Mr. Sanctions

Category: Enforcement

  • May 19, 2026: OFSI fines Deutsche Bank AG for 2 Russian sanctions breaches

    Office of Financial Sanctions Implementation HM Treasury
    Deutsche Bank AG PenaltyOFSI has imposed a £165,000 monetary penalty on Deutsche Bank AG London Branch (DBLB) for breaches of the Russia financial sanctions regime. 

    Between June and July 2022, DBLB processed two payments totalling £635,618.75 to an entity wholly owned by a designated person. 

    This is the second OFSI monetary penalty case resolved through settlement, demonstrating how proportionate and effective enforcement outcomes can support the rapid communication of compliance lessons to industry. 

    It also underlines the importance of firms maintaining effective sanctions controls, particularly where ownership and control structures determine whether restrictions apply. 

    Key lessons for firms include the importance of: 

    – maintaining suitably robust sanctions screening systems and processes, commensurate with their level of exposure to sanctions risk  
    – having strong onboarding procedures and regular, risk‑based customer reviews especially in higher risk jurisdictions 
    – complete, detailed, and prompt voluntary disclosure of potential breaches to OFSI  

    A 45% discount was applied, reflecting voluntary disclosure and settlement. 

    I had Claude summarize the Penalty Notice:

    OFSI Penalty Notice: Deutsche Bank AG London Branch

    Plain-Language Summary

    SUMMARY

    The UK’s Office of Financial Sanctions Implementation (OFSI) fined Deutsche Bank’s London branch (DBLB) £165,000 for violating UK Russia sanctions. The core violation: DBLB processed two payments in 2022 — totalling about £635,000 — to a company called Okko, which was owned by a sanctioned Russian entity. Because DBLB voluntarily reported the problem and later agreed to settle the case, its original penalty was reduced. The final £165,000 figure reflects both a voluntary disclosure discount and a settlement discount.

    BACKGROUND

    Okko is a Russian streaming service (think a Russian Netflix). Russia’s largest bank, Sberbank, owned Okko until May 2022, when it sold the company to another Russian firm, JSC New Opportunities. The timing matters: Sberbank had just been sanctioned by the UK in April 2022, and JSC New Opportunities was then sanctioned in late June 2022. The moment JSC New Opportunities was designated, Okko automatically became off-limits under UK sanctions — even though Okko itself was never directly listed — because it was wholly owned by a sanctioned party. DBLB’s customer (an Irish-incorporated subsidiary of a multinational firm) instructed DBLB to send the payments to Okko via the SWIFT network.

    THE BREACHES

    Two payments are at the heart of the case:

    • Payment A (~£356,000): Processed on June 29, 2022 — the same day JSC New Opportunities was publicly designated as sanctioned. The funds actually left the account the following day.
    • Payment B (~£279,000): Processed about a month later, on July 27, 2022.

    DBLB did run sanctions screening on both payments, but its third-party screening vendor’s data didn’t include ownership information linking Okko to the newly sanctioned JSC New Opportunities. So no alert was triggered, and the payments went through.

    A third payment (Payment C, ~£1.1 million) was made in April 2022 but was not treated as a breach, because it pre-dated the UK’s strict liability sanctions rules taking effect in June 2022.

    CASE ASSESSMENT

    OFSI weighed factors both for and against DBLB when deciding how serious the case was.

    Factors that made things worse (aggravating):

    • The combined payment value was significant — over £635,000.
    • The money went directly to an entity owned by a sanctioned person, which effectively undermined the asset freeze the UK had put in place against Russia.
    • Russia sanctions were a top UK foreign policy priority in 2022 and remain so.
    • Although DBLB had conversations with its customer about Russia-related payment risks between March and May 2022, it never probed how the customer itself assessed sanctions ownership risks — specifically, that the customer relied on self-certification from its own customers rather than verifying ownership information independently. DBLB missed an opportunity to catch this gap.
    • The earlier Payment C — though not itself penalized — showed DBLB had a pattern of processing payments to Okko and was relevant context.

    Factors treated as neutral:

    • DBLB’s use of a third-party screening vendor is understandable and common practice, but DBLB remained ultimately responsible for its own compliance. The vendor failed to capture publicly available information about Okko’s change of ownership, highlighting a known risk of relying on such providers — made worse by Russia withdrawing information from its public corporate registries in mid-2022.
    • DBLB cooperated with OFSI’s investigation, but its responses were sometimes slow and thin on detail — below what OFSI expects from a large regulated institution.

    Factors that helped DBLB (mitigating):

    • There is no evidence DBLB knew, or had reason to suspect, that the payments were in breach of sanctions — no intent or prior knowledge.
    • Payment A happened on the very day of the designation. The window for cancelling it was extremely narrow, and OFSI acknowledged this. It was only included in the penalty because Payment B followed a month later.
    • DBLB voluntarily disclosed the breaches to OFSI in September 2022 — an important positive step.
    • Since the breaches, DBLB has significantly overhauled its sanctions compliance program: better oversight of third-party vendors, broader Russia-related list coverage, stronger due diligence procedures, and a much more cautious approach to Russia-related payments overall.

    Overall, OFSI rated the case as “serious” — but not the most serious category.

    THE PENALTY CALCULATION

    StepAmount
    Maximum statutory penalty£1,000,000
    Baseline penalty set by OFSI£300,000
    Discount applied (45% — for voluntary disclosure + settlement)–£135,000
    Final penalty imposed£165,000

    The 45% discount was slightly below the maximum 50% available, because while DBLB disclosed promptly, its initial disclosure lacked the detail OFSI expected from a firm of its size and sophistication.

    COMPLIANCE LESSONS

    OFSI used the notice to flag three takeaways for the broader financial industry:

    1. Don’t over-rely on third-party screening tools. They are valuable but have gaps — especially for ownership-and-control risks. Firms must understand those limitations and fill them with their own processes.
    2. Know your customer’s compliance practices. It’s not enough to screen transactions; firms should understand how their customers manage their own sanctions risks, especially where payments go to higher-risk jurisdictions like Russia.
    3. Voluntary disclosure pays — but only if it’s thorough. OFSI rewards early disclosure, but incomplete or vague reporting limits the discount available. Firms should take time to provide a full, detailed account when reporting suspected breaches.

