OFAC’s Revised FAQs Regarding Iranian Sanctions: The Impact for Non-U.S. Companies Seeking to Do Business with Iran.
On October 7, 2016 the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) revised its Frequently Asked Questions Relating to the Lifting of Certain U.S. Sanctions Under the Joint Comprehensive Plan of Action on Implementation Day (the “FAQs”). While some commentators initially described the revisions as an easing of sanctions, OFAC itself has insisted that the revisions do not change, but simply clarify pre-existing rules. A close reading of the October 7 revisions reveals that they are consistent with and do not alter the rules under which non-U.S. companies have been operating since most secondary sanctions against Iran were lifted earlier this year.
The revised FAQs address three key issues that are of critical importance to any company seeking to do business in or with Iran: (1) the use of U.S. dollars in transactions involving Iran; (2) doing business with counterparties that are minority-owned or wholly or partially controlled by persons or entities on the OFAC Specially Designated Nationals List (the “SDN List”); and (3) the due diligence required when transacting with Iranian counterparties.
1. FAQs regarding U.S. dollar transactions by non-U.S., non-Iranian persons. With respect to the use of U.S. dollar denominated transactions by foreign financial institutions, the revised FAQs provide that non-U.S. financial institutions (including foreign-incorporated subsidiaries of U.S. financial institutions) may process transactions denominated in U.S. dollars or maintain U.S. dollar-denominated accounts that involve Iran, provided that such transactions or account activities do not involve, directly or indirectly, the United States financial system or any United States person, and do not involve any person on the SDN List. However, non-U.S. financial institutions, including foreign-incorporated subsidiaries of U.S. financial institutions, must continue to ensure that they do not process U.S. dollar-denominated transactions involving Iran through the U.S. financial system or otherwise involve U.S. financial institutions (including their foreign branches), given that U.S. persons continue to be prohibited from exporting goods, services (including financial services), or technology directly or indirectly to Iran.
The revised FAQs thus provide some comfort to non-U.S. financial institutions that can engage in U.S. dollar transactions involving Iran, provided that they have sufficient U.S. dollars in reserve to process the transaction outside of the U.S. financial system without the need to clear the transaction through a U.S. correspondent bank. Non-U.S. financial institutions must remain vigilant, however, and should have appropriate systems and controls in place to ensure that they do not route transactions involving Iran to or through the U.S. financial system unless the transactions are exempt from regulation or authorized by OFAC.
2. Foreign persons doing business with non-SDN listed entities that are controlled or minority-owned by Iranian SDN listed entities. OFAC’s Fifty Percent Rule, in place since August 2014, provides that any entity owned in the aggregate, directly or indirectly, fifty percent or more by one or more sanctioned persons is itself considered to be a sanctioned person. Under the rule, the property and interests in property of such an entity are blocked regardless of whether the entity itself is listed on the SDN List.
The revised FAQs provide that “[i]t is not necessarily sanctionable for a non-U.S. person to engage in transactions with an entity that is not on the SDN List but that is minority owned, or that is controlled in whole or in part, by an Iranian or Iran-related person on the SDN List. However, OFAC recommends exercising caution when engaging in transactions with such entities to ensure that such transactions do not involve Iranian or Iran-related persons on the SDN List.”
OFAC’s hedged language and warning to tread carefully when engaging in such transactions shows that this remains an area fraught with risk. While it is “not necessarily sanctionable” for non-U.S. companies to do business with a counterparty that is controlled or minority-owned by an SDN-listed entity, such control or minority-ownership is at least a red flag that requires enhanced due diligence and compliance controls.
3. Due diligence required when contracting with Iranian counterparties. Finally, the revised FAQs discuss OFAC’s due diligence expectations for non-U.S. persons doing business with Iranian counterparties. According to the revised FAQs, screening the names of Iranian counterparties against the SDN List is “a step that would generally be expected, but that is not necessarily sufficient.” Beyond that, OFAC offers little guidance on what due diligence would be sufficient, other than to state that non-U.S. persons should consult local regulators regarding due diligence expectations in domestic jurisdictions, and should ensure his or her due diligence procedures conform to his or her internal risk-assessment and overall compliance policies, which should be based on the best practices of his or her industry and home jurisdiction. While the OFAC considers it a best practice for non-U.S. financial institutions to perform due diligence on their own clients, there is no expectation for non-U.S. financial institutions to repeat the due diligence their customers performed on an Iranian customer, “unless the non-U.S. financial institution has reason to believe that those processes are insufficient.”
Conclusion. Although OFAC claims that the updated FAQs are intended “to provide further clarity on the scope of the sanctions lifting that occurred on Implementation Day of the [Joint Comprehensive Plan of Action],” the FAQs in fact leave non-U.S. businesses facing a degree of uncertainty (and thus, risk) when entering into transactions with Iran. Companies looking to do business with Iranian counterparties must proceed with caution and ensure they have established sufficient compliance policies and controls to prevent possible violations.