The threats posed by Russia to the Ukraine, and the worldwide implications, are deeply concerning and we denounce the invasion of the Ukraine by Russia and hope that this crisis can be resolved quickly through diplomacy. NAVEX is committed to supporting our customers and members of our team who are impacted by this crisis.
As the situation in Eastern Europe continues to evolve, many countries around the world have imposed sanctions, with more expected to be announced in the coming days and weeks. As a risk and compliance company, we also understand the difficult position this puts businesses in. While many of our customers have expressed a desire to support the sanctions being issued, the rapidly changing situation creates a level of complexity that makes it challenging to navigate. In response to our customers that have asked for guidance on how to stay abreast of – and in compliance with – the many sanctions, we’ll share useful information intended to help your business comply with the sanctions against Russia in this complex time.
Sanctions are methods for governments and international bodies (like the United Nations or the European Union) intended to abate illegal actions from countries, individuals, or groups. A sanctions list is a collection of sanctions that include these groups, individuals or countries, and is created by governments or international bodies. Sanctions against Russia because of the Ukrainian invasion are coming from many countries and changing daily to reflect the rapidly evolving situation.
As early as March 26th, a directive will go into effect banning US financial institutions from opening or maintaining banking accounts for Russian banks such as Sberbank. The intention of this ban is to cut Russia off from the US financial system.
Other sanctions and sanctioned parties include:
- New debt and equity restrictions on the Russian state-owned VTB Bank and several Russian entities
- Blocking 13 major state-owned companies from raising money in the United States
- Two dozen Belarusian individuals and companies
- Companies in virtually every major sector of the economy, from mining and minerals to telecommunications and railways
- Cutting off Russia’s access to key components such as semiconductors and others that are crucial to their emerging and high-tech industries
What This Means for Your Business
There are multiple sanctioning bodies with their own sanctions lists. This includes sovereign states, regional unions, and international organizations such as the UN; each publish their own sanctions – which don’t always align. But regardless, businesses are held accountable to follow them.
For example, the Office of Foreign Assets Control (OFAC) may impose civil penalties for sanctions violations based on “strict liability”. This means an organization that is subject to U.S. jurisdiction may be held civilly liable even if it did not know (or have reason to know) it was involved in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC. This is also true for other sanctions from other bodies.
What Can You Do?
This rapidly evolving sanctions environment is too difficult to track manually. Automated software that updates frequently is a best practice in general, but given the complexity of the current climate, it is now critical to ensure organizations do not run afoul of new sanctions.
Below are best practice recommendations to ensure you stay compliant with sanctions – even if they change daily.
1. Think about your exposure and consider how these events might impact your business.
- Do you export goods or technology to Russia?
- Are you a financial institution that does business with Russia?
- Are you reliant on Russian suppliers?
- Do you or your subsidiaries do business with a third-party company that is in Russia or has ties to them?
2. Review your third-party due diligence policy and procedure in real time against all relevant global sanctions lists. While most organizations screen third parties when they are onboarded, you should also frequently monitor those parties.
If your organization uses sanctions screening software, ensure that it is up to date and frequently refreshed. You should receive daily alerts if one of your business partners is added to a list. It should also consolidate all associated sanctions listings into a single view to improve efficiencies and help avoid missing any sanctions. The software should check the following on a daily cadence:
- Sanctions Lists
- Politically Exposed Persons (PEPs) Lists
- Adverse Media Profiles
3. Look at your supply chain to avoid business interruption. If you are reliant on any supplies or services from Russian, you might need to consider alternative sources.
NAVEX understands the challenges of navigating this complex regulatory environment. For additional resources, check out the “Benefits of a Comprehensive Approach to Third-Party Risk Management” and the “RiskRate Enterprise Due Diligence Datasheet”.