Financial Crime World

OFAC Compliance Program: A Guide for Financial Institutions

Introduction

As a financial institution (FI), it is essential to have a comprehensive understanding of the Office of Foreign Assets Control’s (OFAC) regulations. These regulations require entities to block accounts and property of specified countries, entities, and individuals, as well as prohibit or reject unlicensed trade and financial transactions with them.

Key Points

  • OFAC administers regulations that require entities to:
    • Block accounts and property of specified countries, entities, and individuals
    • Prohibit or reject unlicensed trade and financial transactions with specified countries, entities, and individuals
  • Institutions must identify specific products, services, customers, entities, and geographic locations unique to the FI through a risk assessment

Risk Assessment

Conducting a thorough risk assessment is crucial in identifying areas that require special attention. This involves:

  • Identifying specific products, services, customers, entities, and geographic locations unique to the FI
  • Structuring the Anti-Money Laundering (AML) compliance program to adequately address its risk profile
  • Management should structure the AML compliance program to adequately address its risk profile

Internal Controls

Internal controls are essential in monitoring and controlling AML risks. This includes:

  • Establishing policies, procedures, and processes to monitor and control AML risks
  • Blocking transactions that are by or on behalf of a blocked individual or entity, or are in connection with a transaction in which a blocked individual or entity has an interest

Blocked Transactions

U.S. law requires blocking assets and accounts of OFAC-specified countries, entities, or individuals when located in the United States or held by U.S. individuals or entities. This includes:

  • Blocking transactions that are prohibited or rejected
  • Transactions involving a blocked individual or entity

Prohibited Transactions

In some cases, an underlying transaction may be prohibited, but there is no OFAC requirement to block the assets. Institutions must reject transactions in support of commercial activities in specific countries.

Reporting

Institutions must report all blockings to OFAC within 10 business days of the occurrence and annually by September 30 concerning those assets blocked (as of June 30). Prohibited transactions that are rejected must also be reported to OFAC within 10 business days of the occurrence.

Compliance Requirements

  • Report all blockings to OFAC within 10 business days
  • Annually report by September 30 concerning those assets blocked (as of June 30)
  • Report prohibited transactions that are rejected within 10 business days

Independent Testing and Responsible Individual

Every institution should conduct an independent test of its OFAC compliance program. Institutions should designate a qualified individual(s) to be responsible for the day-to-day compliance of the OFAC compliance program.

Compliance Responsibilities

  • Conduct an independent test of the OFAC compliance program
  • Designate a qualified individual(s) to be responsible for the day-to-day compliance of the OFAC compliance program

Training

FIs should provide adequate training for all appropriate employees on its OFAC compliance program, procedures and processes. This includes:

  • Providing regular training sessions to ensure understanding and adherence to the OFAC regulations
  • Ensuring that all employees are aware of their roles and responsibilities in maintaining a compliant AML/CTF program