InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
U.S. and Israel form partnership to combat ransomware; U.S. enters cybersecurity initiative with France
On November 14, the U.S. Treasury Department announced the establishment of a bilateral partnership with the Israeli Ministry of Finance as part of the Biden Administration’s efforts to crackdown on ransomware. The partnership is part of the U.S.-Israeli Task Force on Fintech Innovation and Cybersecurity, which was launched the same day. During the launch of the partnership, Treasury Department Deputy Secretary Wally Adeyemo and Israeli counterparts affirmed their commitment for encouraging robust fintech innovation and reinforced the importance of working together to combat cyber threats posed by nation-state and criminal actors to the global economy. The Task Force will take several measures, including immediately developing a Memorandum of Understanding that will support “(1) permissible information sharing related to the financial sector, including cybersecurity regulations and guidance, cybersecurity incidents, and cybersecurity threat intelligence; (2) staff training and study visits to promote cooperation in the area of cybersecurity and the financial system; and, (3) competency-building activities such as the conduct of cross-border cybersecurity exercises linked to global financial institutions financial and investment flows.” The Task Force also plans to launch a series of expert technical exchanges to support fintech innovation and examine ways cyber-analytics firms and fintech/regtech innovations are developing new measures to combat illicit finance risk and enhance public sector analytical and enforcement activities. According to Adeyemo, international cooperation is vital for addressing virtual currency abuses and disrupting the ransomware business model.
Separately, on November 10, Vice President Kamala Harris announced, among other initiatives, an international cybersecurity initiative with France to combat cyber threats. Harris stated that the U.S. will support the Paris Call for Trust and Security in Cyberspace, which the White House described as “a voluntary commitment to work with the international community to advance cybersecurity and preserve the open, interoperable, secure, and reliable internet.” According to the announcement, the U.S. “looks forward to continued partnership with France and other governments, private sector, and civil society around the world to advance and promote norms of responsible behavior in cyberspace.” Harris’ announcement builds on recent counter-ransomware actions taken to increase international cooperation to combat cybercrime. (Covered previously by InfoBytes here.)
OFAC designates entities and individuals, issues general license and related Ethiopian FAQs
On November 12, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order (E.O.) 14046 against four entities and two individuals associated with the military conflict and human rights crisis in Ethiopia. OFAC noted that the E.O., which was signed by President Biden on September 17, authorized targeting of actors that contribute to the ongoing crisis in Ethiopia and is not directed at Ethiopian or Eritrean people (covered by InfoBytes here). As a result of the sanctions, all property and interests in property belonging to the sanctioned entities and individuals subject to U.S. jurisdiction are blocked and must be reported to OFAC. OFAC further noted that no entity is to be blocked “pursuant to E.O. 14046 solely because it is owned in whole or in part, directly or indirectly, by one or more sanctioned persons, unless the entity is itself a sanctioned person.”
The same day, OFAC issued Ethiopia General License 4, “Authorizing the Wind Down of Transactions Involving Hidri Trust or Red Sea Trading Corporation,” which are two of the four entities for which sanctions were announced. Ethiopia General License 4 authorizes “all transactions and activities prohibited by Executive Order (E.O.) 14046 that are ordinarily incident and necessary to the wind down of transactions involving Hidri Trust or Red Sea Trading Corporation” through December 14, provided certain criteria are met. OFAC also updated FAQ 927, which provides clarification on non-U.S. persons’ risk exposure to U.S. sanctions for engaging in transactions and activities that would be authorized for U.S. persons pursuant to the prior E.O. of September 17. Additionally, OFAC published two new FAQs (935 and 936), which provide further information on Ethiopia-related sanctions.
FinCEN final rule updates reporting and recordkeeping requirements
On November 15, the Financial Crimes Enforcement Network (FinCEN) published a final rule in the Federal Register, which updates regulation 31 CFR 1010.370 to mirror statutory amendments to Section 5326 of the Bank Security Act (BSA). Specifically, Section 5326 has been amended three times (in 1992, 2001, and 2017) to expand the authority of the Secretary of the Department of the Treasury. The final rule updates the regulation to reflect the subsequent statutory amendments by, among other things, updating the authority of FinCEN to issue orders imposing additional reporting and recordkeeping requirements on financial institutions and nonfinancial trades or businesses in a geographic area. The final rule also notes that since the amendments promulgated by the rule conform the regulation to the statute and reflect no discretionary or substantive determination, no public comment was solicited; therefore, the final rule is effective immediately.
