Corruption Crime & Compliance

Bank of America joins the infamous club of consumer abusers in the banking industry, despite the alarm bells set off by the notorious Wells Fargo case. On this week's episode of Corruption, Crime and Compliance, host Michael Volkov explores the shocking details of Bank of America's recent $250 million settlement for account fraud and abuse with the Consumer Financial Protection Bureau (CFPB) and the Office of the Comptroller of the Currency (OCC). This episode shines a light on corporate complacency, the inherent risk of ill-conceived sales incentives, and the importance of internal risk assessment in the wake of industry scandals.You’ll hear Michael discuss:The fraudulent practices perpetrated by Bank of America, compared to the infamous Wells Fargo scandal. He examines the similarities in the unethical practices and failure to adhere to consumer protection laws, and the recurring patterns in the banking industry's consumer abuse cases.The pitfalls of sales incentives structures, particularly when they lack appropriate checks and balances. Mike elaborates on how ill-considered incentives can encourage misconduct among salespeople.The enforcement actions brought by the CFPB and OCC against Bank of America: fines amounted to $250 million—$190 million for consumer harms and penalties to the CFPB and $60 million in penalties to the OCC.Unscrupulous methods adopted by Bank of America employees to reach their sales targets included illegally applying for and opening credit card accounts and charging customers multiple overdraft fees for the same transactions, significantly hurting consumers financially.Michael dissects the bank's promotional tactics, particularly the false advertising of special offers and the denial of sign-up bonuses due to inherent failures in their business systems. He discusses the negative impact of these practices on customers and the bank's reputation.Highlighting the current stringent regulatory environment, Michael stresses the need for organizations, especially banks, to maintain stringent internal audits and compliance measures. Based on the recent enforcement actions, Michael makes informed predictions about potential regulatory actions against Bank of America and discusses the bank's responsibilities moving forward.KEY QUOTES:"You would think that Wells Fargo's case would have sent alarm bells throughout Bank of America to take a look at their own sales practices to make sure they don't suffer from the same type of abuse of conduct. And what's clear is Bank of America just kept its head down, blinders on, and then developed their own problem." - Michael Volkov"Bank of America employees illegally applied for and then enrolled customers in credit card accounts in order to reach sales incentive goals." - Michael Volkov"This is a tough regulatory environment, and you would think Bank of America would try to address that through some kind of mitigation and sort of risk analysis and conducting audits to make sure that they don't run into future abuses and practices like this." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

In today’s world data is the new gold, and protecting it has become imperative for businesses worldwide. On this week's episode of Corruption, Crime and Compliance, Michael Volkov navigates the cybersecurity landscape, unpacking the key threats haunting businesses and the elements of a robust cybersecurity compliance program. He underscores the importance of proactively managing these digital threats, to ensure your business remains protected. You’ll hear him discuss:The growing partnership between compliance and cybersecurity is a rapidly emerging issue in compliance, affecting companies and their risk management strategies. Cyber threats are not only external but also internal, resulting from employee behavior and cybersecurity hygiene.Chief Information Security Officers (CISOs) are increasingly collaborating with Chief Compliance Officers (CCOs), leveraging the latter's expertise in governance, risk management, and training. This collaboration enables better education and training for employees on cybersecurity risks and the importance of good cybersecurity hygiene.Approximately 50% of cyber or data breaches are the result of internal actors, either intentionally or through negligence. Thus, CCOs can play a crucial role in designing controls, conducting training, and monitoring employee behavior to mitigate such risks.Major cybersecurity risks today include ransomware, cloud security, work from home security, phishing schemes, supply chain security, and identity and access management (IAM). The rise of cyber threats: The digital landscape is rife with cybersecurity threats, including insider threats, DoS and DDoS attacks, AI and machine learning attacks, and cyber espionage.Organizations need to be vigilant against disgruntled employees with access privileges who could intentionally or unintentionally harm systems. This emphasizes the need for robust access controls, regular monitoring, and comprehensive employee training.While AI and machine learning can enhance cyber defenses, they can also be weaponized by cybercriminals to automate and scale their attacks. A robust cybersecurity compliance program is necessary to protect a company's IT infrastructure and includes:Application Security: Familiarity with cloud security policies and the implementation of multifactor controls and administration privileges can help strengthen application security.Information Security: Companies must adhere to strict security