    NOTES ON SETTLEMENT

    This was OFSI’s first (or among its first) cases resolved through its new formal settlement process, introduced in February 2026. Settlement allows both sides to reach a negotiated outcome more quickly than a full contested process. In exchange for a penalty discount and input into the published case summary, DBLB agreed to pay the penalty and waive its right to challenge OFSI’s decision. OFSI views early settlement as being in the public interest — it’s faster, cheaper, and gets compliance messages out sooner.

    The full Penalty Notice:

    DB_Penalty_NoticeDownload

    I do wonder about the severity of the fine, and the relatively harsh assessment of these sanctions violations. Perhaps it’s because patterns of conduct are just smaller outside the US, so the penalties need to be harsher to get people’s attention.

    I will admit, the penalty notice is much more detailed than it used to be. I will note that it took me a while to find that the 3rd party vendor did include ownership and control data, but was either slow or deficient in providing the needed info in this case.

    I also wonder what would have happened had the 2nd payment been stopped. After all, the first payment was processed on the same day as the designation of the parent company (even if value date was the best day).

    All in all, instructive – I will see if I need to tweak the fairly generic prompt for summarizing the penalty notice.

    , , , ,

  • The updated enforcement action post: what changed and why

    So, I asked Claude to enhance its response from 3rd party sources if there was anything notable – and to conduct a fact check. The good part about all this?

    What was added

    The only section that warranted substantive enhancement based on third-party sources was “Discovery and Response.”The original draft characterized AEL’s reaction to the June 2025 public reports as a clean, cooperative pivot. Third-party reporting reveals a more complicated picture:

    • The trigger was specifically the Wall Street Journal‘s investigative report tracking LPG tankers between Gulf ports and Mundra Port — worth naming rather than leaving as generic “public reports.”
    • At the same moment AEL was suspending imports and retaining U.S. counsel privately, it was publicly filing a stock exchange statement calling the allegations “baseless and mischievous” and denying awareness of any investigation. This tension is directly material to understanding why the case doesn’t qualify for voluntary self-disclosure credit.

    One minor enhancement in the Mitigating Factors section: AEL’s own public statements confirmed the “less than 1.5%” revenue figure at 1.46% specifically, so that precision was added there.

    No factual corrections were required — the enforcement release is well-supported by contemporaneous reporting on the underlying facts.

    Additional sources consulted:

    • Wall Street Journal — investigative report on Adani LPG tankers (June 2, 2025); original source that triggered the public reports referenced in the enforcement release
    • Adani Enterprises stock exchange filing (June 2025) — via multiple Indian financial press outlets (Business Upturn, MENAFN, Outlook Business, Lokmattimes)
    • BloombergReuters/U.S. NewsIANSBizzBuzz News — day-of settlement reporting confirming key facts (May 18, 2026)
    • The Tribune IndiaDT NextThe Federal — pre-settlement reporting (May 15, 2026) on the broader Adani Group legal resolution context

    The bad part? I didn’t tell it to make a new post with the additional info – so it updated the post. Oopsie! But I like this, so I will amend my base prompt for enforcement actions to do this same thing for all future enforcement action posts.

    , ,

  • May 18, 2026: Adani Enterprises Limited’s Iran sanctions violations cost it $275 Million (updated)

    What Happened

    Adani Enterprises Limited (AEL), a large Indian multinational conglomerate with operations across energy, infrastructure, and other sectors, has agreed to pay $275,000,000 to settle potential civil liability for apparent violations of U.S. sanctions on Iran.

    From November 2023 to June 2025, AEL purchased shipments of liquified petroleum gas (LPG) from a Dubai-based trading company (the “Dubai Supplier”) that claimed to be supplying gas from Oman and Iraq. Multiple red flags should have put AEL on notice that the LPG actually originated from Iran. During this period, AEL caused U.S. financial institutions to process 32 U.S. dollar (USD)-denominated payments totaling approximately $192,104,044 for the shipments.

    Background: How AEL Got Into the LPG Business

    AEL entered the LPG market in June 2023, importing gas for sale to customers in India through Mundra Port — a major port on India’s western coast operated by AEL’s affiliate, Adani Ports and Special Economic Zone Ltd. (APSEZ). Neither AEL nor any of its affiliates had previously traded LPG on its own account through Mundra Port, making this a brand-new business line.

    To compete in an established market, AEL needed a discounted supply source. In July 2023, AEL representatives — including the head of its newly formed LPG unit — met with the Dubai Supplier, which was already involved in supplying purportedly Omani-origin LPG to another Indian buyer. By September 2023, a deal was taking shape. Internal AEL documents at the time described the arrangement as “discounted LPG from Middle East” on a spot basis.

    AEL ran its standard Know Your Customer (KYC) process on the Dubai Supplier and its affiliates and found no matches on OFAC’s SDN List. It also relied on APSEZ’s existing 2020 sanctions compliance program, which prohibited Iranian-origin cargo from entering APSEZ-controlled ports. On paper, AEL appeared to have done its homework.

    What AEL apparently did not know — and did not dig deeply enough to uncover — was that the Dubai Supplier was operating as a conduit for Iranian LPG. An affiliate of the Dubai Supplier had already been designated by OFAC in March 2023 for purchasing LPG from a sanctioned Iranian petrochemical company. Iran, practically alone among Middle Eastern producers, was offering deeply discounted LPG — exactly the kind of deal AEL was looking for.

    The Purchases

    AEL completed its first purchase in November 2023: a cargo of fully refrigerated propane shipped on a 25-year-old Handysize LPG tanker, with documents listing the origin as Sohar, Oman. AEL paid approximately $5.67 million. Over the next year and a half, AEL purchased 34 additional cargos of what turned out to be Iranian-origin LPG from the Dubai Supplier and its affiliates, using similar documentation and payment structures.

    Payments were generally made in USD or UAE dirhams (AED) from accounts at UAE or Indian banks. In total, U.S. financial institutions processed $192,104,044 in USD payments across 32 of the 35 shipments. (The remaining three shipments were either paid entirely in AED or were never completed.)