President Biden extends national emergency prohibiting securities investments in Chinese military companies
On November 9, President Biden issued a notice, extending for one year, the national emergency declared pursuant to Executive Order (E.O.) 13959, as expanded by E.O. 14032, involving securities investments related to Chinese military companies. As previously covered by InfoBytes, E.O. 14032 generally prohibits U.S. persons from “the purchase or sale of any publicly traded securities, or any securities that are derivative of such securities, or are designed to provide investment exposure to such securities, of” any listed Chinese military company. The E.O. also establishes deadlines for divestment of investments in companies currently listed as Chinese military companies as well as companies that later may be added to the list of Chinese military. Among other things, E.O. 14032 also prohibits any transactions by U.S. persons or within the U.S. that evade or avoid, have the purpose of evading or avoiding, cause a violation of, or attempt to violate the provisions set forth in the order, as well as any conspiracy to violate any of these prohibitions.
In continuing the national emergency underlying these actions and extending E.O. 14032, Biden stated the “threat from securities investments that finance certain companies of the [People’s Republic of China] and certain uses and development of Chinese surveillance technology continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.”
OFAC issues Cambodia advisory; sanctions Cambodian officials
On November 10, OFAC published a Cambodia Business Advisory on High-Risk Investments and Interactions, which addresses two primary areas of risk exposure for U.S. companies: (i) illicit finance activities in Cambodia and related risks for certain sectors; and (ii) involvement with Cambodian entities connected to trafficking in persons, wildlife, and narcotics trafficking in Cambodia and associated risks for certain sectors.
The same day, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13818 against two Cambodian government officials under the Global Magnitsky Human Rights Accountability Act. According to OFAC, the sanctioned individuals, among other things, allegedly conspired to inflate the cost of facilities at a Cambodian naval base and personally benefit from the proceeds.
UAE bank fined $100 million for Sudanese sanctions violations
On November 9, NYDFS announced that a United Arab Emirates bank will pay a $100 million penalty to resolve an investigation into payments it allegedly processed through financial institutions in the state, including one of the bank’s New York branches. These transactions, NYDFS stated, were in violation of Sudan-related U.S. sanctions. According to NYDFS’ investigation, the bank instructed employees to avoid including certain details in messages sent between banks that would have linked the transactions to Sudan. By concealing these details, the transactions bypassed other banks’ sanctions filters, which otherwise might have triggered alerts or transaction freezes, NYDFS said. As a result, between 2005 and 2009, the bank illegally processed more than $4 billion of payments tied to Sudan. Following an announcement in 2009 that a Swiss bank used by the bank to process these transactions was being investigated by the New York County District Attorney’s Office for violating economic sanctions rules, the bank closed all U.S. dollar accounts held by Sudanese banks, but failed to disclose the prohibited transactions to NYDFS as required until 2015. NYDFS asserted that “despite having ample notice of the prohibited nature of the Sudan-related [transactions] by 2009,” the bank’s New York branch processed an additional $2.5 million in Sudan-related payments. Under the terms of the consent order, the bank—which was previously cited by NYDFS for anti-money laundering and sanctions compliance deficiencies in a 2018 consent order that included a $40 million fine—is also required to provide a status report on its U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) compliance program, in addition to paying the $100 million penalty. NYDFS acknowledged the bank’s substantial cooperation and ongoing remedial efforts.
NYDFS coordinated its investigation with the Federal Reserve Board and OFAC, both of which announced separate settlements with the UAE bank the same day. The Fed’s announcement of its order to cease and desist cites the bank for having insufficient policies and procedures in place to ensure that activities involving branches outside the U.S. were in compliance with U.S. sanctions laws. Under the terms of the order, the bank is required, among other things, to implement an enhanced compliance program to ensure global compliance with U.S. sanctions, and must also conduct annual reviews, including a “risk-focused sampling” of its U.S. dollar payments, led by an independent external party. The order did not include any additional monetary penalties for the bank.
OFAC also issued a finding of violation (FOV) for violations of the now-repealed Sudanese Sanctions Regulations related to the bank’s actions. These violations included 1,760 transactions that involved USD transfers from Sudanese banks that were processed by the bank’s London branch and routed through U.S. banks. In determining that the appropriate administrative action was an FOV rather than a civil monetary penalty, OFAC stated the bank “voluntarily entered into a retroactive statute of limitations waiver agreement, without which OFAC would have been time-barred from charging the violations.” Because the payment messages did not include the originating Sudanese bank, U.S. correspondent banking partners “could not interdict the payments, and the payments were successfully processed through the U.S. financial system,” OFAC stated. However, OFAC credited the bank with providing substantial cooperation during the investigation, and noted that the bank had taken “extensive remediation” efforts before the investigation began in 2015, and has spent more than $122 million on compliance enhancements.
