By Andrew Northage
July 16, 2022
Russia’s invasion of Ukraine put the sanctions landscape firmly in the spotlight as the UK and its allies coordinated and intensified their sanctions measures for maximum impact. As part of this drive, the UK government fast-tracked legislation introducing key changes to the imposition and enforcement of sanctions. The change likely to cause the most concern among businesses is a new strict liability test for breaching financial sanctions, in force from June 15, 2022.
New Strict Liability Test
Through its Office of Financial Sanctions Implementation (OFSI), HM Treasury can impose a monetary penalty on individuals, companies or other bodies if it is satisfied, on the balance of probabilities, that they have breached a prohibition, or failed to comply with an obligation, imposed by financial sanctions legislation. For example, where the sanction is an asset freeze, it is generally prohibited to deal with the funds or economic resources belonging to or owned, held or controlled by a designated person.
OFSI and the courts interpret the prohibitions in sanctions regulations widely. Failure to comply with reporting obligations is also an offense, as is failure to comply with licensing requirements where OFSI has licensed the particular activity.
Where the breach or failure relates to particular funds or economic resources and it is possible to estimate their value, the amount of the penalty is the greater of £1 million or 50% of the estimated value. Otherwise, the permitted maximum is £1 million.
Significantly, what has now changed is that any requirement imposed by financial sanctions legislation for the person to have known, suspected or believed any matter is to be ignored. In other words, liability is strict. Whether the person knew or had reasonable cause to suspect that they were in breach is now irrelevant. The change does not apply to any assessment of whether a criminal offense has been committed.
Businesses should take note that, if a monetary penalty is payable by a corporate or other body, OFSI can also impose a separate monetary penalty on an officer of that body if it is satisfied, again on the balance of probabilities, that the breach or failure took place with the consent or connivance of the officer, or was attributable to any neglect on their part. An officer could be a director, manager, secretary or other similar officer or a person appearing to act in that capacity.
Factors Taken into Account?
While liability is now strict, OFSI still has to show that the breach occurred on the balance of probabilities. This is the civil (compared with criminal) standard of proof, meaning that OFSI considers, on the evidence, that occurrence of the breach was more likely than not.
To make sure its response is proportionate, OFSI will assess, case by case, how severe the breach is and the conduct of those involved. It will consider various factors, such as whether the person committing the breach knew or suspected their conduct amounted to a breach of financial sanctions.
The more aggravating the factors, the more likely OFSI will impose a monetary penalty; the more serious the breach, and the worse the conduct of the individuals, the higher the penalty is likely to be. There may also be mitigating factors that either reduce the amount or lead to OFSI not taking enforcement action. Aggravating factors include failure of regulated professionals to meet regulatory and professional standards, failure to provide requested information and repeated, persistent or extended breaches by the same person. Mitigating factors include voluntary disclosure of a breach.
Is the Test Actually New?
For breach of financial sanctions, the test is new, but for trade sanctions, a strict liability test has applied for some time. For example, with export controls, under legislation in place since 1979, it is a strict liability offense for a person to export goods subject to a restriction or prohibition. It is a separate, more serious offense when a person is knowingly concerned in the export of goods with intent to evade a restriction or prohibition.
Most countries impose a strict liability test with trade controls. In the US, the whole sanctions regime operates on strict liability.
Risk Management Tips
Strict liability tests mean it is more important than ever for companies to have robust controls, procedures and up-to-date staff training in place to manage sanctions risk. Penalties aside, non-compliance can result in significant reputational damage, impact the ability to perform contracts, affect current and future funding arrangements and cause potentially significant time and cost to be spent managing the consequences. Practical tips to take away include:
Keep updated: Sanctions are subject to regular change, especially in the current climate. Sign up for the relevant official alerts to receive up-to-date information. Test your screening rules, making sure you understand and tailor any automated tools.
Monitor updated sanctions against your business and risk profile and consider enhanced monitoring and other controls post-completion of a merger or acquisition. Never assume that one-time screening is enough.
Know your business: Sanctions can bite at any touchpoint in the supply chain and with any number of factors, such as the individuals, entities, sectors and jurisdictions involved, the source of the goods or the nature of the financial transactions. Map out how sanctions could affect your particular business. This will help identify the types of sanctions (financial, trade, shipping, transport, immigration) and the jurisdictions you need to be looking at.
Non-US parties can be caught by US sanctions, for example, if there is a sufficient link to US jurisdiction such as doing business in US dollars. A breach falls within OFSI’s remit if it involves sufficient connection to the UK, including transactions using UK clearing services, actions taken by a UK company’s local subsidiary or actions taking place overseas but directed from the UK.
Know your counterparties, customers and suppliers: Even if they don’t appear on sanctions lists, they may still be caught if they are owned or controlled by a sanctioned entity, and so become sanctioned themselves. Check corporate structures and identify and screen all parties, including any person that may have control over them.
Think about who is in the payment chain and consider requesting key information from counterparties as a matter of course. Insert express sanctions and trade controls compliance clauses in contracts, tailored to the circumstances and level of risk. Consider undertaking comprehensive supply chain audits to identify areas of concern and mitigate risk.
Manage internal risk: Ignorance of the rules is no excuse under a strict liability regime, so it’s essential that sanctions policies and staff training are up-to-date and you and your employees understand how nationality or place of residence may affect compliance. Put robust systems in place to deal with any red flags.
Consider if you need to terminate a transaction, freeze funds or assets and report to OFSI or another relevant authority. Implement appropriate record-keeping procedures documenting your decision-making, due diligence and mitigation measures.
Andrew Northage is a partner in the regulatory and compliance team and head of international trade at UK law firm Walker Morris. Andrew specializes in financial services regulation and financial crime, including bribery, money laundering and sanctions compliance. Andrew has worked for an international firm in London and as an investigator and prosecutor for the Serious Fraud Office.