The United States Treasury’s Office of Foreign Assets Control (“OFAC”), which administers and enforces U.S. economic and trade sanctions, announced on June 29, 2011 that General Reinsurance Corporation (“Gen Re”) paid nearly $60,000 “to settle liability for apparent violations” of U.S. sanctions against Iran. This announcement highlights a number of compliance issues that confront the insurance and reinsurance industry.
Potentially‐Severe Consequences for Violations. The $59,130 paid by Gen Re reflected, among other things, the fact that Gen Re had self-reported its violation, which the Treasury concluded was not egregious. This should not obscure the true, potentially-severe stakes for compliance failures, to say nothing of the reputational risks. For example, on Jan. 9, 2009, Lloyds TSB Bank agreed to forfeit $350 million to resolve its liability for violating OFAC regulations.
Routine Functions Can Result in Compliance Violations. Gen Re apparently ran afoul of the sanctions regime administered by OFAC by paying two excess-of-loss reinsurance claims to Steamship Mutual Underwriting Association Limited (“Steamship Mutual”). Those reinsurance claims apparently arose from losses suffered by the National Iranian Tanker Company, but the potential for violations extends far beyond Iran.
In addition to comprehensive sanctions prohibiting transactions between U.S. persons (widely defined) and target countries — such as Burma (Myanmar), Cuba, Iran and Sudan — there are morenarrow sanctions relating to the “Western Balkans, Belarus, Cote d'Ivoire, Democratic Republic of the Congo, Iraq, Liberia (Former Regime of Charles Taylor), Persons Undermining the Sovereignty of Lebanon or Its Democratic Processes and Institutions, North Korea, Sierra Leone, Syria and Zimbabwe.” Beyond that, OFAC maintains (and constantly amends) a list of individuals and entities (currently more than 5,000) subject to sanctions, known as Specially Designated Nationals.
Avoiding prohibited transactions with OFAC’s list of more than 5,000 Specially Designated Nationals presents a compliance challenge, but it is just the beginning. Companies also need to address, for example, compliance with other U.S. laws (such as the Foreign Corrupt Practices Act), as well as the laws of other jurisdictions (for example, the U.K. sanctions regime enforced by Her Majesty’s Treasury, as well as the U.K. Bribery Act of 2010).
Insurance and Reinsurance Companies Face Heightened Scrutiny. OFAC enforcement involving the insurance industry has resulted in civil penalties on at least a dozen occasions since the 9/11 attacks. At least three of those penalties were paid in 2011 alone.
Notably, OFAC has appointed a senior sanctions advisor from the insurance industry to focus specifically on insurance and reinsurance compliance issues. Its website includes a specific admonition to insurers and reinsurers “to gain a better understanding of the economic sanctions and embargo programs,” in part because reinsurers are deemed to face “greater compliance challenges as they enter into complex arrangements which may place them contractual layers away from primary insurance contracts.”
Compliance Programs are Essential, But May Need to be Reassessed. One notable aspect of Gen Re’s apparent OFAC violation is that the company apparently already had a compliance program in place. That program did not prevent, however, “the activities of certain claims personnel, including a Vice President for Claims” from apparently violating OFAC regulations. The Treasury noted that Gen Re had subsequently implemented an enhanced compliance program and additional training. Others in the industry may wish to pro-actively review their own compliance programs including, but not limited to, their programs for compliance with OFAC.
OFAC has not mandated any specific rules or guidelines for drafting and implementing a compliance program. A company should design a program to meet its individual business profile that will effectively police its particular way of doing business. For example, an effective compliance program in the insurance industry would address all policy-issuance centers and payment centers, including contractors and thirdparty administrators, to ensure appropriate counter-party screening, contract-wording exclusions, and payment screening. As Gen Re’s experience suggests, proper supervision, training and ongoing follow up is important.