GIR sanctions roundtable transcript: Part II
The second instalment of GIR’s sanctions roundtable sees the panellists discuss global trends and priorities, views on countersanctions and blocking measures, and enforcement and cooperation strategies from the private and government side.
Rachel Barnes, a dual-qualified US lawyer and English barrister at Three Raymond Buildings in London. She is a co-editor of GIR’s Guide to Sanctions, now in its second edition.
Michael Lieberman, the assistant director for enforcement at the Office of Foreign Assets Control (OFAC) at the US Department of the Treasury in Washington, DC.
Kerry Contini, a partner at Baker McKenzie in Washington, DC focused on export controls and sanctions.
Charlie Steele, a partner at Forensic Risk Alliance in Washington, DC, who previously held positions at the Justice Department and at the US Treasury – most recently as chief counsel at OFAC.
Gayathri Kamalanathan, a partner at Slaughter and May in London, having joined in April from Danske Bank, where she was the head of litigation and enforcement.
Aimee Langley, the head of compliance at the Office of Financial Sanctions Implementation (OFSI) in London.
Over the past few years, there’s been a lot more focus on upstream – where are your suppliers; where are your vendors; where are your goods that you supply coming from
Global trends and priorities
Barnes: Sticking with the global perspective for a moment, what do you see more broadly, as some of the main global themes, priorities, trends in sanctions over, say, the past 18 months or year or so?
Contini: To start with a macro trend, it really can’t be overstated that companies have to navigate an increasingly complex wave of sanctions all over the world. I wanted to make a couple of points to flesh that out a little bit. The first one is sanctions remain a popular tool, not only in the US but elsewhere. And we’ve talked a lot about Europe, the UK. There are others. Of course, we have China. We have others that may not come to mind to everybody day-to-day but, for example, Ukraine has a robust sanctions programme and has, you know, not too long ago, targeted some pretty significant Russian companies. So, there is a lot to navigate.
Another point is that more sanctions regimes are becoming issue-focused rather than territorial. This is something the US has had for a long time, but we are starting to see this pop up in other places who have human rights regimes, regimes that target people engaged in chemical weapons or cyber activities or corruption. This makes it more complicated from a compliance perspective because it’s not quite as simple as just coming up with a list of high-risk countries when you’re looking at where the sanctions risks are.
And, of course, we’ve talked a lot about the multilateral efforts. We are seeing a lot more countries working together, which increases the amount of sanctions that need to be complied with and there’s a lot of alignment but not exactly. You can’t just assume that, because the US, the UK and Canada took an action together, that they took the exact same action. There may actually be distinctions. It’s becoming increasingly complex.
Then one other bigger trend I wanted to mention are increased connections to ESG, so environment, social and governance, and supply chain issues. For many years, sanctions compliance has been a bit more focused on downstream – where are your distributors; who are they selling to; are there diversion risks on that side. Over the past few years, there’s been a lot more focus on upstream – where are your suppliers; where are your vendors; where are your goods that you supply coming from – and this has been in the US due to recent enforcement cases, supply chain advisories, the addition of companies to the SDN list or entity lists that are, actually, companies that really do show up in companies’ upstream supply chains. Customs measures and other jurisdictions are starting to look a lot more at this, including, you know, increased the due diligence requirements. There is a need to really connect sanctions compliance with some of these other compliance areas and ESG considerations, more broadly.
Barnes: Gayathri, do you see companies starting to have their sanctions compliance function sitting in with their wider compliance functions? Because, as Kerry said, you’ve got this tie-in with ESG, with supply chains. Aimee mentioned earlier from the OFSI perspective of seeing it sitting within the economic crime risks, more broadly. Is that something you’re seeing in companies themselves?
Kamalanathan: Yes, absolutely, or a recognition that that they need to be more joined up, certainly at the more senior level and not just at the most senior level. You need your middle management to be sufficiently knowledgeable and able to navigate these sorts of issues.
