Further support this week for the view that compliance programs need to be suitably resourced and live within a supportive culture to be effective. Toll Holdings agreed to pay more than $6 million to settle claims of US sanctions violations. OFAC identified almost 3,000 potential violations over a six year period with a value of approximately $48 million. This, despite the fact that Toll had a sanctions compliance policy.
Unfortunately, Toll’s compliance program, personnel and controls failed to keep pace with the complexity of its growing business in the Asia Pacific region. But there were also cultural red flags. When one of Toll’s banks restricted use of a US dollar account after identifying a US dollar transaction involving Syria, the reaction was the very opposite of what you would expect from a supportive compliance culture or employees that “get it”: a Toll treasury employee emailed employees instructing them to avoid including the names of sanctioned jurisdictions on invoices going forward. Warnings from a US bank about potential sanctions violations continued but did not lead to immediate or adequate steps to address the issue.
For these and other reasons, OFAC concluded that Toll “acted with reckless disregard for US economic sanctions laws” and that it “…knew or had reason to know of the apparent violations”. Ultimately, Toll did self disclose to OFAC and took extensive actions to remedy its compliance gaps and this helped to mitigate the outcome.
The settlement is a crystal clear message to any executive who thinks that having a policy in place is enough to defend an organization against potential sanctions violations or against misconduct in general. Smart organizations support a well resourced compliance team charged with facilitating the development and maintenance of a compliance culture designed to protect the organization and its employees.
Comments