Washington, D.C. (December 15, 2023) – The U.S. Department of the Treasury's Office of Foreign Asset Controls (OFAC) has settled with Swift Prepaid Solutions Inc. d/b/a daVinci Payments (daVinci), a financial services and payments firm based in Buffalo Grove, Illinois, for $206,213 for 12,391 apparent violations of OFAC sanctions on Crimea, Iran, Syria and Cuba.
The basis for the violations was that daVinci enabled reward cards to be redeemed from persons residing in sanctioned jurisdictions.
Description of daVinci's Program and Apparent Violations
DaVinci provides digital or physical payment reward card programs for corporate, non-profit, and government clients through an online platform. DaVinci's clients funded the card programs themselves through an issuing bank, with daVinci providing the digital or physical prepaid cards to authorized users. Upon receiving a list of card recipients from its clients, including names and email addresses, daVinci would send an email containing a token to each authorized user, inviting each to redeem the token for a prepaid card.
To redeem the token, users would go to daVinci's website and provide their names, addresses, and email addresses. Users could not enter an address in a sanctioned jurisdiction and were screened against sanctions lists. Once screened and verified, funds would be released by the issuing bank to the user's prepaid cards, which could then be used with merchants who accepted cards via third-party credit card networks.
Penalty and Resolution
During a compliance review, daVinci discovered that between 2020 and 2022, it had redeemed prepaid cards associated with sanctioned countries 12,378 times totaling $549,135. The maximum civil monetary penalty applicable to these violations is an astounding $4.4 billion, but daVinci settled the claim for only $206,213.
Why was the settlement amount so extraordinarily low?
Under the OFAC enforcement guidelines, OFAC determined that the aggravating factor was that daVinci failed to exercise due caution or care when it redeemed prepaid digital reward cards for users who appeared to be in sanctioned jurisdictions. OFAC found that daVinci knew or had reason to know of redeemers' IP addresses and email address suffixes, but it did not incorporate this information into its compliance program or controls.
Measured against the aggravating factors were the mitigating factors considered by OFAC. One was that daVinci had not been subject to any OFAC penalties during the preceding five years.
More importantly, daVinci undertook a number of significant remedial measures, including proactively conducting an internally initiated review, implementing IP blocking of access to its platform from sanctioned jurisdictions, conducting real-time screening and blocking of email address suffixes, and instituting independent third-party testing at regular intervals. Additionally, daVinci cooperated with OFAC's investigation.
Takeaways
As we have discussed in an earlier alert, voluntary self-disclosure of sanction violations can mitigate civil and criminal penalties. The importance of self-disclosure has resulted in guidelines being issued by OFAC, by the Commerce Department's Bureau of Industry and Security and the Department of Justice's National Security Division. As shown in all cases where a violator of sanctions has self-disclosed and cooperated in a government investigation, and especially in the daVinci case, the monetary penalty can be reduced significantly.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
