ST0712DOTOFAC

ST0712

A fundamental element of a sound SCP is the assessment of specific clients, products, services, and geographic locations in order to determine potential OFAC sanctions risk. The purpose of a risk assessment is to identify inherent risks in order to inform risk-based decisions and controls. The…

Assess my company

Plain-language summary

What it actually means.

to be determined

Plain-language summary forthcoming. Source text below.

Source text

As written.

A fundamental element of a sound SCP is the assessment of specific clients, products, services, and geographic locations in order to determine potential OFAC sanctions risk. The purpose of a risk assessment is to identify inherent risks in order to inform risk-based decisions and controls. The Annex to Appendix A to 31 C.F.R. Part 501, OFAC’s Economic Sanctions Enforcement Guidelines, provides an OFAC Risk Matrix that may be used by financial institutions or other entities to evaluate their compliance programs:

Assessed by HEXDI

What HEXDI assesses.

  • M2

    1 — PROGRAM SETUP AND ADMINISTRATION

    Program is developed using a reasoned methodology that is based on a thorough analysis and identification of risks pertaining to company…

  • M2

    2 — PROGRAM SETUP AND ADMINISTRATION

    Methodology includes monitoring, collecting, and reporting of information on the number of exports/imports, nature and number of…

  • M2

    3 — PROGRAM SETUP AND ADMINISTRATION

    Senior Management, with the assistance of legal counsel and/or compliance personnel, takes responsibility for determining the significance…

  • M2

    4 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification occurs at Senior Management meetings as part of short- and long-term forecasting and strategic planning.

  • M2

    5 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification considers customer base, countries of exports/import activities, and product lines.

  • M2

    6 — PROGRAM SETUP AND ADMINISTRATION

    Risk analysis and identification considers risks posed by interactions with third parties, to include suppliers, brokers, contractors,…

Related

Other DOT standards.

Source & revisions

First mapped
Jun 8, 2022
Last updated
May 26, 2026 (29m ago)
Source
Framework for OFAC Compliance Commitments