockingProperty of WMD Proliferators and Their Supporters,” the WMD Proliferators Sanctions Regulations, the Burmese Sanctions Regulations, and the Cuban Assets Control Regulations
August 25, 2011
JPMorgan Chase Bank
The Cuban Assets Control Regulations; the WMD Proliferators Sanctions Regulations; Executive Order 13382, “BlockingProperty of WMD Proliferators and Their Supporters;” the Global Terrorism Sanctions Regulations, the Iranian Transactions Regulations; the Sudanese Sanctions Regulations; the Former Liberian Regime of Charles Taylor Sanctions Regulations; and the Reporting, Procedures, and Penalties Regulations
The WMD Proliferators Sanctions Regulations; the Iranian Transactions and Sanctions Regulations, the Cuban Assets Control Regulations, the Global Terrorism Sanctions Regulations, and the Sudanese Sanctions Regulations
August 22, 2012
Grand Resources (Duratech) USA, Inc.
Iranian Transactions Regulations, and the WMD Proliferators Sanctions Regulations
International Union of Pure & Applied Chemistry (IUPAC)
WMD Trade Control Regulations
87% (13) were US entities and 13% (2) were foreign (one Russian and one Germany entity).
7 of the 13 (53%) US entities that violated the WMD sanctions programs were from two states, California and New York.
9 (60%) from the 15 entities that were involved in the WMD sanctions program violations were non-financial businesses in the following industries:
Coal and minerals
Consumer goods and
Machinery, and steel.
40% of the cases, or 6, were against financial institutions. Of these, four were banks (Citigroup, Commerzbank AG, Joint Stock Commercial Bank - Bank of Moscow, JP Morgan Chase), one trust company (Deutsche Bank Trust Co. Americas), and one money services business (PayPal, Inc.).
There were no cases for WMD sanctions program violations against individuals.
More than half (8 of 15) enforcement actions were imposed in the last 2 years.
OFAC enforcement actions and penalties for WMD sanctions programs violations, by year:
Number of enforcement actions
2004 – 2006
In only three cases, or 20% of them (JP Morgan Chase, Citibank and PayPal), OFAC says the subject entity voluntarily disclosed the violation.
Penalty assessed or settlement
Of all these enforcement actions, only two, or 13%, resulted in assessment of a civil money penalty. (Hecny Shipping, in 2007, and Grand Resources USA Inc., in 2012). The others produced settlements of the entities with OFAC.
The last penalty OFAC assessed for WMD sanctions program violations was in 2012. After that, the penalties resulted from settlements.
Examples of diverse companies that run afoul of WMD rules
JP Morgan Chase made a trade financing loan for about $2.9 million to a bank that issued a letter of credit in which the underlying transaction involved a vessel that had been identified as blocked under the OFAC WMD sanctions regulations because of its affiliation with the Islamic Republic of Iran Shipping Lines (IRISL). Although JPMC supervisors and managers determined that the trade loan was likely a violation of the WMD regulations and, in late December 2009, submitted a self-disclosure to OFAC. JPMC did not mail its voluntary self-disclosure until March 2010, three days before the date on which JPMC received payment for the loan without OFAC advice or authorization. JPMC also failed to respond promptly and completely to an OFAC administrative subpoena seeking information about the transaction.
In 2005, GR-Duratech negotiated a sale of graphitized petroleum coke to a company in the United Arab Emirates, with knowledge that the goods were for delivery to Bandar Abbas, Iran. After negotiating the terms of the sale and the related letter of credit, GR-Duratech referred the sale to its parent company, Grand Resources Co., Ltd. (Grand Resources), in Beijing and later received a sales commission from Grand Resources. From July to August 2009, GR-Duratech dealt in property in which the Islamic Republic of Iran Shipping Lines (IRISL) had an interest, and engaged in transactions related to services of Iranian origin, or when GR-Duratech was involved in a cargo shipment aboard the blocked vessel “Sabalan,” in which IRISL had an interest. It presented its bank with documents related to the shipment for payment under a letter of credit referencing the blocked vessel. GR-Duratech also conducted transactions resulting in the removal of references to Iran and an Iranian entity from the trade documents linked to the shipment. In September 2009, without OFAC authorization, GR-Duratech dealt inproperty in which IRISL had an interest by transferring the trade documents related to the shipment to its customer in Turkey
Maritech: Between about April 20, 2009, and about June 14, 2010, Maritech provided fuel inspection services, valued at $9,868, on five vessels affiliated with the Islamic Republic of Iran Shipping Lines (IRISL) that OFAC had identified as blocked property and placed on the OFAC list of Specially Designated Nationals and Blocked Persons (“SDN List”). IRISL, which has been known to engage in deceptive practices in an attempt to evade sanctions, had changed the names of four of the five vessels before the alleged violations, but the vessels remained identifiable by their IMO numbers, which are unique identifiers assigned to vessels of a certain size and nature when built, and are permanently and visibly marked on vessels. At the time of the subject transactions, Maritech was not screening the names or IMO numbers against the SDN List of any of the vessels to which it provided services.