Barnes: Thinking about my past experience with some clients, albeit a long time ago, we had a case where they were fine on the export controls; they’d worked out what they needed to do to get the widgets from one country to another country but they hadn’t thought about what happened when that other country recipient paid for it and then brought in financial sanctions issues. And that’s – in your experience, that’s changing now?
Kamalanathan: There’s a recognition that it needs to and we are going to come on later and talk about technology but the point I think that we’re all talking about here as well, and it’s a theme, the complexity of this requires real resource and technology, it needs to be a combined sort of triage of those things in terms of expertise, resource and numbers of people and tools and investments for it to really be effective. Certainly, the organisations that I’ve worked in and that I advise recognise those challenges and it’s something that that they’re working towards, but it’s certainly a challenge, as it is for the enforcement agencies as well.
The US government view on countersanctions and blocking measures
Barnes: One of the complexities we’ve talked about, is not just a different sanctions regime amongst broadly allied states but when you’ve got countermeasures or blocking statutes, and of course, Gayathri, you and I in the UK have to deal with the fact that we’ve got the UK blocking statute and the EU, it’s got the blocking regulation as regards the US extraterritorial Cuban and Iran sanctions. Charlie, with your government plus private hats, what do you see the US approach to other countries using countersanctions, using blocking measures and what does that mean for the companies stuck in the crosshairs?
Steele: Yeah, it obviously makes things very, very difficult for the companies and banks and others stuck in the process. The baseline view of the US government has always been and, as far as I know, it still is the basic idea that, for better or worse, if you’re subject to our rules, you have got to comply with our rules, US rules, without regard to what other countries are doing, period. That’s the baseline view. But I’ve seen examples of cases where OFAC and, therefore, the inter-agency – and very much the State Department has to be involved as well – will try to work out some type of arrangement or solution for a company that finds itself in a particularly tight spot.
Two examples would be a company that’s clearly facing an imminent judgment, an adverse judgment, in litigation in the other country of a substantial nature, or an enforcement action, a punitive enforcement action, in the other country. In such cases I have seen OFAC sometimes kick in and work out, at times successfully, some types of arrangements. I would say the most important thing for companies and entities is not to assume that they can achieve that. The main thing is you only go to OFAC when you have concrete, imminent, serious harm. In other words, just the conceptual or even high likelihood that you could be sued someday, I have not seen that be enough for OFAC to get started. So, a concrete imminent harm and, when you go, be able to show OFAC that you’re being proactive, not just in that sense but that you’ve assessed the US rules, you have done your best to comply with US rules and exactly how it is that, despite your best efforts, you’re coming up short. In those situations, it has happened that you can get OFAC and, through them, the US inter-agency, as needed, to help work out a solution. But you don’t want to overstate that and think that you can do that in every case. Again, maybe the practitioners here have tried and have some views on that.
Kamalanathan: I won’t be able to go into specifics and it was before my time at Slaughter and May – but I have had experience of being in that situation, whereby there was litigation in a European member state preventing the decision from being taken. That was sufficient for a constructive engagement with OFAC on that particular topic and we were able to find a way through. But to your point, Charlie, it involved exactly the points you said in terms of actually demonstrating active steps and defences and the points that had been tried and the arguments that had been made and ensuring that there was legal advice that we could share and explain to the authorities on that.
Always keep in mind that [OFAC is] advancing, somewhat aggressively, US foreign policy and national security policy. That’s the point that underlies all this.
Steele: Sometimes people can hear this and think OFAC must be being terribly unreasonable and bureaucratic, but always keep in mind that they are advancing, somewhat aggressively, US foreign policy and national security policy. That’s the point that underlies all this. And so, if OFAC is going to work out an arrangement with someone and basically take a second chair to another country’s countermeasures, to some degree that involves, at least conceptually, a sacrifice of US foreign policy prerogatives. And they’ll do that occasionally but it’s not necessarily a decision that they can take quite easily and that’s why you have to have these other factors, and the real harm and everything that Gayathri just mentioned, I think, to be able to achieve this.
Kamalanathan: And, in that particular case, I would say – again to your points – in the grand scheme of thinking about it from a policy perspective, the particular issue and incident was not material. I think that was the way in which OFAC was able to get comfortable that they could make that kind of allowance.
Contini: I’ve had similar experiences and they are similarly rare. I would just say that we can, I think, expect these kinds of issues to be popping up much more regularly now with the different countermeasures that we’re seeing, particularly the China Anti-Foreign Sanctions Law and those kinds of sensitivities. We could be seeing situations where companies really find themselves between a rock and a hard place dealing with US sanctions and the countermeasures and I wish I had some quick answer.
There is no easy answer except to say that it’s absolutely critical that when you’re looking at US sanctions measures where there could be a countermeasure that would affect it, make sure that the compliance experts in all relevant jurisdictions are involved in the discussion and the risk assessment and are talking about the path forward and also keep in mind the cultural sensitivities here too. There could be situations where some of these – these are very hot issues right now and they can create a highly charged environment, where you could have employees on the ground that might be worried about their safety. That’s also another really important thing to keep in mind.
OFSI’s approach to companies caught between crosshairs of conflicting regimes
Barnes: Kerry, as you say, we’re probably going to be seeing more and more of these things. OFAC’s got experience dealing with it. Aimee, if we had a similar situation where a company came to OFSI, saying we’ve got a real problem here – perhaps the example Kerry has given – we have got people on the ground and we’ve got real security concerns. What approach would OFSI be taking to this similar sort of situation?
Langley: The set-up is slightly different in the UK. OFSI is the competent authority for assessing breaches of the UK financial sanctions regime committed by UK companies or UK individuals. Within the UK, it’s the Department for International Trade that’s responsible for the UK’s protection of trading interests legislation but, even though it sits outside OFSI, I can say a few things about the approach.
I do know that that legislation seeks to protect UK persons in the legitimate trade with countries affected by the extraterritorial application of certain laws. It is challenging and compliance with the sanctions prescribed in the annex is a criminal offence in the UK and is punishable by an unlimited fine. UK persons must also notify the secretary of state for international trade where their economic interests have been affected by those sanctions within 30 days of becoming aware.
But, with that being said around the challenges, the UK government does understand these challenges and the impact they have on companies and if UK persons consider that non-compliance with the prescribed sanctions would seriously damage their interests, they can apply to the secretary of state for international trade for authorisation to conduct the activity which would otherwise be prohibited. So that’s very much in exceptional cases and is assessed on a case-by-case basis but, a bit as we’ve just been discussing, that option is there for those exceptional cases. But, generally, in terms of the kind of objectives, the legislation doesn’t stop routine, legitimate, commercial decisions from being taken. It is just focused on decisions that are taken based on those extraterritorial laws.
Enforcement strategies during investigations in light of current global trends
Barnes: You mention the exceptional circumstances where the secretary of state would give a specific authorisation for a company to comply with an extraterritorial law or extraterritorial sanctions of a different country and I think we’ve got one example of published authorisation. That gives us an idea of quite how exceptional the situation is. Thinking more widely about some of the other issues that Kerry touched on in terms of what the global themes are at the moment, how does – in light of those – how does that impact upon the enforcement strategies that say OFSI is looking to implement?
Langley: In terms of the enforcement strategies, I think they would be the kind of things that I was outlining near the start in terms of developing our understanding of the current pictures very much. We have, historically, cooperated with US and European partners on enforcement and on sanctions, more generally, and we continue to do that, recognising that the multilateral nature of sanctions makes it so much more effective. We continue to cooperate but generally I don’t think we would take a specific different approach to some of the things I was outlining earlier.
Cooperation between enforcement authorities
Barnes: Michael, coming over to you in the US and picking up on this idea of cooperation with other authorities, are we going to see the same sort of multilateral cooperation we see in the anti-corruption and bribery world or the FCPA world, such as the Airbus settlement or the Goldman Sachs-1MDB matter? Are we going to see that in sanctions?
[W]e are looking to enhance our international cooperation with partners around the world to amplify the impact of our actions
Lieberman: It’s an interesting question. In the appropriate case, there may be opportunities for that kind of cooperation and enforcement action. Certainly, there’s very strong cooperation between OFSI and OFAC on a number of fronts and, as I noted earlier, we are looking to enhance our international cooperation with partners around the world to amplify the impact of our actions and, when there are international nexuses between enforcement actions, I think there’s certainly a logic to working together.
I would note there are probably some important differences between law enforcement cooperation and civil sanctions authorities in the way we operate, including in the scope of our authorities and the scope of our legal authorities and our relative size, as Charlie mentioned, and the types of cases we pursue. I certainly wouldn’t rule it out but there are some structural and then legal scope issues that might not lend itself to the same sort of frequency, perhaps, as you do see in international criminal cases. Now, that said, I think, as other countries adopt regimes more, perhaps, parallel to the United States and as other countries begin to strengthen their own sanctions authorities and the bodies responsible for enforcing them, greater opportunities will arise and that’s certainly something that, as I mentioned, does have a compelling rationale in the right case.
Langley: If I can just add as well to Mike, in OFSI, we tend to think in terms of the tools available for such cooperation rather than just the instances, which obviously won’t always be able to be publicised or spoken about as well. In terms of the tools for international cooperation, under the Sanctions and Anti-Money Laundering Act, OFSI’s ability to share information for the purposes of facilitating compliance has widened and that’s with all parties, domestically and internationally. That’s an improvement to our tool that we have ready to use and are able to use when we need to.
As well as sharing information in relation to specific cases, for OFSI, as a comparatively newer organisation compared to OFAC, having been established in 2016, we look at sharing information and having discussions internationally around the holistic approach to compliance enforcement, financial sanctions, so exchanging best practices, comparing views on approaches, operational policy, looking at what guidance has been published internationally and what industry is asking for. The type of cooperation that’s already happening from OFSI’s perspective is across different countries bilaterally and multilaterally, for example through the FATF delegation, but the cooperation goes outside of just our enforcement strategies and links into all of our elements of the way we carry out our work.
Barnes: Sticking with enforcement strategies, OFSI obviously works closely with the National Crime Agency (NCA) in the UK, which is, if I put it this way, your investigative arm, particularly when you’ve got a case that’s potentially a criminal matter. The NCA obviously has a longer history of bilateral cooperation, on particular investigations and with the FBI in the US. Is that something that, as private practitioners, we might like to think about: not just the fact that OFSI is new but OFSI talks to the NCA and the NCA has got lots of connections with its law enforcement partners around the world?
Langley: I would probably look at it in a slightly different way. In terms of our relationship with the NCA, that actually goes back to before OFSI was created, when it was our team beforehand in the Treasury. I probably wouldn’t necessarily describe them as our investigatory arm. They’re a separate body but they are a body to whom we will refer the most serious cases. That is certainly the case. I mean all financial sanctions breaches in the UK are criminal offences but then we decide what type of enforcement action is most appropriate to take, so whether we close them with civil penalties, with OFSI’s monetary penalty power being the most serious, which is actually proportionate and in the public interest in the vast majority of cases, even some of our most serious cases.
If you look at our monetary penalties so far. We imposed a monetary penalty of over £20 million on Standard Chartered Bank. It can cover serious cases as well but it is fair to say that, because we have that relationship with the NCA and refer matters to them and having that dialogue, we do have some benefits of sharing best practices that comes from that. But it would also go wider than the NCA. The relationships we have with other government departments, other agencies within the UK, would also help us in the way that we carry out our activities and help us inform our strategies.
The private sector view: What enforcement strategies work well and what doesn’t and why?
