As Russian aggression in Ukraine escalates further, the unprecedented sanctions on Russia by the US, UK, EU, and other jurisdictions continue to increase. Recent Russia-related sanctions have received regulators’ full focus and resources.
The UK’s Office of Financial Sanctions Implementation (OFSI) is more than doubling its staff given the surge in Russia-related sanctions. In the US, the US Office of Foreign Assets Control (OFAC) alone has issued over 100 Frequently Asked Questions, over 2,000 specific license and guidance request responses, and over 50 General Licenses for US Russia-related sanctions. Several US agencies also just released an alert outlining the many US restrictive measures taken against Russia’s Military-Industrial Complex.
As sanctions on Russia evolve, it’s critical for compliance leaders to have full confidence in their sanctions controls oversight and testing.
Previously, we outlined 5 practical questions compliance leaders can ask to gain greater assurance over their sanctions controls. Here, we cover additional practical steps compliance leaders should take to address Russia-related sanctions.
1. Review and update sanctions compliance programs
Compliance leaders face a great deal of uncertainty with respect to Russia-related sanctions. New and complex types of restrictions are being used, determining which Russian firms are sanctioned can be difficult, and various jurisdictions' sanctions regimes all have slightly differing approaches.
With each new package of sanctions measures, compliance leaders must check that their compliance policies and procedures account for further developments.
2. Increase sanctions controls testing
Are your firm's controls working effectively? Failures or mistakes become more likely and more severe with the sheer number and complexity of Russia-related sanctions. For example, recent OFAC enforcement actions here and here highlight the need to ensure sanctions controls actually screen the right information.
Review and increase sanctions controls testing and QA/QC measures as needed, and decide if more resourcing is appropriate.
This could include scalable, automated solutions like Automated Assurance to reduce the need for more headcount as sanctions continue to increase.
3. Monitor Russia-related exposures
Many firms have de-risked from direct Russian exposure. But compliance leaders need to monitor for any indirect exposure. Sanctions are forcing companies to weigh the cost of any Russian connections, particularly in the defense, military, and financial spheres.
The US recently said it will aggressively pursue non-US companies materially supporting Russia, its military and defense industrial base, or its annexation of Ukrainian territory. The EU also added a new designation criterion for those who facilitate Russian sanctions circumvention. In short, firms across the globe with any Russian connection need to be wary of being caught by various sanctions regimes.
4. Review sanctions compliance clauses
As even indirect Russian exposure can create risk, compliance leaders should review sanctions compliance clauses in their firm’s contracts with suppliers, partners, or other counterparties. Many clauses may be outdated or inadequate for the latest Russia-related sanctions.
For example, if a counterparty might indirectly expose your firm to Russia-related sanctions risks, what are the corrective actions permitted under the contract and are those steps sufficient?
5. Prepare for sanctions enforcement uptick
OFAC and OFSI are increasing staffing and sanctions enforcement. The US and UK also just announced a deepening of their sanctions cooperation, including working together more closely across sanctions implementation and enforcement.
With the complexity and pace of Russia-related sanctions implementation, minor footfaults and slip-ups are more likely to occur.
It will take some time for any enforcement cases from the recent Russia-related sanctions to be processed, but regulatory attention is clearly focused on enforcing these sanctions.
6. Plan for other sanctions scenarios
Finally, while Russia is the main sanctions focus now, consider if your compliance program needs reinforcement elsewhere. For example, is your firm prepared for a similar increase in sanctions in other higher-risk jurisdictions that may have a lot of business exposure, like China?
With the use of sanctions only increasing, compliance leaders can gain more confidence in their compliance programs by scenario planning for potential sanctions exposure in other key areas.