It’s not just Banks getting fined by the US

Some interesting takeaways from the recent Apple fine of $466,912 by US Treasury’s OFAC for “Apparent Violations” of US Sanctions.

This is particularly interesting for non-US entities and individuals – many of whom have already fallen foul of US sanctions policy. One key point to look out for is the extraordinarily low bar used by the US to issue civil penalties – mere “apparent” violations are all the burden of proof that is required. Some of the language in the US Treasury’s Enforcement Notice is particularly startling – but not unusual in cases involving US Sanctions violations. Many jurisdictions would struggle to impose fines at these levels where mere “apparent” violations have been inferred. In this case, it is clearly stated that:

“…Apple appears to have violated § 598.203 of the FNKSR by dealing in the property or interests in property of SIS, d.o.o. (“SIS”), a Slovenian software company previously identified on OFAC’s List of Specially Designated Nationals and Blocked Persons (the “SDN List”) as a significant foreign narcotics trafficker (“SDNTK”). Specifically, from on or about February 24, 2015 to on or about May 9, 2017, Apple appears to have violated the FNKSR when it hosted, sold, and facilitated the transfer of SIS’s software applications and associated content (the “Apparent Violations”).

It is worth noting that the fine was levied on a Non-Financial entity – namely, Apple Inc. “…a corporation based in Cupertino, California…” – according to the Enforcement Information issued by the US Treasury.

This is not the first time that sanctions have been imposed on Non-Financial companies – the cases of Rolls-Royce and Glaxo SmithKline led by the UK’s Serious Fraud Office (SFO) spring to mind. But on a pure like-for-like basis, those cases had more to do with bribery and (anti-)corruption matters than this case, which falls much more into the realm of money laundering and sanctions offences.

The European Union’s much-vaunted anti-trust regime has also captured many tech, Non-Financial firms. Margrethe Vestager, EU Competition Commissioner from Denmark, has practically built her entire international reputation around going after US tech firms. Ironically, unlike the relatively quick payout enforcements of the US Sanctions & Money Laundering regime, anti-trust cases can take a long time to settle. Inevitably, all the major EU cases are being appealed by the following: Google (Alphabet), Apple, Facebook, Amazon, Broadcom.

So – whilst the list of EU-driven anti-trust cases may be impressive, and it is clear that they have been instrumental in changes in approach by some of the major US tech companies, no money in fines has actually been paid out yet… Google, for example, has appealed all three EU anti-trust cases but has altered its approach as a result of the EU scrutiny and criticism of its marketing methods. No money has been paid out to date. The following are all appealing – and have not paid out any money to the EU to date: Apple, Facebook, Amazon, Broadcom. A Pyrrhic Victory for Vestager and the EU’s anti-trust regime, perhaps…?

In contrast, in the US, large Non-Financials have had to pay huge sums of money. China’s telecoms giant Huawei and ZTE have been forced to pay out eye-watering, multi-billion dollar sums just in order to remain in business in the US – with doubts still remaining over the long-term viability of Huawei’s US operations. In terms of rapid response, these are far more impressive results.

If one looks at the current state of play in the European Union, which lacks a centralised anti-money laundering enforcement arm – it is years behind the US in terms of having a fit for purpose regime. For example, the much-vaunted 4th Anti-Money Laundering Directive lacked a coherent approach to tackling Non-Financial entities.

This will be replaced by the 5th Anti-Money Laundering Directive (AMLD5) – which is due to be fully implemented in EU Member States in January 2020. This came out in June 2018 as a response to the “Panama Papers” scandal of April 2016 – which is an incredibly slow response to the rapidly developing area of global money laundering, where offence types change as technology advances and more sophisticated methods are used. AMLD5 starts to tackle the area of Non-Financial entities – which US enforcement has already covered for many years now.

In a near-admission that the EU’s defences against Money Laundering are woefully inadequate, it has even passed a 6th Anti-Money Laundering Directive covering specific offence types – due to be implemented in December 2020. This was prompted after initially Denmark’s Danske Bank, then Sweden’s Swedbank, Sweden/Finland’s Nordea and then Sweden’s SEB all became embroiled in the massive Baltic money laundering scandal, which has major US Sanctions implications and potential fines which could easily run into the billions of US dollars.

Norway’s DnB and Handelsbanken are also caught up in the reputational contagion, with any Anti-Money Laundering shortcomings amplified due to the terrible reputational ramifications of being a “major Nordic bank”. The globally-renowned investigative journalist body, the Organised Crime And Corruption Project (OCCRP), had an absolute field day when uncovering, in 2018, the extent of Danske Bank’s alleged money laundering. In a compelling and damning statement, as it “crowned” Danske Bank “2018 ACTOR OF THE YEAR IN ORGANISED CRIME AND CORRUPTION”, it stated:

“In Azerbaijan, Danske Bank was the conduit for bribes, parking stolen assets, and the theft of national resources for one of the most vindictive and corrupt regimes in the world,” (…) “The corrupt Aliyev family couldn’t have done this without the bank.”

Remarking on the fact that Danske Bank is from Denmark, which has been habitually ranked in the top 3 over the past 2 decades by none other than Transparency International in its “Corruption Perceptions Index” – (money laundering is not included in this index – which has led Transparency International to take urgent steps to account for this in another study – where Denmark and many other Nordic countries fare poorly as “Exporters of Corruption”), the OCCRP noted:

“… The Danske Bank operation demonstrates the structural nature of corruption. It’s high time that we focus on the enablers and not just the low-hanging offensive political fruit. (…) Nothing shows up our glaring blind spots more than this bank. It ran a money laundering enterprise on such a massive scale that it startled most of us. And yes, it should shake the anti-corruption ‘community’ to its roots that the bank is based in Denmark — a country that Transparency International has consistently labeled as amongst the top three ‘least corrupt’ for more than two decades. …”

Sadly, as the US has shown in the past, its enforcement regime is not confined to Financials firms, but Non-Financials as well. The case of Apple is particularly instructive as an example of how even huge potential fines can be mitigated by proper, commonsense action. This is illuminating as it contrasts greatly from the approach of many non-US firms – Financial and Non-Financial alike – when confronting US Sanctions breaches. Ultimately, from a risk determination basis, all firms would be best served by adhering to best practice when it comes to dealing with US investigations. Unfortunately, this has been proven to be well beyond the capability of most non-US firms, who have paid a substantial price for their ignorance of, and blinkered approach to, US enforcement.

In the Apple case, mitigating factors were taken into consideration as Apple voluntarily disclosed the “Apparent Violations”, which led to OFAC determining that this constituted a “non-egregious” case subject to a reduced civil penalty. The maximum civil monetary penalty was cited in the case as potentially as high as $74,331,860, but this was reduced to $576,434 and further down to a final sum of $466,912.

OFAC cited as mitigating factors to reducing the sum that the size of the “Apparent Violations” was not considerable relative to Apple’s annual transactions, that Apple had not been in violation of US Sanctions in the preceding 5 years. Notably, Apple had responded to numerous requests from OFAC for information promptly. It was also noted that Apple had taken major remedial steps to improve its sanctions screening and sanctions compliance capability.