Companies are prohibited from doing business with individuals, groups, organizations and companies that have been associated with supporting or financing terrorist organizations or activities in the past. As part of the sanctions list check, companies find out whether new or existing business partners are involved in such crimes. They are even legally obliged to do so. Violations can have massive consequences.
What is the sanctions list check?
With the help of the sanctions list check, a company can compare its business contacts with various sanctions lists. Alternatively, the check is also called compliance screening, sanctions check and anti-terror check.
The sanctions lists include individuals, companies and organizations against which restrictions have been imposed for reasons of terrorism prevention. The background is usually terrorist acts, terrorist financing or illegal transactions such as money laundering. If a potential business partner is on one of the sanctions lists, it is in most cases forbidden to do business with him.
The sanctions list check should not be confused with embargo measures, whose restrictions are usually broader and not limited to individual persons or groups. Rather, the sanctions list check focuses on anti-terrorism prevention. For example, "blocked" business partners can be found in the following EU anti-terror regulations:
- 2580/2001 (anti-terrorism)
- 753/2011 (Taliban)
- 553/2007 (Al-Qaeda), formerly No. 881/2002
Who must perform a sanctions list check?
Every company based or operating in the European Union is required by the Foreign Trade and Payments Act (Außenwirtschaftsgesetz, AWG), relevant EU regulations and UN resolutions to conduct a sanctions list check on a regular basis. This applies regardless of the size and form of the company. Incidentally, not only customers and suppliers have to be checked, but also intermediaries, forwarders, financial partners and internal and external employees.
Consequently, several departments of a company are responsible:
- Sales: they must ensure that people and companies in the customer database are continuously updated and verified.
- The export department (if any): This must check that no goods are exported to sanctioned partners.
- Purchasing: Here it must be ensured that no goods or services are purchased from sanctioned business parties.
- Human resources departments: This must check wage payments to employees on an ongoing basis.
- The Finance Department: It controls existing financial transactions with individuals, organizations and companies, as well as the settling banks.
Companies based in the EU must cross-check business partners in the so-called Common Foreign & Security Policy (CFSP) and report hits immediately. The sanctions list check is mandatory not only for exporting companies, but also for those operating within Germany.
How is a sanctions list check performed?
Several options exist to perform the sanctions list check. One variant, for example, is the EU Sanctions Map. It enables manual individual case checks and is available on the website www.sanctionsmap.eu publicly accessible.
Listed there are persons, organizations and groups for which a comprehensive ban on disposal exists due to an EU regulation. The advantage of this variant is that it is free of charge. However, there are also disadvantages. For example, the Justice Portal is limited to parties for whom a comprehensive restraining order exists. However, sanctions with partial bans, for example a ban on the delivery of individual goods, are not included here.
For many business partners in particular, the manual check via the EU Sanctions Map also causes an almost unmanageable amount of work. In such cases, it is recommended to use specific software for the sanctions list check. Companies using SAP can map the prescribed checks either with SAP's own enterprise solution GTS (Global Trade Services) or via third-party plug-ins.
How often does the sanctions list review need to occur?
How often business partners have to be checked against sanctions lists is not regulated in a blanket manner by law. However, Section 18 (11) of the Foreign Trade and Payments Act (Außenwirtschaftsgesetz, AWG) states that anyone who acts within two days of an EU publication is exempt from punishment. Legal consequences can therefore be expected from the third day after "listing". In addition, the legal requirement applies that companies must expend an effort for the sanctions list check that is economically and technically justifiable.
Depending on the industry and the risk, companies should establish internal regulations on when, how and how often a sanctions list check must be performed. The following procedure is common, for example:
- Creation of new data records (e.g. new customers): immediate verification
- Modification of data records: immediate check
- Use of master data (e.g. creation of an order): immediate verification
- Master data: at least once a month
However, the sanctions list check should not only be performed in connection with new contacts, but must additionally be performed in the following cases:
- before a transaction with an existing customer (before the goods are shipped or the service is provided)
- before financial transactions
- when hiring new employees
- in the preparation of an offer
- upon receipt of an order
What should be considered in the event of a sanctions list check hit?
If the sanctions list check produces a hit, the first step is to clarify which sanctions list the business partner is on. In addition to restricted party lists, there are also so-called early warning lists, which are not legally binding. The legal consequences of a hit on a sanctions list may vary. It must therefore be clarified in detail whether the transaction may be carried out or not.
In any case, it is important to inform employees in advance what to do in the event of a hit and who should get contacted. As a rule, defined processes and contact persons exist in this context. The latter decides on the further course of action. He or she also ensures that, in the event of an emergency, any business relationship is stopped immediately. He also reports the matter to the responsible authorities. If economic resources are involved, this is the Federal Office of Economics and Export Control (BAFA). In the case of financial transactions, on the other hand, the Deutsche Bundesbank must be contacted.
What are the penalties for violations?
Anyone who provides economic resources or financial means to a listed partner is subject to heavy fines or even imprisonment of up to ten years. This applies regardless of whether the violation was committed negligently or intentionally. In all other respects, the management is personally liable.
What are the sanctions lists?
Sanctions lists can include individuals and organizations. Ostensibly, they serve to combat terrorism worldwide. Furthermore, they also support the enforcement of international prohibitions.
Various sanctions lists exist for the examination of persons and organizations. Companies must not only observe the EU banned lists, but also those of other countries under certain circumstances. The most important lists are as follows:
- The EU Sanctions List: Consolidated list of persons, groups and entities subjected to EU financial sanctions (CFSP for short).
- The United Kingdom Sanctions List: Consolidated list of Financial Sanctions Targets
- The sanctions list Switzerland: SECO list
- The Sanctions List Japan: End User List (provided by the Japanese Ministry of Economy, Trade and Industry).
- The sanctions lists of the USA
- Specially Designated Nationals And Blocked Persons List (SDN)
- Denied Persons List (DPL)
- Entity List (EL)
- Unverified List (UL)
- List of Statutorily Debarred Parties (LSDP)
- List of Administratively Debarred Parties (LAPD)
- Nonproliferation List (NPL)
- Consolidated Sanctions List (NONSDN)
The U.S. sanctions lists have the special feature that, according to the understanding of the U.S. administration, they must be taken into account worldwide. Even if there is no clear legal basis for this requirement for EU residents, their consideration is at least strongly recommended. This applies even if a company does not work with partners from the USA. A whole range of lists and programs need to be examined. These include the so-called Consolidates Sanctions List. This list contains persons, companies, organizations, countries and states that the USA accuses of financing terrorism or money laundering.
Contrary to the European legal interpretation, a hit on one of the U.S. lists does not necessarily lead to a transaction ban. Depending on the list, the planned business venture may be approved upon application to the relevant U.S. authority.
Sanctions lists are an important tool in the fight against terrorism and global crime. Companies should be able to ensure that they do not make funds, assets or economic resources available to listed groups and individuals. Failure to do so can perpetuate terror. There are also serious legal consequences.
It is therefore advisable to establish responsibilities, define processes, implement suitable software and sensitize employees. The more lists that need to be checked, the more advisable it is to perform an automatic check using an appropriate system solution. This is the only way to minimize the risk of violations.
We explain the most important terms in the context of the sanctions list check here:
The sanctions list check is a counterterrorism procedure. This is intended to ensure that companies do not conduct business with terrorists, terrorist groups or related organizations.
Every company established and operating in the EU is required by law to perform the sanctions list check.