Edward Hasbrouck, the author of the informative travel manual The Practical Nomad and of an entertaining and informative travel blog of the same name, left a comment to one of our earlier posts on the Syria sanctions:
Earlier this year, [my bank] froze my account (refused to honor checks, and refused to accept deposits, both paper and electronic) after I tried to check my balance on their Web site from a Syrian IP address. …
Only after I had left Syria (which [my bank] “verified’ by calling me at a Turkish land-line telephone number, which of course could have been forwarded to anywhere) was I able to get the account unfrozen. …
I had notified [my bank] in advance of my intent to travel to Syria. I had read their customer disclosures, which make no mention of any sanctions by [the bank] except those *required* by OFAC regulations, which this clearly wasn’t. I had gone to considerable lengths to avoid having any financial dealings with the government of Syria or government-owned entities (or any other “specially designated nationals” in Syria). And I had been able to withdraw funds from an ATM in Syria (of a private, non-Syrian — I was later told they route transactions via a private line to Lebanon, although my … Bank statement correctly showed the address of the ATM in Syria) without incident.
The prior post in question dealt with Google blocking downloads to Syrian IP addresses and wondered how widespread that practice is. Apparently, some banks are at least trapping IP addresses for queries to their websites, but apparently these banks don’t know what to do once they capture an IP address from a sanctioned country such as Syria.
The current Syria sanctions prohibit export of U.S. products to Syria. Food, medicine and informational products are exempted from the export ban. It’s not clear whether the bank’s response to a web-based balance inquiry was an export of a product to Syria and, even if it were, it arguably fell under the informational exception. Even if the informational exemption were not applicable, the bank’s obligation was simply not to return an answer to the Syrian IP address, not to block the account.
The remaining relevant segment of the Syria sanctions blocks the assets of approximately 20 individuals that have been determined to be involved in (a) the proliferation of weapons of mass destruction; (b) destabilizing activities in Iraq and Lebanon; (c) associating with al Qaeda, the Taliban or Osama bin Laden; or (d) benefiting from public corruption. These sanctions would permit blocking a bank account. However, Hasbrouck’s bank certainly couldn’t conclude from the IP address alone of his web-based balance inquiry that he was one of those 20 individuals (he, of course, is not) or that he was acting on behalf of such individuals. Moreover, because the bank itself “unfroze” the account, it was never officially blocked in any event, because only OFAC can unblock such an account once the bank has blocked it.
It seems what likely happened here is that the bank’s compliance program, rather than focusing on the precise scope of U.S. sanctions against Syria, simply blocked all transactions with Syria whether required or not. There certainly are administrative advantages to such a broad brush approach to compliance; however, a bank using such an approach might wind up violating its own account agreement with the customer. In such a case, let’s say that the blocked accounts leave the customer stranded in Syria, or thrown in jail when he can’t pay his hotel bill, the liability to the customer could be significant.