“The Office of Foreign Assets Control (OFAC) of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States. OFAC acts under Presidential national emergency powers, as well as authority granted by specific legislation, to impose controls on transactions and freeze assets under US jurisdiction. Many of the sanctions are based on United Nations and other international mandates, are multilateral in scope, and involve close cooperation with allied governments.”
Now, take a deep breath.
The Consumer Financial Protection Bureau (CFPB) does not examine mortgage companies or other financial companies for compliance with the Office of Foreign Assets Control (OFAC) rules and requirements. So, why think about OFAC?
Although the CFPB doesn’t examine for OFAC, the rules are still a part of U.S. law and U.S. Treasury rules, so companies that do business in the United States are covered. OFAC enforces federal laws that prohibit all U.S. persons (individuals, businesses, or organizations) from doing business with some pretty bad guys and countries with which the U.S. has imposed economic and trade sanctions. Notice we didn’t say, “banks,” but all U.S. natural or non-natural persons. And, although, the CFPB does not oversee OFAC compliance and enforcement, the U.S. Department of the Treasury does.
We don’t necessarily hear a lot about OFAC, but, as of this writing, the agency had issued 60+ notifications regarding sanctions, violative designations and identifications, and cyber security. What you don’t know can be a problem.
What is the OFAC information on a credit report?
Credit bureaus and agencies have adopted measures to ensure compliance with OFAC regulations. Before issuing a credit report, they use screening software to determine if a credit applicant is on OFAC’s Specially Designated Nationals (SDN) list or one of OFAC’s other sanctions lists. This software matches the credit applicant’s name and other information to the names on OFAC’s sanctions lists. If there is a potential match, the credit bureaus may place a “red flag” or alert on the report. This does not necessarily mean that someone is illegally using the applicant’s social security number or that the applicant has bad credit. It is merely a reminder to the person checking the credit that he or she should verify whether the applicant is the individual on one of OFAC’s sanctions lists by comparing the information to the OFAC information. If the applicant is not the individual on the sanctions list, the person checking the credit should disregard the OFAC alert, document the result of the check that was conducted, and there is no need to contact OFAC. However, if the person checking the credit believes the applicant is the person on one of OFAC’s sanctions lists, then he or she should follow organizational procedures, which should include calling the OFAC Hotline to verify and report it.
If a lender does not obtain credit reports that include OFAC checks, a separate function should be established to check all parties to any transaction against the SDN list, including vendors and business partners.
When should I call the OFAC Hotline?
The U.S. Treasury offers this guidance for “due diligence” steps in determining a valid OFAC match.
“If you are calling about a wire transfer or other “live” transaction:
- Is the “hit” or “match” against OFAC’s SDN list or targeted countries, or is it “hitting” for some other reason (i.e., “Control List” or “PEP,” “CIA,” “Non-Cooperative Countries and Territories,” “Canadian Consolidated List (OSFI),” “World Bank Debarred Parties,” “Blocked Officials File,” or “government official of a designated country”), or can you not tell what the “hit” is?
If it’s hitting against OFAC’s SDN list or targeted countries, you must evaluate the quality of the hit. Compare the name in your transactions with the name on the SDN list. Is the name in your transaction an individual while the name on the SDN list is a vessel, organization or company (or vice-versa)?
- If it’s hitting for some other reason, you should contact the “keeper” of whichever other list the match is hitting against. Please see information below on other government lists.
The FBI’s Most Wanted List or any other FBI-issued watch list, please contact the Federal Bureau of Investigation.
The Bank Secrecy Act and the USA PATRIOT Act, please contact the Financial Crimes Enforcement Network (FinCEN), 1-800-949-2732.
- If you are unsure whom to contact, please contact your interdict software provider which told you there was a “hit.”
- If you can’t tell what the “hit” is, you should contact your interdict software provider which told you there was a “hit.”“
OFAC is not a “consumer protection” compliance requirement; however, it is a requirement of federal law and a critical function of risk management for your mortgage company and its owners, investors, employees, and customers.
Like Mortgage Compliance Magazine and the weekly “NewsLINES”? Tell your friends and colleagues about us! Send them this link for their free subscription.
Around the Industry:
While you are implementing new HMDA requirements, don’t forget this.
On the Horizon:
U.S. Department of the Treasury reports on financial system developments and their potential results.
What is the point of fair lending monitoring? You may be surprised at the answer. See this to learn more.