US OFAC Sanctions Program
The Office of Foreign Assets Control administers the world's most far-reaching economic sanctions regime -- with extraterritorial secondary sanctions, strict liability, and penalties reaching into the billions. Every company touching the US financial system must comply.
The Office of Foreign Assets Control (OFAC) is a division of the US Department of the Treasury that administers and enforces economic sanctions against targeted countries, individuals, and entities. Unlike most national sanctions authorities, OFAC operates on a strict liability basis -- meaning a company can be penalised for a sanctions violation even without knowledge or intent. Any transaction that touches the US financial system, uses US dollars, or involves a US person is within OFAC's jurisdiction.
OFAC maintains more than 35 active sanctions programmes, ranging from comprehensive embargoes against countries like Iran, Cuba, North Korea, and Syria to targeted list-based designations against individuals, entities, and vessels worldwide. The centrepiece is the Specially Designated Nationals (SDN) List, which contains over 15,000 entries that all US persons -- and in many cases non-US persons -- must screen against before conducting any transaction.
What makes OFAC uniquely powerful is its secondary sanctions authority. Through executive orders and statutory provisions, OFAC can penalise non-US companies for significant transactions with certain sanctioned targets -- even when no US person or US dollar is involved. This extraterritorial reach means that virtually every multinational company must maintain an OFAC compliance programme, regardless of where it is headquartered.
Penalties are severe. Civil fines can reach USD 368,136 per violation or twice the transaction value (whichever is greater), and wilful violations carry criminal penalties of up to USD 1 million and 20 years imprisonment. In 2023 alone, Binance paid USD 968 million to settle OFAC violations related to processing transactions involving sanctioned jurisdictions. OFAC's 2019 "Framework for Compliance Commitments" outlines five pillars that every sanctions compliance programme should follow.
OFAC administers more than 30 sanctions programmes targeting countries, entities, and individuals. Programmes range from comprehensive embargoes (nearly all transactions prohibited) to targeted list-based designations.
The SDN List is the backbone of OFAC compliance. It contains over 15,000 entries including individuals, entities, vessels, and aircraft. Effective screening requires far more than simple name matching.
OFAC's May 2019 "Framework for Compliance Commitments" establishes five essential components of an effective sanctions compliance programme. OFAC considers the existence and adequacy of these pillars in every enforcement action.
OFAC enforcement actions demonstrate the severity of non-compliance. The cases below represent some of the largest sanctions penalties, collectively totalling $3.3B in fines.
Secondary sanctions extend OFAC's reach beyond US jurisdiction. Non-US companies face risk of designation, loss of US correspondent banking access, or other penalties for significant dealings with sanctioned targets.
Companies operating internationally must navigate both regimes. Key structural differences in scope, enforcement, and extraterritorial reach require careful dual-compliance strategies.
| ASPECT | US / OFAC | EU |
|---|---|---|
| Administering authority | OFAC (Treasury Department) | Council of the EU; Member State authorities |
| Legal basis | IEEPA, Trading with the Enemy Act, Executive Orders | CFSP decisions + Council Regulations |
| Extraterritorial reach | Broad: primary + secondary sanctions | Limited: applies to EU persons and EU territory |
| Secondary sanctions | Yes: can penalise non-US persons for significant dealings with sanctioned targets | No formal mechanism; EU Blocking Statute prohibits compliance with certain US secondary sanctions |
| SDN / Designated list | SDN List + multiple subsidiary lists (~15,000+ entries) | Consolidated List (~2,500+ entries) |
| Penalties | Civil: up to $368K/violation or 2x value; Criminal: up to $1M and 20 years | Set by Member States; 2024 Directive harmonises as criminal offences |
| Voluntary self-disclosure | Formal programme; up to 50% penalty reduction | No harmonised mechanism; varies by Member State |
| Crypto / virtual currency | Explicit OFAC guidance since 2018; designated crypto addresses on SDN List | MiCA/TFR require sanctions screening; no designated addresses |
| Russia sanctions scope | SDN designations, sectoral (SSI/CAPTA), price cap | Asset freezes, trade bans, price cap, 19 packages adopted |
| Compliance framework | 5 Pillars: commitment, risk, controls, testing, training | No harmonised framework; national guidance varies |
OFAC has been at the forefront of applying traditional sanctions frameworks to digital assets. The virtual currency industry faces unique compliance challenges that OFAC is actively addressing through guidance and enforcement.
The current administration has significantly reshaped the sanctions landscape with a return to maximum pressure campaigns, expanded secondary sanctions enforcement, and new guidance on emerging technologies.
Select your company type for tailored OFAC compliance guidance.