top of page

Incentivising Voluntary Self-Disclosure

  • 7 hours ago
  • 8 min read

Developments in the US, UK and EU



In trade compliance, timing is everything.


When a potential sanctions violation surfaces companies face a narrowing window of choices. They can delay and risk escalation, or they can voluntarily self-disclose to regulators, demonstrating transparency and cooperation in the hope of mitigating penalties.


Motivation and pressure for trade compliance enforcement has been steadily increasing over the past years, but government staffing has struggled to keep pace. As a result, many jurisdictions are developing their Voluntary Self-Disclosure (VSD) mechanisms, to more strongly incentivize companies to proactively report.


This is especially so in the US, the UK, and the EU which have updated their policies accordingly. While the U.S. and the UK, both at the forefront of sanctions-related enforcement, already have well established VSD mechanisms in place, but have taken steps to improve the reporting process and updated key incentives and penalties recently. The EU has also made signficant steps following the Harmonized Criminalization of EU Sanctions which includes Voluntary Self-Disclosure as a mitigting factor, aiming for a more harmonized approach across member states.


This is an important development, as companies do not work in vacuums, but rather as part of complex, multi-national supply chains and markets. Greater incentives (or requirements) for self-disclosure will not only increase the likelihood that companies come forward themselves with violations, but may also increase the likelihood that a company is identified in disclosures submitted by their business partners, suppliers, or other counterparties. Therefore, it is important to not only keep up with the regulatory developments, but also with internal compliance processes to proactively identify issues and not be the "last to know" in the event of an investigation.


U.S.- OFAC Launches New Online Voluntary Self-Disclosure Portal


The Office of Foreign Assets Control (OFAC) encourages U.S. and foreign persons who may have violated OFAC-administered sanctions to disclose the apparent violations to OFAC voluntarily.

To further improve customer service, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) launched a new online Voluntary Self-Disclosure Portal on February 6, 2026.


This portal provides a more streamlined and secure method for submitting voluntary self-disclosures of potential violations of OFAC-administered sanctions programs. According to OFAC, the motivation for transitioning to this online system is to increase efficiency and transparency for persons submitting information, enabling faster acknowledgment of submissions, clearer communication throughout the review process, and a more user-friendly experience overall.



Pursuant to OFAC's Economic Sanctions Enforcement Guidelines, OFAC considers voluntary self-disclosures to be a mitigating factor in the event of violations. For example, in 2020, OFAC settled with Amazon for a penalty of only $134,523 USD, after Amazon voluntarily disclosed apparent violations of multiple OFAC sanctions programs, including Crimea, Iran, and Syria. According to the settlement, the statutory maximum civil monetary penalty amount for the apparent violations was $1,038,206,212 USD, highlighting the value of a well timed, organised, and complete VSD.


A properly filed VSD can potentially substantially mitigate penalties in both egregious and non-egregious cases. A suspected violation is "egregious" if OFAC's director or deputy director analyzes a set of general factors and finds that the fact pattern meets a threshold that calls for a "strong enforcement response." The general factors evaluated by OFAC are willful or reckless violation of law, awareness of conduct at issue, harm to sanctions program objectives, and individual characteristics.


In reviewing the underlying conduct and determining the course of enforcement, OFAC may also consider the totality of the circumstances surrounding the apparent violation(s), including, among other factors, the existence, nature, and adequacy of the subject's compliance program at the time of the apparent violation and the corrective actions taken in response to an apparent violation.



UK - Updated Enforcement Framework



On 9 February 2026, and following a period of consultation, the UK's Office of Financial Sanctions Implementation (OFSI) announced significant updates to the enforcement and disclosure frameworks.


  1. Defined Levels of Seriousness- First, they accepted requests for more clearly defined levels of seriousness to improve transparency of case results. This includes a sliding scale of Lower Severity, Moderate Severity, Serious, and Most Serious.


  1. Reduced Maximum Discounts- OFSI has also revised the existing discount for VSDs, reducing from a previous maximum of 50%, to a maximum voluntary disclosure and co-operation discount of 30% in all penalty cases.