Barnes: On the issue of enforcement strategies, I’m going to throw this open to the private practitioners now to really offer their perspectives and views and what they think works. I’m asking you to critique the government enforcement strategies but from a private practitioner’s perspective. So, Kerry, what do you think, from a private practitioner looking at what OFAC does, looking at the other agencies, be it BIS in the Department of Commerce, if we’re talking about export control issues. What works for them?
I don’t know that we’re going to see a huge rush of disclosures into the DOJ right now but it is something to keep an eye on.
Contini: What has been helpful to companies is the amount of detail that’s in some of the enforcement cases because it allows for companies to see what went wrong in other instances and to get a better sense of what the US government’s expectations are for compliance programmes, and also to see what the aggravating and mitigating factors were. When OFAC published its compliance framework back in 2018, there was an addendum at the end that showed the common root causes of compliance issues – the types of things that OFAC in their enforcement work were seeing show up again and again – that was really, really helpful reading. It would be helpful to see that updated from time to time: are the common issues shifting in any way? That’s very helpful for companies to use when they are considering possible changes to their compliance programme.
And then I just wanted to say one or two things about the Department of Justice’s voluntary self-disclosure programme, which we haven’t seen a whole lot of activity around. The DOJ has jurisdiction over criminal or wilful conduct and we have seen at least one case where the DOJ basically gave credit to a company for disclosing under this programme, and that is the benefit of disclosing, that you get reduced penalties if they do decide to impose penalties. But I think companies should remember that, at least in the US, disclosures are usually voluntary. They are not required, except for in some circumstances where you may be already in front of the agency on another issue and the violation that is discovered is a material fact in this other filing, those types of situations, but, generally speaking, disclosures are voluntary and companies can weigh a variety of factors in determining whether to disclose, such as the type of violation, the value, the frequency, what the issues are. I don’t know that we’re going to see a huge rush of disclosures into the DOJ right now but it is something to keep an eye on.
Barnes: Gayathri, you’ve been that person or representing that company that’s in front of the agency and had to deal with the disclosures and the investigations. From your perspective, what would make your life easier in that position?
Kamalanathan: I will speak from the in-house position. It’s my more recent and extensive perspective and having to advise boards of companies, being in those companies. A lot of the points have been touched on. I really echo the points around transparency with respect to previous enforcement decisions because that is incredibly informative and powerful as well in explaining to your organisations what you need to do and what you shouldn’t do; what does cooperation look like; what does it mean; what kind of credit can it give you. I think there are distinctions here between the US and the UK.
One observation is that certainly one of the things I have found harder to explain in those positions is what does this all translate to when it comes to monetary penalties. And I know that OFAC has a more prescriptive approach than in non-sanctions space but still, that is often a question that can be quite difficult to judge in terms of materiality and is a question I’ve received a lot as an in-house lawyer as in: what does cooperation really mean? I think that can feel counterintuitive to some organisations that aren’t used to dealing with US enforcement authorities, and in particular, what will this mean for me in terms of the ultimate outcome. The more that can be demonstrated and shared in that context, I think the more that it will encourage and assist organisations to be able to manage these difficult enforcement situations.
And then the other point is how to navigate that international environment of managing your home regulator, who will expect deference and full transparency, and the dialogue with other authorities, in particular in the US, who would rightly take the view that information you share with them or input you get from them is confidential. That that has been, a challenge that I’ve had to navigate in explaining that there are limits on what an organisation can do in that respect, other than to encourage them to be transparent with everyone and hope that that inter-authority dialogue happens. That can be quite hard to visualise and quite uncomfortable for organisations if they don’t necessarily know how that works or how to control it.
Barnes: It’s so interesting you say that because it was a few years ago that we had an example of that in UK, where we had a UK financial institution that was subject to US enforcement action and the financial regulator here in the UK only found out about it when they read the newspaper.
So, the bank got a very large fine for not having been open and transparent with its domestic regulator because it was so fixed on making sure it was doing the right thing and coming to the settlement with the US authorities. Is that’s something that you’re seeing as well?
