Frequently Asked Questions

49. If I reject or block a transaction, when do I have to report the action to OFAC? How do I submit the report?

49 … 31 C.F.R. Parts §§ 501.603 and 501.604 require blocking and reject reports to be submitted to OFAC within 10 business days of the date of the action. Optional reporting forms are available at this link and complete information may be emailed to OFAC’s Sanctions Compliance and Evaluation… Read more

50. Is there a requirement for annual reporting of blocked property? Is there a required format?

50 … Yes. A report of blocked property is to be submitted annually by September 30 to OFAC Compliance, Department of the Treasury, Washington, D.C., 20220. The standardized form can be accessed by visiting this link . If you wish to use a different format, please contact the OFAC Compliance hotline… Read more

72. Can I send money to a sanctioned country using a third-country company’s website? Can I buy gifts for someone in a sanctioned country over the internet? The websites tell me that it’s ok because they themselves are not sanctioned parties.

72 … You cannot do something indirectly that you would not be able to do directly. Therefore, these sites can be used to facilitate authorized transactions, but you cannot use them to perform a transaction which would be in violation of U.S. law. For example, the Cuban Assets Control Regulations (… Read more

73. My company provides money remittance and account services via the Internet. Does OFAC have any compliance guidance for this type of business?

73 … Complying with United States sanctions policy presents unique challenges to institutions that operate exclusively on the Internet. The Internet has often been thought of as an "anonymous venue" in that e-commerce transactions can be conducted in relative privacy with little or no face-to-face… Read more

434. Are all applications designed to run on mobile operating systems (“apps”) covered by 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

434 … The exportation to Iran of apps that are designated EAR99 or classified under export control classification number (ECCN) 5D992.c, as specified in category (8) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, is authorized under 31 CFR § 560.540(a)(… Read more

435. Is the exportation of anti-virus, anti-malware, anti-tracking, and anti-censorship software authorized under 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

435 … Yes. Section 560.540(a)(3) authorizes the exportation of certain anti-virus, anti-malware, anti-tracking, anti-censorship software, and related services, as specified in categories (6), (7), and (9) of the31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications.… Read more

436. What do Secure Socket Layers (SSLs), listed in the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, encompass?

436 … SSLs, as described in category (11) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (“31 CFR § 560.540 List”) encompass “provisioning and verification software for Secure Socket Layer (SSL) certificates designated EAR99 or classified under ECCN… Read more

437. Are mobile phone accessories and computer accessories and peripherals authorized for export under 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

437 … Yes. Accessories for use in conjunction with hardware specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (the “31 CFR § 560.540 List), and peripherals for use in conjunction with hardware specified in category (5)… Read more

438. Is the exportation of parts or components for authorized hardware, such as microprocessors, authorized under 31 CFR § 560.540?

438 … No. While the exportation of certain accessories and peripherals specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications is authorized under 31 CFR § 560.540(a)(3), the exportation to Iran of hardware parts or components… Read more

439. Does 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the export of bundled software that includes both software authorized by § 560.540 and software that is not authorized by § 560.540?

439 … No. To qualify for 31 CFR § 560.540 , all individual software items in a bundled package must fall within one of the 31 CFR § 560.540 authorizations. If some software in a bundled package is authorized by 31 CFR § 560.540 but other software is not, the portion of the software falling… Read more

Frequently Asked Questions

Office of Terrorism and Financial Intelligence