- It is only by conducting extensive due diligence that the risks posed by parties to a trade can be understood;
- However, several authorities maintain lists of entities known to be of concern which must be taken into account. These are produced at United Nations (UN), National (including European Union (EU)), and non-governmental levels;
- UN sanctions are binding on firms based in all countries, while national (or EU) lists are typically only binding to firms based within the relevant territory;
- US measures often have an extraterritorial element, meaning that conducting business with US-sanctioned entities can have adverse business impacts for a firm even if based outside the US;
- Companies should implement screening and due diligence systems to ensure that all entity-specific concerns are identified, understood, and addressed before entering business relationships.
What is an entity of concern?
Entities are typically identified as being of concern for one of three main reasons:
1) They are involved in activities of concern – i.e. they have been designated as a terrorist organisation, they directly support or operate a Weapons of Mass Destruction programme in a country of concern, or they oversee an activity of concern (this can include individuals with responsibility for Iran’s nuclear programme, for example).
2) They work on behalf of entities of concern, in capacities including procurement agents, brokers and financial service providers.
3) They potentially supply programmes of concern, often by failing to implement appropriate trade compliance systems.
Note that not all entities of concern can be found on the various lists; firms should conduct due diligence to fully mitigate risk.
Where are entities of concern located?
This depends on the category of entity of concern. Those directly involved in programmes of concern are usually found only in sensitive countries (see country briefs), whereas middle men and suppliers to programmes of concern can be located anywhere around the world. The image below is a map highlighting the entities identified as being of concern by the US government in summer 2012.
What are firms’ responsibilities?
While legal responsibilities vary from country to country, the short answer is that firms must comply with the laws of the territories in which they operate. This means that if your national authority maintains a list of entities of concern you must ensure that you have a system in place to screen customers. In cases where national authorities do not provide national lists, firms should be screening potential business partners against the lists contained in UN resolutions.
How can firms avoid conducting business with entities of concern?
In practice, as US designations name firms worldwide, to ensure that you stay compliant with US extraterritorial measures, firms should maintain a designated entity screening system for trade to all destinations. A screening system or process which screens new and existing customers and other business partners against multiple relevant national and international lists is necessary to mitigate legal and reputational risk.
Nonetheless, while legally it may be permitted to do business with entities identified as being of proliferation concern outside jurisdictions in which the firms operate, there is an obvious need for caution: such trade is can lead to massive reputational risk and damage a firm’s public image.
Therefore, an effective screening system is one which screens against the relevant lists required for legal compliance, as well as takes into account possible reputational risks. An efficient system is one which effectively uses fuzzy logic to pick up matches whilst keeping a ‘false-positive’ figure low.