[E]ncourage, as far as possible, your home authority to reach out to the enforcing authority and to understand the facts, if you are limited yourself in sharing those facts.
Kamalanathan: Very much so and it’s something that can be easily forgotten because you’re so focused on the authority that you’re dealing with and ensure you get the best outcome. But, from my own experience of both of the different organisations I’ve worked with, it’s absolutely critical to maintain that open dialogue and to encourage, as far as possible, your home authority to reach out to the enforcing authority and to understand the facts, if you are limited yourself in sharing those facts.
How companies can manage roadblocks to cooperation between international authorities
Barnes: Now, Charlie, you can give that unique perspective about what roadblocks there might be in terms of international cooperation, both for the regulators, different regulators, different enforcement agencies, and how companies try and manage those.
Steele: I can start by seconding with Gayathri and Kerry said. Those are all sort of the key points. The roadblocks or the challenges, at least the big ones, generally fall in two sort of buckets. One is legal, data privacy rules, which differ between especially Europe and the US. Some of the information-sharing restrictions we’ve talked about – every country has some, to one degree or another. You have to be able to navigate those, but when agencies want to cooperate, they do find ways to achieve whatever level of information sharing and other cooperation they need to, but it can just make things a little slower and bumpy.
But the bigger bucket, in my experience, and both Kerry and Gayathri mentioned this too, is just the practical challenges of any two organisations coordinating, especially in an enforcement posture because, whether it’s civil or criminal, at least in the US and I assume it’s the same in the UK, in an enforcement setting where an agency is contemplating a punitive action, imposing a penalty on someone, the tendency and the default is to keep everything confidential, keep everything within the agency, including for reasons of protecting interests of the target or the accused until the action is taken. That’s the default and, again, the agencies can work through that when they need to cooperate but they’re starting from that posture, so it can complicate things.
In my experience, on both sides, it can get significantly more, complicated when there’s a criminal investigation. You could have a purely civil matter with two or three agencies with similar authority coordinating. For example, in the US, you could have the Commerce Department and OFAC looking at the same target, or a bank regulator at the state or federal level, and OFAC looking at the same target, all civil and administrative authorities. But once the Justice Department is involved, and I say this as – I was a 20-year DOJ guy, I was a prosecutor for 12 and then eight other years with other jobs in national security and law enforcement – but I’ll just say that tends to very much complicate things.
And I must have been this way when I was prosecutor, so forgive me, anyone who dealt with me then. Prosecutors can be very prosecution-centric, and they can really tend to think that everything else has to take second fiddle to a prosecution. There are times when that’s legitimate. But with certain types of crimes in the sanctions landscape, I’m not sure that’s always the best approach. So sometimes it can take a lot of effort for the administrative agencies, including OFAC, to really get in and get coordination and get information. I would say companies and entities that find themselves in this boat, the most important thing is to find the right help, the right expert help from lawyers and consultants. You need people with the right judgment, especially the right experience, and there I think what you need is people who have prior experience with the particular agencies you are dealing with. If you have an export control matter, you don’t want an AML practitioner in the first instance. And if you have an OFAC monitor, you really need someone who has dealt with OFAC. And then those practitioners, even for them, it’s a challenge. I think, ideally, if you can set up separate lines of communication with each agency, rather than relying on one agency to be an interlocutor with other agencies, for example, that can be very helpful. Even there, there could be a challenge. If you’re dealing with multiple agencies, you’ve got to be mindful not to alienate one of them by looking like you’re sidelining them. It can actually be pretty challenging, but you can find the experienced practitioners who have been through this before and have the right judgment. It can be done, but it’s often not easy and not pretty to watch. It’s a bumpy ride sometimes to try to get to that ultimate resolution.
Read the rest of the transcript:
Copyright © Law Business ResearchCompany Number: 03281866 VAT: GB 160 7529 10