Introduction 

"Implementation Day" as defined in the Joint Comprehensive Plan of Action (JCPOA) between the P5+1 countries and Iran occurred on 16 January 2016. On Implementation Day, the EU, the US, and the UN Security Council lifted many trade sanctions placed on Iran in exchange for Iran agreeing to limit its nuclear program and verifying compliance with the JCPOA.

Many US "primary sanctions" that affect US persons remain in place after Implementation Day. So do US sanctions targeting certain Iranian counterparties. However, with the lifting of so-called "secondary sanctions," non-US businesses are generally free to trade with and invest in Iran.

However, non-US businesses must confirm that such transactions comply with US sanctions that remain in place. It is also critical that non-US businesses be able to evidence compliance with applicable sanctions requirements.

Remaining US Sanctions

The US government has a broad sanctions program prohibiting trade, transactions, investment and services with Iran by US persons, and also maintains a long list of sanctioned Iranian parties. These "primary sanctions" apply to persons and property subject to US jurisdiction and most of the relevant primary sanctions are set forth in the Iranian Transactions and Sanctions Regulations ("ITSR") under 31 C.F.R. Part 560.

US primary sanctions for Iran apply to:

  • US persons (including US citizens, Green Card holders, companies established within the US, and any other persons or property in the US); 
  • subsidiaries of US persons;
  • facilitation by persons subject to US sanctions' jurisdiction of activities by non-US persons; and
  • conspiracy, avoiding or causing violations.

Other sanctions that target companies linked to the Iranian Revolutionary Guard Corps (IRGC). The US Department of Treasury's Office of Foreign Assets Control (OFAC) refers to IRGC, its officers, agents, and affiliates as Specially Designated Nationals (SDNs), and maintains a public list of SDNs at this link: https://sanctionssearch.ofac.treas.gov/

The scope of sanctions also covers persons and businesses that are "owned" or "controlled" by SDNs. Guidance issued by the Department of Treasury instructs that a company must have 50% or more of its share capital directly or indirectly owned by a SDN to meet this threshold.

Necessary Compliance Measures

Any non-US company seeking to do business with Iran should setup an internal compliance procedure that verifies that it has confirmed that the transaction is in compliance with, and does not violate, remaining US sanctions. These include the following:

  • Confirm that no party involved is a US person. This means that no US companies are involved, and no persons with US citizenship or permanent residency should be involved in any aspect of the transaction.
  • Confirm that no payments are made in US dollars. US dollar transactions pass through the US financial system and are therefore considered to be actioned in the United States and thus subject to US primary sanctions jurisdiction. This prohibition on US dollar payments is particularly relevant for non-US persons considering business with Iran since it can give rise to sanctions jurisdiction over a transfer between two non-US banks in support of a transaction wholly taking place outside the United States. Payment options for Iran business remain limited, but many European and Asian banks are slowly opening up business channels with Iran, and several Iranian banks can transact in foreign currencies.
  • Confirm that no goods being traded are of US origin. Commercial and dual-use goods, software or technology of US origin is subject to US jurisdiction, and for Iran, non-US items with 10% or more US content by volume are subject to US jurisdiction. The export, re-export or transfer of UScontrolled items to Iran, directly or indirectly, and related transactions generally is prohibited without a license under the ITSR and US export control rules under the Export Administration Regulations. Companies should confirm that all products being exported to Iran and to Iranian persons, including parts and software, do not have more than 10% or more US content by volume.
  • Confirm that the counterparty is not a "Specially Designated National." At a basic level, this can be done by checking the list maintained by the Department of Treasury, but this is not enough to cover the possibility that a counterparty may be owned or controlled by a SDN. One cost-effective method of meeting this requirement is to request a signed compliance certificate from the counterparty, explaining the nature of the requirement not to trade with SDNs, and requesting verification by the counterparty. However, such voluntary compliance may be deemed to be insufficient, and a more robust method of meeting this requirement is to obtain a third-party background report on the counterparty, although requesting third-party background checks on every Iran counterparty can be costly.

Importantly, a company should document that all of the above steps were taken. This can be done by having an internal compliance checklist by which each element of the above is reviewed.

Evidencing Compliance

Practically speaking, it is unlikely that transactions taking place by non-US companies with Iran will be directly scrutinized by US authorities. But that does not mean that compliance should be treated lightly. Most business transaction with Iran will be subject to scrutiny by banks, financial institutions, insurance companies, and other transactional counterparties. In particular, any bank that deals in US dollars may be quick to scrutinize any transaction involving an Iranian party that involves a remittance by an accountholder and demand to know what steps have been taken to ensure compliance US sanctions. Also, trading partners such as US companies may require a company to certify compliance with US sanctions.

A program by which a company can show that compliance is carefully documented is the best way to withstand any scrutiny of a transaction involving Iran.

The penalties for breaching primary sanctions are substantial, and include both civil penalties and administrative penalties as well as criminal penalties.

Iran Business Contracts

Furthermore, a company should provide for its contracts that the transaction may be terminated in the case that any of the compliance elements noted above cease to be true. These contracts should also allow for termination in the event of "snapback," a mechanism by which the pre-JCPOA sanctions would be reimposed if Iran does not comply with its obligations under the JCPOA.