Proper vetting of business partners from a trade sanctions perspective is critical for companies selling to or procuring goods or services from Turkey, Russia, and China, according to Catalin Olarescu, Group Head of Sanctions at LafargeHolcim. He describes his approach to ensuring trade sanctions compliance.
Navigating through international trade sanctions nowadays is like riding a raft on a wild mountain river. You should keep your eyes wide open and your ears alert, or else risk crashing on rocks hidden underneath the whirling waters.
U.S. trade sanctions have increased significantly since Donald Trump came to power, representing his administration’s foreign-policy weapon of choice against adversaries. Across the Atlantic, the Europe Union pursues its own sanctions policy, albeit less aggressively than the U.S., using coercive economic tools as dissuasive measures to protect geo-political stability. The EU sanctions programs against Russia and Turkey are good examples in this regard.
You may well ask: What do EU or US sanctions have to do with companies located in Western or Central Eastern Europe? Well, you might want to give that some careful thought. If your company is part of a multinational group with affiliates spread across Europe, selling to, or procuring goods or services from Turkey, Russia or even China, you might put the company at risk if business partners are not properly vetted from a trade sanctions perspective.
Your company might enter into a business transaction with a Specially Designated National (SDN) under the US sanctions rules, or with a sanctioned party under the EU sanctions regime. Such a mishap will not only affect the company but it might create a ripple effect on its entire group of companies. The consequences of breaching international trade sanctions could be far reaching. Your company may be at risk of becoming a U.S. SDN or a sanctioned party by the EU, or your financing contracts with local or international banks might be put at risk of default or immediate termination. This may generate a spill-over effect with cross defaults across the whole spectrum of financing arrangements with banks. Not to mention the effect on your company`s reputation, and the negative media attention which could affect the share price if the company is listed on a stock exchange.
Covering all sanctions rules is not an easy feat, as they vary depending on the foreign policy objectives of the country imposing sanctions on other countries. Sanctions programs may target governments and their instrumentalities, as well as whole economic sectors and industries of a country (Iran and Russia are good examples in this respect), and persons (both individuals and entities). The purpose of this article is not to cover all of these aspects. Instead, here are some clues and food for thought on how to approach sanctions’ thorny topics.
An effective trade sanctions compliance program should be proportionate to your business and address the level of risk. A three-lines-of-defense approach is a useful framework with which to start:
1. First Line Controls
Communicate clearly that your company complies with all laws and regulations. Include in your Code of Business Conduct or your Compliance Policy a commitment to comply with trade sanctions and export controls. You may also want to provide a bird’s eye view on the risks and pitfalls associated with sanctions, and specify requirements related to the prevention of sanctions violations.
Liaise with other functions in the company (e.g., finance, procurement, and internal controls) to develop a mandatory set of business controls designed to prevent sanctions violations, such as:
- a periodical risk assessment conducted at the country level which includes a specific review of sanctions risks and related controls,
- sanctions review of customer data before entry into the master data,
- sanctions review of supplier data before entry into supplier master data,
- sanctions screening of all counterparties linked to those geographies with identified risk of trade sanctions.
2. Second Line Controls
- Compliance training and communications concerning sanctions, including training on how to use sanctions screening tools (e.g., Dow Jones, World Check);
- Advice and direction on specific transactions provided by a legal & compliance subject matter expert on sanctions, including mandatory approvals of envisaged transactions, as the case may be, and
- Monitoring the delivery of sanctions training and communications, counterparty sanctions screening, and closing out of risk mitigations.
3. Third Line Controls
- Sanctions screening results and the check on implementation of training, communications, and controls should fall within the scope of internal audits.
- Sanctions controls effectiveness, on the other hand, should be within the scope for external audits.
- Breaches of sanctions controls as well as other breaches of the company`s Code of Business Conduct should be reported through the company’s whistle blower system.
- The local management team should conduct oversight of all compliance-related risks through an internal control function, which should include the provision of assurance concerning sanctions prevention, detection, and response controls.
Make sure to assess where the risks might come from. If your company is dealing with counterparties from Russia or Turkey you may want to be sure these are not sanctioned parties, and so you should always screen them. Pay special attention to export of products and services to these two countries. The EU and U.S. sanctions target individuals, entities, and specific economic sectors and industries – in particular oil & gas special exploration and production projects. Dealing with sanctioned parties in these sectors will expose your company to potentially heavy fines.
Keep in mind, Turkey and Russia are not the only countries on the sanctions radars. You can look up the lists of countries targeted by sanctions and sanctions programs currently implemented by the EU and U.S.: at www.sanctionsmap.eu and www.treasury.gov.
A simple and effective checklist to ensure that your company will stay out of trouble should include the following steps:
1. Information gathering. Ask the business to provide:
- a description of the transaction (including a description of products and/or services, the quantity, and delivery terms);
- identify the countries that will be involved in the transaction (from end to end);
- the names of third parties involved (including customers, suppliers, traders, banks, custom brokers, end users, project beneficiaries, etc.), their contact details and the names of their key representatives, legal representatives, and shareholders;
- payment details and currency to be used;
- logistical information (what route will be used).
2. Sanctions risk assessment. Screen all parties involved in the transaction including their key persons, legal representatives, and shareholders using a sanctions screening tool.
3. Keeping a paper train. If the legality of the transaction is confirmed by legal & compliance, submit the transaction for approval to your management. Document the entire process and keep a paper trail to provide evidence in case of an audit.
The above considerations are more suitable to big companies, especially if they are part of multinational groups. If your company is a local or regional player, you can simplify and adapt the sanctions compliance program to your particular situation.