standards and employ encryption among other strategies to protect data from possible breaches.Disaster Recovery Planning: This requires implementing backup and recovery systems, incident response drills, and endpoint protections.Network Security: Most companies use firewalls to monitor traffic for cyber threats and attacks. Companies must also secure their wireless networks and ensure that remote connections are encrypted.End User Security: Since hackers often gain unauthorized access through endpoints, companies must ensure that devices are updated with security programs and antivirus applications.Operational Security: This involves identifying any potential vulnerabilities that could be exploited by a hacker.Given the prevalence of phishing attacks and insider threats, cyber training for employees is of paramount importance for an organization's cybersecurity.KEY QUOTE:“In the end, cybersecurity fails when there's a lack of adequate controls and security readiness, and companies have to make smart strategic decisions when developing their controls and cybersecurity protections; and always focus on the human element, common mistakes, effectiveness of controls and vulnerabilities to hacker strategies to exploit any weaknesses.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Dare we imagine a world where companies are driven by their compliance obligations as much as they are by their financial performance? In a progressively interconnected and fast-paced digital world, compliance matters more than ever. Non-compliance can swiftly result in reputational damage, punitive fines, and compromised stakeholder trust. As such, more organizations are beginning to embrace the importance of having mature, robust compliance programs. This episode of Corruption, Crime, and Compliance with Michael Volkov dives into NAVEX's 2023 State of Risk and Compliance report. The report delivers a comprehensive overview of the global compliance landscape and sheds light on critical trends that are reshaping the field. You’ll hear him discuss:We've seen a substantial increase in organizations with mature compliance programs - 53% in 2023, compared to 38% in 2022. This is a testament to organizations worldwide waking up to the importance of compliance in their everyday operations.The power of leadership: robust leadership support is crucial when it comes to fostering a thriving compliance program. Strong board and executive-level engagement have proven instrumental in driving these changes.As the world becomes more digitized, cybersecurity threats have increased exponentially. Consequently, cybersecurity has skyrocketed to the top of compliance concerns, indicating how cyber threats and breaches have a far-reaching impact on organizations.Compliance and information security professionals are coming together like never before. This internal partnership proves crucial in managing cybersecurity risks and ensuring the safety of organizational data.The NAVEX report identified five high-stake risks that organizations should keep on their radar: cybersecurity, regulatory compliance, harassment and discrimination, anti-bribery and corruption, and diversity, equity, and inclusion. Addressing these will require diligence and strategic planning.There has been a decline in middle management's commitment to compliance compared to 2022. This dip stresses the need for targeted interventions to maintain the integrity of the compliance culture.From HR to IT, effective compliance necessitates collaboration across all levels and departments.With growing compliance demands, organizations are realizing the importance of purpose-built solutions. These platforms help manage third-party risks, policy management, and provide ethics and compliance training, making them indispensable in the modern compliance toolkit.KEY QUOTES:“So 53% stated that their organization had a mature compliance program and risk management program and that was compared to only 38% in 2022. Now that to me is a really welcome sign.” - Michael Volkov“I think perhaps the most significant finding in this area to me was that in recognition of the rising threat level from cybersecurity attacks, ransomware, data privacy ethics and compliance professionals are forging new and lasting internal partnerships with information security professionals.” - Michael Vokov“Three quarters of respondents reported that senior leaders encourage compliance in the organization, and nearly as many report that senior leaders demonstrate their commitment to compliance to employees. So it's not just words, but it's words and actions. However, there was one troubling concern, and that was with respect to middle management. …So NAVEX reported a lower commitment compared to the 2022 report with regard to middle management commitment to compliance.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law GroupNAVEX State of Risk and Compliance Report