OFAC issues new Syria sanctions FAQ
On November 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published new Syria FAQ 934, which relates to the United Nations and the U.S. government's stabilization and early recovery-related activities and transactions involving Syria. According to OFAC, the Syrian Sanctions Regulations (SySR) § 542.513 permit, under certain conditions, “the United Nations, its Specialized Agencies, Programmes, Funds, and Related Organizations and their employees, contractors, or grantees to engage in all transactions and activities in support of their official business in Syria, including any stabilization and early recovery-related activities and transactions in support of their official business.” This authorization applies to all United Nations employees, grantees, and contractors carrying out the official business of the United Nations, specialized agencies, programmes, funds, and related organizations. This includes nongovernmental organizations and private sector entities that act as grantees or contractors.
FAQ 934 also reiterates advice from FAQ 884 that non-U.S. persons, including nongovernmental organizations and foreign financial institutions “do not risk exposure to U.S. secondary sanctions pursuant to the Caesar Syria Civilian Protection Act of 2019” for activities that would be authorized for U.S. persons under the SySR. (Covered by InfoBytes here.)
Treasury and DOJ announce sanctions and charges in ransomware attacks, FinCEN updates ransomware guidance
On November 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13694 as amended against two ransomware operators and a virtual currency exchange network. According to OFAC, the virtual currency exchange, and its associated support network, are being designated for allegedly facilitating financial transactions for ransomware actors. OFAC is also designating two individuals allegedly associated with perpetuating ransomware incidents against the U.S., and who are part of a cybercriminal group that has engaged in ransomware activities and has received over $200 million in ransom payments. As a result of the sanctions, “all property and interests in property of the designated targets that are subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them” and “any entities 50 percent or more owned by one or more designated persons are also blocked.” According to OFAC, the sanctions are a part of a set of actions focused on disrupting criminal ransomware actors and virtual currency exchanges that launder the proceeds of ransomware, which “advance the Biden Administration’s counter-ransomware efforts to disrupt ransomware infrastructure and actors and address abuse of the virtual currency ecosystem to launder ransom payments.” Additionally, the DOJ announced charges against the sanctioned individuals under OFACs designations, seizing approximately $6.1 million in alleged ransomware payments.
The same day, FinCEN issued an advisory, which updated and replaced its October 1, 2020 Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments (covered by InfoBytes here). The updated advisory is in response to the recent increase in ransomware attacks against critical U.S. infrastructure. The updated advisory also reflects information released by FinCEN in its Financial Trend Analysis Report, which discusses ransomware trends and includes information on current trends and typologies of ransomware and associated payments as well as recent examples of ransomware incidents. Additionally, the updated advisory describes financial red flag indicators of ransomware-related illicit activity to assist financial institutions in identifying and reporting suspicious transactions related to ransomware payments, consistent with obligations under the Bank Secrecy Act.
OCC, Fed, and Treasury issue statements on climate change
On November 3, the OCC, the Federal Reserve, and the U.S. Treasury Department released statements expressing support for the Network for Greening the Financial System (NGFS) Glasgow Declaration. OCC acting Comptroller Michael J. Hsu noted in a statement that the OCC is developing “high-level climate risk management supervisory expectations for large banks” and expects to issue the framework guidance for comment “by the end of the year.” Hsu also noted that the OCC will implement recommendations of the FSOC Climate Change Report, which was released in response to President Biden’s May executive order, and directed financial regulators to take steps to mitigate climate-related risk related to the financial system (covered by InfoBytes here). In a statement by Treasury Secretary Yellen, she discussed the importance of tackling climate change, stating that it is “the greatest economic opportunity of our time,” and noted the U.S. is “calling on the multilateral development banks to increase their efforts.” The Fed noted in a statement that it is committed to understanding and addressing climate change and, furthermore, “will address climate-related risks in an analytically rigorous, transparent, and collaborative way through our domestic work with other federal agencies including the Financial Stability Oversight Council; our international engagement through the Financial Stability Board, the Basel Committee on Banking Supervision, and the NGFS; and through our broad and transparent engagement with the private sector.”
OFAC sanctions IRGC-connected entities
On October 29, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order (E.O.) 13224, as amended, as well as E.O. 13382, against members of a network of companies and individuals that supported Iran’s Islamic Revolutionary Guard Corps (IRGC) and its expeditionary unit, the IRGC Qods Force (IRGC-QF). The IRGC-QF used and proliferated lethal Unmanned Aerial Vehicles (UAVs) for use by Iran-supported terrorist groups, and to Ethiopia, where a crisis threatens to destabilize the region. Additionally, deadly UAVs were utilized in attacks on international shipping and on the U.S. OFAC also announced sanctions against the commander of the IRGC Aerospace Force (IRGC ASF) UAV Command who allegedly directs the planning, equipment, and training for IRGC ASF UAV operations. As a result of the sanctions, all property and interests in property belonging to the sanctioned individual subject to U.S. jurisdiction are blocked. U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons.