The Office of Financial Sanctions Implementation (OFSI) fined fintech company TransferGo Limited £50,000 for breaching financial sanctions regulations in relation to a series of 16 payments to accounts held at the Russian National Commercial Bank (RNCB). TransferGo operates in the international money transfer industry.
At the time of the payments the RNCB was subject to EU sanctions imposed in relation to Russia’s annexation of Crimea. Post-Brexit, the RNCB remains a sanctions target under the UK sanctions regime, which now operates distinct from the EU sanctions framework.
TransferGo had claimed that because “the relevant clients and beneficiaries” of the payments it instructed were not themselves subject to financial sanctions restrictions, the payments to their accounts with the RNCB were not breaches. However, the OFSI said that this was “an error” of assessment because it considers “funds held in bank accounts [to] ultimately belong to those banks”. Therefore, transferring funds to accounts held by a bank that is a sanctions target is a breach, if the person knew, or had reasonable cause to suspect, it was doing so.
To avoid a breach, it is important that the due diligence and sanctions screening carried out extends to the banks and financial institutions involved in transactions, as well as all other parties.
TransferGo is regulated in the UK by the Financial Conduct Authority (FCA) as an authorised payment institution, and it was obliged to inform the OFSI of breaches of financial sanctions regulations as soon as practicably possible. Businesses that voluntarily disclose breaches of financial sanctions regulations in the UK, even where they are not legally required to do so, can be granted up to a 50 per cent discount on the level of penalty the OFSI can choose to impose. TransferGo did not disclose the offending transactions and no voluntary disclosure discount was given.
TransferGo exercised its right to a ministerial review of the OFSI’s action, however, the Treasury upheld the OFSI’s decisions both to impose the penalty and on the amount of the fine. TransferGo’s request for anonymity was also rejected as this would run contrary to the objectives of the OFSI’s sanctions enforcement regime and would not be in the public interest.
Although the fine may appear relatively modest, it is important to note that the total value of the transactions underlying the breach was only £7,764. The maximum penalty that could have been imposed was £1 million and the OFSI has already demonstrated that it will issue blockbuster fines where it considers it appropriate to do so. The penalties imposed by the OFSI to date have ranged from £5,000 to £20.47 million.
The OFSI will consider a range of factors to arrive at a reasonable and proportionate baseline penalty and once that baseline has been determined, an assessment will be made on what, if any, reduction should apply.
Stacy Keen, Senior Associate and regulatory risk specialist at Pinsent Masons