    Red Flags AEL Overlooked

    From early in the relationship, there were multiple warning signs that the Dubai Supplier’s cargo wasn’t what it claimed to be. AEL failed to act meaningfully on any of them.

    • Third-party warnings: On at least four separate occasions between March 2023 and February 2024, AEL and APSEZ received inquiries from outside parties alleging that the Dubai Supplier’s cargos may have originated in Iran. AEL appears to have dismissed these as interference from competitors trying to block it from entering the LPG market. Its response was limited to reviewing shipping documentation and obtaining verbal assurances from the Dubai Supplier itself.
    • Suspicious vessel behavior: Ships carrying the Dubai Supplier’s cargos routinely engaged in conduct associated with sanctions evasion: manipulating or disabling their Automatic Identification System (AIS) transponders, making commercially illogical port calls, and frequently changing their names, ownership, and flag state. AEL and APSEZ did not monitor for these vessel-level red flags.
    • Implausible origin claims: The very first shipment claimed to be loaded in Sohar, Oman — but Sohar is not a significant source of Omani LPG exports (those primarily come from Salalah), and Sohar lacked the refrigerated storage and loading infrastructure needed to load fully refrigerated LPG at the time. The claimed origin simply didn’t make logistical sense.
    • Document irregularities: Certificates of origin provided by the Dubai Supplier showed illogical and non-sequential numbering, were repeatedly issued long after the shipments had been made, and used outdated document templates — all indicators of potential falsification.
    • Below-market pricing: Iran — virtually alone among Middle Eastern LPG sources — offered significantly discounted gas. The prices AEL received from the Dubai Supplier were sufficiently below prevailing market rates that, accounting for realistic freight costs, port fees, and profit margins, the economics of the claimed Omani or Iraqi origin simply didn’t add up. AEL should have treated this as grounds for heightened scrutiny.
    • A blocked payment: In February 2024, the Dubai Supplier’s bank stopped a payment due to “internal policy,” raising concerns about whether the cargo was actually from Iraq or Iran. The supplier directed AEL to a new bank account at a different Dubai bank. Payment was eventually released after the supplier provided additional shipping documentation that later appeared to be falsified.

    Discovery and Response

    In June 2025, the Wall Street Journal published an investigative report tracking LPG tankers traveling between Gulf ports and Adani-operated Mundra Port, alleging that Adani Group entities had been importing Iranian-origin LPG. AEL responded publicly with a stock exchange filing calling the allegations “baseless and mischievous,” categorically denying “any deliberate engagement in sanctions evasion or trade involving Iranian-origin LPG,” and stating that it was “not aware of any investigation by US authorities on this subject.”

    Privately, the picture was different. AEL simultaneously suspended all LPG imports and retained U.S.-based legal counsel to conduct a comprehensive internal investigation. Whatever the public posture, the private pivot was prompt: AEL cooperated extensively with OFAC’s subsequent investigation, proactively sharing the findings of its internal review, producing large volumes of documents, responding to all agency requests, and moving quickly toward a resolution. OFAC credited AEL for this cooperation in determining the final settlement amount — though the public denial at the moment of disclosure is precisely why the case does not qualify for voluntary self-disclosure credit.

    The Violations

    OFAC found 32 apparent violations of the Iranian Transactions and Sanctions Regulations (ITSR), 31 C.F.R. part 560, specifically § 560.203(a) — by causing U.S. financial institutions to facilitate trade-related transactions involving goods of Iranian origin, in violation of § 560.206 of the ITSR. The settlement agreement is available on OFAC’s website.

    The Penalty

    Because AEL did not voluntarily self-disclose the violations and OFAC determined the case to be egregious, the applicable starting point under OFAC’s Economic Sanctions Enforcement Guidelines was the statutory maximum base penalty: $384,208,088.

    All 32 apparent violations were treated as egregious.

    After weighing the aggravating and mitigating factors described below, OFAC agreed to settle for $275,000,000 — a reduction of approximately $109 million from the base penalty.

    Aggravating Factors

    • Reckless conduct despite clear warning signs
      • General Factor: Willfulness or Recklessness of the Conduct; Awareness of Conduct at Issue
      • AEL received multiple third-party warnings that its LPG cargos may have come from Iran, yet failed to conduct meaningful additional investigation. It also ignored commercially implausible pricing, suspicious vessel behavior, and document red flags. Moreover, AEL’s own sanctions compliance program at the time explicitly acknowledged that causing U.S. financial institutions to process Iran-related transactions could expose the company to civil or criminal penalties — meaning AEL knew the legal stakes but still did not act on the warning signs.
    • Substantial harm to the goals of Iran sanctions
      • General Factor: Harm to Sanctions Program Objectives
      • A central goal of U.S. Iran sanctions is to cut off Iran’s ability to earn revenue from its energy sector. By purchasing Iranian LPG and routing USD payments through the U.S. financial system, AEL provided Iran with significant economic benefit — money the Iranian government uses to fund its nuclear program, support terrorist proxy groups, and oppress its own population.
    • Size and sophistication of the company
      • General Factor: Individual Characteristics
      • AEL is a large, diversified international conglomerate with extensive operations in energy and infrastructure sectors. A company of that scale and global experience is expected to maintain correspondingly robust sanctions compliance capabilities.

    Mitigating Factors

    • Clean prior record
      • General Factor: History of Prior OFAC Actions
      • AEL had not received any OFAC penalty notice or Finding of Violation in the five years preceding the earliest transaction at issue.
    • LPG business was a small part of AEL’s overall operations
      • General Factor: Individual Characteristics
      • AEL’s LPG unit was newly formed and represented less than 1.5% of the company’s consolidated revenue for 2025 — a figure consistent with AEL’s own public statements, which put the LPG segment at approximately 1.46% of consolidated revenue. The violations arose from a nascent, peripheral part of a much larger enterprise.
    • Substantial cooperation with OFAC
      • General Factor: Cooperation with OFAC
      • AEL conducted a thorough, independent internal investigation on an expedited basis and at significant cost; responded promptly to all OFAC requests for information; and produced large volumes of data to support the agency’s investigation.
    • Meaningful remedial action
      • General Factor: Remedial Response
      • AEL took significant steps to address the root causes of the violations, including: (1) ceasing all LPG imports into India; (2) creating and adopting a new, robust risk-based sanctions compliance policy overseen by a dedicated Group Head of Compliance; (3) applying the enhanced policy across all of AEL’s business units for consistency and comprehensiveness; (4) incorporating maritime hydrocarbon transport risks — including those identified in OFAC’s published guidance — into its sanctions risk assessment; and (5) deploying specialized maritime intelligence technology designed to flag sanctions evasion activity in the marine transport sector.

