OFAC Issues Compliance Commitments Framework: OFAC’s Framework Provides “Best Practices” Guidance; Identifies Five Essential Components of a Sanctions Compliance Program and Outlines Ten Root Causes of Apparent Violations of OFAC Sanctions Programs

Sullivan & Cromwell LLP - May 10, 2019

On May 2, 2019, the U.S. Department of Treasury’s Office of Foreign Assets Control (“OFAC”) published a framework for compliance commitments (the “Framework”), which provides guidance on what OFAC considers to be the five essential components of a risk-based sanctions compliance program (“SCP”): (i) management commitment, (ii) risk assessment, (iii) internal controls, (iv) testing and auditing and (v) training. These five components closely mirror the required elements of a financial institution’s Bank Secrecy and Anti-Money Laundering Program set out in the Federal Financial Institutions Examination Council’s Examination Manual, and two recent OFAC enforcement actions have incorporated these commitments as conditions to negotiated settlements. The Framework explains how OFAC will consider these five components in the enforcement context and highlights the importance OFAC places on the adequacy of an SCP in resolving enforcement actions. The Framework also includes an appendix that identifies ten root causes of apparent violations of U.S. economic and trade sanctions programs that OFAC has identified in its public enforcement actions.