The Panama Papers is one of the most talked about leaks since WikiLeaks. The Panama Papers were released this past April to over 400 journalists and consisted of 11.5 million files, some dating back to the 1970’s, from Panamanian law firm Mossack Fonseca, one of the world’s largest offshore providers. The leak represented roughly 2.6 terabytes of leaked data, consisting of 4.8 million emails, 3 million database files, and 2.1 million PDF documents. What makes this disclosure most significant in a trend of leaking is when comparing the volume to the aforementioned WikiLeaks; the information released by WikiLeaks pales in comparison with 1.5 million documents and 60 gigabytes.
According to the International Consortium of Investigative Journalists (ICIJ), there are indications that the leaked documents in the Panama Papers did reveal sanctions violations. For example the law firm’s files included dozens of companies and persons blacklisted by the U.S. Treasury Departments OFAC (Office of Foreign Assets Control) list:
- 33 companies and people blacklisted by the U.S. government appeared in Mossack Fonseca’s files, including several from North Korea.
- Being listed among the documents does not mean that criminal wrongdoing has been committed, though several of their U.S. blacklisted clients have been involved in alleged terrorism and nuclear weapons financing, arms trading, and the backing of Syria’s barrel bombings.
When asked why Mossak Fonseca had not monitored the activities of the companies they helped set-up, one of the co-founders of the firm, Juergen Mossack, stated that business practices used to be much looser, and the recent tightening of rules created a need to perform more due diligence checks on their clients. He stated he never felt they were historically “too trusting”, but that some of their older transactions did include an element of trust.
So then how does Mossak Fonseca explain some of the released internal emails calling out concerns by their own compliance specialists requesting comprehensive compliance policies? Some of these concerns were raised in 2010 when the U.S. Department of Treasury released information on Petropars; a company Mossak Fonseca had done business with for over 20 years. In fact, despite admitting that the existing process for checks and balances had repeatedly failed, the law firm did not even introduce a policy to comply with OFAC sanctions rules until July of 2015.
Earlier this month, and clearly tied to concerns over information revealed in the Panama Papers, President Obama offered up regulations proposed to help the United States in fighting tax evasion and other crimes connected to anonymous offshore companies and accounts. The new regulations includes customer due diligence rules that requires banks, mutual funds, securities brokers and other financial institutions in determining the actual ownership of the companies with whom they do business.
This requirement clearly will add to an already burdensome undertaking for compliance departments in screening and identifying the Ultimate Beneficial Owner. Setting aside the challenge of monitoring ownership changes, the more problematic task in the requirement for due diligence is the current lack of transparency in determining who the shareholders are and what the percentage of ownership is.
In 2014, OFAC released executive order directives called the Ukraine/Russia Sectoral Sanctions  (31 CFR Part 589) requiring upfront disclosure of beneficial ownership of companies. The sanctions apply to any entity owned 50 percent or more by a sanctioned person. These sanctions have posed significant compliance challenges because unlike the other U.S. sanctions programs, many of the targets are participants in global trade and have extensive non-transparent global holdings, making it difficult for businesses to ensure they are not engaging in transactions considered prohibited.
The broad reach of the U.S. Executive Order applies to any U.S. citizen anywhere in the world; any person residing in the U.S.; or to any entity incorporated in the U.S. (including foreign branches of the U.S. Company). This sanction was designed to get transparency as well as require companies to know who they are doing business with. Compliance with this directive is further complicated by the complexity of transactions when companies manage their business across multiple jurisdictions and industries that are targeted by the sanctions.
Companies risk inadvertently breaching sanctions due to inadequate due diligence in understanding who the ultimate beneficial owners are and the control they exercise over the business. In light of the Panama Papers, the need for rigorous ‘Know Your Customer (KYC)’ procedures will help companies safeguard against these risks and avoid the reputational damage of guilt by association if due diligence measures are regarded as insufficient, or ignored in favor of short-term benefits.
Learn More About ONESOURCE Global Trade