In this eye-opening episode of Corruption, Crime and Compliance, Michael Volkov takes a deep dive into the world of healthcare compliance and fraud. He explores the history, the transformation, and the unique challenges of healthcare compliance. He also sheds light on the alarming rate of fraud in the healthcare industry and the efforts to combat it.You’ll hear him discuss:Compliance in healthcare traces back to the 1990s. Its rise is largely due to aggressive federal enforcement programs and increasing regulation.Four significant trends in healthcare compliance include: Rising consumer demand, escalating prices, and increasing regulation during the era of HMO controversies.The DOJ's use of criminal tools and prosecutions to combat healthcare fraud and circumvent government regulations.The growing importance of the False Claims Act as an enforcement tool.The establishment of a robust regulatory enforcement regime through the Center for Medicare Services and the HHS-OIG.As the healthcare industry comes increasingly under federal government regulation and control, the risks of healthcare fraud are escalating. Despite the development of proactive compliance programs, the industry struggles to keep pace with the level of fraud, waste, and abuse.Beyond the traditional elements of compliance programs, the healthcare industry faces unique challenges. These include managing interactions with physicians, ensuring data privacy, avoiding the employment of ineligible persons, and navigating the complexities of billing, coding, and overpayments.The False Claims Act poses a significant risk for healthcare providers, with nearly 99% of all cases each year immediately settled. The Act has been applied beyond billing and reimbursement issues to include false representations incorporated into a product or a drug.The DOJ regularly conducts nationwide crackdowns on healthcare fraud, arresting numerous defendants involved in healthcare fraud and opioid abuse schemes. A growing area of concern is telemedicine fraud, which has seen a surge with the rise of remote work during the pandemic.KEY QUOTES:“Healthcare is becoming increasingly under federal government regulation and control. And as this occurs, the federal health care risks of fraud are going to be increasing significantly. Private insurance companies are also experiencing continuous growth of fraud and the healthcare industry is really developing proactive compliance programs, but they struggle to keep up with the level of fraud, waste and abuse that they sort of have to pursue.” - Michael Volkov“…one of the most significant risk areas is physician interactions.” - Michael Vokov“Nearly 99% of all False Claims Act cases each year where the government decides to intervene are immediately settled.” - Michael VolkovResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

The complex relationship between digital currencies and global financial regulations is highlighted yet again with the SEC’s recent crack down on major crypto exchanges Binance and Coinbase. Michael Volkov welcomes Matt Stankiewicz, also known as Crypto Max, to share his insight on these ongoing cases. He discusses the implications these enforcement actions might have on the industry, the securities law-related legal issues, and the internal mechanics of these exchanges.Matt Stankiewicz is a Managing Counsel at The Volkov Law Group. His expertise includes financial regulation and compliance, with a focus on securities, anti-money laundering (AML), and cryptocurrency regulation. Given his professional background and interest in crypto regulations, he is a frequent speaker on legal matters concerning cryptocurrency exchanges and the SEC.You’ll hear Michael and Matt discuss:The SEC's enforcement actions hinge on their assertion that Binance was serving US customers without the proper registration, thereby violating securities laws. They allege that Binance knowingly allowed and even encouraged US customers to utilize their offshore platform, enhancing their profits and trading volumes but breaching US regulations in the process.Rather than directly challenging the status of specific tokens, the SEC is targeting exchanges like Binance and Coinbase. By regulating these exchanges, the SEC could effectively control the access points to the crypto industry, thus having a broader impact.Binance is preparing for a legal fight with the SEC over these compliance issues, including allegations of wash trading to artificially inflate trading volume. The platform's potential troubles are linked to similar issues faced by FTX and their trading arm, Alimator Research.Given the recent pattern of the SEC bringing complaints without the DOJ pursuing criminal cases, it’s unlikely that the DOJ will bring a criminal case against Binance. Coinbase's IPO was approved by the SEC despite allegations that the company had engaged in illegal activities related to the trading of unregistered securities. The SEC argues that the approval of an IPO doesn't guarantee the legality of the company's underlying operations, but this could be seen as contradictory to the SEC's stated role of protecting investors.Coinbase, in attempting to comply with securities regulations and being continuously rebuffed by the SEC, is the most compliant cryptocurrency exchange. However, should the SEC crack down on Coinbase and other major U.S. exchanges, it could push investors to offshore exchanges where the SEC has limited jurisdiction and where there is a higher risk of fraud. KEY QUOTES“The SEC is taking obvious actions to show that they are very aggressive in their enforcement actions.” - Matt Stankiewicz“This is a perfect reminder for everyone listening, whether you're into crypto or not. If you are working internally with your email or you're in [a] corporate chat, that can all be discoverable in future litigation. And you need to be careful what you say.” - Matt Staniewicz“It is a very poor look in the court of public opinion for the SEC to stand on the ground of saying, ‘We are here to protect investors,’ but [avoid] stopping this before investors have a chance to throw all their money in that IPO.” - Matt StankiewiczResourcesMatt Stankiewicz on LinkedIn

