On the 25th of March 2015 PayPal agreed a $7.7m (£5.1m) settlement with U.S officials due to a breach of OFAC sanction regulation. For several years, up until April 2013, PayPal had been allowing users of their service to channel funds to sanctioned countries including Iran, Cuba and Sudan. Below are 4 points that we can learn from PayPal’s recent sanction violations.
Screening international sanctions lists matters
The most damning feature of PayPal’s KYC failings are transactions involving the sanctioned individual Kursad Zafer Cire. Kursad Zafer Cire was sanctioned in 2009 due to his ties with Abdul Qadeer Khaan, a Pakistani scientist who is alleged to have aided in the development of nuclear weapons in Iran Libya and North Korea. Consequently, due to their carelessness, PayPal could have inadvertently contributed to the development and utilization of weapons of mass destruction.
PayPal did not disregard OFAC, they just lacked the proper infrastructure
- Up until April 2013 PayPal did not have a technological solution to scan payments in real time. Consequently, a delay in payment scanning ensued and payments that would have normally been blocked were processed
- 486 transactions with approximately $44,000 in value had been sent to entities on a US blacklist
- A statement offered by PayPal that “we’ve taken additional steps to support compliance with OFAC regulations with the introduction of real-time scanning of payments and improved processes”.
The three bullet points above show that PayPal lacked the process with which to handle their sanctions screening. If robust screening software had been employed the first two points would have been completely avoided.
Compliance procedures need to look beyond OFAC
Many of the news sources that have assessed the PayPal story have solely emphasised the lack of OFAC screening. However, any reliable technology solution will enable users to screen against all global sanction lists, a global PEP database and global adverse media. As such, users will enhance their compliance procedures by screening databases composed of millions of entities as opposed to the 3,010 OFAC SDN entities.
By extending screening beyond OFAC, a company will reduce their risk of facilitating various facets of financial crime including: corruption, money laundering and terror financing.
Having a screening solution in place is cost effective
Even the most expensive automated screening solutions offered by of third parties, would have saved PayPal millions of dollars. In addition, the effort and time taken to implement precautions is minimal. For instance, if PayPal were to use europos’s automated solution all transactions would have been automatically checked against our global database and an instant result would have been delivered.