Everyone’s happy when their OFAC Screening results are clear, but what should you do when they’re not?
Your options are: (A) initiate company-wide panic, (B) cease all operations and hang an “Out for Lunch…Permanently” sign on the front door, or (C), take simple steps to ensure appropriate handling of your positive matches.
- Take a breath. The first thing to do is ask yourself if the name that’s been matched is actually the name you’re looking for. Use of middle names, multiple given names and short forms could easily lead you to believe you have a match when in fact, you don’t. Look at the photo provided in your search result (maybe you have the wrong gender!) and at the other details, such as address, date of birth (an especially reliable identifier) and the Federal Register Order, to see if you actually have the right person. A robust screening solution will help you to minimize false positives (occurrences of the same or similar names for persons and companies) but ultimately it’s your responsibility to determine whether or not a match is genuine.
- Consult the experts. Only qualified persons should make ultimate determinations about positive search results. This also means a workflow that allows for suitable sharing of information is crucial. Your resident compliance expert will require all the details about a match to decide if a transaction may proceed. If you are that person, be certain your current system enables timely and accurate communication, so you’re never left in the dark. And keep the OFAC hotline number handy!
- Stop the presses. Fear not, a match doesn’t equal a violation, so there’s no need to report your findings to the authorities. But once it has been determined the match is valid you must immediately stop the transaction to avoid committing a violation.
- Do some detective work. Your compliance team should check to see if the individual in question has used an alias in the past – look for persons with similar addresses, and research any international divisions and subsidiaries. Search your records for any past interactions the individual may have had with your company before they appeared on a watch list.
- Know your lists. Differentiating between government lists can help you understand the alert you’ve received. The General Services Administration (GSA) list lets you know if a party is barred from receiving federal contracts, subcontracts, and certain types of federal financial assistance (be sure to refer to the codes provided in your search results to learn the exact restrictions – you may still be able to legally conduct business with the identified party). A match appearing on a Denied Persons List means the individual is completely denied export privileges. According to the Bureau of Industry and Security (BIS) website, if someone appears on a Denied Party List, it means the party is “prohibited from receiving some or all items subject to the Export Administration Regulations (EAR) unless the exporter secures a license.” An Unverified List contains individuals for whom the BIS haven’t been able to verify the end-user in prior transactions – a definite “red flag” that should be investigated. And the OFAC Specially Designated Nationals (SDN) lists entities and individuals whose assets are blocked. U.S. persons are generally prohibited from dealing with them or supporting them in any way!
- Document everything. This point cannot be stressed enough. Be sure you have comprehensive records of all screening activities and your responses to positive matches. When you’re audited you should be able to clearly demonstrate the rationale behind your determinations, so your company’s not on the defensive.
A positive screening match need not be cause for alarm, but it’s important to be mindful of the very real potential for violations. Review your company’s compliance policies and procedures regularly to ensure everyone on your team understands what’s expected of them to keep your business compliant.