MS agreed to pay $2,980,265.86 after a self-disclosure to settle its potential civil liability relating to the exportation of services or software from the United States to a number of sanctioned jurisdictions and to Specially Designated Nationals (“SDNs”) or blocked persons in violation of OFAC’s Cuba, Iran, Syria, and Ukraine-/Russia-Related sanctions programs. The majority of the apparent violations involved blocked Russian entities or persons located in the Crimea region of Ukraine and occurred as a result of the MS’ failure to identify and prevent the use of its products by prohibited parties.
Between July 2012 and April 2019, MS through third-party distributors and resellers, incurred over 1,339 transactions to SDNs, blocked persons, and other end users located in Cuba, Iran, Syria, Russia, and the Crimea region of Ukraine which included;
Activated software licenses
Providing related services from servers and systems located in the United States and Ireland
The causes of these violations was shortcomings in MS’s restricted party screening. These included the lack of complete or accurate information on the identities of the end customers for Microsoft’s products, no accounting for OFAC’s 50 percent rule, and internal circumvention. The final order can be found here.
Companies should heed this outcome. It is important to have internal controls and screening procedures. In addition, when third-parties or agents are able to transact on your behalf there should be controls and checks in place to oversee those transactions. It is incumbent upon the exporter to maintain effective, risk-based compliance programs and to have comprehensive export controls put in place to prevent the unauthorize export of controlled items.
If you have any questions regarding restricted party screening or export control liability caused by third parties, do not hesitate to contact any attorney at Barnes, Richardson & Colburn, LLP.