OFAC Announces 2 Sanctions Enforcement Settlements

ELF Cosmetics

On January 31, 2019, OFAC announced a $996,080 settlement with e.l.f. Cosmetics, Inc. (ELF), a California cosmetics company, for violation of the North Korean Sanctions Regulations. ELF violated the North Korea sanctions by importing 156 shipments of false eyelash kits from two suppliers in China that contained materials sourced by these suppliers from North Korea. The total value of the illegal shipments was approximately $4.4 million. ELF’s OFAC compliance program was nonexistent or inadequate.

ELF’s violations and failure to act occurred as part of its supply chain risk management. ELF failed to discover that approximately 80 percent of the false eyelash kits supplied by two of ELF’s China-based suppliers contained materials from North Korea. ELF self-disclosed the apparent violations.

As noted by OFAC, ELF failed to exercise sufficient supply chain due diligence while sourcing products from a region that poses a high risk of connection to North Korea. To remediate, ELF:

1. implemented supply chain audits that verify the country of origin of goods and services used in ELF products,
2. adopted new procedures to require suppliers to sign certificates of compliance stating that they will comply with all U.S. export controls and trade sanctions and
3. conducted an enhanced supplier audit that included verification of payment information related to production materials and review of supplier bank statements.

According to the OFAC,

“This enforcement action highlights the risks for companies that do not conduct full-spectrum supply chain due diligence when sourcing products from overseas, particularly in a region in which the DPRK, as well as other comprehensively sanctioned countries or regions, is known to export goods. OFAC encourages companies to develop, implement and maintain a risk-based approach to sanctions compliance and to implement processes and procedures to identify and mitigate areas of risks. Such steps could include, but are not limited to, implementing supply chain audits with country-of-origin verification; conducting mandatory OFAC sanctions training for suppliers; and routinely and frequently performing audits of suppliers.”

Kollmorgen

On February 7, 2019, OFAC announced a settlement with Kollmorgen Corporation, a Virginia-based company, on behalf of its Turkish affiliate, Elsim Elektroteknik (Elsim), for $13,381 for six apparent violations of the Iran Sanctions Program. In conjunction with this enforcement action, OFAC sanctioned Evren Kayakiran, the Elsim manager primarily responsible for the conduct that led to the apparent violations.

Between 2013 and 2015, Elsim serviced machines containing Elsim products located in Iran and provided products, parts or services valued at $14,867 with knowledge they were destined to Iran end users.

Kollmorgen acquired Elsim in early 2013, thereby making Elsim subject to the Iran Sanctions Program. Kollmorgen hired a law firm and external auditing and consulting company to perform sanctions due diligence on Elsim. The pre-acquisition due diligence identified that Elsim conducted business with customers in Iran.

To address this problem, Kollmorgen implemented a pre- and post-acquisition compliance strategy that included:

1. identifying Elsim’s Iran-related customers and applying controls to block those customers from making future orders;
2. communicating with Elsim employees of U.S. sanctions against Iran, the legal requirement for Elsim to comply with the ITSR and Elsim’s obligation to not sell products or services to Iran;
3. conducting in-person trainings for Elsim’s employees regarding Kollmorgen’s trade compliance policies;
4. performing additional manual reviews of Elsim’s customer database on a proactive and continuing basis to identify any sanctions-related customers;
5. requiring Elsim’s senior management to certify on a quarterly basis that no Elsim products or services were being sent or provided to Iran; and
6. ordering Elsim’s senior management to immediately cease transactions with Iran, including any technical support.

Notwithstanding these efforts, Elsim employees continued to deal with Iran customers and specifically to hide such activities from Kollmorgen. Elsim willfully, and with full knowledge of the applicable prohibitions, dispatched employees to Iran to fulfill service agreements and engaged in other transactions related to Iran. Elsim management threatened to fire employees if they refused to travel to Iran. Upon returning from the service trips in Iran, Elsim employees were directed by Elsim management to falsify corporate records by listing the travel as vacation rather than business-related.

Over the two years the transactions took place, Elsim management regularly and fraudulently certified to Kollmorgen that no Elsim products or services were being sent to Iran. It was only after an Elsim employee filed an internal complaint with Kollmorgen via the company’s ethics hotline in late October 2015 that the violative conduct came to light.

Elsim managers attempted to obstruct the investigation by instructing Elsim employees to delete references to Iran in company records and misleading Kollmorgen’s attorneys. Finally, Elsim managers also attempted to delete emails related to Iran. Despite this obstruction, Kollmorgen uncovered the apparent violations, conducted a full investigation and disclosed its findings to OFAC in a comprehensive report.

Kollmorgen terminated the Elsim managers responsible for and involved in the apparent violations and undertook new remediation efforts, including enhanced training, requiring pre-approval from an officer outside Turkey for service trips and requiring Elsim to notify its major Turkish customers that Elsim cannot provide goods or services to Iran.

According to the OFAC,

“This case highlights the importance of (1) performing heightened due diligence, particularly with regard to affiliates, subsidiaries or counter-parties known to transact with OFAC sanctioned countries or persons, or that otherwise pose high-risks due to their geographic location, customers and/or suppliers or products and services they offer and (2) implementing proactive controls when U.S. persons, directly or indirectly, acquire companies with pre-existing relationships with sanctioned persons and jurisdictions.”

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.