Welcome to this special podcast series “In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape”. This series is sponsored by K2 Intelligence, LLC. This week I have visited with Adam Frey, Managing Director, and Eric Lorber, Vice President at K2 Intelligence Financial Integrity Network (FIN).

Frey is a key member of the firm’s independent consultant team, at the direction of federal, state, and/or international regulators, he works to monitor and assess global financial institutions’ compliance with Anti-Money Laundering (AML) and Office of Foreign Assets Control (OFAC) enforcement actions and related consent orders. Frey helps lead K2 Intelligence FIN’s reviews of the institutions’ Bank Secrecy Act (BSA)/AML and sanctions compliance programs, policies, and procedures. Lorber advises global financial institutions on issues related to sanctions and AML /combating the financing of terrorism compliance. Prior to re-joining FIN, he was a senior advisor to the Under Secretary for Terrorism and Financial Intelligence at the United States Department of the Treasury, where he provided strategic guidance on US sanctions and AML/ Combating the Financing of Terrorism (CFT) policies. Earlier in his career, he was an attorney at Gibson, Dunn & Crutcher LLP, where he advised clients in the areas of international trade regulation, compliance, and anti-corruption. He is also the senior director of the Center of Economic and Financial Power at the Foundation for Defense of Democracies.

Over the week, we have reviewed the current sanctions landscape, discussed how to build a sanctions compliance program, walked listeners through what happens when you discover a sanctions breach or potential breach, considered new sanctions exposure. Today, Adam Frey and I conclude with Episode 5 by taking a look in that veiled land of the future by considering issues on the horizon and how to prepare for it.

We began with the question of what companies can do to prepare for the unknown, which Frey calls the “$64,000 question”. It starts with training and communications to make sure all staff understand their sanctions risk and the importance of complying with the organization sanctions obligations. There are two critical components to this first step. The first is the ubiquitous tone from the top from senior management, this is critical to having to each person internalize their ownership of sanctions risks. The second component is staying informed of the very fast-moving sanctions landscape. This means compliance professionals must keep abreast of the developments in the news and industry and ensure that you have adequate resources to address these risks.

One of Frey’s key insights is what he called the internalizing of sanctions compliance risk management by having each employee manage the sanctions risk in front of them; whether it be clients, customers, third parties or others. This is the very essence of operationalizing compliance and by driving your risk management to the front lines of your organization. This process enables an organization to respond more quickly and be nimbler with risks as they arise. It also means that risks can be identified more quickly so they can be pushed up the line to the compliance function to bring additional resources or expertise to bear, if needed. Frey said, “to the extent that you can get each person at the ground level understanding what the sanctions risk is of their activity of their product; it can only benefit the organization.” While every organization will always the need for a compliance department as the second line of defense, to the extent you have buy in from all employees, it is definitely is something that can only be good for the organization.

Another trend in sanctions compliance that Frey believes will continue to accelerate is the overlap of multiple sanctions programs; both list-based and country-based. Frey pointed to the example of OFAC looking at targeting Chinese entities, but under the Iran sanctions program or Russian entities under the Venezuela program. We are starting to see how connected everything is. The result is that you cannot look at your sanctions program in isolation. This has also manifested in how OFAC, and indeed the US government, is expanding out their sanctions enforcement and the scrutiny beyond the traditional financial institutions and towards commercial corporations such as in the maritime and  shipping industries, insurers, port operators,  other and corporations who may not have considered such potential sanctions risks to date.

Frey concluded with three prescient observations. The first is the accelerating effect of COVID-19, coupled the economic crisis; that regulators are showing no sign of decreasing scrutiny or enforcement of sanctions, or really any kind of financial crime. This is true even with the ever-present pressure to cut costs. The performance, down to the bottom line, will be impacted even more. Now is not the time for compliance programs to go lax, or to let down their guard.

The second is that while no organization can be perfect and no compliance program can be perfect, to the extent that you can demonstrate a strong program and a strong track record, it will be looked favorably by the regulators when it comes time for charging or penalty assessment. Frey noted, “that old adage, I hate to say it, but the ounce of prevention is worth a pound of cure.” The third and final observation is that sanctions and sanctions enforcement are expanding beyond the traditional industries financial institutions where it has been focused in the past. Maritime, shipping and insurance are now directly in the regulators eyes and they need to get their compliance programs up to speed to manage these new risks.