11 Common Misconceptions: Compliance & Denied Party Screening
With the growth of eCommerce, business integration, and global connectivity showing no sign of abating, compliance and denied party screening (DPS) have been thrust into the spotlight. The era of the mega fine has emerged, with fluid international sanctions policies impacting unsuspecting companies in unwelcome ways. In addition to the potential for reputational damage, penalties for non-compliance can include substantial fines—multimillions of dollars in some instances—, revocation of export privileges, and criminal charges, including prison time.
The solution? Screening for restricted and denied parties, and due diligence to ensure that goods, technologies, and services are not destined for a sanctioned or embargoed country—not to mention screening every financial transaction—should be an integral component of every organization’s governance, risk, and compliance strategy.
WHO NEEDS TO SCREEN?
While homeland security-sensitive industries (e.g., aerospace, defense, telecommunications, IT, energy, research, financial institutions) have a high bar when it comes to complying with U.S. and international export, trade, and financial laws, ordinary businesses from across all industries have an obligation to adhere to compliance requirements as well—and the penalties for non-compliance can be severe.
The reality is that companies found in violation of international trade regulations come from a wide spectrum of industries, not just the usual suspects. In fact, many organizations that have received financial, or even criminal, penalties fall outside the realm of the higher-risk industries.
Unfortunately, many companies hold the erroneous belief that compliance and DPS do not apply to them. By increasing awareness surrounding the following misconceptions about compliance and restricted party screening, organizations can take a proactive and vigilant approach to mitigating risk and avoiding costly penalties.
DPS MYTHS: DON’T LET THEM HAPPEN TO YOU
Screening doesn’t apply to our business, industry, or country.
All businesses, not just those operating within homeland security-sensitive industries, have an obligation to screen. Companies both in the U.S. and those outside of the country that engage with the United States in any capacity—including selling products or services in the U.S., or even using American banks and financial services for transactions—are subject to U.S. export and financial compliance laws.
We don’t need to screen because we supply services, not products.
Every time money changes hands, there is an obligation to ensure that the good or service is not destined for an individual or entity on a government watch list; services (e.g., travel agencies) are not exempt.
We rely on a third party (e.g., freight forwarder) to screen for us.
Many companies make the mistake of thinking that the burden of compliance rests with the shipping or freight forwarding company but this is not always the case. The U.S. government can designate the owner or seller of the merchandise being exported (or imported) as the Exporter of Record, shifting the onus of compliance to both organizations.
Our company operates domestically so screening is not required.
A significant number of individuals found on watch lists are U.S. nationals or citizens located in the United States who have been found guilty of violating export laws. Consequently, organizations are obligated to screen regardless of shipment destination.
Export laws don’t apply to us because we’re located outside the U.S.
Regardless of where an organization’s headquarters or subsidiaries are based, it is highly likely that some, if not all, transactions flow through the U.S. financial system at one point in the purchasing or supply chain process. As such, these transactions fall under the purview of the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC).
We don’t export to countries under sanctions or embargoes.
Virtually every nation, on every continent, has debarred individuals and entities inside their borders—even Antarctica! Given the dynamic nature of international sanction policies, especially in the current political climate, organizations are at risk of engaging with a denied or restricted person or organization regardless of where they export.
Our goods are EAR99 so we don’t need to screen.
Although an organization’s goods might be EAR99 (under the jurisdiction of the U.S. Department of Commerce and not listed on the Commerce Control List), selling them to a denied party is still subject to penalty. For reference, the 2017 edition of the Bureau of Industry and Security’s Don’t Let This Happen to You is replete with examples of EAR99 export violations.
We already screened our customers and contacts once.
Denied and restricted party lists change frequently, in many cases daily. To ensure compliance, organizations would be best served by screening all transactions at multiple points throughout the business workflow.
The project we needed to screen for is complete so we’re in the clear.
While exports are commonly associated with the shipment of goods, export controls also encompass the transfer of technology, software, or technical data, even when the transfer occurs in the United States. Case in point: although a project may have concluded, the release of controlled technologies (a.k.a. deemed exports) to foreign nationals is subject to U.S. export laws.
We only need to screen the person to whom we’re shipping.
One of the most misunderstood areas of export compliance is the requirements surrounding end-use. End-use compliance involves requesting documentation from the purchaser to confirm they are the ultimate destination of the goods and that they will use the product as intended. While obtaining an end-user statement doesn’t guarantee the veracity of the purchaser’s claim, this process demonstrates that a company has taken additional measures to ensure adherence to export and trade compliance laws and will stand them in good stead if issues arise.
We’ll just pay the fine.
Fines incurred as a result of an export of OFAC violation should not be treated as a business expense. In fact, criminal penalties can include jail time and organizations can have their export privileges revoked. Moreover, negative media attention is an increasing concern for risk-adverse organizations attempting to protect their reputation by avoiding conducting business with non-law-abiding people or companies.
Penalties from any export, trade, or OFAC compliance violation can negatively impact an organization’s bottom line, or ultimately cripple a company’s trade. Implementing a comprehensive screening program that encompasses restricted and denied parties and sanctioned and embargoed countries, coupled with cultivating a culture of compliance within the organization, will help keep goods flowing while minimizing the risk of penalties.
Marc Roy is Vice President & General Manager, Compliance Solutions at Descartes Systems Group, the global leader in providing on-demand, software-as-a-service solutions focused on improving the productivity, performance, and security of logistics-intensive businesses.
UNPACKING US-CHINA SANCTIONS AND EXPORT CONTROL REGULATIONS: HUAWEI