The Treasury Department’s Office of Foreign Asset Control had another consistent year – not a big year but continued adherence to its enforcement program.

At the end of the year, OFAC announced a settlement with TD Bank for $115,000 for two separate sanctions violations.

In the first, TD Bank illegally processed nearly 1,500 transactions that violated US sanctions against North Korea.  Interestingly, it does not appear that DOJ brought a separate enforcement action for these violations.

In the second enforcement action, TD Bank maintained two accounts for more than four years for a U.S. resident who was sanctions under the Foreign Narcotics Kingpin Sanctions Regulations.

In describing both actions, OFAC noted that the two cases resulted from multiple sanctions compliance breakdowns, including human errors and screening deficiencies.

North Korea Sanctions

TD Bank maintained nine accounts and processed nearly 1500 transactions totaling more than $382,000 for the North Korea mission to the United Nations.  The individuals had North Korean passports because it relied on a third-party customer screening product that omitted government officials from the PEP list for sanctioned countries. 

TD Bank employees also mistakenly identified the individuals as citizens from South Korea rather than North Korea.  In some instances, the employees left the citizenship field blank in the customer profile.  As a result, the TD Bank screening system failed to flag the North Korean government officials.

TD Bank voluntarily disclosed the violations.  No bank managers had “actual knowledge” of the suspicious accounts. OFAC also noted that it likely would have approved the transactions if TD Bank requested a license.  In response to the violations, TD Bank implemented remedial measures, including improved compliance controls and training.

Foreign Kingpin Customers

In the second violations, TD Bank opened and maintained accounts for Esperanza Caridad Maradiaga Lopez in 2016, three years after he had been added as a Specially Designated National (SDN).  A TD Bank employee authorized the account despite the fact that the “first and last name and date-of-birth matches” to Lopez’s SDN List entry.

Over the next four year, TD Bank’s screening system generated four alerts for Lopez’s accounts, but the bank failed to find that the alerts were “true hits.”  Interestingly, TD Bank locked Lopez’s accounts but the fraud unit was unaware of the sanctions-related reason for closing the caccount and caused one of Lopez’s accounts to re-open.  A few days later, TD Bank caught the error and closed the account again.

TD Bank voluntarily disclosed the violations.  No manager had actual knowledge of the conduct.  Again, TD Bank was credited for its remedial actions, including an explicit “sequence for adjudicating and escalating alerts.”  TD Bank provided additional clarity on how to define a name match.

Lessons Learned

OFAC noted that both cases underscore the importance of sanctions screening tools, internal escalation procedures and employee training.  “[B]oth matters highlight the need for comprehensive and thorough staff training, especially for employees tasked with reviewing customer onboarding information and adjudicating potential sanctions matches,” OFAC said. “Such training helps ensure that internal policies and procedures are followed and that potential matches are properly escalated consistent with those policies and procedures.”