As part of due diligence, you should always check certain foundational items to make sure that you're doing business with a legitimate third party. One often overlooked opportunity is to do an OFAC check on the ownership and/or executive leadership team of the third parties.
OFAC is simply the Office of Foreign Assets Control within the Treasury Department and they maintain a list of individuals and entities with whom you cannot do business.
Checking this list is not only a good idea, it's pretty much a regulatory requirement. We believe that this requirement will be getting even more attention in the very near future as the Financial Crimes Enforcement Network (FinCEN) has issued sweeping new guidelines on Enhanced Customer Due Diligence.
Yes, while that is customer, not vendor due diligence, we've heard that there is a threshold argument that you should know at least as much about a business with whom you're planning to have a working relationship as you do an average customer's transactional account that could be closed at any time. You can referenced the FAQs regarding the Enhanced Customer Due Diligence guidelines here.
An OFAC check is particularly important in the case that the ownership team is outside the United States or if the third party services are being done outside the US. This tends to be the case for many call centers, IT support companies and data storage providers.
Conducting the OFAC is intuitive and there’s a few ways you can perform it:
Doing the above can help make sure you're aware if dealing with a prohibited person or perhaps a government affiliated entity in a foreign country.
Believe me, though it seems like a bit of effort to make sure you're doing maintaining your OFAC screens, it's well worth it to stay inside the law and to make sure you're not impacting your business operations or reputational risk by ending up in the press for doing business with a prohibited individual or entity.
Don't forget about the other key items to request during vendor due diligence - download our guide.