Mr. Sanctions

Burning Questions: Next Step: Risk Appetite

After I asked about what questions to ask in order to draft a sanctions policy, Gemini asked me if it should draft a Risk Appetite statement… why not?

Based on the questions identified in the previous step, I have drafted a Sanctions Risk Appetite Statement.

For this draft, I have adopted a “Managed Risk” profile. This assumes the company is a global operator willing to do business in complex, non-sanctioned emerging markets (accepting some operational friction) but maintains a zero-tolerance stance for willful violations or dealings with comprehensively sanctioned jurisdictions.

Draft: Sanctions Risk Appetite Statement

Owner: Global Compliance / Chief Sanctions Officer

Audience: Board of Directors, Executive Leadership, Business Units

1. Overall Statement of Principle

The Company is committed to complying with all economic sanctions and trade embargoes administered by the United States (OFAC), the United Nations, the European Union, and the United Kingdom.

While the Company pursues growth in emerging markets, we prioritize regulatory compliance and reputational integrity over commercial opportunity. We will not engage in any transaction that risks violating strict liability sanctions regimes, nor will we engage in “gray zone” activities that are legally permissible but plainly contradict the foreign policy intent of our primary regulators.

2. Jurisdictional Risk Appetite

  • Prohibited Jurisdictions (Zero Tolerance): The Company will not engage in any direct or indirect business, sales, or services involving comprehensively sanctioned countries or regions (currently including, but not limited to, Cuba, Iran, North Korea, Syria, and the occupied regions of Ukraine).
  • High-Risk Jurisdictions (Conditional Tolerance): The Company accepts the risk of operating in countries subject to partial or sectoral sanctions (e.g., Venezuela, Russia) only under the following conditions:
    1. The specific activity is explicitly authorized by a General License or is exempt.
    2. Enhanced Due Diligence (EDD) has confirmed the absence of blocked parties.
    3. Legal Counsel has provided a written non-objection.

3. Counterparty Risk & Screening

  • SDN / Blocked Persons: We have zero tolerance for transacting with individuals or entities appearing on the OFAC SDN List, the EU Consolidated List, or the UK Sanctions List.
  • 50% Rule / Ownership: We will treat any entity owned 50% or aggregate by blocked persons as blocked, regardless of whether the entity itself is named on a list.
  • Indirect Risk: We accept a low tolerance for “facilitation risk.” We will not sell to distributors if we identify a significant risk of diversion to a sanctioned end-user. We reserve the right to audit distributor end-user logs.

4. Product & Sectoral Controls

  • Dual-Use Goods: For products with potential military application, we accept no risk of diversion. End-Use Certificates (EUCs) are mandatory for all sales of sensitive technology in high-risk regions.
  • Sectoral Sanctions: We will strictly adhere to debt and equity restrictions (e.g., OFAC SSI List). We will not extend credit terms exceeding regulatory limits (e.g., 14 days, 30 days) to sectoral targets.

5. US Nexus & Recusal (Facilitation)

To protect the Company and its employees, we enforce a strict Recusal Policy:

  • No US Person (citizen, permanent resident, or person physically in the US) may approve, facilitate, or support any transaction involving a target of US sanctions, even if that transaction is legal for a foreign subsidiary under local law.
  • If a transaction is legal for a foreign subsidiary but prohibited for the US parent, the decision must be ring-fenced entirely outside the United States.

6. Governance & Exception Authority

  • Standard Risk: Approvals for standard transactions in low-risk jurisdictions are delegated to the Sales and Operations teams.
  • High Risk: Transactions involving high-risk jurisdictions or “red flag” resolutions require approval from the Chief Sanctions Officer.
  • Policy Exceptions: Any deviation from this Risk Appetite Statement requires unanimous approval from the Chief Legal Officer and the CEO.

How this document functions:

This document protects you. If a sales executive proposes a deal in a gray-area jurisdiction that promises high revenue but high risk, you can point to Section 1, which the Board has signed, to veto the deal without it becoming a personal argument.

A good starting point, methinks…

Leave a comment