OFAC continues to aggressively enforce its sanctions programs.  In its latest enforcement action, OFAC agreed with Société Internationale de Télécommunications Aéronautiques SCRL (“SITA”), a Swiss telecom company, to an approximately $7.8 million civil penalty for 9,256 violations of the Global Terrorism Sanctions Regulations (“GTSR”).

SITA provides telecommunications services to companies in the civilian air transport industry.  Membership in SITA is open to industry operators worldwide and services are provided to both member and non-member air transport companies.  The SITA group includes U.S. subsidiaries that develop, host and support certain SITA products.

SITA violated the GTSR during the period April 2013 to February 2018 by providing commercial services and software to benefit several airlines designated by OFAC as specially designated global terrorists (“SDGTs”).

OFAC initiated this investigation after identifying that Mahan Air (“Mahan”), Syrian Arab Airlines (“Syrian”), and Caspian Air (“Caspian”), which were designated by OFAC as SDGTs on October 11, 2011, May 16, 2013 and August 29, 2014, respectively, were members and owners of SITA, and that these airlines benefitted from SITA’s goods, services and technology provided, in part, from the United States.  During the OFAC investigation, SITA identified services it provided to other SDGT airlines – Meraj Air (“Meraj”) and Al-Naser Airlines (“Al-Naser”) – which were designated as SDGTs on August 29, 2014 and May 21, 2015.

SITA provided several specific services to these airlines, incluing Type B messaging (“TBM”), Maestro DCS Local (“Maestro”), and WorldTracer. 

TBM is a messaging service that allows users to communicate with other in the industry to order aircraft maintenance, refuel plans, arrange and change routes, facilitate baggage transfers and book passengers.  TM messages are routed through “mega-switches” in Atlanta, Georgia and Singapore.

Maestro is a U.S.-origin software application that allows shared users of a common terminal to manage processes such as check-in and baggage management. 

WorldTracer is a global lost baggage tracing and matching system that is hosted on SITA’s servers in the U.S., and maintained by SITA’s subsidiary located in the U.S.

OFAC asserted jurisdiction over these services and software because they were provided from, or transited through, the United States or involved the provision of U.S.-origin software with knowledge that customers designated as SDGTs would benefit from use of that software.

OFAC noted that SITA knew it was providing services to SDGTs and implemented periodic measures to comply with U.S. economic sanctions.  For example, after designation of several airlines, SITA terminated many of the services provided to airlines that it knew were subject to U.S. jurisdiction.  In addition, in 2016, SITA conducted a comprehensive risk assessment but failed to focus adequate attention on sanctions risks.  IN response to specific designations, SITA terminated a number of services to the airlines but continued to provide TBM, Maestro and WorldTracer.

As noted, SITA did not voluntarily disclose the violations.  On the aggravating side, SITA had knowledge that it was providing services to prohibited airlines; SITA harmed the GTSR foreign policy objectives; and SITA is a commercially sophisticated entity.

On the mitigating side, SITA had no enforcement actions against it in the five-years preceding the date of the earliest transactions; the transactions represented a small percentage of SITA’s annual revenues; SITA implemented extensive remedial efforts to its compliance program, and customer and supplier screening.  SITA also cooperated with OFAC’s investigation.

To prevent recurrence of any violations, SITA: established a global trade board to monitor and vet compliance risk involving customers, suppliers, and other parties;  established a trade compliance committee to act as an information sharing and advisory board in relation to trade and sanctions law matters; appointed a dedicated global head of ethics and compliance; implemented new sanctions legal compliance reviews when onboarding new customers and suppliers, and when extending or adding new products or services to existing customers in sanctioned countries; updated and created new compliance policies and guidelines; committed to monitoring and auditing its products and services; and required all new SITA employees to attend sanctions compliance training; and required sanctions compliance training for all SITA employees every year on an annual basis.