    The $275,000,000 settlement amount reflects OFAC’s determination that while the violations were serious and egregious — and AEL did not come forward before the government became aware — the company’s prompt response, extensive cooperation, and significant compliance overhaul after the conduct came to light all warranted meaningful credit.

    What are the Takeaways?

    Non-U.S. companies using the U.S. dollar face real U.S. sanctions exposure. If your company routes payments through the U.S. financial system — even indirectly through correspondent banking — you can be held liable under U.S. sanctions law, even if your company is not based in the United States. AEL is an Indian company that never directly held a U.S. bank account, but the USD-denominated payments it initiated passed through U.S. financial institutions, giving OFAC jurisdiction. The lesson: if your payments touch the dollar, they touch U.S. sanctions law.

    Buying energy products from or near the Middle East is high-risk territory for Iran sanctions. Restricting Iran’s energy exports has been a consistent, bipartisan U.S. policy priority, and OFAC has issued multiple rounds of guidance — in 2019, 2020, 2024, and most recently in 2025 — specifically warning the energy industry about Iran’s sophisticated evasion tactics. If you’re importing petroleum products, LPG, or petrochemicals with any connection to that region, treat it as a high-risk environment requiring enhanced due diligence from the start.

    Certificates of origin and supplier warranties aren’t enough — you need to independently verify. Iran actively uses neighboring jurisdictions — particularly Oman, the UAE, and Iraq — as cover for its petroleum exports. Importers cannot rely solely on counterparty-provided documentation or supplier assurances to satisfy their sanctions due diligence obligations. Those documents need to be independently corroborated, with particular attention to whether the claimed loading ports and infrastructure are consistent with the claimed product type and origin.

    Know Iran’s shadow fleet — and actively monitor for it. Iran moves a large share of its petroleum exports using a “shadow fleet” of vessels that engage in well-documented evasion tactics: turning off or falsifying AIS transponders, conducting ship-to-ship transfers at sea, making economically illogical port calls, and frequently cycling through new names, owners, and flag states. The majority of the vessels involved in AEL’s purchases were subsequently designated by OFAC. Energy importers should build real-time maritime intelligence monitoring into their compliance programs — and stay current as evasion typologies evolve. OFAC’s 2025 Guidance for Shipping and Maritime Stakeholders on Detecting and Mitigating Iranian Oil Sanctions Evasion is required reading.

    If a deal is too good to be true, it probably involves sanctions evasion. Buyers of energy products from high-risk regions should treat prices significantly below prevailing market rates as a red flag requiring enhanced scrutiny — not an opportunity. Heightened caution is especially warranted when the below-market prices come from a counterparty with a limited public profile or trading history, or when multiple affiliated entities are used to structure similar transactions for no clear commercial reason.

    Compliance isn’t box-checking — investigate allegations promptly and seriously. When a third party alleges that your supply chain involves sanctioned goods or origins, that allegation requires a thorough, good-faith investigation — not a shrug and a request for assurances from the counterparty under scrutiny. AEL received at least four separate third-party warnings over more than a year and essentially took the Dubai Supplier’s word that everything was fine. The result was a $275 million settlement.

    Even without voluntary self-disclosure, cooperation with OFAC pays off. This case makes clear that OFAC will offer meaningful penalty reductions in exchange for prompt internal investigation, transparent sharing of findings, and genuine cooperation with the agency’s inquiry — even when a company doesn’t come forward before OFAC initiates its investigation. AEL received roughly a $109 million reduction from the statutory maximum base penalty. Voluntary self-disclosure would likely have produced a lower starting point still, but cooperation alone had real, quantifiable value here.

    Other Resources

    OFAC Compliance Framework

    In May 2019, OFAC published A Framework for OFAC Compliance Commitments, which lays out what OFAC considers to be the essential building blocks of an effective sanctions compliance program. The Framework also explains how OFAC takes compliance program quality into account when resolving enforcement cases, and includes an appendix identifying common root causes of sanctions violations that OFAC has observed in its investigations.

    Civil Penalties and Enforcement Rules

    The rules governing OFAC’s civil penalties process are set out in the regulations for each individual sanctions program, the Reporting, Procedures, and Penalties Regulations (31 C.F.R. part 501), and the Economic Sanctions Enforcement Guidelines (31 C.F.R. part 501, app. A). Recent enforcement actions and civil penalties information, including the settlement agreement in this case, are available at https://ofac.treasury.gov/civil-penalties-and-enforcement-information.

    FinCEN Whistleblower Program

    The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) operates a whistleblower incentive program that covers OFAC sanctions violations, violations of the International Emergency Economic Powers Act (IEEPA), and Bank Secrecy Act violations. Individuals located anywhere in the world who provide information about potential sanctions violations may be eligible for a financial award if their tip leads to a successful enforcement action resulting in penalties exceeding $1,000,000. The program is open across all commercial sectors.

    , , ,

  • Plain-Language Summary of GE Settlement for DDTC Settlement

    Note: The Consent Agreement and Order documents were both not machine-readable, but Claude says the Proposed Charging Letter is more detailed anyhow.

    GE Aerospace’s $36 Million Export Violation Settlement — Plain-Language Summary

    What Happened?

    On April 17, 2026, the U.S. Department of State announced that GE Aerospace (the jet-engine arm of General Electric) agreed to pay $36 million to settle 116 violations of U.S. arms export law. The violations took place over a roughly six-year window, from April 2018 through late 2024.

