On May 2, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced the publication of A Framework for OFAC Compliance Commitments to provide guidance on the essential components of a risk-based sanctions compliance program (SCP) for organizations subject to U.S. jurisdiction, along with foreign entities that conduct business in or with the U.S. or U.S. persons, or use U.S.-origin goods or services. The framework highlights five essential compliance components that should be incorporated into an effective SCP: (i) senior management commitment; (ii) risk assessment “identifying potential OFAC issues” likely to be encountered; (iii) internal controls; (iv) testing and auditing; and (v) training. The framework notes that should an entity be subject to a civil monetary penalty (CMP), the Office of Compliance and Enforcement will determine, as appropriate, what other elements should be added to the entity’s SCP. In additional, OFAC states it will “consider favorably” entities that are able to demonstrate the existence of an effective SCP at the time of an apparent violation, which may mitigate a CMP and contribute towards the determination as to whether the violations are “deemed ‘egregious.’”