Our earliest brush with the "teeth" of compliance probably came around our formation in the late 1990s, with the Iraq oil for food programme and subsequent scandal. The after-effects of that scandal arguably sowed the seeds for some of the current focus on compliance, with banks and commodity trading companies having to, at least on the face of it, implement processes to ensure compliance with the laws of the time.
Compliance implementation since that time has tended to be fairly reactive, as businesses adjusted to often well-flagged, and slowly implemented, legislation, much of which appeared to have little downside for those who failed to comply (to be more specific perhaps, the downside was well known, but poorly regulated). The more aggressive stance taken by the United States Government towards breaches of its own sanctions and compliance regimes since the early- to mid-2000s (largely post-Enron), and the high level cases of corruption, bribery, price-fixing, money laundering, fraud, corporate misconduct, essentially upended this comfortable status-quo. The government's enforcement of fines against high profile facilitators of sanctions and compliance breaches resulted in a rapid implementation of (in some cases fairly "blind") measures by major financiers, thus enforcing something of a "top down" compliance structure.
This process has dramatically accelerated since the election of the current United States administration, and the subsequent willingness of the administration to leverage its strategic aims with the still-very-significant powers of sanctions (and tariffs, but that's a whole different blog). We now have a situation whereby sanctions can be implemented seemingly overnight, catching well-known market participants seemingly unawares, with a chain-reaction of compliance procedures making the lives of these companies and their trading partners (particularly regulated companies, such as banks or insurers) significantly more difficult (if they can continue to trade at all).
Anyone doubting the impact of these sanctions on our community only has to look at the headlines: BNP Paribas' USD 8.9bn fine, Standard Chartered and Société Générale each being fined USD 1bn, the rapid change of ownership at Gunvor Group Ltd and the USD 7.5bn in commercial losses claimed by Oleg Deripaska. However, the impact of sanctions can be more subtle, with a brush with OFAC leading to, at best, very poor publicity (see the recent headlines concerning PB Tankers and certain Greek ship owners) and, in some cases, an inability to continue trading as business partners and banks shy away. Some might remember the formerly sizable car carrying business Abou Merhi Lines SAL being essentially wiped out after being accused by the US Government of links to a known Colombian drug trafficker and money launderer in 2015. Despite being reportedly cleared in 2017, the business has yet to recover.
These risks are very significant, but there still appears to be a willingness by some industry participants to tread a very fine line with regard to compliance. There have been allegations that bunker market participants have knowingly shifted contracts from a sanctioned entity to a non-sanctioned "brass plate" to circumvent sanctions. Ship owners and oil traders are said to have inserted middlemen to ensure a "clean break" between the sale and/or shipment cargoes whose ultimate destination is a sanctioned country/company. There have long been allegations of illicit ship-to-ship transfers of oil products in the Middle East Gulf and South China Sea. Each of these participants will have known the downside, and compliance risk, but chose to proceed anyway, presumably as the premium was so significant.
It is easy to argue that such companies will live or die by their own decisions, but the compartmentalisation of risk is not as neat as that. Suppliers of services to these companies can also be impacted by these actions, and it would seem clear that banks and insurers are acutely aware of the danger of "sanctions-by-proxy" offered by their financing of, or cover provided to, such companies. We've discussed before about how far one needs to go to prove that a compliance system works in practice, and as has been highlighted by recent events, being compliant in name doesn't mean you can escape scrutiny from governments or even the press. There is also a credit risk element, as companies caught up in such actions find it difficult to make payments through blocked accounts (banks seemingly being exceptionally quick to tag "suspicious" transactions nowadays) or merely being forced out of markets due to a lack of counterparties willing to do business with them.
We now have an inevitably "compliance-hungry" environment that requires a thorough understanding of the exposures, risks and consequences of failing to meet today's requirements. Infospectrum has been appointed on a number of occasions to leverage its expertise and global contacts to perform more in-depth sanctions-related due diligence. Such diligence takes more time than an automated "name check", but that's part of the reason we exist - ensuring companies are who they say they are, and do what they say they are doing. Given the high stakes poker being played by some market participants, it doesn't hurt to know your opponent's hand.
If you are interested in discovering how our expertise can support your organisation with compliance, credit reporting, and risk management, click the button below to get in touch.