    The relevant law is called ITAR — the International Traffic in Arms Regulations. Think of it as the strict rulebook that governs who American defense companies can share military technology with, and how. Violating ITAR is serious: it can harm national security and, in theory, expose a company to penalties exceeding $1.27 million per violation.

    The Four Categories of Violations

    1. Sending Sensitive Military Data to China (the most serious)

    China is on America’s “do not share” list for arms and military technology. Despite this, GE had three separate incidentsof sending controlled technical data to China without authorization:

    • In 2018, an employee traveling to China carried a company laptop containing data related to F-35, F-16, F-15, and U-2 aircraft engines — and then left the laptop unattended with Chinese university officials for 90 minutes.
    • In 2021, an employee emailed a technical drawing of a component from the F118 military engine to a Chinese supplier, mistakenly thinking it was governed by a less-restrictive export rule (Commerce Department rules, rather than ITAR).
    • In 2023, GE shipped maintenance manuals for the F110 engine to Singapore on three occasions — but routed the packages through China, which itself is prohibited. Nobody had configured the shipping account to flag that as a problem.

    The U.S. government determined that at least one of these incidents — the F118 engine drawing — actually provided China with useful military information.

    2. Mismanaging Export Licenses and Agreements (the largest category — 103 charges)

    GE held many government-approved licenses and agreements covering what military technology it could share with foreign partners, and under what conditions. It repeatedly failed to follow the fine print. Examples include:

    • Shipping repaired military components to the UK Ministry of Defense when the UK MoD wasn’t listed as an authorized recipient on the relevant agreement.
    • Allowing Japanese partners to pass military engine components to 31 unauthorized sub-suppliers over five years, because GE didn’t properly verify who was in the chain.
    • Sending technical data to suppliers in Mexico that went beyond what the license actually permitted.
    • Using a license exemption to ship turbine blade castings to Canada 30 times when a specific government condition required obtaining separate licenses for each shipment — and then failing to track the quantities properly.
    • Having a Swedish partner share engine maintenance data with an unauthorized entity in South Africa.
    • Failing to notify Congress of certain defense exports to Sweden, as required by law.
    • Repeatedly failing to submit required paperwork — things like purchase orders, amendment notifications, and lists of parties to agreements — on time or at all.

    The root causes cited repeatedly: outdated internal procedures (some not updated in over 10 years), inadequate training, and insufficient oversight of foreign partners.

    3. Exporting Defense Hardware Without Authorization (4 charges)

    • wrong engine combustion liner (for the F404-400) was accidentally shipped to Sweden because commercial paperwork got mixed up between two different items.
    • 15 machined chassis for the F-35 aircraft were temporarily exported to Israel across three shipments because an employee misclassified them under the wrong export control regime.

    4. Failing to Update Its Government Registration (3 charges)

    GE repeatedly failed to report material changes to its registration statement with the government’s defense trade regulator, as required within five days of any such change. This kind of administrative failure can obscure the government’s visibility into who a company is and what it’s doing.

    The Settlement Terms

    GE Aerospace will pay a civil penalty of $36 million. The Department of State agreed to suspend $18 million of that amount on the condition that those funds are used for remedial compliance improvements instead. For at least 24 months, GE must also engage an external Special Compliance Officer to oversee its compliance program, and must submit to at least one independent external audit. The full consent agreement runs for 36 months.

    Why Wasn’t the Penalty Larger?

    The maximum theoretical penalty for 116 violations would be enormous. The penalty was reduced significantly because:

    • GE voluntarily disclosed all 116 violations itself — it found the problems and reported them, rather than waiting to be caught.
    • GE fully cooperated with the government’s review.
    • GE had already started fixing its compliance program before the settlement.

    That said, the government also noted aggravating factors: some of the exports involved Significant Military Equipment, violations were systemic across multiple business units, and the China incidents caused real national security harm.

    Key Takeaways for Non-Expert Professionals

    1. Self-disclosure matters enormously. GE’s decision to report its own violations — all 116 of them — likely saved the company hundreds of millions of dollars in potential penalties and avoided debarment from government contracting.
    2. Compliance programs need maintenance. A recurring theme here is procedures that hadn’t been updated in a decade. Regulations change; compliance infrastructure has to keep pace.
    3. You’re responsible for your partners’ compliance. Many violations occurred not at GE directly, but through foreign partners and sublicensees. Under ITAR, the U.S. license-holder is responsible for ensuring the whole chain follows the rules.
    4. China is a red line. Any unauthorized sharing of military-related technical data with China — even routing a package through a Chinese airport — is treated as a serious aggravated violation.
    5. Paperwork isn’t optional. A surprisingly large number of the 116 charges were essentially administrative failures: late filings, missing notifications, wrong forms. These are avoidable with proper systems.

    , , , , ,

  • April 17, 2026: GE gets ITARed and feathered by DDTC

    U.S. Department of State Concludes $36 Million Settlement Resolving Export Violations by General Electric Company

    MEDIA NOTE

    OFFICE OF THE SPOKESPERSON

    APRIL 17, 2026

    The U.S. Department of State has concluded an administrative settlement with General Electric Company (GE Aerospace) to resolve 116 violations of the Arms Export Control Act (AECA), 22 U.S.C. § 2751 et seq., and the International Traffic in Arms Regulations (ITAR), 22 C.F.R. parts 120-130. The Department of State and GE Aerospace reached this settlement following an extensive compliance review by the Office of Defense Trade Controls Compliance in the Department’s Bureau of Political-Military Affairs.

    The administrative settlement between the Department of State and GE Aerospace, concluded pursuant to ITAR § 128.11, addresses multiple categories of ITAR violations, including GE Aerospace’s unauthorized exports of technical data to the People’s Republic of China; violations of terms, conditions, and provisos of several Directorate of Defense Trade Controls authorizations involving various countries; unauthorized exports of defense articles to two countries; and failure to report material changes to its ITAR registration.

    GE Aerospace voluntarily disclosed all the alleged violations, a substantial portion of which predate 2023. GE Aerospace also fully cooperated with the Department’s review of this matter and has implemented numerous improvements to its ITAR compliance program since the conduct at issue.

