Paypal issued £5M fine due to inadequate sanctions screening process

The US Treasury Department issued Paypal with a £5M fine after they had allowed payments which violated sanctions and involved links to weapons of mass destruction. Paypal failed to prevent the transactions due to a failed screening process, causing non compliance with the Treasury's Foreign Assets Control regulation.

On 27 March Paypal agreed to pay the £5m fine after the US Treasury Department found they had allowed payments which violated sanctions against Iran, Cuba and Sudan. It had been discovered that Paypal failed to prevent the transactions to users in sanctioned countries due to inadequate screening procedures, although Paypal did not confirm or deny it had violated the sanctions.

Some of the transactions involved links to weapons of mass destruction, a total of 136 transactions in the account of Kursad Zafer Cire, a Turkish man on the US State Department's list of weapons of mass destruction proliferators. Paypal commented that these transactions were not flagged because their automated filter was not working properly.

In response to the failed screening process however, Paypal have now taken steps to support compliance with the Treasury's Office of Foreign Assets Control regulations by improving the real-time screening of payments.

The Office of Foreign Assets Control works under the US Department of the Treasury to prevent "prohibited transactions," described as dealings where US persons may not engage unless authorised by OFAC or specifically exempted. OFAC has the power to impose large penalties against offenders, including fines, freezing assets, and altogether barring parties from operating in the U.S.

The overall fine was reduced by OFAC because PayPal self-reported the offenses and cooperated with the investigation; supplying all requested evidence. New management was put in place within the compliance division, and Paypal's OFAC screening processes revised and improved.

Until now much of OFAC's enforcement action has been focused on banks and financial institutions, this settlement could mark a change of attention on the payments industry and payments processes. Companies who fail to comply with OFAC's regulations are now more than ever, exposed to increasing and constantly changing sanctions across multiple jurisdictions. Sanctions violations carry severe penalties and criminal liabilities, a single transaction can have multiple violations. To protect against financial and reputation risk, a compliance program alone is not enough; screening compliance programs should have lines of responsibility for escalating potential red flags and there should be processes in place to ensure those programs are audited and regularly reviewed.

Check out:

• Our tips for meeting the four key trends in risk and compliance in 2022
• The Perfect Storm: EU's 6th Anti-Money Laundering Directive Raises Regulatory Risk with a Broader Definition of Money Laundering & Extended Criminal Liability
• Having a robust and consistent compliance process in place can help you mitigate your risk and protect your reputation. If you are looking to manage business risk and protect your reputation, click here to find out how our solutions can help.