In 2017, Apple Inc. discovered that they had inadvertently paid a developer that was present on U.S. sanction lists. The sanctions and OFAC screening tool Apple used failed to identify the developer as a blacklisted entity. Apple reported this error and the investigation has been completed, with the result of a $467,000 settlement. This is a small amount for a company as large as Apple, but it illustrates that even the biggest companies may be facing compliance issues they are unaware of.
The sanctioned app developer, SIS d.o.o., was blacklisted by OFAC in 2015 along with it’s majority owner Savo Stjepanovic. Allegedly Stjepanovic was part of an international steroid trafficking network and as a result U.S. individuals and entities were prohibited from doing any business with Stjepanovic or any property he had an interest in. Both Stjepanovic and SIS d.o.o. were removed from sanctions lists in May 2017.
Unfortunately, SIS d.o.o. was on the list when Apple was submitting payments to the developer. Apple compliance did run the developer’s name through their OFAC screening software the day Stjepanovic was blacklisted, but unfortunately the system failed to register the punctuation in the developer’s name. Therefore, SIS d.o.o was not identified as a sanctioned entity. Name filtering is a problem with some compliance solutions, but it can be solved. You can read more about name filtering in this Truth Technologies white paper.
Apple’s compliance system was updated in February 2017 and it then identified the developer as a blacklisted entity. Apple then suspended payments and self-disclosed the violations to OFAC.
Read more in this article.