    Under the terms of the 36-month Consent Agreement, GE Aerospace will pay a civil penalty of $36 million. The Department has agreed to suspend $18 million of this amount on the condition that the funds will be used for the Department-approved Consent Agreement’s remedial compliance measures to strengthen GE Aerospace’s compliance program. In addition, for an initial period of at least 24 months, GE Aerospace will engage an external Special Compliance Officer to oversee the Consent Agreement, which will also require at least one external audit of its ITAR compliance program and implementation of additional compliance measures.

    This settlement demonstrates the Department’s role in furthering the national security and foreign policy of the United States by controlling the export of defense articles. The settlement also highlights the importance of exporting defense articles pursuant only to appropriate authorization from the Department. 

    The Consent Agreement and related documents will be available for public inspection in the Public Reading Room of the Department of State and on the Penalties and Oversights Agreements section of the DDTC’s website. 

    For additional information, please contact the Office of the Under Secretary for Arms Control and Internal Security at T_Outreach_PM@state.gov.

    and here are the documents from the DDTC site:

    Proposed Charging Letter GE Aerospace 20260417Download
    Consent Agreement GE Aerospace 20260417Download
    Order GE Aerospace 20260417Download

    , , , , ,

  • Burning Question: Why is sanctioned goods licensing being transitioned to OTSI?

    The prompt:

    How are sanctioned goods licensed today in the UK? Why is that responsibility being transferred to OTSI? Were there any specific problems with the current situation? Provide sources for your analysis.

    Gemini’s response:

    As of today, April 11, 2026, the licensing of sanctioned goods in the UK is in the final stages of a major structural transition. While the Export Control Joint Unit (ECJU) still handles most “today,” a significant transfer of power to the Office of Trade Sanctions Implementation (OTSI) is scheduled for April 27, 2026.

    Below is an analysis of the current landscape, the reasons for the transfer, and the systemic problems this change aims to solve.

    1. How Sanctioned Goods are Licensed “Today” (April 11, 2026)

    Currently, the responsibility is split between three primary bodies, often requiring businesses to apply for multiple licenses for a single transaction:

    • Export Control Joint Unit (ECJU): Historically the “heavy lifter,” the ECJU remains responsible for licensing strategic goods (military and dual-use items). For another two weeks, they also continue to process licenses for sanctioned goods (non-strategic items heading to sanctioned destinations like Russia).
    • Office of Trade Sanctions Implementation (OTSI): Launched in October 2024, OTSI currently handles the licensing of sanctioned services (e.g., professional, business, and legal services) and enforcement of trade sanctions for activities occurring outside the UK border.
    • Office of Financial Sanctions Implementation (OFSI): Handles the “financial” side (asset freezes and funds), as seen with the Maritime Mutual license discussed previously.

    2. The Transfer to OTSI (Effective April 27, 2026)

    From April 27, 2026, OTSI will take over the licensing of all sanctioned goods and associated ancillary servicesdestined for sanctioned countries.

    • What stays with ECJU: Strategic export controls (military/dual-use goods) will remain under the ECJU to ensure that national security expertise stays centralized.
    • The System: Even after the transfer, exporters will continue to use the SPIRE system for goods, while “standalone” services licenses will remain on the OTSI portal.

    3. Why the Transfer? (Solving Specific Problems)

    The UK Government’s May 2025 Cross-Government Review of Sanctions identified several “frictions” in the pre-2024 system that OTSI was created to fix:

    A. The “Services Gap”

    Before OTSI, the UK had robust enforcement for goods at the border (via HMRC), but enforcement for services (like accounting or consulting provided to sanctioned entities) was fragmented and lacked a dedicated civil enforcement body. OTSI provides a “civil” counterpart to OFSI, specifically for trade.

    B. The Enforcement “Clarity” Problem

    Historically, trade sanctions enforcement was primarily criminal, handled by HMRC. This created a high bar for prosecution. OTSI was granted the power to issue civil monetary penalties (up to £1 million or 50% of the breach value), allowing for more “proportionate and frequent” enforcement action against non-compliant businesses that didn’t meet the threshold for criminal intent.

    C. Administrative Fragmentation

    Businesses previously struggled with “license-stacking.” A single deal might require a financial license from OFSI, a goods license from ECJU, and a services license from the Department for Business and Trade (DBT). Moving sanctioned goods to OTSI concentrates trade-related expertise in one office, reducing the need for businesses to navigate multiple departments for the same sanctions regime.

    D. The “Shadow Fleet” and Circumvention

    Traditional export controls were designed for “shipment-to-destination” tracking. Modern sanctions evasion (like the Russian shadow fleet) often involves complex third-country brokering where goods never touch UK soil. HMRC’s powers are border-centric; OTSI was given broader jurisdiction over UK persons globally, allowing them to target circumvention that occurs entirely outside the UK.

    Source List

    1. OTSI Official Blog (April 9, 2026): “Expanding OTSI’s Licensing Remit” – Confirms the April 27 transition date.
    2. GOV.UK Guidance (March 2026): “UK Government’s Strategic Approach to Sanctions Enforcement” – Details the civil penalty framework and the 2025 cross-government review findings.
    3. OFSI Annual Review 2024-25: Provides data on the increase in license applications and the need for specialized “aftercare” services now being mirrored by OTSI.
    4. Business and Trade Committee Report (February 2026): Correspondence from the Chair regarding the 185 investigations opened by OTSI in its first year, highlighting the “services sector” as the primary source of breaches.
    5. Department for Business and Trade (DBT): “Trade Sanctions, Arms Embargoes, and Other Trade Restrictions”(Updated 2026).

    Analysis of Source Support

    • Fully Supported: The dates of the transfer, the new civil penalty limits, and the split between strategic and sanctioned goods.
    • Inferred/Expert Analysis: The “Administrative Fragmentation” point is a common industry critique found in legal briefings (e.g., from Clifford Chance and Linklaters) and was a central theme of the 2025 review, though the government describes it more diplomatically as “improving the user experience.”

    , , , , , ,

  • April 1, 2026: OFAC penalizes all good things…

    APR FOOL 2026 EnforcementDownload

    April Fool!