Deutsche Bank and Trust Americas: On October 24, 2008, Deutsche Bank and Trust Americas (DBTCA) processed a $3,177 funds transfer originated by Hansabanka’s customer, Air Baltic Corporation. The funds were destined to the account of “I.A.C.” at Commerzbank AG in Frankfurt. The originator to beneficiary information field of the payment instructions contained the reference “MELIGB2L,” the Business Identifier Code (BIC) for the London branch of Bank Melli.
OFAC designated Bank Melli and all its offices worldwide on October 25, 2007, pursuant to Executive Order 13382, which blocks property of WMD proliferators and their supporters. DBTCA processed the payment without manual intervention and later determined that the beneficiary “I.A.C.” referred to the “Iran Airport Company.” On March 11, 2009, DBTCA rejected rather than blocked a $10,000 funds transfer originated by Intercontinental Bank Plc, Lagos, Nigeria, on behalf of Amsergs Nigeria Ltd. These funds were destined for the account of Chahar Mahal va Bakhtiary Yeast Co., Isfahan, Iran, at the Export Development Bank of Iran (EDBI). OFAC designated EDBI on October 22, 2008, pursuant to E.O. 13382. DBTCA stated that its automated interdiction software stopped the transaction for review due to several potential matches, including references to Iran and EDBI. Seven DBTCA employees, including a senior member of the review team who was the final reviewer for OFAC matters requiring escalated scrutiny, reviewed the transaction. They failed to notice the reference to EDBI in the payment. Based on their review, DBTCA rejected the transaction because of the beneficiary’s location in Iran, instead of blocking it because of the involvement of EDBI.
Bank of Moscow: On October 25, 2007, OFAC designated Bank Melli Iran ZAO, Moscow (“BMI Russia”) under E.O. 13382. From January 9, 2008, to July 13, 2009, Bank of Moscow transmitted 69 funds transfers totaling $41,306,113 for or on behalf of BMI Russia, which were processed to or through the United States. None of the payment messages of the Society for Worldwide Interbank Financial Telecommunication (SWIFT) sent by Bank of Moscow in connection with these transfers included specific references to “Melli,” “Iran,” or BMI Russia’s SWIFT Business Identifier Code. Instead they identified the bank through abbreviations such as “BMICJSCMOSCOWRUSSIA” (a reference to Bank Melli Iran Closed Joint Stock Company Moscow Russia) or “BMI CJSC.” U.S. financial institutions processed all 69 of the funds transfers straight through without manual intervention.
Tofasco: This company dealt in blocked property by engaging a bank to process a blocked letter of credit transaction representing payment for a shipment of recreational chairs with a substitute bill of lading omitting reference to the Islamic Republic of Iran Shipping Lines (“IRISL”), whose property and interests inproperty are blocked under the WMD rules. Tofasco initially presented trade documents to another bank in connection with the letter of credit transaction. However, the other bank refused to advise the letter of credit transaction because of IRISL’s involvement.
Citigroup: Between April 2and November 16, 2009, Citigroup Trade Services Malaysia (Citi Penang) processed four export bill collection applications for $638,074.15 on behalf of Citibank N.A. (Citibank) Hong Kong, which involved the shipment of goods to Iran. In two of those instances the Islamic Republic of Iran Shipping Lines (IRISL), which OFAC had designated on September 10, 2008, under Executive Order 13382 of June 28, 2005, “BlockingProperty of Weapons of Mass Destruction Proliferators and Their Supporters.” Although the bank possessed documents related to the export bill collections that contained references to Iran and IRISL, Citi Penang operators did not review or screen the bills of lading, certificates of origin, or shipment advices containing references to Iran or IRISL.
