The Australian Experience


Two flight changes, a layover, 25 hours in the air and a total travel time of over 30 hours. A recent trip to the U.S. to spend some time with the Association of Certified Anti-Money Laundering Specialists (ACAMS) team serves to remind me just how far Australia is from one of its most important markets and key regulators.

Australia is strongly independent, with an economy that has rolled along without recession since 1990, a strong banking system and a well-established system of regulation. Australia is also a country that is geographically in Asia, historically linked to the United Kingdom (U.K.), has migrants from Europe, and has strong cultural, military and travel links to the U.S. As an island country with an economy heavily dependent on mining and agriculture, Australia’s three biggest export markets are all based in Asia, with China being its most important trading partner

The commercial benefits of operating in an increasingly globalized world are obvious—wider choice for the production, distribution and financing of goods and services. However, shifting supply chains from a purely domestic focus into the international marketplace increases the risks to those operating across the global supply chain, raising the cost of compliance. Supply chain due diligence is critical for compliance with sanctions obligations, export control regulation, identification of forced labor, international trafficking, anti-bribery and anti-corruption practices. This is in addition to existing due diligence activities across the relationship.

It must be mentioned that this is an Australian market where banking executives are under additional pressure to reset their strategies following the recent Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry.1 Also, the Australian banks must now deal with a somewhat skeptical and demanding customer base that expects banks to be more transparent and responsive to their needs—not to mention a set of reinvigorated and empowered regulators charged with enforcing the laws and bringing the big banks to heel.

How do banks located in a jurisdiction like Australia balance the requirement to support their customer’s need to do business in a global world, while navigating the complexities of a regulatory landscape that is itself multinational?

Stuck in the middle—Iran sanctions force Australian banks to make tough choices

Navigating the international marketplace is a challenge. While an increasingly globalized marketplace brings the world together, at times it seems to be growing further apart in terms of regulatory approach and cultural norms. Parties across the supply chain need to negotiate the complexities of doing business across different currencies, languages and time zones. They must also be cognizant of geopolitical tensions and navigate the complexities of different foreign policy objectives as they consider doing business with various global partners.

These geopolitical tensions are rising as large players on the international stage, once traditional allies and generally aligned in their national security objectives, are starting to diverge in their approach and targets. Medium-sized powers—like Australia, its banks and their customers—find themselves caught between these competing forces. This has been very evident in regards to Iran.

In January 2016, the United Nations sanctions on Iran were lifted, as were many of the sanctions imposed by the European Union (EU). Australia also lifted most of its autonomous sanctions, opening up new opportunities for business. Seen as a great opportunity to form new partnerships with the second largest economy in the Middle East, countries such as Australia and New Zealand supported trade delegations to Iran to explore opportunities to do business with a youthful, well-educated and diversified marketplace.

While an increasingly globalized marketplace brings the world together, at times it seems to be growing further apart in terms of regulatory approach and cultural norms

At the same time, the Australian financial sector was laboring with the complexities of entering this new market, still designated as a state sponsor of terrorism.

More challenges were created following the withdrawal of the U.S. from the Joint Comprehensive Plan of Action (JCPOA)2 in May 2018 while the other parties to the agreement (China, France, Germany, the Russian Federation and the U.K.) pledged their ongoing commitment to the agreement.

The Australian banks—some of which were feeling the pressure to support their clients in opening up new trade relationships into Iran—were now in a more conflicted position. They had to choose between supporting local businesses and economic growth opportunities or yielding to the regulatory demands of continuing to operate in the U.S. market and the requirement to justify risk appetites with customers, regulators and government departments of trade.

However, this was not the end of the conflict as the EU then stated its intention to “continue to pursue its political and economic interests in Iran.”3

Between a block and a hard place—The EU counters with the Blocking Statute to protect European business interests

Council Regulation (EC) No 2271/96 (EU Blocking Statute)4 was first adopted in November 1996 to protect EU businesses “against the effects of the extraterritorial application of legislation adopted by a third country.”5 It was seen as a countermeasure to the U.S. extraterritorial sanctions against Cuba, Libya and Iran that were added in August 2018.

While the Blocking Statue cannot protect EU companies from the practical effects of sanctions (such as asset seizures, criminal charges, exclusion from the U.S. of corporate officers or controlling shareholders), it does provide an avenue for compensation for whatever costs companies incur because of the U.S. sanctions.

The extraterritorial nature of U.S. sanctions are “designed to restrict the economic activity of governments, businesses and nationals of third countries, many governments consider these sanctions a violation of their sovereignty and international law.”6

As a result, a conflict of laws arises that forces companies who operate in both jurisdictions and globally to consider the risks of doing business in Iran. A shift occurred in previously perceived business opportunities with EU leaders vowing to utilize the Blocking Statute and the U.S. staunchly defending its position and committed to penalizing anyone who breaks the law.

Australian banks—squeezed between U.S. and EU regulations—are left to continue to work on how best to approach this situation. The advice from Australia’s Department of Foreign Affairs and Trade provides limited direct guidance, other than to caution for a considered approach: “The Australian Government encourages Australian businesses to examine and take legal advice on implications of re-established domestic sanctions by the United States.”7

Anything you can do I can do better— China’s Unreliable Entity List

For those operating in the Asia-Pacific region, fostering local trade agreements and strategic economic and political partnerships in the region may mean straining the relationships with long-term allies like the U.S. in order to support local business and growth in “home” markets.

