On 7 October 2016 OFAC issued an update to its “Frequently Asked Questions Relating to the Lifting of Certain U.S. Sanctions Under the Joint Comprehensive Plan of Action (JCPOA) on Implementation Day” (the FAQs), providing further guidance on due diligence requirements for non-U.S. persons engaged in transactions with Iran and providing an interesting clarification in respect of the processing of U.S. dollars by non-U.S. financial institutions.
The FAQs were first published on Implementation Day (16 January 2016). The FAQs do not have the force of law themselves and are only intended by OFAC to be explanatory. They do, however, provide helpful guidance on the changed U.S. sanctions regime after Implementation Day.
That said, there were a number of areas, including in relation to the use of dollars by non-U.S. financial institutions and the extent of due diligence required by non-U.S. persons, which were left ambiguous by the original FAQs published immediately after Implementation Day.
The recent update to the FAQs, whilst it does not reflect a change in the underlying legislation, does nonetheless provide helpful clarification of some of those ambiguous areas.
Whilst many Iranian individuals and entities were removed from the SDN list on Implementation Day, there were still a number of individuals and entities, such as the IRGC, that remained designated as SDNs. Non-U.S. persons dealing with those SDNs after Implementation Day could face U.S. secondary sanction consequences, including menu based penalties and “designation authority sanctions” which would result in the person being designated as a SDN.
As FAQ M. 2 (which was issued immediately after Implementation Day) confirmed, it was essential that non-U.S. persons engaged in trade with Iran carried out due diligence “sufficient to ensure that [they are] not knowingly engaging in transactions with the IRGC or other Iranian or Iran-related persons on the SDN list”.
However, the FAQs said nothing else in relation to due diligence and gave no assistance in relation to the extent of due diligence required. In particular, the FAQs did not clarify whether it was sufficient to establish only that one’s immediate counterpart was not a SDN or whether it was necessary to go further and ensure that the counterpart was not owned by an SDN as well.
That is remedied somewhat by new FAQ M. 10 which confirms that it is not necessarily sanctionable for a non-U.S. person to engage in transactions with an entity that is not on the SDN list but that is minority owned, or that is controlled in whole or in part, by an Iranian or Iran-related person on the SDN list.
It is certainly helpful that OFAC has clarified that minority SDN ownership, or even wholesale control by a SDN, will not of itself prevent a non-U.S. person transacting with that entity. However, OFAC sounds a note of caution by adding that it recommends exercising caution in such circumstances to ensure that such transactions do not involve Iranian or Iran-related persons on the SDN list. The risk for non-U.S. persons would be that the transaction in question could still ultimately provide significant services or support to an Iranian SDN, which, if the non-U.S. person had knowledge (meaning knew or, under the circumstances, should have known of this fact), would be in contravention of US secondary sanctions that are still in force after Implementation Day. Minority SDN ownership or control is therefore a red flag that may require further investigation into the transaction to determine that such services or support were not being provided for the benefit of a SDN.
New FAQ M. 11 also provides confirmation that checking the names of one’s counterparties against the SDN list is expected but not necessarily sufficient to discharge one’s due diligence obligations. OFAC does not give any specific guidance as to what might be expected over and above that, save to recommend that due diligence procedures should conform to internal risk-assessment and overall compliance policies, which themselves should be based on best practices in the relevant industry and conform to the guidance and expectations of regulators in the non-U.S. person’s home jurisdiction.
However, one particular concern for non-U.S. persons is likely to be whether or not, notwithstanding that the counterparty is not on the SDN list, the transaction might result in services or support being made available to a SDN in contravention of a number of executive orders still in force. Other concerns will include whether or not there is more than 50% ownership by the IRGC or one if its designated officials, agents or affiliates. Proportionate due diligence enquiries are therefore likely to be focussed at identifying any possible SDN involvement in the transaction outside the direct contractual counterpart and identifying shareholders in the counterpart.
In terms of the other regulatory requirements from outside the U.S. that OFAC refers to, the residual EU sanctions against Iran will certainly dictate the extent of due diligence required by persons subject to EU sanctions. The requirement on those persons to ensure that they do not provide, directly or indirectly, funds and economic resources to any person designated by the EU will mean that they have to not only establish that the person they are dealing with is not on the EU’s list of designated persons, but to also enquire into the details of the transaction and any other parties involved in it to ensure that there is no indirect provision of funds/economic resources to an EU designated person.
