Contact Us for a Free Consultation (818) 781-1570

Blog

Checklist for Office of Foreign Assets Control (OFAC) Sanctions Compliance

Posted by Dmitry Gorin | Dec 29, 2025

Engaging in international business presents significant opportunities but also carries substantial risks, particularly regarding United States economic sanctions.

Checklist for Office of Foreign Assets Control (OFAC) Sanctions Compliance

The Office of Foreign Assets Control (OFAC), a division of the U.S. Department of the Treasury, administers and enforces these sanctions against targeted foreign countries, regimes, terrorists, and other threats to national security.

For companies operating globally, maintaining compliance is not just good practice-it is a legal necessity. A primary challenge with OFAC compliance is that the regulations are constantly shifting.

OFAC frequently updates its list of Specially Designated Nationals and Blocked Persons (the SDN List), adding or removing individuals, entities, and even entire countries. Ignorance of these changes is not a valid defense.

A company that unknowingly transacts with a newly sanctioned entity can face severe civil and even criminal penalties, including substantial fines and imprisonment for individuals involved. Therefore, a proactive and diligent compliance strategy is essential.

Key Takeaways

  • Financial institutions and other companies must focus on adhering to the Office of Foreign Assets Control (OFAC) regulations.
  • OFAC enforces a range of economic sanctions programs, along with the Bank Secrecy Act (BSA), International Traffic in Arms Regulations (ITAR), and other legal and regulatory sources. Non-compliance with any of these can result in enforcement actions.
  • OFAC compliance involves multiple considerations. Financial institutions and businesses need to incorporate OFAC requirements across their operations.
  • Financial institutions and businesses should also establish policies, procedures, and protocols aimed at detecting and preventing prohibited transactions.
  • OFAC has provided various compliance resources, such as A Framework for OFAC Compliance Commitments and the OFAC Risk Matrix. Although these are useful, they do not encompass all the necessary aspects of a comprehensive compliance program.
  • OFAC's Framework outlines key elements of compliance, starting with a top-down commitment to uphold compliance from the highest levels of an organization's management.

To navigate the complexities of U.S. sanctions, companies should implement a strong compliance program. The following checklist outlines critical actions to mitigate risk and ensure adherence to OFAC regulations.

Management Commitment

OFAC's Framework outlines essential compliance components, starting with a top-down commitment to regulatory compliance from senior management.

Senior management must ensure that a financial institution or business has a robust OFAC compliance program and allocates sufficient resources for its ongoing management.

A lack of clear management commitment, both in documentation and in practice, can trigger serious concerns during an OFAC examination.

Conduct Thorough Due Diligence

Before entering into any business relationship with a foreign partner, client, or supplier, you must perform comprehensive due diligence. This process goes beyond a standard background check.

It involves verifying the identity of the entity and its principal owners, managers, and directors. The goal is to confirm that no party to the transaction appears on the SDN List or is otherwise subject to U.S. sanctions.

This diligence should be documented and updated periodically throughout the business relationship.

Regularly Screen Against the SDN List

OFAC compliance is an ongoing responsibility, not a one-time check. Companies must regularly screen all foreign partners, customers, and transaction counterparties against the most current SDN List and other relevant sanctions lists.

While manual screening is possible for businesses with low transaction volumes, most companies benefit from using specialized screening software. These tools can automate the process, provide real-time alerts, and create an auditable trail of compliance efforts.

Implement a Formal OFAC Compliance Program

A written OFAC compliance program is a key to effective risk management. This formal document should be tailored to your company's specific risk profile, considering factors like your industry, geographic locations of operation, and customer base.

At a minimum, the program should include:

  • Management Commitment: A formal statement from senior leadership endorsing the program.
  • Risk Assessment: An analysis of your company's specific exposure to sanctions risks.
  • Internal Controls: Procedures for screening, due diligence, and transaction monitoring.
  • Testing and Auditing: A schedule for regular audits to test the effectiveness of the controls.
  • Employee Training: Ongoing training for relevant personnel on OFAC regulations and internal procedures.
  • Voluntary Self-Disclosure: When financial institutions and businesses unknowingly violate OFAC compliance, they may need to disclose these violations voluntarily.

Monitor Ownership and Control Structures

OFAC's "50 Percent Rule" complicates compliance. This rule states that any entity in which 50 percent or more, in the aggregate, is owned by one or more blocked persons is itself considered blocked, even if the entity does not appear on the SDN List.

Consequently, your due diligence must investigate the ownership structure of any foreign entity with whom you do business. You must identify all parties with a significant ownership stake to ensure you are not indirectly transacting with a sanctioned individual or group.

Engage an Experienced Federal Defense Attorney

"An ounce of prevention is worth a pound of cure." One of the best ways to avoid OFAC violations and government scrutiny is to work with a federal criminal defense attorney with specific experience in OFAC compliance.

A good attorney can evaluate your current structures, compliance programs, and current business relationships to minimize the risk of OFAC violations.

In the event that you do face potential penalties or charges over OFAC issues, the attorney will have a head start in proving compliance and building your defense.

Navigating an OFAC Violation

Even with a strong compliance program, violations can occur. If your company discovers a potential violation, it is critical to act swiftly and strategically. An experienced federal criminal defense attorney can provide essential guidance through the investigation and enforcement process.

Legal counsel can help by conducting an internal investigation to understand the scope of the violation, managing communications with OFAC, and negotiating potential settlements. Common defense strategies in OFAC cases include:

  • Demonstrating the violation was not willful. This can be proven by showing that the company had a robust compliance program in place and acted in good faith.
  • Arguing a lack of sufficient nexus. This strategy asserts that the transaction in question lacked a sufficient connection to the United States.
  • Citing misinterpretation of complex regulations. In some cases, a defense can be built around a misunderstanding of OFAC's intricate rules.

For more information or a case evaluation, contact our federal criminal defense law firm at Eisner Gorin LLP.

Related Content:

About the Author

Dmitry Gorin

Dmitry Gorin is a State-Bar Certified Criminal Law Specialist, who has been involved in criminal trial work and pretrial litigation since 1994. Before becoming partner in Eisner Gorin LLP, Mr. Gorin was a Senior Deputy District Attorney in Los Angeles Courts for more than ten years. As a criminal tri...

Contact Us Today

Eisner Gorin LLP is committed to answering your questions about Criminal Defense law issues in Los Angeles, California.

We'll gladly discuss your case with you at your convenience. Contact us today to schedule an appointment.

Make A Payment | LawPay

Menu