OFAC Compliance

Article excerpt

Software can help banks comply with new anti-terrorism regulations

Following the Sept. 11 terrorist attacks, Congress and President Bush made an appeal to financial institutions worldwide to assist in shutting down the financial arm of all known terrorist organizations, and Congress passed legislation designed to prevent terrorists from funding their activities through the U.S. financial system. A key component of this strategy is the U.S. Department of the Treasury's Office of Foreign Assets Control.

Under OFAC regulations, it is the responsibility of each financial institution operating in the United States to identify and report transactions involving "specially designated nationals" or "blocked persons" to the agency and to freeze the assets involved. This requires community banks to screen their new and established accounts regularly against the OFAC list of specifically designated nationals and blocked persons. The task can be made easier and more reliable with new online screening software-such as Equifax's OFAC Alert.

Community banks have a regulatory obligation to establish minimum due diligence procedures for correspondent and private banking relationships with non-U.S. persons and banks. OFAC publishes a list of specially designated nationals and blocked persons and provides information on sanctions programs against certain countries and territories. Consisting of only a few thousand entities and individuals before Sept. 11, the list has expanded to include dozens of suspected additional terrorists and terrorist-sponsoring organizations.

OFAC oversight of the statutes and regulations it administers is expected to become increasingly rigorous. Since Sept. 11, more than 1000 accounts have been under investigation in the United States alone. "Now more than ever, bank examiners will be looking closely to see whether your bank has procedures in place to assure that your employees follow OFAC regulations," says Robert G. Rowe, ICBA's regulatory counsel.

Under OFAC regulations, all U.S. financial institutions are required to block assets and notify OFAC any time a specially designated national or blocked person is involved in a transaction. Any suspicious transaction should be reported within 10 days.

To comply with these regulations, banks and other financial institutions are required to:

* Have the current OFAC listings of specially designated nationals and blocked persons;

* Compare new accounts, loan customers, wire transfers and other transactions with OFAC's listing before opening accounts or processing transactions; and

* Regularly check established accounts and other customer transactions against the current OFAC listings. Stiff penalties are possible against

organizations that violate OFAC regulations. Failing to comply with OFAC regulations may result in large fines, and even criminal penalties if the violation is anything other than inadvertent. In today's environment, compliance failures may also run the risk of public embarrassment and harm to a company's reputation.

OFAC suggests that every financial institution establish a comprehensive compliance program. Developing procedures for use throughout an organization presents significant challenges as OFAC regulations and reporting requirements can change at any time. It is the responsibility of the financial institution to establish audit procedures and keep up with current regulations to prevent violations.

OFAC recommends several steps when setting up a compliance program:

* Designate a compliance officer with responsibility for monitoring compliance and overseeing blocked assets;

* Identify risk in all areas, paying close attention to screening new and existing accounts, wire and ACH transfers;

* Include processes for screening accounts, verifying positive hits and reporting blocked transactions to OFAC;

* Establish consistent communication and training for distribution of OFAC information, including publication of OFAC policies and procedures to all employees, supported by signed acknowledgment of receipt and understanding;

* Conduct internal audits annually; and

* Implement the use of screening software to minimize the risk of violations. …