Microsoft Fined More Than $3 Million in Penalties for Multiple Sanctions Violation

Microsoft Fined More Than $3 Million in Penalties for Multiple Sanctions Violation
Microsoft signage at the company's headquarters in Redmond, Wash., on Jan. 18, 2023. Matt Mills McKnight/Reuters
Naveen Athrappully
Updated:
0:00

The Biden administration has imposed a multimillion-dollar penalty on Microsoft after the company was found to have engaged in trade with certain sanctioned nations, including Russia and Iran.

The Department of Treasury’s Office of Foreign Assets Control (OFAC) has decided on a $2.98 million settlement with Microsoft Corporation. The settlement is related to the company’s potential civil liability arising due to exporting its services and products from the United States to sanctioned jurisdictions or blocked persons, violating the agency’s sanctions programs. In addition, the Commerce Department’s Bureau of Industry and Security (BIS) imposed an administrative penalty of $624,013, which was later reduced by $276,382. The combined overall fine on Microsoft came to $3.33 million.

According to the OFAC, Microsoft engaged in 1,339 apparent violations of its sanctions programs between July 2012 and April 2019.

During this period, Microsoft sold its products and services from the United States and Ireland to specially designated nationals (SDNs), blocked persons, and other end-users located in Syria, Iran, Cuba, Russia, and the Crimea region of Ukraine. The total value of these transactions amounted to $12.11 million.

“U.S. companies will be held accountable for the activities of their foreign subsidiaries,” said Matthew S. Axelrod, assistant secretary for export enforcement, according to a Treasury Department press release on April 6.

“As this coordinated resolution demonstrates, BIS and OFAC will work together to ensure that U.S. export control and sanctions laws are enforced effectively, wherever in the world the underlying conduct occurs.”

The $3.3 million fine represents a rather minuscule amount for the tech giant, which earned $198.3 billion in annual revenues last year.

“Microsoft takes export control and sanctions compliance very seriously, which is why after learning of the screening failures and infractions of a few employees, we voluntarily disclosed them to the appropriate authorities,” said a Microsoft spokesperson in an emailed statement to The Epoch Times. “We cooperated fully with their investigation and are pleased with the settlement.”

The Violations

Out of the 1,339 violations Microsoft is said to have engaged in, 1,252 violations were related to Ukraine/Russia-related sanctions, 54 were tied to Cuba, 30 with Iran, and three to Syria.

Microsoft could have faced a statutory maximum civil monetary penalty of $404 million from the OFAC. However, the agency determined that the applicable fine only comes to $5.96 million, which it further reduced to $2.98 million due to Microsoft voluntarily disclosing the violations and other considerations.

“The majority of the apparent violations involved blocked Russian entities or persons located in the Crimea region of Ukraine, and occurred as a result of the Microsoft entities’ failure to identify and prevent the use of its products by prohibited parties,” the OFAC said in an enforcement release (pdf) on April 6.
“The settlement amount reflects OFAC’s determination that the conduct of the Microsoft entities was non-egregious and voluntarily self-disclosed, and further reflects the significant remedial measures Microsoft undertook upon discovery of the apparent violations.”

Russian Sanctions Breach

In Russia, Microsoft employed an indirect resale model under which it worked with third-party licensing solution partners (LSP) to develop sales leads and negotiate bulk sales agreements with end customers. Microsoft was neither provided with nor obtained complete or accurate information regarding its end customers.

The OFAC accused Microsoft Russia’s employees of having “intentionally circumvented” the company’s screening controls to prevent other Microsoft affiliates from knowing the identity of end customers.

For instance, after the OFAC sanctioned the Russian oil firm Stroygazmontazh in 2014, Microsoft had initially rejected one of the entity’s subsidiaries as a customer. However, Microsoft Russia employees used a pseudonym for the subsidiary and arranged orders on behalf of the specially designated national. The OFAC also blamed Microsoft for “shortcomings” in its screening process.

“Further, Microsoft’s screening against restricted-party lists did not identify blocked parties not specifically listed on the SDN list, but owned 50 percent or more by SDNs, or SDNs’ Cyrillic or Chinese names, even though many customers in Russia and China supplied order and customer information in their native scripts,” the agency said.

“These failures, which also included missing common variations of the restricted party names, resulted in Microsoft engaging in ongoing business relationships with SDNs or blocked persons.”

Related Topics