On November 19th, 2018, OFAC announced it had reached a US$54M settlement with Société Générale S.A.
The fine is part of a US$1.34B global agreement among Société Générale (SocGen), the Office of Foreign Assets Control (OFAC), the Board of Governors of the Federal Reserve System, the U.S. Department of Justice, the New York County District Attorney’s Office, the U.S. Attorney for the Southern District of New York, and the New York State Department of Financial Services.
The OFAC portion of the case stems from 1,077 transactions identified as part of a voluntary self-disclosure by the French bank headquartered in Paris. These transactions were processed by SocGen between the years of 2007 and 2012, and included apparent violations of sanctions against Cuba, Iran, and Sudan.
Despite the voluntary self-disclosure, OFAC determined the violations constituted an egregious case, and that SocGen had “exercised a reckless disregard for U.S. sanctions requirements.” In fact, even though the bank had undertaken efforts to improve their compliance programs in 2004, a number of their personnel continued to process transactions involving sanctioned entities. In a number of cases, SocGen personnel removed references to sanctioned entities in the payment instructions they passed on to U.S. financial institutions, and altered address information in order to bypass SocGen’s automated OFAC interdiction software.
This case highlights how, in addition to having robust sanction compliance solutions, including OFAC sanction list screening, companies must also have strict procedures in place to ensure adherence to their compliance program. Companies must also be on the lookout for so-called ‘bad actors’ who can put their reputation and financial well-being at risk.
The penalty meted out by OFAC took into account SocGen’s self-disclosure of the incident and its cooperation with OFAC, as well as the fact it did not have OFAC violations in the previous five years. SocGen also took remedial actions, including establishing policies and procedures to minimize the risk of the above behaviors reoccurring, enhancing and centralizing its sanctions compliance program, and increasing the number of personnel in its compliance team, while also introducing a more comprehensive sanction compliance training program for employees across the bank’s group of companies.