Apple fined $467k fine for violating US sanctions

Apple showed “reckless disregard for U.S. sanctions requirements.


Apple has agreed to pay $467,000 to the U.S. Treasury Department for violating sanctions of the U.S. government. The company inadvertently violated the sanction by entering into an app development agreement with a Slovenian developer almost two years ago.

The Office of Foreign Assets Control (OFAC) banned SIS d.o.o, an app development firm in Trzin, Slovenia in 2015 for being a part of an international steroid trafficking network. Savo Stjepanovic was also banned since he was the majority owner of the firm. This meant that none of the U.S. companies and individuals could deal with them. The ban was removed from them in May 2017.

However, during the ban, Apple made 47 payments to SIS for its apps on the App Store. It also collected about $1.2 million from customers who had downloaded apps from SIS. Due to the failure to comply with the U.S. sanctions, the company will have pay a $467,000 fine.

OFAC could have assessed Apple a penalty of $74 million for the violations. However, the agency took into account several mitigating factors, including Apple’s voluntary self-disclosure upon learning the violations, the lack of previous OFAC violations and its cooperation with the agency’s investigation.

Since the violations, Apple also increased the role of its global export and sanctions compliance senior manager in the review process, reconfigured its sanctions screening tool to “fully capture” spelling and capitalisation variations and implemented mandatory export and sanctions regulations training for all employees, OFAC said.

According to Apple, it was a simple screening error on Apple’s part which led to their mistake.

On the day Mr. Stjepanovic and SIS were blacklisted, Apple ran the new designations against its app developer account holder names. But the company’s sanctions-screening tool failed to identify SIS as a blacklisted entity because Apple’s system listed the company as “SIS DOO,” rather than “SIS d.o.o” on OFAC’s list, according to the agreement.

Apple allegedly failed to identify Mr. Stjepanovic as a blacklisted individual in its system as well, because Apple didn’t screen all individual users associated with an App Store account at the time, according to the agreement.

It was only after Apple changed its screening process in February 2017 that it discovered SIS was blacklisted by the OFAC. The company immediately suspended making any payments to the firm but continued doing so to other firms that were linked to SIS’s apps.

The OFAC did credit Apple for its voluntary disclosure of the violations but also said that it showed “reckless disregard for U.S. sanctions requirements.”

Please Login to comment
Notify of

Rapid Mobile uses cookies, tokens, and other third party scripts to recognise visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.


By continuing to use our site or clicking Agree, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalised ads and other purposes, as described more fully in our privacy policy.


You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.


Privacy Settings saved!
Cookie Services

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and enable essential services and functonality, including identify verification, service continuity and site security. Opt out is not availabe.

Essential Session management cookies for logged in users
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

For perfomance reasons we use Cloudflare as a CDN network. This saves a cookie "__cfduid" to apply security settings on a per-client basis. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.
  • __cfduid

Used by Spamshield to stop spam signups
  • _wpss_h_
  • _wpss_p_

NewsWire Service
  • BIGipServerwidget2_www_http

Decline all Services
Accept all Services