Part 4: Internal Controls to Lower Your Inherent Risk of an OFAC Violation
By: Maleka Ali
During Parts 1 through 3 of our OFAC series, we reviewed program basics, building your risk assessment methodology and tips and tricks for your risk assessment. Now, let’s talk about internal controls.
Controls are what lower your inherent risk of an OFAC violation at your organization, so it is important to understand what additional tools you might have or need to mitigate that risk.
Controls might include infrastructure, detection tools and software, training, and independent audits. And of course, all of this needs to follow a risk-based approach. Your OFAC program and controls should also be tempered by the organization’s risk appetite and available resources to avoid both regulatory and OFAC violations, and your program’s policies and procedures must match or exceed the risk.