  2. Increased Pentaly Maximums- OFSI intends to double penalty maximums from £1 million GBP or 50% of the value of the violation (whichever is higher), to £2 million GBP or 100% of the value of the breach (whichever is higher). This change is not yet in effect, as it requires primary legislation to be passed.

 

  1. Settlement Scheme- The updated framework also includes a Settlement Scheme that would allow companies up to a 20% discount on the baseline penalty in exchange for waving certain procedural rights like for appeal or ministerial review.


  1. Early Account Scheme (EAS)- The framework would furter include an EAS which in appropriate cases would allow subjects of an investigation to provide OFSI with a comprehensive account of a breach as early as possible, potentially expediting the completion of an investigation—in the event that OFSI decides to take enforcement action, subjects will receive an EAS discount of up to 20% on the baseline penalty.


  2. Fixed Penalties- OFSI now also provided fixed monetary penalties of £5,000 and £10,000 for certain offences like non-compliance with reporting obligations, reporting of specific and general licences, timeliness of Request for Information responses, and breaches of licences with a value of up to £10,000.


Based on these changes it is clear that OFSI is heavily focused on communicating a strong deterrent effect for breaches, and strong motivation to disclose. This is especially highlighted in the convergent actions of reducing discounts and doubling penalty maximums.


EU - Greater Harmonization for VSDs


The landscape for VSDs in the EU is shifting from a fragmented patchwork of measures by individual member states to a more structured approach to harmonize the use of VSDs across the EU. This is primarily due to the implementation of the “Harmonized Criminalization of EU Sanctions” Directive (EU) 2024/1226, which mandates that all member states treat VSD and cooperation with authorities as mitigating factors in criminal proceedings.



The  EU’s “Harmonized Criminalization of EU Sanctions” Directive (EU) 2024/1226 explicitly requires EU member states to provide mechanisms for VSDs and cooperation with authorities as mitigating circumstances. Sanctions enforcement remains in the purview of the National Competent Authorities (NCAs). therefore the process and specific incentives provided for VSDs still varies greatly, though greater developments can be seen in some member states.


For example, Germany already provides a VSD mechanism sanctions violations, primarily under the Foreign Trade and Payments Act (AWG), which can mitigate or waive administrative fines and criminal penalties if submitted promptly, fully, and before authorities discover the breach. However, it is limited in scope, often excluding core licensing breaches.


In January 2025 the Dutch Public Prosecution Office (DPPO) "Policy on Self-Disclosure, Cooperation and Self-Investigation" went into effect. The Policy aims to encourage transparency and accountability by offering incentives for proactive engagement. Entities that voluntarily, comprehensively and timely disclose potential criminal offenses and fully cooperate in criminal investigations may be eligible for a reduction in fines of up to a total of 50%.


Further, Italy has recently implemented Legislative Decree No. 211 of 2025 to criminalize violations of EU restrictive measures and incentivize self-disclosure/cooperation by introducing a cause of non-punishability based on active cooperation and timely remediation of organizational deficiencies.

 

The deadline to adopt Directive (EU) 2024/1226 already expired on 1 May 2025 and most Member States have largely failed to implement the Directive to date. We can expect to see additional member states transposing the Directive on a national level throughout 2026, including mechanisms for VSDs.



How SEIA Can Help


Enforcement authorities increasingly reward companies that identify problems early, report them promptly and show evidence of robust corrective action. But this presumes companies can do three difficult things at once: detect violations quickly, investigate them thoroughly and demonstrate that their compliance program is not merely reactive but effective.


For many organizations, especially those operating across borders, that is a formidable task.

Increasingly, companies are turning towards data-driven governance.


SEIA PERCEIVE platform aims to transform trade compliance review from a periodic sampling exercise into a continuous assurance system that confirms control effectiveness, monitors for red flags or proactive alerts, all while providing data-driven risk assessments, in real time.


