June 6, 2018: This was not the OFAC Enforcement Action you’re looking for…

Amazingly enough, it took until June 6th to see the first OFAC enforcement action of 2018, and Mr. Watchlist is really not impressed. Ericsson Inc (“EUS”) and Ericsson AB (“EAB”) agreed to pay a settlement of $145,893 for a single violation of the Sudanese Sanctions Regulations. While it’s an instructive case, it does seem a bit underwhelming:

On or around September 22, 2011, EAB signed a letter of intent with the Sudanese subsidiary of a third-country telecommunications company in order to provide equipment and services to upgrade and expand telecommunications network coverage in Sudan starting with a test network. Ericsson opted to connect its test network in Sudan via satellite, as it had done in other underdeveloped areas. Ericsson hired BCom Offshore SAL (“BCom”) to assist with installing, configuring, and servicing the satellite equipment destined for Sudan.

In late 2011, the high temperatures in Sudan caused some of Ericsson’s equipment to malfunction. In response, two now former EAB employees – a radio systems expert and project manager (“EAB Employee #1”), and a senior engagement director within EAB’s business unit responsible for managing the implementation of the Sudanese project (“EAB Employee #2”) – contacted an EUS subject matter specialist and director of business development with EUS’s Hosted Satellite Group (“EUS Employee”) to request assistance. The EUS Employee initially responded in a January 2, 2012 email to EAB Employee #1 and his manager (“EAB Manager”) among other EAB employees: “Please do not address any emails relating to this country [Sudan] to me. It is a serious matter and Ericsson can get fined and I can get fired.”

Notwithstanding the email cited above, the EAB personnel continued to discuss how to repair the damaged equipment with the EUS Employee while no longer referencing Sudan by name. For example, on January 27, 2012, EAB Employee #1 sent an email referencing Sudan by name to the EAB Manager and EUS Employee, to which the EAB Manager responded in Swedish “do not use that word ;).” Additionally, on February 22, 2012, the EUS Employee sent an email with “East Africa” in the subject line advising EAB Employee #1 and EAB Employee #2 on how to move forward with the Sudan project given the heat constraints.

On or about February 28, 2012, the EUS Employee met with EAB Employee #2 and the Chief Operating Officer (COO) of Ericsson’s principal subcontractor, BCom, in Barcelona, Spain at a sales conference to specifically discuss the overheating problem in Sudan. The group decided to solve the issue by purchasing an export controlled U.S.-origin satellite hub capable of withstanding the heat.

On March 22, 2012, at the direction of Employee #1, EAB purchased a satellite hub from a U.S.- based company for delivery to BCom’s office in Geneva, Switzerland. On or about March 28, 2012, EAB Employee #1 exchanged emails with Ericsson’s compliance department explaining what the satellite hub was for and why its purchase was necessary. Ericsson’s compliance department informed EAB Employee #1 that the supply of such a satellite hub to Sudan would violate Ericsson’s internal policy regarding sanctions compliance.

Despite the information from Ericsson’s compliance department, the EUS Employee, EAB Employee #1, and BCom’s COO agreed to provide the location of the customer purchasing the satellite hub as “Botswana” if future questions arose. Subsequently, on or about April 2, 2012, EAB Employee #1 structured Ericsson’s purchase of the satellite hub into a multistage transaction between EAB and BCom. The multistage transaction involved transshipping the hub through Switzerland and Lebanon, and ultimately to Sudan. Every stage of the transaction except the last was invoiced. BCom did not issue an invoice to EAB for the final stage of the transaction taking the satellite hub from Lebanon to Sudan. Ericsson has since terminated its relationship with BCom.

You have to wonder why this is an OFAC matter more than a BIS matter. Yeah, there is the involvement of the US employee, but it would seem that the export control issue is the more important one. Maybe OFAC noticed that they hadn’t done anything on the enforcement front this year?

And here is OFAC’s reasoning behind the final settlement for the self-reported egregious violation, which had a base penalty of $118,115 and a maximum penalty of $360,230:

OFAC considered the following to be aggravating: 

  1. several EAB employees and an employee of EUS willfully violated the SSR by forming a conspiracy with the employees of a third-country company with the specific purpose of evading the U.S. embargo on Sudan; 
  2. at least one of the EAB employees involved was a manager; 
  3. those employees ignored warnings from Ericsson’s compliance department that the transaction at issue was prohibited; 
  4. EAB’s actions caused harm to the sanctions program objectives with respect to Sudan; and 
  5. Ericsson is a large and commercially sophisticated entity.

OFAC considered the following to be mitigating: 

  1. Ericsson cooperated with OFAC by filing a voluntary self-disclosure, performing a thorough internal investigation, and signing a tolling agreement; 
  2. neither Ericsson, EUS, nor EAB have received a penalty notice or finding of violation from OFAC in the five years preceding the date of the transaction giving rise to the apparent violation; 
  3. Ericsson’s remedial response to the apparent violation and adoption of additional compliance controls and procedures; and 
  4. the low likelihood of recurrence given the individual characteristics of the apparent violation.

OFAC does point out the lesson they are trying to impart:

This enforcement action highlights the importance of empowering compliance personnel to prevent transactions prohibited by U.S. economic and trade sanctions. Entities should ensure their sanctions compliance teams are adequately staffed, receive sufficient technology and other resources, and are delegated appropriate authority to ensure compliance efforts meet an entity’s risk profile. Sanctions compliance personnel should be equipped with the tools necessary to review, assess, and proactively address sanctions-related issues that arise with ongoing or prospective transactions, customers, or counter-parties.

Honestly, Mr. Watchlist is not impressed.


OFAC Enforcement Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s