Sanctions Compliance11 November 2020

Counterparty Diligence

The first step in sanctions compliance is counterparty diligence, so as to identify whether your counterparty is sanctioned. Counterparty diligence overlaps heavily with other “know your customer” (KYC) diligence, including any anti-money laundering (AML) requirements.

At the most basic level, OFAC operates a website that can be searched for the name of any counterparty.² Commercially available subscription services can also run a more detailed search. However, merely searching the website (or even a for-pay service) for a counterparty’s name is not necessarily sufficient. For one thing, under the “50%” rule, an entity that is owned 50% or more by one or more Specially Designated Nationals (SDNs) is itself treated as an SDN. Shipping companies often operate through special purpose entities organized in offshore jurisdictions, with no record of beneficial ownership. A seach of such a company’s name may yield no results, but if it is owned by an SDN, it will still be treated as an SDN. There is also a risk of a conduit or “strawman,” where the “true” counterparty is not the listed entity but the sanctioned entity that stands behind it. As a result, it is important to ascertain the true identity of the counterparty, not just nominal ownership. Finally, OFAC guidance has made clear that transactions with sanctioned officers and directors may result in a violation even if the company itself is not an SDN.³ Therefore, officers, directors and similar parties should be subject to KYC diligence.

Even if it has been established that the counterparty itself (including its officers and directors) is not sanctioned, it would still be prudent to learn more about the counterparty in order to ascertain whether the counterparty is likely to be in violation of sanctions. This is sometimes referred to as “know your customer’s customer” (KYCC). By necessity, this is a more subjective determination than simply learning the counterparty’s identity. The counterparty may have engaged in activities that raise some red flags, but management may decide, after analyzing the risk, that such activities do not rise to the level that would require rejection of the transaction. The appropriate level of KYCC should be described in the sanctions compliance policy.

Two issues identified in the Maritime Advisory referenced above raise particular compliance challenges: AIS transponders and ship-to-ship (STS) transfers.

Records and Auditing

One of the most important, and most overlooked, aspects of compliance is recordkeeping. It is important for a company to be able to show the relevant authorities or other parties not just that it has adopted a compliance policy, but that it has actually followed the policy and done the work of compliance. Otherwise, if there is a violation, the mitigating effects of the compliance policy will be vitiated. It is therefore important that the company keep accessible records (whether in electronic or physical form) showing its diligence, searches and other activities undertaken to comply with sanctions. In general, records should be kept for at least five years (which is the standard statute of limitations for a sanctions violation). In addition, it is useful for a company to test or audit its sanctions compliance program, whether by means of internal checks or a more formal third-party audit, to confirm that the individuals tasked with enforcing compliance are in fact doing so.

Conclusion

Given the importance of US sanctions, it is crucial for all participants in the maritime community, including shipowners, charterers, technical and commercial managers, brokers, crewing companies, lenders and insurance companies, to adopt, maintain and follow a robust sanctions compliance policy, and to include appropriate sanctions language in relevant contracts.

If you have any questions about sanctions compliance as relates to you, please contact me or other qualified US sanctions counsel.