InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
U.S. issues warning on North Korean hackers targeting banks worldwide
On August 26, a joint alert was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Treasury Department, the FBI, and U.S. Cyber Command warning that since February 2020, North Korean hackers have resumed targeting banks worldwide through the use of fraudulent international money transfers and ATM cash-outs. The alert provides an “overview of North Korea’s extensive, global cyber-enabled bank robbery scheme, a short profile of the group responsible for this activity, in-depth technical analysis, and detection and mitigation recommendations to counter this ongoing threat to the Financial Services sector.” The North Korean hackers, the alert notes, were responsible for stealing $81 million from a Bangladeshi bank in 2016, and have engaged in fraudulent ATM cash-outs affecting upwards of 30 countries in a single incident. According to the alert, the hackers’ “international robbery scheme” poses “severe operational risk” for individual banks beyond reputational harm and financial losses. A robbery directed at one bank may implicate multiple banks “in both the theft and the flow of illicit funds back to North Korea,” the alert warns. The hackers “initially targeted switch applications at individual banks with FASTCash malware but, more recently, have targeted at least two regional interbank payment processors,” the alert states, cautioning that this suggests the hackers “are exploring upstream opportunities in the payments ecosystem.”
OFAC sanctions investors supporting Syrian government
On July 29, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against one individual and nine entities for providing significant investment support to the Syrian government. OFAC noted that, among other things, the designated individual and his companies knowingly provided “significant financial, material, or technological support to, or knowingly engag[ed] in a significant transaction with, the Government of Syria (including any entity owned or controlled by the Government of Syria) or a senior political figure of the Government of Syria.” As a result, all property and interests in property belonging to the designated persons and subject to U.S. jurisdiction are blocked and must be reported to OFAC. OFAC further noted that its regulations “generally prohibit all dealings by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated persons,” and warned that non-U.S. persons that engage in transactions with the designated persons may expose themselves to designation. OFAC also referenced a previously published Fact Sheet (covered by InfoBytes here), which highlights the most pertinent exemptions, exceptions, and authorizations for humanitarian assistance and trade under the Syria, Iran, Venezuela, North Korea, Cuba, and Ukraine/Russia-related sanctions programs to ensure humanitarian-related trade and assistance reaches at-risk populations through legitimate and transparent channels during the global Covid-19 pandemic.
DOJ sues companies for laundering funds for North Korean banks
On July 23, the DOJ announced it filed a complaint in the U.S. District Court for the District of Columbia, alleging that four companies engaged in a scheme to launder U.S. dollars on behalf of sanctioned North Korean banks and seeking forfeiture of $2,372,793. The DOJ claims that the North Korean banks illegally accessed the U.S. financial market and used the companies to make and receive U.S. dollar payments to and from North Korean front companies. According to the DOJ, the complaint “illuminates how a global money laundering network coordinates with front companies to move North Korean money through the [U.S.] and violate the sanctions imposed by [the] government on North Korea.” The DOJ further refers to a United Nations Panel of Experts statement that North Korean networks access formal banking channels by, among other things, maintaining correspondent bank accounts and representative offices abroad staffed by foreign nationals that make use of front companies, which permit North Korean banks “to conduct illicit procurement and banking activity.”
UAE manufacturer settles OFAC, DOJ charges for apparent North Korean sanctions violations
On July 16, a United Arab Emirates cigarette filter and tear tape manufacturer settled OFAC and DOJ charges for apparent violations of the North Korea Sanctions Regulations (NKSR) 31 C.F.R. part 510 and the International Emergency Economic Powers Act (IEEPA). According to OFAC’s release, the company allegedly violated the NKSR by (i) engaging in deceptive practices in order to export cigarette filters to North Korea through a network of front companies in China and other countries; and (ii) receiving three wire transfers totaling more than $330,000 in accounts at a U.S. bank’s foreign branch as payment for exporting the filters. OFAC noted that the conduct leading to the apparent violations included aggravating factors such as (i) the company’s senior manager and customer-facing employee willfully violated the NKSR by agreeing to, among other things, transact with non-North Korean front companies to conceal the North Korea connection despite a company policy that “warned that its banks would not handle transactions with sanctioned jurisdictions” including North Korea; and (ii) the senior manager and customer-facing employee were aware that the filters would be sent to North Korea. OFAC also considered various mitigating factors, including that the company substantially cooperated with OFAC’s investigation and agreed to provide ongoing cooperation. Under the terms of the settlement agreement, the company is required to pay a $665,112 civil monetary penalty to OFAC, which will be deemed satisfied by payment of the fine assessed by the DOJ arising out of the same conduct.
