Having Historically Targeted Banks, OFAC Signals Interest in Penalizing Banks’ Customers That Send Illegal Payments through the U.S. Financial System

On July 27, 2017, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) announced a $12 million settlement with CSE Global Limited (“CSE Global”) and its subsidiary, CSE TransTel Pte. Ltd. (“TransTel”), which are both based in Singapore.[1]

TransTel entered into contracts to install telecommunications equipment for several Iranian energy projects. According to the settlement, TransTel apparently violated U.S. sanctions by using its U.S. dollar account at a Singapore-based bank to make over $11 million in payments to various third-party vendors—including several Iranian companies—that were providing goods and services in connection with the Iranian contracts. These payments (which did not indicate their relation to Iran) were processed through the U.S. financial system and caused multiple financial institutions to violate U.S. sanctions by engaging in the prohibited exportation of financial services (e., processing U.S. dollar payments) from the United States to Iran or for the benefit of Iran.

This action is significant because it appears to be the first time OFAC has penalized a non-U.S., non-financial company for “causing” sanctions violations by initiating U.S. dollar payments involving a sanctioned country. Historically, OFAC has focused its enforcement resources on penalizing non-U.S. banks that processed such U.S. dollar transactions involving sanctioned countries, especially where the banks were alleged to have knowingly removed (or helped their customers to remove) information indicating a link to the sanctioned country; OFAC has chosen not to pursue the banks’ customers that initiated these transactions. While this particular case involves Iran sanctions—and could reflect the Trump Administration’s policy of more aggressively confronting Iran[2]—it likely signals a broader enforcement trend that applies across the range of U.S. sanctions programs.

In light of this action, non-U.S. companies that do business with OFAC-sanctioned jurisdictions or persons should be aware of the significant risks of using U.S. dollar payments. Below, we describe OFAC’s action in more detail and provide recommendations for ensuring compliance.

TransTel’s Alleged Sanctions Violations

According to the settlement agreement, between August 2010 and November 2011, TransTel entered into contracts with multiple Iranian companies to deliver and install telecommunications equipment for a number of energy projects in Iran and/or Iranian territorial waters. (At the time of these contracts, at least two of these Iranian companies were Specially Designated Nationals (“SDNs”).) TransTel engaged various third-party vendors—including several Iranian companies—to provide goods and services on its behalf in connection with these contracts.

Prior to entering into these agreements, TransTel and its parent, CSE Global, maintained U.S. dollar and Singaporean dollar accounts with an (unnamed) non-U.S. bank located in Singapore. In late April 2012, TransTel and CSE Global provided this bank with a “Sanctions – Letter of Undertaking,” under which they undertook “not to route any transactions related to Iran through [the Bank], whether in Singapore or elsewhere.” However, less than two months later, TransTel began using its U.S. dollar account at this bank to send payments to a number of third-party vendors in connection with the Iranian energy projects.

In total, TransTel originated 104 funds transfers amounting to more than $11 million in such U.S. dollar payments, which OFAC noted were all “processed through the United States.” OFAC pointed out that none of the payment instructions made reference to “Iran, the Iranian projects (e., South Pars Gas Field, South Pars Power Plant, or Reshadat Oil Field), or to any Iranian parties,” apparently explaining why these payments were not blocked or rejected when the payment instructions were processed through various banks.

OFAC concluded that these payments “caused” at least six separate financial institutions, including several U.S. financial institutions, to engage in the prohibited exportation or re-exportation of financial services from the United States to or for the benefit of Iran. OFAC stated that “TransTel appears to have had explicit knowledge and reason to know that the transactions were destined for or involved, or that the benefit of these funds transfers would be received in, Iran.” Specifically, the settlement agreement states that TransTel appears to have violated section 1705 of the International Emergency Economic Powers Act (“IEEPA”), which makes it “unlawful for a person to violate . . . or cause a violation of any . . . regulation[ ] or prohibition under this chapter,” and/or section 560.203 of the Iranian Transactions and Sanctions Regulations (“ITSR”), which prohibits any “transaction [that] causes a violation of . . . any of the prohibitions set forth” in the ITSR.

OFAC’s Determination of the Penalty

Pursuant to IEEPA, TransTel and CSE Global faced a maximum civil monetary penalty of approximately $38 million. Because the companies did not make a voluntary self-disclosure of the apparent violations and the apparent violations constitute an “egregious case,” OFAC determined that the base penalty was equal to the maximum penalty.

In determining the ultimate penalty amount of $12 million, OFAC considered a number of aggravating factors:

  • “TransTel willfully and recklessly caused apparent violations of U.S. economic sanctions by engaging in, and systematically obfuscating, conduct it knew to be prohibited, including by materially misrepresenting to its bank that it would not route Iran-related business through the bank’s branch in Singapore”;
  • “TransTel’s then-senior management had actual knowledge of – and played an active role in – the conduct underlying the apparent violations”;
  • “TransTel’s actions conveyed significant economic benefit to Iran and/or persons on OFAC’s [SDN list]”; and
  • “TransTel is a commercially sophisticated company that engages in business in multiple countries.”

OFAC also noted mitigating factors, including:

  • TransTel’s lack of an OFAC penalty or cautionary letter in the last five years;
  • TransTel and CSE Global took remedial actions to ensure compliance; and
  • TransTel and CSE Global cooperated with OFAC’s investigation.

As usual, OFAC did not explain how it weighed the aggravating and mitigating factors or how it arrived at the amount of the civil penalty.