OFAC’s additional FAQs are therefore a timely reminder that it is still necessary to undertake due diligence to enquire into ownership and control of a counterparty and to understand the broader transaction and what other parties may be involved. Minority control of a SDN may not of itself require a non-U.S. person to refrain from entering into a particular transaction, but it is a red flag requiring further investigation to determine that the transaction concerned does not result in services or support being provided to a SDN. It also continues to be relevant to ensure that a counterparty is not owned more than 50% by the IRGC or its affiliates/agents, and for persons subject to EU sanctions it is important to confirm that funds and economic resources are not being provided to any EU designated persons as a result of the transaction.
Offshore dollar processing
There was some speculation in April and May 2016, amid criticism that the JCPOA had not provided the outcomes that many felt it promised, that the U.S. Treasury was considering issuing licenses to permit foreign (i.e. non-U.S.) financial institutions (FFIs) to engage in offshore U.S. dollar clearing. The suggestion that FFIs could clear U.S. dollars outside the U.S. for Iran related trade quickly attracted criticism within congress. A draft bill was presented by Senators Rubio and Kirk which would have prevented the President issuing a licence authorising FFIs to conduct an offshore U.S. dollar clearing system for transactions involving Iranian persons.
However, it was far from clear that the U.S. Iranian transactions and Sanctions Regulations (the ITSR), prevented FFIs from clearing U.S. dollars outside the U.S. in any event (provided there was no U.S. person involvement) and, therefore, whether a licence was even required.
The original version of FAQ C. 7 did not provide any certainty. It asked whether, after Implementation Day, FFIs were allowed to clear U.S. dollar transactions involving Iranian persons. The somewhat ambiguous answer did not clearly state “yes” or “no”. Instead, it indicated that FFIs had to ensure that they did not clear U.S. dollars through U.S. financial institutions. It intriguingly left open the possibility that U.S. dollars could, therefore, be cleared by FFIs as long as US financial institutions were not involved. However, there was naturally concern amongst FFIs that the position was far from clear enough to give them comfort that OFAC might not seek to penalise FFIs engaging in such business, even where no U.S. financial institutions were ever involved.
On 7 October FAQ C. 7 was changed significantly. The question now asks whether FFIs can “process” (not “clear”) transactions denominated in U.S. dollars or maintain U.S. dollar-denominated accounts on behalf of the Government of Iran or any person subject to the jurisdiction of the Government of Iran. The answer is unambiguous:
“Yes. [FFIs], including foreign-incorporated subsidiaries of U.S. financial institutions, may process transactions denominated in U.S. dollars or maintain U.S. dollar-denominated accounts that involve Iran or persons ordinarily resident in Iran, or in which there is an interest of a person whose property and interests in property are blocked solely pursuant to Executive Order 13599 and section 560.211 of the ITSR, including NIOC, the CBI, and other individuals and entities that meet the definition of the Government of Iran or an Iranian financial institution, provided that such transactions or account activities do not involve, directly or indirectly, the United States financial system or any United States person, and do not involve any person on the SDN List or conduct described in FAQ A.3.ii-iii.”.
If there was any doubt, therefore, that the ITSR prevented FFIs from processing U.S. dollars outside the U.S. financial system (provided U.S. financial institutions or SDNs were not involved), OFAC has removed it.
The clarification opens the prospect that FFIs may establish dollar denominated vostro accounts on behalf of Iranian banks to effectively process dollar payments without the involvement of the US financial system in “clearing” them. It is also of note that OFAC considers that the offshore processing of U.S. dollars is an activity that can be carried out pursuant to General Licence H, thus permitting overseas subsidiaries of U.S. financial institutions to participate.
There are still significant compliance challenges for FFIs seeking to undertake such offshore dollar processing. FFIs will have to ensure that their systems and controls are robust enough that there is no risk that U.S. dollars are inadvertently cleared through U.S. financial institutions.
However, in terms of the due diligence that FFIs are expected to undertake, OFAC have provided interesting clarification at new FAQ M.11. OFAC has clarified that whilst it considers it best practice for a FFI to perform due diligence on its own customers, OFAC does not expect an FFI to repeat the due diligence its customers have performed on an Iranian customer (unless the FFI has reason to believe that those processes are insufficient). Nevertheless, EU based FFIs will no doubt be wary of the risk of providing funds and economic resources to any EU designated persons and will probably still require some measure of due diligence on their customers’ customer to guard against this risk.
The unknown factor at present is the appetite for US financial institutions to maintain correspondent banking relationships with FFIs who choose to take advantage of offshore U.S. dollar processing for Iranian financial institutions. That may be a significant constraining influence upon the decisions of some FFIs. But there is no doubt that others will seek to take advantage of an important clarification from OFAC.