A Case for Thorough Due Diligence
A strong compliance program within your own company isn’t enough if your third-party suppliers are cutting corners. When foreign partners are targeted by regulatory authorities – and the arm of the U.S. government is LONG – American companies too will feel the sting in the form of disruption in flow of goods and services.
with co-author Nick Turner
How well do you understand your commercial partners’ compliance programs? Recent eye-popping settlements have reminded non-U.S. companies of the danger of failing to comply with U.S. sanctions and export control laws. But strengthening your own compliance program will not provide complete protection when your business partners are targeted by authorities. An unexpected enforcement action against a key supplier or financial institution can disrupt the flow of goods and services along global supply chains and threaten well-established trading networks. Customers, lenders, manufacturers and retailers, among others, are taking a closer look at their counterparties and asking for stronger legal protections against follow-on sanctions and export control risks.
Extraterritorial Power
The U.S. government has an impressive arsenal of tools for enforcing laws against non-U.S. persons for conduct taking place outside the United States, especially in the areas of sanctions and export controls (collectively, “sanctions”).
The Office of Foreign Assets Control (OFAC) has long been known for its ability to sanction non-U.S. actors who threaten U.S. national security and policy. Individuals and entities who appear on the OFAC list of Specially Designated Nationals (SDNs) are virtually excluded from the U.S. financial system, not to mention the growing number of non-U.S. banks that “voluntarily” follow OFAC regulations to de-risk their operations.
Following OFAC’s model, the Commerce Department’s Bureau of Industry and Security (BIS) has used the Entity List to restrict non-U.S. persons’ access to U.S.-origin goods to achieve regulatory objectives. BIS has also used the Entity List to target and force extreme penalties on non-U.S. persons doing business with sanctioned countries, where the BIS would otherwise have less leverage to extend their jurisdiction.
The point has been driven home by U.S. Commerce Secretary Wilbur Ross, who recently said: “Those who flout our economic sanctions and export control laws will not go unpunished – they will suffer the harshest of consequences.”
Follow-on Risks
Being placed on the OFAC SDN List or BIS Entity List is a death warrant for non-U.S. companies that rely on access to the U.S. financial system or U.S.-origin goods. There can also be severe knock-on consequences for their law-abiding counterparties that are unprepared to lose a newly sanctioned commercial partner.
Recent high-profile cases involving Chinese companies have magnified the issue. Surprise actions by U.S. regulators can leave manufacturers and retailers scrambling to replace a key purchaser or supplier. Lenders can be forced to accelerate outstanding loans. Employees of the sanctioned entity — but also of the suppliers and customers — inside and outside the United States, face employment uncertainty, while shareholders see their value evaporate.
U.S. regulators can limit the domino effects of new sanctions designations by issuing general licenses that permit certain limited activities or provide a wind-down period for existing relationships. However, these measures are discretionary, difficult to obtain, almost always temporary in nature and limited in scope. Moreover, they are not guaranteed and can come with severe conditions.
As global trade linkages deepen, these follow-on sanctions risks are bound to increase. This is particularly true as Iran re-integrates into the global economy following the implementation of the Joint Comprehensive Plan of Action in January 2016. Meanwhile, U.S. authorities are sharpening their focus on non-U.S. persons who support the government of North Korea.
Know Your Counterparties
Companies seeking to reinforce their protections while operating in increasingly global networks have made sanctions questionnaires a standard feature of the due diligence process — demonstrating their own compliance efforts if they are targeted by enforcement.
Yet, in practice, many companies fail to closely scrutinize and recognize their counterparties’ true potential for disruptive sanctions risk. Dealings with sanctioned countries or persons, the existence (or not) of a sanctions compliance program and red flags concerning past business activities or regulatory investigations, while not disqualifying, justify a closer look.
In some cases, an investigatory firm may be required for a deep dive into a potential counterparty’s reputation for compliance. The goal is to become comfortable with the reliability of a commercial partner’s compliance controls and their viability as a counterparty moving forward.
Competitive Compliance
Apart from the legal risks, companies that fail to live up to these standards could find themselves at a disadvantage against their risk-adverse competitors.
Entities with strong compliance controls are at a competitive advantage, as they have better access to financing from financial institutions that are increasingly asking for sanctions compliance undertakings as a part of lending and underwriting agreements and from investors who demand strong sanctions controls within target companies. Vendor contracts increasingly feature sanctions compliance clauses whereby suppliers and customers mutually agree to abide by applicable sanctions laws. These provisions are often backed by the rights of termination and indemnity arising from violations.
Recent sanctions enforcement cases have demonstrated that a supply chain is only as strong as its weakest link. No matter how strong your own link is, a break along the line could threaten the whole structure.
Wendy L. Wysong is a partner at 
