The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) enforces economic and trade sanctions to protect against foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to national security, foreign policy, or the U.S. economy.
Although OFAC’s scope of responsibility may not seem relevant to healthcare institutions, what you don’t know can hurt you. With increasing globalization, many U.S. healthcare organizations employ vendors and providers who are foreign entities. Some may even unknowingly be doing business with foreign companies. Overlooking OFAC compliance can be risky to your organization. If your healthcare organization has exposure to vendors, providers, or employees who are foreign entities, it is critical to understand OFAC compliance and be proactive in mitigating risk. Whether it’s intentional or accidental, violating OFAC sanctions could result in significant fines and penalties.
Who Is Subject to Compliance?
OFAC requires that any business that has exposure to international trade or parties complies with OFAC rules. All U.S. citizens, permanent resident aliens, U.S. incorporated entities and their foreign branches, and foreign subsidiaries owned or controlled by U.S. companies are susceptible to enforcement and consequences of compliance failure. Proactively screening employees, vendors, and providers for OFAC sanctions is not required for all organizations but should be included if following industry best practices for security and credentialing.
How Long Has OFAC Been Around?
Foreign policy sanctions originated after the War of 1812 to protect American sailors from harassment by Great Britain. During the Civil War, sanctions were again imposed by Congress, this time to prohibit transactions with the Confederacy.
OFAC is the successor of the Office of Foreign Funds Control (FFC) which was established at the advent of World War II (WWII) following the German invasion of Norway in 1940. Housed in the Secretary of the Treasury, FFC’s original purpose was to prevent Nazi use of the occupied countries’ holdings of foreign exchange and securities and to prevent forced repatriation of funds belonging to nationals of those countries. After the U.S. formally entered WWII, the FFC played a leading role in economic warfare against the axis powers.
OFAC was formally created in 1950, following the entry of China into the Korean War, when President Truman declared a national emergency and blocked all Chinese and North Korean assets subject to U.S. jurisdiction. After the terrorist attacks of September 11, 2001, OFAC enforcement became even more powerful and visible.
While much of the post-9/11 era focused efforts on financial institutions, since 2016, only two of the 14 civil penalties issued by OFAC have been against financial entities. In the last five years, small and medium-sized healthcare companies have become more significant targets of OFAC investigations and penalties. Healthcare and technologies such as United Medical Instruments Inc. ($515,400), World Class Technology Corporation ($43,200), and HyperBranch Medical Technology, Inc. ($107,691) have all come under scrutiny.
Searching the OFAC Sanctions Lists
OFAC administers a variety of sanctions programs and sanctions lists can be comprehensive or selective. Your organization can search for OFAC sanctions through multiple databases. Sanctions lists include (but are not limited to):
- Specially Designated Nationals and Blocked Persons List Sanctions (SDN)
- Consolidated Sanctions List
- Foreign Sanctions Evaders List
- List of Persons Identified as Blocked Solely Pursuant to E.O. 13599
- Non-SDN Iran Sanctions Act List
To search for OFAC Sanctions lists, you can visit and conduct a search through the Sanctions List Search website. The SDN and Consolidated Non-SDN List are downloadable from the site.
How Often Should You Search the OFAC Sanction Lists?
The OFAC SDN list may be updated as frequently as a few times a week or as rarely as once every six months. Industry best practice recommends searching OFAC and other primary sources no less than once a month. To conduct and manage a routine ongoing sanctions and exclusions screening process, healthcare companies may bundle OFAC SDN screening with other provider screening services.
OFAC Compliance Made Easy
Verisys has in-depth experience working with customers nationwide to ensure compliance with OFAC regulations. An investigation or subpoena from OFAC could jeopardize a healthcare institution and put significant strain on administrative staff. Conversely, falsely accusing a business or entity could also have detrimental litigation that could adversely affect organizational workflow and reputation.
Establishing an automated screening process to continually monitor every sanction and exclusion list is much more effective than manual searches as automation eliminates errors, allows for more frequent searches, and reduces administrative workload. Verisys continuously monitors over 5,000 primary sources, including OFAC, and can verify the results in real-time to give your organization a holistic view of your population, assuring continuous OFAC compliance.
|Written by Juliette Willard
Healthcare Communications Specialist
Connect with Juliette on LinkedIn