  • March 17, 2026: TradeStation Securities, Inc. settles with OFAC for $1,110,661

    This report summarizes the enforcement release regarding TradeStation Securities, Inc., a Florida-headquartered brokerage firm that operates online securities trading platforms.

    What Happened

    Between June 21, 2021, and June 15, 2022, TradeStation provided investment services—specifically allowing 481 securities trades—to customers who were physically located in Iran, Syria, and the Crimea region of Ukraine.

    The problem originated from a failure in the company’s “geo-blocking” systems, which are designed to identify where a customer is located and block them if they are in a sanctioned country. While TradeStation had two layers of this technology, the second layer contained a critical technical blind spot: instead of checking the customer’s location, the system mistakenly checked the location of TradeStation’s own U.S.-based servers. This error meant that customers using the company’s mobile app were not restricted from trading for nearly a year, even though those attempting to use the web platform were successfully blocked.

    The issue persisted because TradeStation’s compliance team failed to properly test and validate that these tools were working as intended. Specifically, in November 2021, the company stopped using an automated tool that was meant to test its servers for exactly these types of vulnerabilities.

    The Penalty

    TradeStation agreed to pay $1,110,661 to settle its potential civil liability for the 481 apparent violations.

    • Violation Type and Status: All 481 violations were determined by OFAC to be non-egregious and were voluntarily self-disclosed by TradeStation.
    • Base Penalty Breakdown: The total value of the illegal trades was $4,442,645. Under OFAC’s guidelines for self-disclosed, non-egregious cases, the base penalty is calculated as one-half of the transaction value.
      • Base Penalty Total: $2,221,322.
    • Final Settlement: The final penalty of $1,110,661 reflects a 50% reduction from the base penalty due to the company’s cooperation and remedial efforts.

    Aggravating Factors

    • Failure to Exercise Minimal Caution
      • General Factor involvedDegree of Care.
      • Applicability: TradeStation allowed significant compliance weaknesses to remain unaddressed for a full year. Crucially, the company had received a “Cautionary Letter” from OFAC earlier in 2021 regarding similar geo-blocking failures, meaning they were already aware of the risks but failed to ensure their systems were properly tested.
    • Discontinuing Necessary Testing Tools
      • General Factor involvedManagement of Compliance Program.
      • Applicability: In November 2021, TradeStation intentionally stopped using an automated testing tool for its on-premises servers, which directly contributed to the failure to detect the system error that allowed sanctioned users to trade.

    Mitigating Factors

    • Prompt and Comprehensive Correction
      • General Factor involvedRemedial Response.
      • Applicability: After discovering the error, TradeStation quickly implemented new technical controls and solutions to ensure that future failures in its geo-blocking or alert systems would be identified immediately.
    • Limited Scope and Low Financial Benefit
      • General Factor involvedNature and Complexity of Operations / Economic Benefit.
      • Applicability: The illegal trades represented a very small percentage of TradeStation’s total transaction volume during that year, and the company earned less than $2,000 in total revenue from these specific trades.
    • Substantial Cooperation
      • General Factor involvedCooperation with OFAC.
      • Applicability: The company filed a detailed self-disclosure report, was highly cooperative throughout the investigation, and agreed to “toll” the statute of limitations (giving OFAC more time to complete the case).
    • Clean Five-Year History
      • General Factor involvedPrior Record.
      • Applicability: TradeStation had not received a formal Penalty Notice or Finding of Violation from OFAC in the five years leading up to these events.

    To find more details on this case, please see the full Enforcement Release provided by OFAC.

    What are the Takeaways?

    • Test and Audit Regularly: This case shows that even if you have “two tiers” of defense, they only work if they are correctly implemented. Companies must regularly test their compliance tools to ensure they are actually blocking what they are supposed to block.
    • Don’t Ignore Warning Signs: If a regulator sends a cautionary letter or points out a flaw, treat it as a high-priority alert. TradeStation’s failure to act on a previous warning was a major factor in the size of the penalty.
    • Verify After Every Update: Technical changes—such as migrating to new servers or updating software—can accidentally break your compliance filters. Testing should be a standard part of any system maintenance.
    • Use Diverse Indicators: Effective geo-blocking should look at more than just a single IP address; it should include tools like VPN detection and location-based alerts to prevent users from bypassing restrictions.

    and the full enforcement release:

    20260317_tradestationDownload

    , , , , , , ,

  • March 10, 2026: UK government publishes new sanctions enforcement strategy

    Here’s a summary for non-expert practitioners of the strategy document published today under the auspices of FCDO (Foreign, Commonwealth & Development Office), the Department for Transport, HMRC (Her Majesty’s Revenue & Customs), NCA (National Crime Agency), OFSI (Office of Financial Sanctions Implementation), and OTSI (Office of Trade Sanctions Implementation):

    The “UK Government’s Strategic Approach to Sanctions Enforcement,” published in March 2026, marks a significant shift in the UK’s sanctions regime. For those with a basic grounding in the subject, the core message is that the government is moving from a phase of rapid policy creation (largely driven by the 2022 invasion of Ukraine) to a phase of aggressive, transparent, and coordinated enforcement.

    The document sets out a roadmap for how the UK will use civil and criminal powers to ensure sanctions are not just “on the books” but are actively enforced.

    1. The Strategic Shift: A “Unified Front”

    The most notable change is the emphasis on a cross-government approach. Enforcement is no longer siloed within the Treasury (OFSI). Instead, it is a coordinated effort across several key agencies:

    • OFSI (Office of Financial Sanctions Implementation): Leads civil enforcement for financial breaches and the Oil Price Cap.
    • OTSI (Office of Trade Sanctions Implementation): A newer body (launched in late 2024/early 2025) that handles civil enforcement for trade in services and goods moving outside the UK.
    • HMRC: Continues to handle trade sanctions at the border and strategic export controls.
    • National Crime Agency (NCA): Focuses on the most serious criminal evasions, particularly those involving “enablers” (lawyers, accountants) and organized crime.

