On November 25, 2019, Apple Inc. entered an agreement with the U.S. Department of Treasury to pay a civil penalty of $466,912. The fine is to settle the technology giant’s violations of the Foreign Narcotics Kingpin Sanctions resulting from its interactions with a Slovenian company SIS and its owner Savo Stjepanovic, both on the SDN list. How it happened provides a lesson in the compliance process.
Compliance Week said the Office of Foreign Assets Control (OFAC) called Apple’s violation a “reckless disregard for U.S. sanctions requirements.” The publication points out, though, that the settlement was not too hefty.
According to a piece on Benzinga.com, the violation was due to a failure of Apples’ compliance screening tool. Apple had done business with SIS d.o.o. (“d.o.o. is a standard corporate suffix equivalent to “LLC”) starting in 2008. In 2015 SIS and its owner were added to the SDN list. But Apple continued to do business with SIS for two years. It did not catch that SIS had been added to SDN. Apparently, its screening tool searched for “SIS DOO” and missed “SIS d.o.o.” The company’s compliance effort also failed to search for the name Stjepanovic.
It demonstrates the importance of having a compliance screening process that tracks regular OFAC additions and your own vendor list daily, and one that also applies the right search logic to capture inexact matches. (See Are You OFAC Compliant? Or Do You Just Think You Are?) Apple may have gotten off easy in terms of the size of the fine this time, though somebody may have missed their bonus. Don’t let your organization fall into trouble. OFAC sanction list review is serious. Violating sanctions by engaging with someone on the SDN list is not what you want to do.