Unprecedented changes are imminent in sanctions and export control enforcement, as the U.S. government amplifies its focus on national security and corporate compliance. On this episode of Corruption, Crime and Compliance, Michael Volkov discusses the potential consequences of these developments. He dissects the “new FCPA”, the Department of Justice’s (DOJ) strategic approach, the critical role of sanctions and export control enforcement, and the intricacies of voluntary disclosure programs.You’ll hear Michael talk about:A significant shift is occurring in the DOJ's enforcement focus, with 75% of criminal cases against corporations now related to national security matters, including sanctions enforcement, money laundering, and terrorism.The DOJ will collaborate with OFAC and BIS in a similar manner to the relationship between the DOJ and the SEC during FCPA enforcement.Corporate resolutions are set to increase drastically, with steep penalties, deferred prosecution agreements, guilty pleas, and a surge in individual prosecutions. Heightened compliance expectations around export controls and sanctions compliance will necessitate a ramp-up of relevant compliance programs.The enforcement actions will serve as guidance, similar to the initial stages of FCPA enforcement, providing cues about the DOJ's view on compliance and their expectations from compliance programs.The DOJ plans to ramp up enforcement against global banks, investing heavily in the Bank Integrity Unit which is part of the anti money laundering operations for global banks, and sanctions enforcement.The DOJ has forewarned corporations about the enforcement emphasis on sanctions and export controls. DOJ has ongoing investigations in various sectors including transportation, fintech, banking, defense, and agriculture.Voluntary disclosure programs, such as those from OFAC and the National Security Division, play a significant role in mitigating enforcement actions. However, choosing between OFAC and DOJ disclosure can present a nuanced dilemma for corporations, hinging on whether a violation is willful. The number of voluntary disclosures involving both is expected to increase as corporate enforcement actions rise.The case against British American Tobacco by DOJ and OFAC for illegal sales of cigarettes to North Korea, resulted in a combined penalty of $629M. This is a significant instance of enforcement action against a non-financial institution.The Bureau of Industry and Security (BIS) and the Department of Commerce brought a case against Seagate Technology, resulting in a $300 million settlement. The DOJ seems to be investigating this matter further due to Seagate's blatant violations.A case against Murad, a cosmetics company, was brought by OFAC for Iran sanctions violations worth approximately $11 million. Murad ended up paying a $3.3M fine. Murad's actions highlight the importance of sanctions compliance guidance and the significance of due diligence, especially during acquisition processes.OFAC's enforcement action against Murad also emphasized the importance of having a local compliance structure when a foreign parent company is involved. OFAC also stressed on the importance of pre- and post- acquisition due diligence and audits when acquiring companies. The failure to perform such activities may lead to unidentified sanctions issues, as illustrated in the Murad-Unilever case.We may see larger fines against non-financial institutions in the near future, surpassing the current record of $508 million, indicating an uptick in enforcement actions.KEY QUOTE:"OFAC announced a separate civil settlement for $508M, which is the largest fine against a non-financial institution in OFAC's history. And that's what we're going to be seeing. Largest fines against the non-financial institution will eclipse $508M probably in the next couple of years." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

“This [Murad OFAC] enforcement action reflects the fact that OFAC, in recognition of the increasing seriousness of sanctions enforcement, is taking more time to provide guidance through some of their enforcement actions,” Michael Volkov tells listeners. In this episode of Corruption, Crime and Compliance, Michael unpacks the recent enforcement action by OFAC against California-based cosmetics company, Murad. He offers detailed insight into the case, going beyond the headlines and examining the underlying issues that led to the violations, and drawing out key compliance lessons.You’ll hear Michael talk about:The Murad enforcement action is significant because it highlights OFAC's increasing focus on sanctions enforcement and the need for global sanctions compliance organizations to have strong local oversight.Over an eight-year period, Murad illegally exported goods and services to Iran in 62 transactions worth approximately $11 million. The company and a former senior executive were penalized, paying $3.3 million and $175,000 respectively.OFAC acknowledged Murad's voluntary disclosure of the conduct but still categorized the violations as egregious.The conspiracy involved an exclusive agreement to sell Murad's products in the Middle East, including Iran, and continued even after Murad's acquisition by Unilever.The key compliance deficiencies cited by OFAC: These include absence of a specific sanctions compliance program, participation of high-level executives in illegal conduct, and lack of understanding of OFAC sanctions by staff based in the United Kingdom.OFAC emphasizes the need for senior management to commit to a culture of compliance and advises against