Separately, on February 9, 2010, January 12, 2011, March 8, 2011, and October 29, 2012, Citibank processed four funds transfers totaling $133,786.73, involving entities appearing on OFAC’s List of Specially Designated Nationals and Blocked Persons (the SDN List). Citibank’s interdiction software did not detect or identify references to the sanctioned parties in the payment instructions, and the bank processed the payments straight through without manual intervention. For example, Citibank received and processed a funds transfer initiated by a third-country financial institution’s customer, Higher Institute for Applied Science and Technology. Although the SDN List contained an entry for an entity named Higher Institute of Applied Science and Technology at the time of the transaction, Citibank did not stop the payment.
Commerzbank processed 142 wire transfers for about $39,567,720 between April 6, 2006 and January 8, 2010, involving property or interests in property of persons on OFAC’s SDN List in apparent violation of E.O. 13382 or the WMDPSR. The total base penalty for these apparent violations was $99,813,658.
PayPal: Between October 20, 2009, and April 1, 2013, PayPal processed 136 transactions totaling $7,091.77 to or from a PayPal account registered to Kursad Zafer Cire, an individual designated by the U.S. State Department on January 12, 2009 under Executive Order 13382, “BlockingProperty of Weapons of Mass Destruction Proliferators and Their Supporters,” in apparent violation of the WMDPSR.
PayPal told OFAC it failed to identify its customer as a potential Specially Designated National (SDN) at the time of his designation because its automated interdiction filter was not “working properly.” Starting roughly six months later, PayPal’s automated interdiction filter appropriately flagged Cire’s account five times for potential matches to the SDN. On each occasion, PayPal Risk Operations Agents dismissed the alerts without requesting more information to clear the potential SDN name matches. PayPal stated that this conduct did not comply with its internal policies and procedures for handling SDN name matches. On February 14, 2013, PayPal’s interdiction filter again flagged Cire’s account a sixth time due to a potential match to the SDN.
A PayPal Risk Operations Agent followed PayPal’s procedures for handling an SDN name match by creating a “case” for the match, restricting Cire’s account, and requesting more information from the customer. When the requested information was received, including a copy of Cire’s passport showing date and place of birth that were identical to those of the SDN, PayPal’s Risk Operations Agent dismissed the match apparently misunderstanding why the interdiction filter had flagged Cire’s account. On April 3, 2013, PayPal’s interdiction filter flagged Cire’s account for a seventh time, and appropriately blocked the account and reported it to OFAC. The total base penalty for these apparent violations was $17,000,000.
John Bean Technologies: From about April 8 to 17, 2009, JBT appears to have violated E.O. 13382 and the OFAC regulations when goods it sold to a Chinese company were shipped by Islamic Republic of Iran Shipping Lines (IRISL) on a blocked vessel from Spain to China.Trade documents related to the shipment were presented to a U.S. bank for payment under a letter of credit (L/C) for $2,897,936.
From about May 8 to 19, 2009, JBT appears to have violated E.O. 13382 and the regulations by presenting trade documents related to the IRISL shipment to Banco Santander, a Spanish bank, in the amount of $2,897,936, to receive payment for the goods sold to CSA, after the U.S. bank declined to advise the L/C and the trade documents had been returned to JBT pursuant to an OFAClicense.
From about May 21 to July 9, 2009, JBT committed an apparent violation when it reimbursed JBT AeroTech Spain for charges paid to its freight forwarder for the shipping services rendered by IRISL and to Banco Santander for fees associated with negotiating the L/C for $164,470.24 for the payments via inter-company transfers.
Great Plains Stainless Co: Violations occurred from about April 9to July 4, 2009 when GPS sold goods that its Chinese vendor shipped from Shanghai to GPS's customer in Dubai aboard the vessel MN Sahand, which was identified as blocked in September 2008 . GPS conducted transactions apparently intended to evade or avoid the prohibitions in the WMDPSR when it requested creation of new trade documents and removal of references to the blocked vessel. It then transferred the altered documents to its customer to facilitate the release of goods at the port in Dubai.
Production Products, Inc: From about December 15, 2009, to August 18, 2010, PPI shipped three duct fabrication machines, valued at $500,000, to China National Precision Machinery Import and Export Corp. (CNPM), a Specially Designated National, and received payment without authorization from OFAC. .