    2. New Enforcement Tools and “Carrots” for Compliance

    The government has introduced a more sophisticated “toolkit” to encourage self-reporting and resolve cases faster. For a non-expert, the key takeaway is the new discount structure for penalties:

    • Early Account Scheme (EAS): Entities can get up to a 20% discount if they provide a full factual account of a breach very early in an investigation.
    • Settlement Scheme: A further 20% discount is available if a firm agrees to settle without a full formal investigation, similar to “plea deals” in other legal contexts.
    • Voluntary Disclosure: While the discount for serious cases has been adjusted to 30%, firms can combine these schemes. If a firm self-reports, provides an early account, and settles, the total penalty can be reduced by up to 70%.
    • Fixed Penalties: Minor reporting or licensing breaches now face “fast-track” fixed penalties of £5,000 or £10,000, intended to act as a “slap on the wrist” that avoids years of litigation.

    3. “The Stick”: Higher Penalties and Strict Liability

    While there are more ways to reduce a fine, the maximum “stick” has become much larger:

    • Doubled Penalties: The statutory maximum for financial sanctions breaches has doubled to the higher of £2 million or 100% of the breach value (up from £1m/50%).
    • Strict Liability: The government reiterated that for civil penalties, they do not need to prove you knew you were breaking the law (the “strict liability” standard). If a breach happened, you are liable, though “knowledge” is now considered an aggravating factor that will lead to a higher fine.

    4. Enforcement Principles

    The strategy outlines four “Guiding Principles” for how the government will act:

    1. Proportionality: Focus on the most serious and harmful breaches.
    2. Consistency: Ensuring similar breaches face similar consequences across different agencies (e.g., OFSI and OTSI).
    3. Transparency: Using “teachable moments.” The government intends to publish more details about enforcement actions so other businesses can learn from the mistakes of others.
    4. Due Process: Ensuring firms have the right to represent themselves before a final penalty is issued.

    5. Key Focus Areas for 2026

    • Ownership and Control: The government is providing more clarity on the “50% rule” and how to determine if a sanctioned person “controls” an entity even if they don’t own it.
    • Cryptoassets: There is a renewed focus on the use of crypto for sanctions evasion, treated with the same severity as traditional currency.
    • The “Enablers”: A specific warning to the professional services sector (legal, financial, and real estate) that facilitating “workarounds” will be a priority for criminal prosecution by the NCA.

    Summary for Businesses

    If you have a basic grounding in sanctions, this document tells you that “ignorance is no longer an excuse.” The government expects firms to have robust compliance systems and is signaling that while they are willing to be lenient with those who self-report and cooperate (via the new discount schemes), they will be significantly harsher on those who are caught through investigation or who display “reckless” behavior.

    , ,

  • February 25, 2026: OFAC Enforcement costs an individual $3,777,000 for 20 Syrian sanctions violations

    Gemini’s quick summary:

    Based on the enforcement release from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) dated February 25, 2026, here is the reformatted and simplified summary of the action.

    What Happened

    A U.S. citizen (referred to as “U.S. Person-1”) worked as a high-level executive and board member for four real estate companies based in Syria. Even though the U.S. had strict sanctions against doing business in Syria at the time, this individual continued to manage these companies between 2018 and 2021. Their work included tasks like:

    • Reviewing and signing off on financial records.
    • Approving money spent on business operations and employee pay.
    • Overseeing the collection of service fees.

    Because these activities provided “managerial services” to Syrian businesses, they broke U.S. law. This case is a reminder that U.S. citizens must follow these rules no matter where in the world they live.

    The Penalty

    U.S. Person-1 agreed to pay $3,777,000 to settle the case. OFAC determined that the violations were “egregious,” meaning they were particularly serious, and noted that the individual did not come forward to report the mistakes voluntarily.

    Analysis of Factors

    OFAC used its official Enforcement Guidelines to decide on this penalty by looking at several “General Factors”:

    • Willfulness and Awareness (Aggravating Factor): * Applicable General Factor:General Factor A (Willfulness or Recklessness) and General Factor B (Awareness of Conduct).
      • Explanation: The individual was a sophisticated executive who held senior roles in multiple international companies. Given their position, they either knew or should have known that managing Syrian companies was illegal under U.S. sanctions.
    • Harm to Sanctions Program (Aggravating Factor):
      • Applicable General Factor: General Factor C (Harm to Sanctions Program Objectives).
      • Explanation: By providing high-level management to Syrian entities, the individual directly undermined U.S. foreign policy goals intended to pressure the Syrian regime.
    • Lack of Disclosure (Aggravating Factor):
      • Applicable General Factor: General Factor J (Voluntary Self-Disclosure).
      • Explanation: The individual did not report these activities to the government; instead, the government discovered them through an investigation supported by the FBI.
    • Cooperation (Mitigating Factor):
      • Applicable General Factor: General Factor I (Cooperation with OFAC).
      • Explanation: While the individual broke the law, they eventually cooperated with the investigation, which helped prevent an even higher fine.

    What are the Takeaways?

    This case provides several important lessons for staying compliant with U.S. laws:

    • Sanctions Apply to People, Not Just Places: If you are a U.S. citizen or permanent resident (Green Card holder), you must follow U.S. sanctions even if you live and work entirely outside of the United States.
    • Management is a “Service”: You don’t have to send money to a sanctioned country to break the law. Providing “managerial services”—like approving budgets or signing documents—is also a violation.
    • Individual Responsibility: OFAC will hold individuals personally accountable for sanctions violations, especially when they hold senior leadership roles.
    • The Importance of Vetting Roles: Before accepting a board seat or an executive position in a foreign company, U.S. persons should conduct a thorough “risk assessment” to ensure the company does not operate in sanctioned regions or with sanctioned people.

    Other Resources

    For more information on how to follow these rules or to see other recent cases, you can visit:

    • OFAC’s Recent Actions Page: A list of the latest updates to sanctions lists and enforcement news.
    • Civil Penalties Chart: A detailed summary of fines and settlements paid by companies and individuals for the current year.

    Actually, Gemini did leave out two minor points in the scheme of things: the individual signed a tolling agreement, and the usual “no enforcement actions in the last 5 years” factor. Minor enough that I didn’t feel the need to have it re-do the response.

    The Enforcement Release:

    20260225_individualDownload

    , , ,