In the parallel criminal enforcement action, the company entered into a deferred prosecution agreement with the DOJ, accepting responsibility for its criminal conduct and agreeing to pay a $666,543.88 fine. According to the DOJ, this is the Department’s first corporate enforcement action for violations of the IEEPA. In addition, the company agreed to, among other things, fully cooperate with any investigation, implement a compliance program designed to prevent and detect any future violations of U.S. economic sanctions regulations, provide quarterly reports to the DOJ regarding the status of compliance improvements, provide OFAC-related training, and annually certify to OFAC that it has implemented and has continued to uphold its compliance-related commitments.
OFAC settles with global e-commerce, digital service provider over multiple sanctions violations
On July 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $134,523 settlement with a Washington-based company that provides retail, e-commerce, and digital services worldwide. According to OFAC, due to deficiencies in the company’s sanctions screening process, between 2011 and 2018, the company provided goods and services to OFAC sanctioned persons; to persons located in the sanctioned region or countries of Crimea, Iran, and Syria; and “for persons located in or employed by the foreign missions of Cuba, Iran, North Korea, Sudan, and Syria.” Additionally, the company allegedly accepted and processed orders that primarily consisted of low-value retail goods and services from persons listed on OFAC’s List of Specially Designated Nationals and Blocked Persons who were blocked pursuant to sanctions regulations involving the Democratic Republic of Congo, Venezuela, Zimbabwe, among others. These apparent violations occurred “primarily because [the company’s] automated sanctions screening processes failed to fully analyze all transaction and customer data relevant to compliance with OFAC’s sanctions regulations,” OFAC stated, claiming the company also “failed to timely report several hundred transactions conducted pursuant to a general license issued by OFAC that included a mandatory reporting requirement, thereby nullifying that authorization with respect to those transactions.”
In arriving at the settlement amount, OFAC considered various mitigating factors, including that the apparent violations were non-egregious and (i) the company voluntarily disclosed the violations and cooperated with the investigation; and (ii) the company has undertaken significant remedial efforts to address the deficiencies and to minimize the risk of similar violations from occurring in the future.
OFAC also considered various aggravating factors, including that the company failed to exercise due caution or care to ensure its sanctions screening process was able to properly flag transactions involving blocked persons and sanctioned jurisdictions. “This case demonstrates the importance of implementing and maintaining effective, risk-based sanctions compliance controls,” OFAC stated. “[G]lobal companies that rely heavily on automated sanctions screening processes should take reasonable, risk-based steps to ensure that their processes are appropriately configured to screen relevant customer information and to capture data quality issues.”
OFAC sanctions investors supporting Syrian government
On June 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against 24 individuals and entities for providing significant investment support to the Syrian government. According to OFAC, the designations include Treasury’s “first implementation of sanctions pursuant to the Caesar Syria Civilian Protection Act of 2019,” and involve actions taken against a holding company, a private sector investment venture, and luxury tourism developments. Concurrent with OFAC’s sanctions, the U.S. State Department also designated 15 persons, including President Bashar al-Assad and his wife, pursuant to Executive Order 13984, which focuses on persons identified as “obstructing, disrupting, or preventing a ceasefire or a political solution to the Syrian conflict.” As a result, all property and interests in property belonging to the designated persons and subject to U.S. jurisdiction are blocked and must be reported to OFAC. OFAC further noted that its regulations “generally prohibit all dealings by U.S. persons or those within (or transiting) the United States that involve any property or interests in property of designated persons,” and warned non-U.S. persons that engage in transactions with the designated persons may expose themselves to designation. OFAC also referenced a previously published Fact Sheet (covered by InfoBytes here), which highlights the most pertinent exemptions, exceptions, and authorizations for humanitarian assistance and trade under the Iran, Venezuela, North Korea, Syria, Cuba, and Ukraine/Russia-related sanctions programs to ensure humanitarian-related trade and assistance reaches at-risk populations through legitimate and transparent channels during the global Covid-19 pandemic.
