The Biden administration has imposed a multimillion-dollar penalty on Microsoft after the company was found to have engaged in trade with certain sanctioned nations, including Russia and Iran.
The Department of Treasury’s Office of Foreign Assets Control (OFAC) has decided on a $2.98 million settlement with Microsoft Corporation. The settlement is related to the company’s potential civil liability arising due to exporting its services and products from the United States to sanctioned jurisdictions or blocked persons, violating the agency’s sanctions programs. In addition, the Commerce Department’s Bureau of Industry and Security (BIS) imposed an administrative penalty of $624,013, which was later reduced by $276,382. The combined overall fine on Microsoft came to $3.33 million.
According to the OFAC, Microsoft engaged in 1,339 apparent violations of its sanctions programs between July 2012 and April 2019.
During this period, Microsoft sold its products and services from the United States and Ireland to specially designated nationals (SDNs), blocked persons, and other end-users located in Syria, Iran, Cuba, Russia, and the Crimea region of Ukraine. The total value of these transactions amounted to $12.11 million.
“As this coordinated resolution demonstrates, BIS and OFAC will work together to ensure that U.S. export control and sanctions laws are enforced effectively, wherever in the world the underlying conduct occurs.”
The $3.3 million fine represents a rather minuscule amount for the tech giant, which earned $198.3 billion in annual revenues last year.
The Violations
Out of the 1,339 violations Microsoft is said to have engaged in, 1,252 violations were related to Ukraine/Russia-related sanctions, 54 were tied to Cuba, 30 with Iran, and three to Syria.Microsoft could have faced a statutory maximum civil monetary penalty of $404 million from the OFAC. However, the agency determined that the applicable fine only comes to $5.96 million, which it further reduced to $2.98 million due to Microsoft voluntarily disclosing the violations and other considerations.
Russian Sanctions Breach
In Russia, Microsoft employed an indirect resale model under which it worked with third-party licensing solution partners (LSP) to develop sales leads and negotiate bulk sales agreements with end customers. Microsoft was neither provided with nor obtained complete or accurate information regarding its end customers.The OFAC accused Microsoft Russia’s employees of having “intentionally circumvented” the company’s screening controls to prevent other Microsoft affiliates from knowing the identity of end customers.
For instance, after the OFAC sanctioned the Russian oil firm Stroygazmontazh in 2014, Microsoft had initially rejected one of the entity’s subsidiaries as a customer. However, Microsoft Russia employees used a pseudonym for the subsidiary and arranged orders on behalf of the specially designated national. The OFAC also blamed Microsoft for “shortcomings” in its screening process.
“Further, Microsoft’s screening against restricted-party lists did not identify blocked parties not specifically listed on the SDN list, but owned 50 percent or more by SDNs, or SDNs’ Cyrillic or Chinese names, even though many customers in Russia and China supplied order and customer information in their native scripts,” the agency said.
“These failures, which also included missing common variations of the restricted party names, resulted in Microsoft engaging in ongoing business relationships with SDNs or blocked persons.”
