"Sanctions Compliance Guidance for the Virtual Currency Industry" (the Virtual Currency Guidance), a new guidance report from the US Treasury Department's Office of Foreign Assets Control (OFAC), analyze sanctions compliance criteria for the virtual currency industry and defines OFAC's perspective of compliance best practices in that marketplace. The Virtual Currency Guidance, like previous industry guides produced by OFAC, does not push boundaries. Still, it does present a streamlined and user-friendly compendium of current OFAC activities and resources. In addition, it offers a summarized insight of the OFAC-managed economic sanctions programs, record-keeping and documenting requirements, licensing and regulation processes, OFAC's desires regarding sanctions compliance programs as described in previous OFAC guidance.
The most prominent takeaway from OFAC's published guide of the Virtual Currency Guidance is that it indicates the scope to which the cryptocurrency market is likely to be a major primary concern for OFAC in aspects of both conformance efforts and regulation in the future.
Key Takeaways from the Guide
The Virtual Currency Guidance, particularly, gives some important insight into OFAC's perspective on compliance best practices unique to the cryptocurrency sector, including the following:
Sanctions compliance requirements must be included in company strategies and product design from the beginning. OFAC acknowledges that it has noticed that participants of the cryptocurrency sector enforce OFAC sanctions policy and procedure months, if not years, after beginning operations and that delaying formulation and deployment of a sanctions compliance program can reveal cryptocurrency businesses to a wide range of potential sanctions threats. As a result, OFAC urges participants of the virtual currency business to assess their liability to OFAC sanctions and take actions to mitigate their vulnerabilities, including the implementation of an effective sanctions compliance program, before offering services or goods to clients. ) OFAC highlights the necessity of established compliance rules supported by adequate resources and senior management commitment, in line with previous advice on compliance programs.
Geolocation tools and IP location blocking measures are critical components of virtual currency firms' comprehensive sanctions compliance program. Without such safeguards, virtual currency providers may fail to prevent people residing in completely sanctioned areas from using their platforms or services to engage in unlawful behavior, according to OFAC. In addition to adopting such restrictions to prevent access from authorized areas, OFAC suggests utilizing analytic tools to identify IP misattribution, indicating an effort to circumvent sanctions rules.
Virtual currency firms are required to have strict "know your customer" policies in place. While many businesses will face formal AML necessities in any case, OFAC makes it clear that it also anticipates guiding principles to also include address and proof of identity, implying that data gleaned for onboarding and continuous transaction monitoring may also include name, date of birth, physical and email address, nationality, IP addresses incurred in connection and logins, banking info, and government identity and place of residence files.
Businesses will be found responsible if they have but do not utilize information relevant to sanctions compliance, resulting in non-compliance. OFAC highlights two recent action instances in which virtual currency businesses acquired but did not filter information suggesting that consumers or other parties to transactions were situated in sanctioned nations. In the first example, OFAC reached an arrangement with a virtual currency payment service provider in the United States to execute virtual currency transactions between the company's clients and people residing in sanctioned nations. While the firm's sanctions compliance limits included screening direct customers, it did not monitor accessible information on individuals who used its payment processing system to purchase products from those traders, which demonstrated that those participants were sited in sanctioned counties. The second lawsuit included a company's inability to prohibit users with IP addresses residing in sanctioned countries from using its non-custodial secure digital wallet management service. While the corporation gathered IP address information for account security reasons, sanctions-related procedures were not applied to this information.
Virtual currency addresses on the SDN List may be used for purposes other than sanctions screening. OFAC began incorporating virtual currency addresses as part of the identifying information for some people or companies placed on the List of Specially Designated Nationals and Blocked Persons in 2018. (SDN List). OFAC expects enterprises in the virtual currency sector to use technologies capable of identifying and blocking transactions connected with virtual currency addresses on the SDN List. Furthermore, OFAC noted that including such addresses on the SDN List may help the sector discover additional virtual currency addresses that may be linked with blacklisted individuals or otherwise represent a sanction risk, even if those other addresses are not specifically mentioned on the SDN List. OFAC recognizes the significance of blockchain analytics tools in undertaking this kind of investigation but emphasizes that no specific in-house or third-party software is required.
How to Comply with the New Virtual Currency Guideline?
OFAC's most recent guidance on sanctions compliance involving virtual currency clarifies the office's objectives while also providing practical tips to help with compliance. With virtual currency becoming more common in business across all industries, all businesses should evaluate their current sanctions compliance programs in view of OFAC's guidance and recognize any needed adjustments in screening tools, use of collected data for compliance goals, geolocation blocking, KYC protocols, and other control mechanisms appropriate for their industry and risk-profile. If you would like to comply with the new virtual currency framework defined by OFAC and learn about Sanction Scanner's AML solution, you may contact us and request a demo.