Global advisory addresses illicit shipping and sanctions evasion practices
On May 14, the U.S. Departments of State and Treasury, along with the U.S. Coast Guard, issued a global advisory warning the maritime industry of deceptive shipping practices used by Iran, North Korea, and Syria to evade economic sanctions. The “Sanctions Advisory for the Maritime Industry, Energy and Metals Sectors, and Related Communities” expands upon previously issued advisories and discusses due diligence approaches that entities, including financial institutions, should employ to monitor illicit activity and mitigate the risk of potentially engaging in prohibited activities or transactions. Among other things, the advisory provides a list of general compliance practices that may help entities “in more effectively identifying potential sanctions evasion.” These include: (i) institutionalizing sanctions compliance programs; (ii) establishing Automatic Identification System (AIS) best practices and contractual requirements to monitor for manipulations and disruptions, which may be an indication of potential illicit or sanctionable activity; (iii) monitoring ships throughout the entire transaction lifecycle, including those leased to third parties; (iv) knowing your customers and counterparties; (v) exercising supply chain due diligence; (vi) incorporating these best practices into contractual language; and (vii) engaging in industry information sharing of challenges, threats, and risk mitigation measures.
See here for previous InfoBytes coverage on global shipping advisories.
OFAC clarifies North Korea SDNs
On May 13, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) provided clarifying text related to the modified North Korea Sanctions and Policy Enforcement Act (covered by InfoBytes here), which bars foreign subsidiaries of U.S. financial institutions from knowingly engaging in transactions with Specially Designated Nationals (SDNs) identified under North Korea-related authorities. OFAC added the following text to 490 SDN records to assist the private sector in identifying persons that have been so designated: “Transactions Prohibited For Persons Owned or Controlled by U.S. Financial Institutions: North Korea Sanctions Regulations section 510.214.”
Special Alert: OFAC encourages humanitarian aid, promises consideration of Covid-19 compliance challenges
The Department of the Treasury’s Office of Foreign Assets Control recently took two actions to address the impact of Covid-19. First, OFAC issued a fact sheet that consolidates existing authorizations and guidance permitting humanitarian, agricultural, and medical aid to six jurisdictions subject to sanctions. Second, OFAC encouraged companies facing compliance challenges due to Covid-19 to shift resources to higher-risk areas, noting that it would take this move into consideration if it leads to a violation during the pandemic. Companies facing compliance challenges may wish to consider such a shift, while documenting their risk-based rationale for doing so.
Humanitarian fact sheet
Last week, OFAC issued a fact sheet regarding the provision of Covid-19-related assistance under its Iran, Cuba, North Korea, Syria, Ukraine/Russia, and Venezuela sanctions regimes. The fact sheet made no changes to existing laws and guidance, but consolidated existing licenses, exemptions, authorizations, and related FAQs relevant to humanitarian aid and medical equipment for these regimes. The fact sheet should prove to be a valuable resource for financial institutions and other organizations confronting a wave of transactions to provide personal protective equipment to sanctions-targeted jurisdictions wracked by Covid-19, while complying with OFAC regulations.
Multiagency advisory warns of North Korean cyber-threat to international finance system
On April 15, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), in conjunction with the Departments of State and Homeland Security and the Federal Bureau of Investigation, issued an advisory warning that North Korea’s (DPRK) cyber activities—including cybertheft, money laundering, extortion, and cryptojacking—“pose a significant threat to the integrity and stability of the international finance system.” These activities, the agencies caution, highlight DPRK’s use of cyber-enabled means to generate revenue while mitigating the impact of OFAC-imposed sanctions. In addition to providing examples of cyber activities that target the international financial sector and DPRK state-sponsored cyber incidents, the advisory also outlines recommended measures that governments, industry, civil society, and individuals can take to counter DPRK cyber threats. These include (i) raising awareness; (ii) sharing technical information; (iii) implementing and promoting cybersecurity best practices; (iv) notifying law enforcement; and (v) strengthening anti-money laundering, countering the financing of terrorism, and counter-proliferation financing compliance. The agencies reiterate the consequences of engaging in prohibited and sanctionable conduct, and remind individuals and entities that OFAC has the authority to impose sanctions on any persons found to have engaged in conduct supporting DPRK cyber-related activity. The agencies also point out that foreign financial institutions that knowingly conduct or facilitate significate trade or transactions on behalf of a designated person for DPRK-related activity, may “lose the ability to maintain a correspondent or payable-through account in the [U.S.]”