3 Key Factors in Safeguarding National Security: Economic Sanctions, Voluntary Self-Disclosures, and Whistleblower Retaliation

Eric Young April 11, 2024

Companies and their executives can reduce Department of Justice (DoJ), OFAC, and Commerce Department risks (and liability) by understanding and respecting the relationship between economic sanctions, voluntary self-disclosures, and whistleblower retaliation. Doing so also helps protect our national security.

  1. Economic Sanctions and National Security

The US Treasury Office of Foreign Assets Control (OFAC) and US Commerce Department (Commerce) play crucial roles into enforcing “economic sanctions” against enemy states and agents, i.e., to blocking payments, freezing assets, and to prohibiting the direct – or indirect – export of high tech and dual-use goods. The DoJ, OFAC, and Commerce also highly prioritize sanctions violations as major threats to our national security – especially when non-US third-party suppliers, agents, and persons are involved.

With rising geopolitical instability, escalation of regional wars, and national elections in 2024 in over 60 countries, the global risk of sanctions evasion and violations has never been greater since 9/11. Compounding these risks are continued slashing of compliance budgets.

Detecting, investigating, and self-reporting sanctions violations to the authorities is therefore critical.

2.     Crucial Voluntary Self-Disclosures

Filing voluntary self-disclosures (VSDs) proactively to OFAC, Commerce, and / or DoJ as soon as firms discover potential or actual sanctions violations is crucial for two reasons: 1) they inform homeland security, military, and intelligence agencies in a time-critical manner – because a payment and /or dangerous  goods got through to enemy hands, and 2) self-reporting very often demonstrates a corporate commitment to protecting national security and the right culture of compliance.

Doing so mitigates criminal prosecution, major enforcement, huge fines and remediation, appointment of an independent monitor, and significant reputational damage – IF firms can also evidence an effective compliance program with good faith cooperation with authorities.

3.      Key Role of Whistleblowers

With this in mind, how can firms demonstrate a more effective corporate compliance program, particularly over economic sanctions?

One essential element is a robust whistleblower program. Employees are the vital 1st line of defense to raise real-time concerns over sanctions, bribery, and money laundering violations to the 2nd line Compliance department. Timing is critical and delays can be catastrophic.

For example, an employee should raise concerns if they witness a non-US supplier obscuring or omitting references to the involvement of a sanctioned party or jurisdiction in transaction documents.[1] Or, if an employee of a US exporter learns that a network of defense-related – or satellite manufacturing companies outside the United States — has been acting as a procurement network for Russian intelligence services.[2] Each of these instances compels the employee to file a whistleblower report, at least anonymously.

The Impact: Whistleblower Retaliation Delays Voluntary Self-Disclosures

Ideally, employees should “speak up” safely without any fear of or experiencing retaliation.  Sadly, workplace misconduct is at a record high, and the rate of employees raising their hands lags behind an accelerating and alarming rate of those fearing or experiencing retaliation.[3]

This culture of retaliation prevents sanctions violations from surfacing and delays in filing VSDs, which unnecessarily increases our national security risks.

Compliance officers must also escalate concerns over sanctions, bribery and corruption, and money laundering, as required by the Anti-Money Laundering Act of 2020. And despite new whistleblower protections for compliance officers and auditors, retaliation against them, along with major compliance budget cuts driven by CEOs and CFOs, further weakens our national security interests.

Why It Matters: Effective Corporate- and Sanctions Compliance Programs

A corporate compliance program is not effective unless a company’s compliance with sanctions laws is robust, continuously improving, and explicitly includes a sanctions whistleblower and VSD program. Conversely, an ineffective sanctions program will trigger criminal charges – particularly if misconduct including retaliation cannot be monitored, investigated, escalated, and disciplined.[4]

Delayed VSDs fueled by whistleblower retaliation can pose a serious threat to national security by depriving the government of critical tools it needs to pre-empt terrorist attacks – especially given the catastrophic impact on sixteen “critical essential industries” which US Homeland Security considers as “so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof…” [5]

The Takeaway: Address Retaliation and Operational Resilience

Companies and their executives can reduce risks and liability by understanding the relationship between economic sanctions, voluntary self-disclosures, and whistleblower retaliation. Delayed VSDs fueled by whistleblower retaliation can pose a serious threat to national security. Therefore, it is crucial for management to evaluate self-disclosures methodically and quickly, and to engage a third-party consultant to diagnose, evaluate, and execute a robust corporate compliance program that prevents, detects, and minimizes retaliation against whistleblowers. Addressing retaliation and operational resilience is essential in safeguarding national security.

[1] Ibid.

[2] Ibid.

[3] 2023 Global Business Ethics Survey – Ethics & Compliance Initiative

[4] OFAC, FinCEN, and Commerce each have whistleblower reporting and protection against retaliation programs.

[5] Critical Infrastructure Sectors | CISA

Eric Young

Senior Managing Director

Eric T. Young advises highly regulated organizations on reengineering compliance, ethics, and regulatory technology programs to enable reputable and sustainable business growth. He has deep regulatory experience having spent close to 40 years in chief compliance officer roles at some of the world’s largest institutions, including five global banks. Throughout his career, Mr. Young has remediated and transformed corporate compliance programs and financial crime compliance programs including sanctions; integrated compliance and ethics cultures between regions, countries and companies to ensure consistency across enterprises; built compliance budgets; enhanced reporting; created governance frameworks and risk assessment, monitoring and testing programs; closed compliance gaps; restructured compliance teams; and mentored junior staff to create a pipeline of future compliance leaders and enable grassroots compliance ideas, solutions and digital upgrades.