According to OFAC, the violations occurred between November 2013 and August 2017, when Danfoss FZCO—Danfoss’s wholly owned UAE subsidiary—sold cooling and heating equipment and related components to customers in Sudan, Syria, and Iran. During this period, Danfoss FZCO employees directed these customers to remit payments to at least three accounts at banks located in the UAE, including Danfoss’s U.S. branch account. Danfoss FZCO’s customers in Iran, Syria, and Sudan used third-party payers, such as money exchangers in non-sanctioned jurisdictions, to pay Danfoss FZCO at this account. Danfoss FZCO also used third-party payers to make five transfers from its U.S. financial institution to parties in Syria and Iran.
The use of third-party payers disguised the originator or beneficiary of these transactions. As a result, the payments at issue were not stopped by the bank’s transactional screening filters. The total value of all transfers was approximately $17 million.
Sanctions Compliance lapses
Since at least 2011, the company knew of the sanctions risks it was facing, even ignoring warnings from compliance personnel. For example, “in February 2016 Danfoss’ compliance division discovered that an Iranian customer had been invoiced in U.S. dollars and advised Danfoss FZCO that such activity was impermissible.” Still, the subsidiary continued to use its U.S. branch account to collect payments from customers in sanctioned jurisdictions until August 2017, according to OFAC.
The violations occurred “primarily because of deficiencies in Danfoss’s global sanctions compliance program,” which “did not have in place procedures to regularly monitor Danfoss FZCO’s activities to identify potential sanctions issues. As a result, Danfoss lacked the means to know when problems arose, unless Danfoss FZCO proactively contacted Danfoss’ compliance program manager.
Danfoss FZCO personnel, including the regional finance director, did not have substantive training on U.S. sanctions and did not consult with Danfoss’ compliance program manager on the transactions giving rise to the apparent violations. “This insufficient understanding of U.S. sanctions left the regional finance director with a lack of urgency to address Danfoss FZCO’s banking issues and substantially contributed to the delay in stopping the violative transactions,” OFAC said.
Danfoss’s financial institution notified the company of the violations in May 2017, when they were identified. In October 2017, Danfoss disclosed them to OFAC, which was” already in possession of relevant information and assessed that Danfoss’ submission did not qualify as a voluntary self-disclosure,” OFAC said.
Mitigating Factors for Danfoss
OFAC said the settlement amount reflects its determination that Danfoss did not voluntarily self-disclose the apparent violations and that the apparent violations constitute a non-egregious case. Among the mitigating factors OFAC considered is that Danfoss “has not received a penalty notice or Finding of Violation from OFAC in the five years preceding the earliest date of the transactions giving rise to the apparent violations.”
Secondly, Danfoss acted quickly to ascertain the root causes of the conduct at issue and “adopted new and more effective internal controls and procedures” to prevent a recurrence of the violations. These measures included:
- Ceasing doing business entirely in Iran, Syria, and Sudan;
- Developing a new procedure for monitoring and documenting payments to its U.S. bank accounts to identify true originators and reject any payments that originate from a sanctioned jurisdiction;
- Updating its Export Control Standards and its Export Control Manual to contain sections that specifically highlight the roles and responsibilities of all employees to address specific U.S. sanctions regulations compliance, and released several new required forms, announcements, and supporting documentation to reinforce its employees’ understanding of U.S. export controls and sanctions and to help employees identify sanctions compliance red flags; and
- Creating a sanctions manual specifically for Danfoss FZCO and implemented training for Danfoss FZCO employees to make clear their obligations under U.S. sanctions and the risks specific to doing business in the Middle East.
Lastly, according to OFAC, “Danfoss was highly cooperative in providing relevant information and responding to all OFAC requests for information in a timely manner. Danfoss also agreed to toll the statute of limitations for the apparent violations.”
Compliance lessons
OFAC highlighted several lessons learned from its enforcement action against Danfoss. Those lessons include the following:
Be aware of the risks posed by U.S. financial institutions in commercial activity involving an OFAC-sanctioned country, region, or person. “Commercial activity that might not otherwise violate OFAC regulations—such as the sale of non-U.S. goods by a non-U.S. person to an entity in an OFAC-sanctioned country—can nonetheless cause a violation when the financial transactions related to that activity are processed through or involve U.S. financial institutions,” OFAC said.
Maintain an effective, risk-based sanctions compliance program and train key staff, including senior management, to identify and escalate potential U.S. sanctions violations to the appropriate compliance personnel. “It is particularly important to implement controls specific to the risks posed by the regions in which subsidiaries operate, and any risks stemming from specific business practices, such as accepting payments from third parties,” OFAC said.
Consider OFAC guidance and advisories to inform and strengthen sanctions compliance programs. In January 2013, OFAC published an advisory that alerted U.S. financial institutions to Iranian efforts to circumvent U.S. sanctions, especially risks arising from the use of third-country exchange houses and trading companies acting as money transmitters in support of business with Iran. “Even where a non-U.S. company engages in otherwise permissible trade with Iran,” OFAC said, “knowledge of the risks described in the advisory may help the company avoid engaging in prohibited dealings with U.S. financial institutions and other persons.”
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.