The regulatory landscape for fintechs is continually evolving. It is critical that compliance officers stay on top of what is going on in the industry to ensure they make the best decisions and take proactive measures in alignment with current regulations. The recent OFAC settlement with Payoneer, Inc. for apparent violations of multiple sanctions programs is an excellent case study for compliance officers with fintechs and payment processors to heed when enhancing their compliance programs.
For those not familiar with the matter, Payoneer paid a more than $1.4 million monetary penalty to settle the action to cover 2,260 apparent violations — 2,241 payments were made to parties in jurisdictions subject to sanctions and 19 payments were made on behalf of Sanctioned Designed Nationals (“SDNs”).
The four-page enforcement order release offers several key lessons:
Compliance control breakdowns at Payoneer included:
Once again, through this settlement, OFAC specifically notes that money service businesses should develop an OFAC compliance program and refers to the OFAC Framework for Compliance Guidance issued in May 2019.
What is particularly noteworthy is that Payoneer had policies in place, but still fell short. What went wrong? The key deficiencies were in screening, testing, auditing and transaction review procedures which goes to prove that even the best compliance procedures need constant testing.
Test, Test, Test
Now is the time to review your organization’s OFAC compliance program and procedures. It is imperative that you can confidently answer the following questions:
If you can’t answer these questions, then take action to get the answers. If you don’t have the bandwidth to conduct such testing, engage an outside expert to help. In the long run, testing can help you keep from running afoul of regulations and the potential for costly fines.