Frequently Asked Questions

72. Can I send money to a sanctioned country using a third-country company’s website? Can I buy gifts for someone in a sanctioned country over the internet? The websites tell me that it’s ok because they themselves are not sanctioned parties.

72 … You cannot do something indirectly that you would not be able to do directly. Therefore, these sites can be used to facilitate authorized transactions, but you cannot use them to perform a transaction which would be in violation of U.S. law. For example, the Cuban Assets Control Regulations (… Read more

73. My company provides money remittance and account services via the Internet. Does OFAC have any compliance guidance for this type of business?

73 … Complying with United States sanctions policy presents unique challenges to institutions that operate exclusively on the Internet. The Internet has often been thought of as an "anonymous venue" in that e-commerce transactions can be conducted in relative privacy with little or no face-to-face… Read more

434. Are all applications designed to run on mobile operating systems (“apps”) covered by 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

434 … The exportation to Iran of apps that are designated EAR99 or classified under export control classification number (ECCN) 5D992.c, as specified in category (8) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, is authorized under 31 CFR § 560.540(a)(… Read more

435. Is the exportation of anti-virus, anti-malware, anti-tracking, and anti-censorship software authorized under 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

435 … Yes. Section 560.540(a)(3) authorizes the exportation of certain anti-virus, anti-malware, anti-tracking, anti-censorship software, and related services, as specified in categories (6), (7), and (9) of the31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications.… Read more

436. What do Secure Socket Layers (SSLs), listed in the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, encompass?

436 … SSLs, as described in category (11) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (“31 CFR § 560.540 List”) encompass “provisioning and verification software for Secure Socket Layer (SSL) certificates designated EAR99 or classified under ECCN… Read more

437. Are mobile phone accessories and computer accessories and peripherals authorized for export under 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

437 … Yes. Accessories for use in conjunction with hardware specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (the “31 CFR § 560.540 List), and peripherals for use in conjunction with hardware specified in category (5)… Read more

438. Is the exportation of parts or components for authorized hardware, such as microprocessors, authorized under 31 CFR § 560.540?

438 … No. While the exportation of certain accessories and peripherals specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications is authorized under 31 CFR § 560.540(a)(3), the exportation to Iran of hardware parts or components… Read more

439. Does 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the export of bundled software that includes both software authorized by § 560.540 and software that is not authorized by § 560.540?

439 … No. To qualify for 31 CFR § 560.540 , all individual software items in a bundled package must fall within one of the 31 CFR § 560.540 authorizations. If some software in a bundled package is authorized by 31 CFR § 560.540 but other software is not, the portion of the software falling… Read more

440. 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the exportation to Iran of fee-based desktop publishing software and productivity software suites used to publish documents, presentations, spreadsheets, charts, music, movies, and digital images?

440 … Yes. Fee-based desktop publishing software and productivity software suites have been determined to fall within the scope of fee-based software that enables services incident to the exchange of communications as described in 31 CFR § 560.540(a)(2) , provided that the software meets the… Read more

441. Does 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the provision of fee-based cloud computing services to Iran?

441 … Yes. Section 560.540(a)(1) of the ITSR authorizes the provision to Iran of fee-based cloud computing services that support the exchange of communications over the internet. In addition, paragraph (a)(2)(i) of 31 CFR § 560.540 authorizes the provision to Iran of software that is incident to… Read more

Frequently Asked Questions

Office of Terrorism and Financial Intelligence