From Reactive Compliance to Proactive Detection


Traditionally, trade compliance has relied on sampling, manual reviews and retrospective audits. Violations are often uncovered months after the fact, often by external auditors or regulators themselves. When a company cannot show that it had reasonable systems in place to detect and prevent violations, mitigation credit can be limited.


The ability to identify risks is 85% of good compliance.

SEIA PERCEIVE approaches the problem differently. Rather than reviewing transactions sporadically, it continuously analyzes enterprise trade data to identify anomalies, control failures and systemic gaps.


In practical terms, this means that a potential issue — say, a series of shipments released before a mandatory internal review — can be detected in immeditately giving teams time to prevent violations.


Supporting the Internal Investigation


Voluntary self-disclosure programs reward transparency. But transparency is difficult without visibility. By providing that visibility — before, during and after a potential violation — SEIA PERCEIVE enables teams to greatly reduce the time spent gathering information if a voluntary disclosure becomes necessary. Once a potential violation is identified, the next challenge is containment and investigation.


SEIA PERCEIVE is designed to massively reduce this timeline, as the platform continuously aggregates and analyzes transaction and control data. Meaning compliance officers and immediately:

  • Identify the full population of potentially impacted transactions

  • Reconstruct control execution timelines

  • Highlight recurring patterns or systemic weaknesses

  • Trace data changes and override histories

  • Quantify the risk exposure


This allows compliance leaders to move quickly from suspicion to structured assessment.

Instead of asking, “What happened?” over weeks of forensic effort, they can ask, “How broad is the issue?”, "What else is related", and "What can we do to ensure it doesn't happen again."


Preparing the Voluntary Disclosure


Historically, assembling this information has required large internal teams or costly external advisers. Data must be pulled from disparate systems. Emails and transaction logs must be reconciled. Organization and quick access to information is also critical, as the cost of investigations can rise quickly as legal fees and internal resource commitments mount.


Regulators typically expect:

  • A clear description of the violation

  • The affected transactions

  • The root cause

  • The scope of impact

  • The corrective actions taken

  • Evidence of control enhancements


In many enforcement frameworks, mitigation credit depends on the completeness and credibility of the disclosure. Regulators increasingly look for:

  • Evidence of continuous monitoring

  • Documentation of internal escalation

  • Clear root-cause analysis

  • Concrete remediation measures

  • Ongoing effectiveness testing


A data-driven governance platform enables a company to present not only the violation but the robust compliance framework and system that detected the issue. In a VSD context, that distinction can matter greatly, as it creates a defensible narrative: the issue was detected internally; it was investigated promptly; corrective measures were implemented; and their effectiveness is being monitored.


Strategic Use of External Resources

None of this eliminates the need for external counsel when things go wrong. In significant matters, like manaing VSDs, legal guidance remains essential.


But technology can reduce the volume and scope of external work, ensuring that they are focusing on the important legal interpreation and strategy, not just reviewing documents and "looking for a needle in a haystack." When companies can rapidly provide external counsel with clearly triaged issues, complete transaction data, control execution evidence, and root-cause analytics they shorten investigative timelines and limit redundant fact-finding exercises. The result is not merely cost containment but more strategic use of legal resources.


Always Audit Ready


Voluntary disclosures are not isolated events. They often trigger follow-up inquiries, independent audits or extended oversight periods. A recurring concern among compliance officers is that the organization becomes temporarily “investigation-ready” but then drifts back into previous patterns of working.


Continuous governance systems aim to prevent that. By embedding control monitoring and risk analytics into daily operations, SEIA PERCEIVE allows companies to maintain what can be described as a standing audit posture. Control execution is tracked continuously. Data integrity is measured. Override patterns are monitored. Residual risk is quantified over time. This reduces dependence on episodic reviews and decreases the scramble that often accompanies regulatory requests.


Voluntary self-disclosure programs reward transparency. But transparency is difficult without visibility. In a regulatory climate where enforcement is global and reputational stakes are high, for companies navigating complex trade environments, data driven assurance is critical.


Contact us today to learn more about SEIA PERCEIVE, and how data analytics can empower your organization.


 
 
bottom of page