Press Room
 

To view or print the PDF content on this page, download the free Adobe® Acrobat® Reader®.

June 30, 2005
JS-2620

Procedures Released for Examining OFAC
Compliance

The Federal Financial Institutions Examination Council (FFIEC) today released a Bank Secrecy Act/Anti-Money Laundering Manual (FFIEC BSA/AML Examination Manual). The manual includes audit procedures for use when examining financial institutions for compliance with the sanctions programs administered by the Treasury Department's Office of Foreign Assets Control (OFAC). The manual is expected to serve as an OFAC model for federal and state regulators in other areas, such as the securities industry.

"The publication of this guidance will further ensure consistency and provide additional clarity in relation to OFAC compliance," said Robert Werner, the Director of OFAC. "This is one more step in our continuing efforts to assist U.S. Banks and other U.S. Industries in complying with those economic sanctions programs that are so critical to furthering our country's national security and foreign policy interests."

As outlined in the manual, OFAC emphasizes that financial institutions should take a risk-based approach when considering the likelihood of encountering a "match" or "hit" to the list of Specially Designated Nationals and Blocked Persons (SDN List), a targeted country or other OFAC sanctions.

The manual recognizes that a fundamental element of sound OFAC compliance is a bank's assessment of its product lines, its customer base, its geographic location, the nature of its transactions and the identification of high-risk areas for OFAC transactions. It states that banks should establish and maintain an effective, written OFAC program commensurate with their OFAC risk profile. Programs should:

  • Identify high-risk areas;
  • Provide for appropriate internal controls for screening and reporting;
  • Establish independent testing for compliance;
  • Designate a bank employee or employees as responsible for OFAC compliance and
  • Create training programs for appropriate personnel in all relevant areas of the bank.

The manual also notes that "an effective risk assessment should be a composite of multiple factors, and depending upon the circumstances, certain factors may be weighed more heavily than others."

The functional regulators will be examining financial institutions to determine the adequacy of each institution's OFAC program and the effectiveness of its risk management.

Recognizing that the primary goal of OFAC's enforcement actions is remediation, OFAC is working toward an updated version of its own Enforcement Guidelines which will be published in the Federal Register. The new Guidelines will incorporate risk-based compliance. OFAC will implement an institutional – rather than only a transactional – approach into its enforcement calculus, which will take into account the efforts of financial institutions to assure OFAC compliance, as well as any violations that might occur.

OFAC realizes that every violation does not rise to the same level of egregiousness. It is committed to and will be involved in an ongoing dialogue with the functional regulators about institutions and violations. It will actively seek their opinion about OFAC compliance programs at institutions under enforcement review and will also be participating in numerous training sessions, including teleconferences, with financial institutions.

The BSA/AML Examination Manual material is accessible via the following link: http://www.treas.gov/offices/enforcement/ofac/civpen/ofac_sec_frb.pdf.

Also available on OFAC's website are expanded risk matrices for banks to consider as they review their compliance procedures: http://www.treas.gov/offices/enforcement/ofac/faq/matrix.pdf.