OFAC’s Framework: Management Commitment

MANAGEMENT COMMITMENT

Senior Management’s commitment to, and support of, an organization’s risk-based SCP is one of the most important factors in determining its success. This support is essential in ensuring the SCP receives adequate resources and is fully integrated into the organization’s daily operations, and also helps legitimize the program, empower its personnel, and foster a culture of compliance throughout the organization.

General Aspects of an SCP: Senior Management Commitment

Senior management commitment to supporting an organization’s SCP is a critical factor in determining the success of the SCP. Effective management support includes the provision of adequate resources to the compliance unit(s) and support for compliance personnel’s authority within an organization. The term “senior management” may differ among various organizations, but typically the term should include senior leadership, executives, and/or the board of directors.

I. Senior management has reviewed and approved the organization’s SCP.

II. Senior management ensures that its compliance unit(s) is/are delegated sufficient authority and autonomy to deploy its policies and procedures in a manner that effectively controls the organization’s OFAC risk. As part of this effort, senior management ensures the existence of direct reporting lines between the SCP function and senior management, including routine and periodic meetings between these two elements of the organization.

III. Senior management has taken, and will continue to take, steps to ensure that the organization’s compliance unit(s) receive adequate resources—including in the form of human capital, expertise, information technology, and other resources, as appropriate—that are relative to the organization’s breadth of operations, target and secondary markets, and other factors affecting its overall risk profile.

These efforts could generally be measured by the following criteria:

A. The organization has appointed a dedicated OFAC sanctions compliance officer;

B. The quality and experience of the personnel dedicated to the SCP, including: (i) the technical knowledge and expertise of these personnel with respect to OFAC’s regulations, processes, and actions; (ii) the ability of these personnel to understand complex financial and commercial activities, apply their knowledge of OFAC to these items, and identify OFAC-related issues, risks, and prohibited activities; and (iii) the efforts to ensure that personnel dedicated to the SCP have sufficient experience and an appropriate position within the organization, and are an integral component to the organization’s success; and

C. Sufficient control functions exist that support the organization’s SCP—including but not limited to information technology software and systems—that adequately address the organization’s OFAC-risk assessment and levels.

IV. Senior management promotes a “culture of compliance” throughout the organization.

These efforts could generally be measured by the following criteria:

A. The ability of personnel to report sanctions related misconduct by the organization or its personnel to senior management without fear of reprisal.

B. Seniormanagementmessagesandtakesactionsthatdiscouragemisconductand prohibited activities, and highlight the potential repercussions of non-compliance with OFAC sanctions; and

C. The ability of the SCP to have oversight over the actions of the entire organization, including but not limited to senior management, for the purposes of compliance with OFAC sanctions.

V. Senior management demonstrates recognition of the seriousness of apparent violations of the laws and regulations administered by OFAC, or malfunctions, deficiencies, or failures by the organization and its personnel to comply with the SCP’s policies and procedures, and implements necessary measures to reduce the occurrence of apparent violations in the future. Such measures should address the root causes of past apparent violations and represent systemic solutions whenever possible.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s