CSI Resources

You are here:
illustration of world wide internet

Will Iran Sanctions Affect Your Institution?

  • by Amber Goodrich
  • Dec 13, 2018

On May 8, 2018, President Trump announced his decision to withdraw the United States from the Iran Deal, also known as the Joint Comprehensive Plan of Action (JCPOA), a treaty implemented on Jan. 16, 2016. Joined by Iran, China, France, Germany, Russia, the United Kingdom and the United States, the JCPOA allowed sanctions relief to Iran in exchange for curbing its nuclear-related programs.

In conjunction with Trump’s decision, the U.S. reinstated nuclear sanctions on Iran at the conclusion of two wind-down periods, the second of which ended Nov. 4. The wind-down allowed U.S. organizations time to wrap up all soon-to-be sanctioned transactions with Iran.

So, what do new Iran sanctions mean for businesses that are categorized by the USA PATRIOT ACT as financial institutions (banks, credit unions, MSBs, etc.)? The answer centers on increased sanctions compliance, specifically around OFAC’s Specially Designated Nationals (SDN) list.

Changes in OFAC

Perhaps the biggest and most significant aspect of our country’s Iran Deal withdrawal is the re-instatement of a substantial subset of Iranian names and entities to OFAC’s SDN list, those whose assets are blocked and with whom U.S. persons are prohibited from engaging in activities or transactions. What this signified was an enormous update, all at once, to OFAC’s SDN list on Nov. 5.

By now, all U.S. financial institutions and organizations should have performed a customer database re-screen to ensure they’re not conducting business with re-instated SDNs. For organizations that do not employ automated watch list screening, this task can seem practically insurmountable from a cost and time standpoint.

Action Items for Your Institution

Conducting sanctioned transactions or certain activities with SDNs can mean business-crushing fines by OFAC. In fact, the number of million-dollar civil money penalties has grown exponentially over the last few years. U.S. financial institutions—and all other organizations, for that matter—should:

  • If not already doing so, strongly consider implementing automated watch list screening. You can even contemplate outsourcing your watch list screening efforts in the interim. Attempting to manually handle such an enormous update can easily overwhelm compliance staff and leave too much room for human error
  • Review policies and procedures, particularly those that might have allowed the types of transactions in question
  • For non-U.S. subsidiaries of U.S. institutions, terminate any transactions with Iran
  • Maintain an overall awareness that these actions by the Trump administration might just be the tipping off point for further events that may greatly affect the country as a whole—well beyond financial transactions

Be Aware of Secondary Sanctions

Currently, the U.S. is the only country to withdraw from the Iran Deal, a fact that potentially complicates our relations with the remaining countries involved in the JCPOA, due to what’s called secondary sanctions. Secondary sanctions come into play for cases in which the U.S., another country, and Iran were involved in business dealings prior to our withdrawal from the deal—and the other country continues those dealings with Iran.

For example, if the U.S. conducted transactions with France and Iran involving goods and services used in the Iranian automotive industry—and France continues those transactions that the U.S. has now sanctioned—France could be subject to secondary sanctions. These sanctions can lead to commercial and legal risks.  

Learn More, Listen to the Podcast

For now, it’s vital that financial institutions and all other American businesses remain solidly aware of how the Iran Deal plays out. And of course, screen and re-screen all customers in the meantime. For much more on this topic, listen to the Iran Sanctions episode of CSI’s podcast, Fintech Focus.

Amber Goodrich, compliance strategist for CSI Regulatory Compliance, has more than 10 years of financial industry experience. She is a Certified Regulatory Compliance Manager (CRCM) and Certified Bank Secrecy Act (BSA) Professional (CBAP).