Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

What’s new in OFAC compliance

Enforcement actions against sanctions violations by the Office of Foreign Assets Control (OFAC) have risen dramatically. Sanction offenses can carry civil and criminal liabilities, with a single transaction potentially resulting in multiple violations.

At the same time, OFAC regulations are evolving. Last year, the United States began to implement sectoral sanctions by targeting certain entities across several industries in Russia. Here are several areas that could pose challenges for companies this year.

Navigating Change. Companies should make sure their compliance programs keep pace with changes in OFAC requirements. They may need to revise programs to be able to deal with changes in the OFAC Specially Designated Nationals (SDN) list and country program, and incorporate compliance into planning around new products and services and customer onboarding.

Expanded Sectoral Sanctions. Sanctions against Russia make it especially important to consider jurisdictional sanction programs and sectoral and entity or person-based sanctions. Financial institutions, in particular, may need to re-think due diligence around customers affected by sectoral sanctions.

Culture of and Responsibility for OFAC Compliance. An effective OFAC compliance program is one that is supported by boards and senior management. Key staff and key personnel should receive training to ensure they understand requirements and the potential impact that violations can have on the company.

Risk Assessment. A company’s risk profile may change due to new business partners or new markets that it enters. It may become necessary for policies and procedure to be revised. Regulators have placed great emphasis on adequate risk assessments in OFAC compliance programs and that assessments be tailored to operations and third-party relationships.

Implementing Information Technology. Through IT, companies can check on vendors, customers, and employees against the SDN list and confirm that they are not doing business with groups on sanctions lists. Although an automated screening process may generate false positives, buying new software is significantly less costly than those associated with an OFAC violation.

*     *     *

Although there are OFAC compliance challenges for companies, there are also opportunities. By assessing sanctions compliance programs and building a culture of compliance, a company can better understand potential risk exposure. Technology can help to not only gain a more accurate picture of a company’s customer bases but also help to better prepare it to meet OFAC requirements and at a lower cost.

Sven Stumbauer is a Director at AlixPartners where he focuses on financial crimes compliance. He is based in New York and Miami.

Share this post


1 Comment

  1. I am in agreement with Sven in his narrative challenges. At the same time, OFAC rules and regulations also affect foreign nationals residing in the USA and US nationals residing abroad.

Comments are closed for this article!