On September 24, 2020, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced that California-based Keysight Technologies Inc. (Keysight) has agreed on behalf of its former Finnish subsidiary, Anite Finland Oy (Anite) to pay $473,157 to settle potential civil liability for Anite’s reexport of U.S. export-controlled test measurement equipment to Iran. As part of the settlement, Keysight also agreed to establish and maintain several sanctions compliance measures that are designed to minimize the risk of recurrence of similar conduct in the future. Anite was a subsidiary of Keysight when the apparent violations occurred in 2016, however, Anite has since been merged into Keysight and no longer exists as a distinct entity. This case is the latest enforcement action highlighting the need for both pre-merger and post-merger sanctions compliance due diligence as well as strong post-merger integration and compliance efforts.

According to the settlement agreement, in 2016 Anite appears to have violated § 560.205 of the Iranian Transactions and Sanctions Regulations (ITSR) when it completed six orders of goods, collectively valued at $331,089, with knowledge that the goods were destined for end-users in Iran. Although there was a general license in effect at the time of the violations which authorized foreign entities owned or controlled by U.S. persons to engage in certain transactions with Iran, the general license did not authorize reexportation from a third country of any goods, technology, or services prohibited by § 560.205 of the ITSR.

Keysight acquired Anite’s U.K.-based parent in August 2015. During Keysight’s pre-acquisition due diligence, Keysight determined that Anite had previously conducted business with certain sanctioned countries, including Iran. Prior to its acquisition by Keysight, Anite committed to cease all existing and future business activity with such countries. Despite this commitment and a post-acquisition directive from Keysight that Anite cease all sales to Iran, certain Anite employees agreed that, to preserve their credibility in the Middle East, they would proceed with their business in Iran and the other sanctioned countries. Following this agreement, the employees took measures to keep Keysight from discovering their continued dealings with Iran, including omitting in correspondence references to “Iran” or locations in Iran.

Upon discovering the Anite employees’ misconduct, Keysight conducted an extensive internal investigation to determine the extent of the apparent violations, terminated the employees involved, and then voluntarily self-disclosed the apparent violations to OFAC and in its SEC filings. This self-disclosure significantly decreased Keysight’s monetary liability in this case. OFAC has a set of Sanctions Enforcement Guidelines which they use to determine how they will enforce the violation of U.S. sanctions. Under those guidelines, self-disclosure of an apparent violation can reduce the base civil penalty amount by half of the applicable statutory maximum. Beyond the self-disclosure, OFAC took the following aggravating and mitigating factors into account when negotiating the settlement amount.

Aggravating Factors

  • Anite willfully violated the ITSR when it shipped six orders of products that incorporated 10 percent or more U.S.-export controlled content exported from the United States, as part of a scheme specifically to circumvent Keysight’s directive to cease Iran related business;
  • Senior Anite branch and sales managers knew of and actively participated in the violations; and
  • The value of Anite’s reexports to Iran combined with its attempts at concealment and obfuscation significantly harmed the program objectives of the ITSR.

Mitigating Factors

  • Neither Keysight nor Anite had received a penalty notice or Finding of Violation from OFAC in the five years preceding the transactions giving rise to the apparent violations;
  • Keysight fully cooperated with OFAC’s investigation, including by producing records and information to OFAC in a clear and organized fashion, responding in a timely and efficient manner to all follow-up requests for information, and entering into a statute of limitations tolling agreement;
  • Keysight undertook several remedial measures by conducting a thorough internal investigation to identify the causes of the apparent violations; and
  • Keysight has enhanced its sanctions compliance program to minimize the risk of recurrence of similar conduct in the future.

This case highlights the importance of not only conducting due diligence on target companies but continued monitoring of the target after the transaction is completed. Newly acquired subsidiaries should be integrated into an organization’s sanctions compliance program and the newly acquired companies should adopt and maintain the compliance controls necessary to mitigate the risk of sanctions violations. This is the third such enforcement action since January 2019 focusing on pre- and post-merger due diligence – and on post-merger integration. The other enforcement actions were Stanley Black and Decker (March 2019) and KollMorgen (February 2019).