ST0663DOTOFAC

ST0663

The organization conducts, or will conduct, an OFAC risk assessment in a manner, and with a frequency, that adequately accounts for the potential risks. Such risks could be posed by its clients and customers, products, services, supply chain, intermediaries, counter-parties, transactions, and…

Assess my company

Plain-language summary

What it actually means.

to be determined

Plain-language summary forthcoming. Source text below.

Source text

As written.

The organization conducts, or will conduct, an OFAC risk assessment in a manner, and with a frequency, that adequately accounts for the potential risks. Such risks could be posed by its clients and customers, products, services, supply chain, intermediaries, counter-parties, transactions, and geographic locations, depending on the nature of the organization. As appropriate, the risk assessment will be updated to account for the root causes of any apparent violations or systemic deficiencies identified by the organization during the routine course of business.

Assessed by HEXDI

What HEXDI assesses.

  • M2

    1 — PROGRAM SETUP AND ADMINISTRATION

    Program is developed using a reasoned methodology that is based on a thorough analysis and identification of risks pertaining to company…

  • M2

    2 — PROGRAM SETUP AND ADMINISTRATION

    Methodology includes monitoring, collecting, and reporting of information on the number of exports/imports, nature and number of…

  • M2

    3 — PROGRAM SETUP AND ADMINISTRATION

    Senior Management, with the assistance of legal counsel and/or compliance personnel, takes responsibility for determining the significance…

  • M2

    4 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification occurs at Senior Management meetings as part of short- and long-term forecasting and strategic planning.

  • M2

    5 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification considers customer base, countries of exports/import activities, and product lines.

  • M2

    6 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification considers risks posed by interactions with third parties, to include suppliers, brokers, contractors,…

Related

Other DOT standards.

Source & revisions

First mapped
Jun 8, 2022
Last updated
May 26, 2026 (29m ago)
Source
Framework for OFAC Compliance Commitments