Question: Our Anti-Money Laundering (AML) program has been implemented from the effective compliance date. It contains all the required elements, including the training component. Recently, a trainer told us that there is a difference between AML compliance and Office of Foreign Assets Control (OFAC) compliance. This stirred up quite a debate. What is the difference between AML and OFAC compliance?
AML (Anti-Money Laundering) means precisely what its name implies: the program relating to AML is meant to identify and prevent money laundering and, by extension, abuses of our financial system by terrorists, criminals, and others involved in suspicious financial activities. The implementation of AML guidelines stems from the Bank Secrecy Act (BSA), the foundational Act of the federal anti-money laundering statutory framework. Failure to comply with BSA requirements can lead to civil monetary penalties and even criminal liability. [FFIEC Exam Manual; 18 USC §§ 981, 982, 1956, 1957, 2339A, 2339B, 2339C (2006)]
As a result of the 2001 terrorist attacks, the Congress passed the “Uniting and Strengthening America by Providing the Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001,” better known as the “Patriot Act.” The Patriot act amended BSA, with respect to the statutes administered by the Office of Foreign Assets Control (OFAC) and various federal statutes. The Patriot Act also added some provisions, such as Section 314, which itself facilitates the sharing of information between the government and the financial industry and within the financial industry. [USA Patriot Act, Pub. L. No. 107-56 § 352(c), 115 Stat. 272 (and codified at USC § 5318]
The fact that OFAC is an office in the Treasury Department suggests its dominant role: the administration and enforcing of economic trade sanctions and national security mandates including, but not limited to, financial transactions. To date, OFAC actually acts under emergency powers, plus it is given specific authorities through legislation. Its powers include the imposition of controls on transactions and freezing assets subject to US jurisdiction. Examples are restrictions on commerce with foreign countries, targeting and averting terrorist financial activity, preventing international narcotics traffic, monitoring persons attempting to develop weapons of mass destruction, and other perceived threats to the United States.
OFAC maintains a list of targets, called the “Specially Designated Nationals” list, or “SDN.” The list contains the names of persons, entities, and countries that are subject to restrictions or prohibited from transacting any business in the United States. As is the case with AML, violations resulting from a failure to comply with OFAC’s restrictions may result in substantial civil monetary penalties and fines.
Unlike AML, OFAC does not require an entity to maintain an OFAC compliance program. Nevertheless, beware! If a violation of law occurs, the implementation of an OFAC compliance program is considered a valid mitigating factor in determining the type and amount of a penalty, if any.
Both the AML and the OFAC compliance requirements should be taken together as functionally necessary in order to protect the financial institution, maintain its safety and soundness, comply with the law, and enhance the protection of the United States. [31 USC § 5312 (2006)] It is in the interests of financial institutions to view AML and OFAC compliance as conjoining. Where possible, AML and OFAC compliance should be placed with the compliance department for oversight.
Jonathan Foxx is president and managing director of Lenders Compliance Group and Brokers Compliance Group, mortgage risk management firms devoted to providing regulatory compliance advice and counsel to the mortgage industry. He may be contacted at (516) 442-3456, by e-mail at email@example.com, or visit www.LendersComplianceGroup.com or www.BrokersComplianceGroup.com.