Avoiding the 88 Million Dollar Fine
In our last post, we pointed out how the likelihood of a multi-million dollar fine, which could range from the $3.1 Million recently paid by Maersk to the $88.3 Million recently paid by JP Morgan, is increasing almost daily for an average mid-size multi-national that is importing and exporting regularly as more sanctions, specially designated nationals (SDN), and denied parties are being added to the OFAC (Office of Foreign Asset Control) and BIS (Bureau of Industry and Security) lists.
The problem is that with dozens of major country sanctions in the Federal Register; hundreds of individual sanctions against countries for specified commodities, services, or financial transactions; and thousands of names on the SDN, denied persons, and denied entities list, it is impossible to keep on track of the situation manually -- even if you have a team of clerks and lawyers reading around the clock. You need an automated solution. But not any solution will do.
Why? You can't just do a(n) exact name match. First of all, the individual doing data entry could make a typo -- and all of a sudden instead of AIR CESS HOLDINGS LTD, it's AIR CHESS HOLDINGS LTD, and you're shipping to a denied national in the UAE. Oops! Secondly, the individual placing the order could slightly alter his or her (company) name so that the local delivery person still knows the shipment is for him or her (since no illiterate American is going to spell Abdelwadoud Abou Mossaab correctly and Abdelwadod Abou Mosab is the best you can hope for) but so that it doesn't match on a name search. You also have to check for close (mis)spellings.
But this isn't enough. If the spelling is off enough, it will still be missed. You also have to check by address. If the address is an exact match and the name could be a match, then it's probably a denied party. But even address isn't enough. A smart denied party that is a corporate entity will just open a new PO Box and abbreviate their name enough so that a simple match algorithm will fail. However, you could argue that you can combat this with a greater than 80% success rate with some good AI and AR (automated reasoning) and then argue that if you do screw up once, you could have the fine minimized by working with the OFAC and/or BIS and demonstrating due diligence, but even this is not enough.
First of all, if the company knows it is on a denied party list and wants to get product from the US bad enough, and it is a "holding company", or has a parent "holding company", the first thing it's going to do if it's smart is open a new subsidiary or sister company at a new address with a new Director and then approach a new mid-sized supplier who will be thrilled at the opportunity to get new business and who will likely cease checking once there are no partial matches on the sanctions or denied parties lists. And then the minute the Federal Government marks the company as associated with denied (terrorist) entity, you pop up as supplying contraband and, to be blunt, you're in boiling water.
Secondly, it might not be you that violates the sanction, but one of your first tier suppliers who violates it on your behalf, which, depending on what sanction is violated, could be just as bad. For example, your logistics carrier could decide to load perfectly fine Cargo destined to sanction-free Egypt (at least where your cargo is concerned), which is ok, but then stop at a Canadian port to pick up cargo for Saudi Arabia, and then, before it drops your cargo off in Egypt, stops at a Saudi port where your cargo is contraband under export requirements. Then, because of bad record keeping, it can't prove that none of your cargo was off-loaded in Saudi Arabia, and that all of the cargo made it to Egypt, and, again, you are in hot water.
In other words, a first generation Trade Data Management Solution that automatically scans the sanctions and denied party lists is not enough. It also has to keep track of corporate relationships and verify that the company isn't a shell or entity acting on behalf of a denied company or entity, and that it's suppliers and services providers are not violating import and export restrictions on its behalf.
I've seen solutions that do a great job of applying AI and advanced analysis to detect denied parties on the lists that would not be spotted manually, and I've seen solutions that do a great job of providing visibility into first, and even second tier, supply chain in terms of what product is where, when, and where it's going to go -- but I haven't seen a solution that does both superbly. To be honest, it's been over a year since I have seen the best companies like Integration Point, TradeCard, CDC Tradebeam, QuestaWeb, and EcoVadis have to offer with respect to denied party / sanction screening, so I am issuing a challenge to all Global Trade Management (GTM) and SCV (Supply Chain Visibility) Providers. Show me a solution that can prevent OFAC and BIS violations and fines 100% when used properly, and I'll give you a 3-part series.