In June 2019, against the backdrop of trade wars between the U.S. and China, Huawei Technologies Co. Ltd—together with 68 non-U.S. affiliates located in 26 destinations such as Myanmar, China, Hong Kong, Japan, Singapore, Taiwan and Vietnam—was added to the U.S. Department of Commerce Bureau of Industry and Security Entity List.8 Huawei is claimed to be “involved in activities contrary to the national security or foreign policy interests of the U.S.”9

In what could be seen as a “tit-for-tat” response, China’s Ministry of Commerce introduced a new layer of complexity for companies doing business with Chinese companies with the announcement of its new Unreliable Entity List (UEL).10 In the accompanying statement, China said the following,

“…certain countries have been abusing the concept of national security, the measures of export control and their long-arm jurisdictions, which actions have severely harmed the security and stability of the global industrial chain, supply chain and value chain, destroyed the international economic orders and multilateral trading rules, and caused injuries to the global economy and national interests of countries including China.”11

According to the announcement, the UEL will include “organizations or individuals that boycott or cut off supplies to Chinese entities for non-commercial reasons, take discriminatory measures against Chinese companies, causing material damage to Chinese companies or the related industries and threat or potentially threat China’s national security would be listed.”

As such, another compliance challenge is placed in front of Australian companies and their banks—they may now have to navigate between following U.S. law and the new regulations of Australia’s biggest trading partner.

You cannot operate in a vacuum— Managing risk across diverse cultures

So how do financial institutions (FIs) operating in the Asia-Pacific region support their customers and strategic relationships, as well as balance the commercial reality of navigating the complex and ever-changing regulatory landscape?

An effective sanctions compliance program

On May 2, 2019, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published its most comprehensive guidance to date on the development and implementation of a risk-based sanctions compliance program (SCP) titled A Framework for OFAC Compliance Commitments. 12

The following are the five key pillars of an effective sanctions compliance program:

  • Management commitment
  • Risk assessment
  • Internal controls
  • Testing and auditing
  • Training

The role of the sanctions risk assessment is crucial. Setting your risk appetite and having this stated in such a way that demonstrates due consideration for all the risks posed by the organization can keep one on the right side of sanctions regulators.

Take for example China’s proposed UEL and the EU’s Blocking Statute. An organization should be able to demonstrate its decision to undertake business in certain jurisdictions, with a specific customer segment, sector or industry. This is a risk appetite decision guided by commercial decisions rather than driven by regulatory response. In this way, the organization may avoid being added to the UEL or being subject to the EU Blocking Statute by remaining compliant with the obligations in the jurisdictions in which it operates.

Balancing country and organization culture

Cultural norms are another challenge for players in the international marketplace.

Many international banks maintain points of representation across the globe in order to deliver against their business objectives and serve their customers. These outposts represent a culturally and regulatory diverse marketplace that is just as diverse as the customers they serve.

Delivering commercial outcomes in line with the stated risk appetite position requires a shared understanding across the organization. A standardized SCP can streamline detection capabilities, processes and procedures, application of key controls, and target testing as well as auditing capabilities.

Employee training is fundamental in ensuring that staff understand expectations and the processes in place to ensure compliance. Significant emphasis should be placed on communicating and understanding the organization’s risk appetite and senior management must be very clear in articulating the organization’s business writing strategy (BWS). This should include knowing the core market and the objectives of the business; implementing a control environment to ensure execution to BWS; and addressing exceptions when identified.

While training efforts benefit from a standardized SCP, what is sometimes overlooked are the challenges posed by incongruent geopolitical relationships, cultural nuisances and differences unique to each jurisdiction in which an organization operates. These may manifest themselves in language used, determination of higher-risk industries/sectors, prohibited business activity or jurisdictions and culturally accepted business practices.

For training to be effective, it must be communicated in such a way that the local backdrop is considered and reflected in any role-specific instructions. Consideration needs to be given to the diversity, education and background of the local workforce together with what is considered culturally acceptable in terms of how training should be delivered and who best to communicate management commitment, both to the organization’s sanctions position and the consequences of breaching the sanctions policy.

Keeping abreast of changes in the regulatory landscape must be a focus for those wishing to operate successfully in the international marketplace

Risk management has its own reward

The bright lights of the global marketplace continue to attract organizations, particularly businesses from Australia, a country built on international trade. The commercial benefits of operating in an increasing globalized world are obvious across the entire end-toend supply chain. Equally, the risks associated with not understanding the regulatory environment in which that supply chain operates can have devastating reputational, economic and personal consequences.

The sanctions risk assessment consists of a holistic review of the organization from top to bottom, including an understanding of the cultural nuisances across the operation and its touchpoints to the outside world. When done appropriately, it should help the organization identify potential areas in which it may directly or indirectly engage with parties, jurisdictions, products, sectors or industries subject to sanctions

An effective risk assessment is the ticket to the game, but this cannot be a one-time activity. As the landscape is constantly evolving, both externally and internally, the risk assessment is a living document and needs to be reviewed to ensure that the SCP remains effective and is responsive to new threats and gaps in the program. Keeping abreast of changes in the regulatory landscape must be a focus for those wishing to operate successfully in the international marketplace. In Australia, FIs must continue to confront the challenges posed by the complex and ever-changing regulatory landscape—challenges that are multiplied by having to deal with the regulatory systems of not only their home country and those of the jurisdictions in which they do business, but also the long-reach of EU and U.S. regulators. The consequences for those who fail to understand their sanctions obligations may be high.

Kylie Oliver, CAMS, sanctions compliance manager, Australia and New Zealand Banking Group Limited, Melbourne, Australia,