placing a U.S. entity under the compliance structure of a non-U.S. entity that may lack familiarity with U.S. sanctions.Unilever's failure to uncover Murad's ongoing contracts with Iran demonstrates the need for robust due diligence and integration processes during acquisitions.KEY QUOTES:“OFAC specifically cited that, ‘In some circumstances, placement of a US entity under the compliance structure of a non-US entity that may lack familiarity with US sanctions could prevent prompt identification of and response to potentially prohibited conduct’. In other words, you have to have local boots on the ground, you have to have sanctions expertise in your US operations even though you're owned by a foreign global company." - Michael Volkov"It's important to have people dedicated to the OFAC sanctions compliance process and to make sure that expertise is available to the business within the United States." - Michael Volkov"To this end, OFAC stated that senior executives with managerial responsibilities should take particular care to ensure awareness of applicable prohibitions and refrain themselves from engaging in sanctions violations. " - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Koninklijke Philips manipulated tender processes for medical imaging equipment in China, which resulted in a substantial $62 million fine. On the other hand, Frank's International paid an $8 million settlement for its FCPA violations in Angola, involving questionable commissions to a sales agent. These two cases serve as potent reminders of the risks and challenges that global companies encounter in today's globalized economy, especially when dealing with high-risk countries such as China and Angola. They underline the need for robust ethics and compliance programs, vigilance against bribery and corruption, and strict adherence to local and international laws. In this episode of Corruption, Crime and Compliance, Michael Volkov uncovers the details of these cases that underline the risks and challenges faced by global companies in the contemporary economy.You’ll hear Michael talk about:Koninklijke Philips, a Dutch multinational corporation, was penalized with a $62 million fine for contriving multiple schemes to manipulate tender processes for medical imaging equipment in China.These schemes included strategies like the manipulation of technical specifications, creation of counterfeit bids, and direct payments to state-owned hospital officials in China to restrict competition.Frank's International, an oil and gas company, paid an $8 million settlement for FCPA violations in Angola. The company had been paying commissions to a sales agent in Angola, knowing there was a high likelihood that these funds would be used to bribe government officials.Frank's International exhibited a lack of adequate internal accounting controls during this time period. This oversight permitted corrupt practices to proceed undetected.Angola requires international companies to engage with local businesses. In Frank's case, this was used as a cover to facilitate bribery payments.Frank's International was informed by a senior Sonangola executive that a restriction against them could be lifted if Frank's established a separate consulting company benefiting a high-ranking Sonangola official and offered 5% of the contract value to this company.The cases highlight how crucial it is for companies operating in high-risk countries, such as Angola and China, to have comprehensive ethics and compliance programs in place.These programs must be able to detect and prevent bribery schemes, manipulation of tender processes, and similar malpractices.The financial records of these companies must accurately represent all transactions and should be reviewed regularly to detect and rectify discrepancies.Companies should maintain a cooperative attitude with regulatory authorities, report potential violations, and take remedial actions for any identified issues.KEY QUOTES: "Koninklijke Philips played a dangerous game manipulating tender processes in China. The $62 million fine they paid is a stark reminder of the consequences." - Michael Volkov"Frank's International's $8 million settlement is a potent example of what can happen when companies ignore the necessity of robust internal accounting controls." - Michael Volkov "Operating in high-risk countries demands more than just good business sense. It requires stringent ethics and compliance programs to prevent disastrous legal and economic consequences." - Michael Volkov Resources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Is your business prepared to effectively manage and mitigate the risks associated with sanctions compliance in today's global economic landscape? In today's increasingly interconnected global economy, sanctions compliance is more critical than ever. Companies around the world face complex regulatory environments and unprecedented risks, requiring a comprehensive and proactive approach to sanctions compliance. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the pressing need to elevate corporate sanctions compliance programs, as well as the renewed focus on enforcement by the Department of Justice, and the practical steps every company must take to meet these evolving challenges head-on.You’ll hear Michael talk about:Companies must enhance their sanctions compliance programs. Basic programs that simply rely on screening tools are no longer sufficient. Companies need to incorporate comprehensive measures to ensure compliance with evolving sanctions laws.The Department of Justice (DOJ) has escalated the enforcement of national security crimes, demonstrating a renewed focus on sanctions compliance. This shift necessitates a proactive response from companies to mitigate potential risks.The OFAC has outlined five crucial elements for an effective sanctions compliance program: management commitment, risk assessment, internal controls, testing and audit, and training. Companies should familiarize themselves with these elements and incorporate them into their existing compliance programs.Risk assessment is a crucial first step in compliance. Companies must review their operations holistically, assessing all touchpoints with international markets to identify potential vulnerabilities and risks.Geoblocking technology is a valuable tool in sanctions compliance. Working with IT departments to develop comprehensive geoblocking capabilities can help prevent interactions with prohibited individuals or entities.Thorough screening and due diligence processes are imperative, moving beyond just the results of screening tools. This ensures that companies identify and mitigate potential risks associated with sanctioned entities or countries.Companies must implement effective escalation controls to ensure that any red flags identified through screening or due diligence are properly addressed and resolved.End-user verifications and documentation are critical components of a robust sanctions compliance program. These procedures help ensure that the company's products or services are not being used by sanctioned entities.Annual training for employees and personnel is essential. Tailoring this training to the company's specific risk profile ensures that all staff understand their responsibilities and the potential risks associated with non-compliance.KEY QUOTES:"Your company's survival may depend on your ability to navigate sanctions compliance in an increasingly complex global economy." - Michael Volkov"It's not just about checking boxes. We have to understand our touchpoints to the international markets and assess the potential risks. That's the foundation of an effective compliance program." - Michael Volkov"Training isn't a one-and-done task. It's an ongoing commitment to ensure our personnel understand and can navigate the complex world of sanctions compliance." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law Group

Cryptocurrency has become a popular way to invest and transact, but with that comes the need for sanctions compliance. In this episode, Michael Volkov and Matt Stankiewicz discuss the recent enforcement actions against Poloniex, Bittrex, and Kraken for violating US sanctions regulations with cryptocurrency transactions. Matt is a Partner at Volkov Law and a leading cryptocurrency expert. He and Michael dive into the common themes and basic failures that led to these enforcement actions, including IP blocking, transaction monitoring, and the use of screening tools. They also explore the challenges of compliance when dealing with regions like Crimea and Ukraine, as well as the importance of voluntary disclosure.You’ll hear Michael and Matt talk about:Cryptocurrency companies are struggling to implement KYC and geo-blocking controls, which is leading to violations involving sanctioned jurisdictions.OFAC is taking an aggressive stance against cryptocurrency companies. Companies in the cryptocurrency industry need to implement effective sanctions compliance programs to avoid hefty fines and enforcement actions from regulatory authorities.There is no materiality requirement for sanctions violations, and even small transactions can result in multimillion-dollar fines.Retroactively applying controls to existing customers is important, and failing to do so can lead to violations.Companies need to have a comprehensive and automated system in place to detect and prevent violations.Companies need to be vigilant about screening individuals and transactions against the relevant sanctions lists, including screening field text, addresses, and ID cards.Geo-blocking for IP addresses is a crucial compliance control, but it is not perfect and can be circumvented by VPNs.Voluntary disclosure of violations can lead to more favorable outcomes and lower fines from regulatory authorities.OFAC and other regulatory authorities are using analytical tools to monitor transactions and flag potential violations, so cryptocurrency companies should not assume they can go under the radar.Companies can use the public blockchain to monitor transactions and identify potential sanctions risks.Sanctions compliance programs should be regularly reviewed and updated to address new risks and changes in regulations.KEY QUOTES"There are a lot of tools available to these companies to monitor transactions, maybe better than in the traditional finance world, just because everything on the blockchain is public record essentially." - Matt Stankiewicz"It's just interesting to see OFAC go so aggressively against these companies. Not too surprising considering the extreme sanctions risk that cryptocurrency poses. Very importantly, there's still a lot of takeaways that really any industry can take away from these enforcement actions." - Matt Stankiewicz"If you find problems, obviously you want to remediate them, but figure out what you need to do in terms of voluntary disclosures, because typically you'll be much better off than if OFAC figures it out on their own, which they usually do." - Matt StankiewiczResources:Matt Stankiewicz on LinkedIn | Twitter Michael Volkov on LinkedIn | TwitterThe Volkov Law Group