On July 23, 2021, the US Department of the Treasury’s Office of Foreign Assets Control announced a $1.4 million settlement with Payoneer Inc., a New York-based online money transfers and digital payment services provider, to resolve the company’s potential civil liability for 2,260 apparent violations of multiple US sanctions programs. Between 2014 and 2018, Payoneer allegedly processed more than $800,000 worth of transactions for parties located in Iran, Sudan, Syria and the Crimea region of Ukraine who were subject to OFAC-administered sanctions, as well as 19 payments for parties on OFAC’s List of Specially Designated Nationals and Blocked Persons (SDN List). In determining the settlement amount, OFAC considered both Payoneer’s voluntary disclosure of the 19 payments processed for parties on the SDN List, and the company’s failure to voluntarily disclose the other 2,241 apparent violations. OFAC deemed the transactions processed by Payoneer to be non-egregious.
During most of the relevant period, Payoneer’s compliance policies and procedures prohibited transactions involving parties in sanctioned locations; the apparent violations resulted from compliance control deficiencies, including: weak algorithms that failed to filter out SDN List entries; failure to screen for Business Identifier Codes; failure to monitor IP addresses or flag physical addresses of sanctioned locations, and; the use of screening software that automatically released flagged and pending payments during backlog periods. According to the documents, Payoneer promptly undertook remedial measures once it discovered the deficiencies, replacing its Chief Compliance Officer, retraining and hiring new compliance employees, and enhancing its screening software to address the identified compliance failures. In addition, the company has committed to the continued adherence to its compliance obligations.