On 5 August 2021, HM Treasury's Office of Financial Sanctions Implementation (OFSI) announced the imposition of a £50,000 civil monetary penalty against TransferGo Limited (TransferGo), a FinTech company, for multiple breaches of EU sanctions relating to Ukraine that were in force in the UK prior to Brexit. This is OFSI’s fifth civil monetary penalty to date and may reflect a growing sanctions enforcement focus beyond “traditional financial institutions” – both in the United Kingdom and the United States – to FinTech companies and payment services providers.
In March 2014, the European Union (including the UK) imposed restrictive measures against certain persons responsible for actions which undermine or threaten the territorial integrity, sovereignty and independence of Ukraine under Council Regulation (EU) No 269/2014 (the EU Regulation). On 30 July 2014, the Russian National Commercial Bank (RNCB) was designated as an EU asset freeze target under the EU Regulation.
According to OFSI’s penalty notice1, between 20 March 2018 and 18 December 2019, TransferGo issued instructions on 16 occasions to make payments on behalf of non-sanctioned clients to accounts held at RNCB by non-sanctioned beneficiaries. In so doing, TransferGo made funds available to RNCB in contravention of the asset freeze restrictions. The relevant payments were worth a total value of £7,764.77.
OFSI determined that TransferGo knew or had reasonable cause to suspect that these payments were in breach of financial sanctions and stated in its penalty notice that TransferGo made an error in its assessment of the payments at issue. TransferGo knew that it was transferring funds to a sanctioned entity, but mistakenly believed that the payments were not prohibited because the relevant clients and beneficiaries were not themselves sanctioned.
In its penalty notice, OFSI noted that TransferGo did not voluntarily disclose the transactions at issue despite it being a “relevant institution” required to inform OFSI as soon as practicable that it had become aware of a designated person.2 Had it done so, OFSI stated that TransferGo could have received a discount of up to 50% of the baseline penalty amount. This suggests that OFSI did not regard the breach as “most serious”, which would only attract a 30% discount, even though TransferGo was FCA-regulated, knowingly made a payment directly to a sanctioned entity and appeared to make a basic error in its assessment of the payments to RNCB. OFSI also stated in its notice that TransferGo demonstrated a “poor understanding” of financial sanctions throughout its engagement with OFSI.
1. This case indicates a growing sanctions enforcement focus on non-traditional financial services providers.
This enforcement action is interesting given the apparent focus of the US Office of Foreign Assets Controls (OFAC) on non-traditional financial services in 2021. In particular, this year OFAC has already imposed civil penalties against three payment services companies3. In this case, TransferGo is a FinTech company regulated by the Financial Conduct Authority that enables customers to send payments to other individuals in other countries outside the UK. Furthermore, OFSI’s penalty notice states that financial sanctions do not merely apply to “traditional financial institutions”. This may reflect OFSI’s experience of a general lack of understanding around sanctions in the FinTech sector, where non-traditional financial services providers may lack the more sophisticated knowledge and compliance infrastructure of traditional corporate and retail banks.
2. For the first time, the Ministerial review process did not result in a penalty reduction.
As with the companies subject to OFSI’s two most recent civil monetary penalties4, TransferGo exercised its right to Ministerial review. In the two previous cases, the monetary penalties imposed by OFSI were reduced following Ministerial review – by around 33% and 52% respectively. In this case, for the first time, the Minister upheld OFSI’s decision both to impose the penalty and the amount of the penalty, despite the fact that TransferGo “fully cooperated” with OFSI’s investigation. This likely reflects the fact that the circumstances of the case were relatively straightforward and (it appears) there was little basis on which to argue the penalty should be reduced.
3. The case reinforces the importance of screening the banks involved in as well as counterparties to a transaction.
In its penalty notice, OFSI stated that the transfer of funds held by non-designated persons with designated banks is a breach of the prohibition on making funds available to a designated person if the person knew, or had reasonable cause to suspect, it was doing so. This is not surprising from a legal perspective. OFSI also expressly stated that is considers funds transferred into a bank account held by another bank to “ultimately belong to [that] bank.” From a compliance perspective, this case serves as a helpful reminder for all companies that, when screening transactions, it is important to screen the banks involved in a transaction as well as the counterparties.
1 Imposition of Monetary Penalty – TransferGo Limited, OFSI, 5 August 2021, available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1008859/050821_-_TransferGo_Penalty_Report.pdf
2 See Section 5, General guidance for financial sanctions under the Sanctions and Anti-Money Laundering Act 2018, OFSI, December 2020, available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/961516/General_Guidance_-_UK_Financial_Sanctions.pdf
3 U.S. Department of the Treasury, 2021 Enforcement Information, available at: https://home.treasury.gov/policy-issues/financial-sanctions/civil-penalties-and-enforcement-information
4 See (1) OFSI announces £20.47 million penalty in first major sanctions enforcement action; see also (2) Telia penalised for UK sanctions violations: More insight into OFSI's direction of travel