Implications and Recommendations

This is a significant new type of OFAC enforcement action and signals OFAC’s interest in looking beyond banks to their customers that initiate U.S. dollar payments that involve sanctioned jurisdictions and parties. As noted, Section 1705(a) of IEEPA makes it “unlawful for a person to violate . . . or cause a violation of any . . . regulation, or prohibition issued under this chapter.”[3] This “cause a violation of” language was added by Congress in October 2007 through the IEEPA Enhancement Act, which expanded the activities prohibited by IEEPA. While this language has been on the books for a decade, we are not aware of any previous case in which OFAC has used this statutory authority to target a non-U.S., non-financial company that “caused” a bank to process U.S. dollar transactions involving a sanctioned jurisdiction.

In announcing this enforcement action, OFAC stated that the action “highlights the sanctions compliance obligations of all individuals and entities that conduct business in OFAC-sanctioned jurisdictions or with OFAC-sanctioned parties and that also process transactions directly or indirectly through the United States, or involving U.S. companies, or U.S.-origin goods, services, and technology.” OFAC added: “When signing letters of attestation or making other representations and warrantees to financial institutions that provide access to the U.S. financial system, individuals and entities should consider carefully whether they are willing and able to act within the parameters of such agreements.”

In light of this action, companies should consider the following:

1. Non-U.S. companies should terminate the use of U.S. dollar payments in business involving OFAC-sanctioned jurisdictions and parties. While non-U.S. companies outside the United States are not prohibited by OFAC regulations from doing business with OFAC-sanctioned jurisdictions and parties, companies must be vigilant to avoid the involvement of U.S. individuals, companies, goods, or territory in such business because such involvement could easily bring a transaction within OFAC’s enforcement jurisdiction. OFAC’s recent enforcement action highlights how the making of U.S. dollar payments—which typically route through the U.S. financial system—can serve as a U.S. nexus that alone causes otherwise permitted conduct to fall within OFAC’s jurisdiction.[4] (This is true whether or not a company signs an “undertaking” with a bank about not making payments involving sanctioned countries or parties.) Companies should therefore avoid making U.S. dollar payments in connection with business involving OFAC-sanctioned jurisdictions or parties. Such a policy should be a component of a larger compliance program—involving appropriate policies and procedures, officer and employee training, and periodic monitoring—to ensure compliance with OFAC sanctions.

2. Non-U.S. companies should also avoid receiving U.S. dollar payments involving OFAC-sanctioned jurisdictions and parties. While OFAC’s action involved a company that initiated U.S. dollar payments, depending on the facts and circumstances OFAC could potentially apply the same “cause” theory to non-U.S. companies that receive U.S. dollar payments from or involving OFAC-sanctioned countries or parties. While a more attenuated theory, OFAC could argue that a company that asks or encourages its customers or distributors to send payment in U.S. dollars—where those payments involved sanctioned jurisdictions or parties—“caused” these payments to be made and thus “caused” financial institutions to violate sanctions in the course of processing these payments through the U.S. financial system. The risk is even greater where the recipient of the payments agrees with the payor that payments will be made in U.S. dollars and that all mention of the sanctioned country or party should be omitted from the payment instructions. Companies should therefore strongly consider discontinuing the receipt of such U.S. dollar payments in connection with business involving sanctioned jurisdictions or parties.

3. Use of U.S. dollar payments involving OFAC-sanctioned jurisdictions or parties can also give rise to U.S. criminal liability. In addition to OFAC’s ability to impose civil monetary penalties, the Department of Justice can also pursue criminal charges for willful violations of U.S. sanctions. In March 2016, the U.S. Attorney’s Office for the Southern District of New York brought criminal charges against a Turkish and Iranian national, Reza Zarrab, along with a number of co-conspirators, for making U.S. dollar payments on behalf of Iranian entities through a network of companies in Turkey and the U.A.E.[5] Zarrab and his co-conspirators were charged, among other things, for causing banks to violate OFAC sanctions by processing these payments through the U. financial system and for defrauding these banks by disguising the nature of these payments. Whether U.S. authorities will pursue criminal or civil actions, or both, for sanctions violations will depend on the particular facts and circumstances.

4. Non-U.S. banks should make appropriate use of customer diligence and “undertakings,” along with internal monitoring mechanisms, to mitigate U.S. sanctions risk. OFAC’s settlement suggests that the bank in Singapore was prudent in requiring that the companies sign an undertaking to not use their U.S. dollar accounts to conduct business with Iran. Of course, such an undertaking would only be one part of a bank’s strategy to address the risks of a customer doing business with an OFAC-sanctioned jurisdiction or party. Note that OFAC’s settlement agreement does not indicate why the bank required the companies to sign a sanctions undertaking. The agreement does state, however, that TransTel owned a 49% stake in TransTel Engineering Kish Co Ltd, an Iranian limited liability company. At a minimum, the bank’s diligence into TransTel’s affiliates presumably identified this Iranian affiliate as a clear indicator of the customer’s Iranian business. Although OFAC’s announcement does not so indicate, it is also possible that the use of the U.S. dollar accounts to make Iran-related payments was identified by the Singapore bank’s internal controls, and that the bank cooperated with OFAC’s enforcement effort.

OFAC’s announcement of its enforcement action is available here, and the settlement agreement is available here. We will continue to monitor sanctions developments and look forward to providing you with further updates.