InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OFAC sanctions Iranian entities for petrochemicals and petroleum sales
On September 26, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13846 against an international network of companies involved in the sale of Iranian petrochemicals and petroleum products in South and East Asia. According to OFAC, the designations target Iranian brokers and several front companies in the UAE, Hong Kong, and India that have facilitated financial transfers and shipping of Iranian petroleum and petrochemical products. OFAC also noted that the sanctioned entities have played a critical role in concealing the origin of the Iranian shipments and enabling two sanctioned Iranian brokers to transfer funds and ship Iranian petroleum and petrochemicals to buyers in Asia. In addition to OFAC’s designations, the State Department is designating two entities based in the People’s Republic of China for their involvement in Iran’s petrochemical trade. As a result of the sanctions, all property and interests in property belonging to the sanctioned persons subject to U.S. jurisdiction are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons unless authorized by an OFAC general or specific license. Persons that engage in certain transactions with the individuals or entities designated today may themselves be exposed to designation. Additionally, OFAC warned that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
OFAC reports on licensing activities
On September 27, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced its Quarterly Reports of Licensing Activities pursuant to Section 906(b) of the Trade Sanctions Reform and Export Enhancement Act of 2000 (TSRA), covering activities undertaken by OFAC under Section 906(a)(1) of the TSRA from April 2019 through September 2021. According to OFAC, as required by TSRA-related regulations, OFAC processes license applications requesting authorization to export agricultural commodities, medicine, and medical devices to Iran and Sudan under the specific licensing regime set forth in Section 906 of the TSRA.
OFAC settles with banks for multiple sanctions violations
On September 26, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $720,258 settlement with an indirect subsidiary of a Switzerland-based bank for allegedly processing transactions in violation of the Cuba, Ukraine-related, Iran, Sudan, and Syria sanctions programs. According to OFAC’s web notice, from April 2013 to April 2016, the bank processed 273 transactions totaling approximately $3,076,180 on behalf of individuals residing in Cuba, Crimea, Iran, Sudan, and Syria. Specifically, OFAC noted that customers in sanctioned jurisdictions were able to continue to purchase and sell securities through the U.S. financial system and to receive related dividend and interest payments until the bank took further steps to prevent such payments.
In arriving at the settlement amount of $720,258, OFAC considered various aggravating factors, including that bank personnel “had reason to know they were processing transactions through the U.S. financial system for individual customers located in comprehensively sanctioned jurisdictions based on the underlying [know-your-customer (KYC)] data obtained by [the bank], which included address information indicating the customers’ location,” and “conferred approximately $3,076,180 in economic benefit to persons in Cuba, Crimea, Iran, Sudan, and Syria,” which caused harm to multiple sanctions programs' integrity. OFAC also considered various mitigating factors, including that the bank cooperated with OFAC throughout the investigation, and has undertaken remedial measures intended to minimize the risk of recurrence of similar conduct.
Separately, the same day OFAC announced a $401,039 settlement with a different indirect subsidiary of the Switzerland-based bank for allegedly processing transactions in violation of the Cuba, Ukraine-related, Iran, Sudan, and Syria sanctions programs. According to OFAC’s web notice, from December 2011 until July 2016, the bank processed 426 transactions totaling approximately $1,233,967 on behalf of individuals ordinarily resident in Cuba, Iran, and Syria.
In arriving at the settlement amount of $401,039, OFAC considered various aggravating factors, including that bank personnel “had reason to know they were processing transactions through the U.S. financial system for individual customers located in comprehensively sanctioned jurisdictions based on the underlying KYC data [the bank had] obtained,” and the bank “conferred approximately $1,233,967 in economic benefit to persons in Cuba, Iran, and Syria,” which caused harm to multiple sanctions programs' integrity. OFAC also considered various mitigating factors, including that the bank cooperated with OFAC throughout the investigation, and has undertaken remedial measures intended to minimize the risk of recurrence of similar conduct.
OFAC issues Iran GL and related FAQs
On September 23, the U.S. Treasury Department issued Iran General License D-2, General License with Respect to Certain Services, Software, and Hardware Incident to Communications General License (GL), to add further authorizing guidance in line with changes in modern technology since the issuance of Iran GL D-1. According to Treasury, the Iranian government cut off Internet access for most of its citizens to prevent the viewing of its violent crackdown on peaceful protestors, provoked by the death of an individual in the custody of Iran’s Morality Police. Treasury further noted that the U.S. supports “the free flow of information and access to fact-based information to the Iranian people.” Highlights of the extended GL includes, among other things: (i) additional covered categories of software/services; (ii) additional authorization for the services that support the communication tools to assist ordinary Iranians in resisting repressive internet censorship and surveillance tools deployed by the Iranian regime; and (iii) the continued authorization of anti-virus and anti-malware software, anti-tracking software, mobile operating systems and related software, and anti-censorship tools and related software. The GL is effective immediately. The same day, Treasury published three frequently asked questions, which clarify GL D-2 and other information on Iran sanctions.
OFAC sanctions Iran’s Morality Police and senior security officials for human rights violence
On September 22, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13553 against Iran’s Morality Police along with seven senior leaders who oversee Iran’s security organizations. These designations were taken in response to recent abuse and violence against Iranian women and violence against peaceful protestors and members of Iranian civil society, among others. “Today’s action to sanction Iran’s Morality Police and senior Iranian security officials responsible for this oppression demonstrates the Biden - Harris Administration’s clear commitment to stand up for human rights, and the rights of women, in Iran and globally,” Secretary of the Treasury Janet Yellen said.
As a result of the sanctions, all property and interests in property belonging to the sanctioned persons that are in the U.S. or in the possession or control of U.S. persons must be blocked and reported to OFAC. U.S. persons are also prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, and “persons that engage in certain transactions with the individuals or entities designated today may themselves be exposed to designation,” OFAC said. Additionally, OFAC warned that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
CISA urges companies to take action to combat malicious cyber activity
On September 14, the Cybersecurity and Infrastructure Security Agency, along with several other federal agencies and international partners, released a joint cybersecurity advisory (CSA) highlighting continued malicious cyber activity taken by advanced persistent threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC). The CSA recommended that companies continually test their security programs to protect against longstanding online threats that may arise from IRGC-affiliated actors known for exploiting vulnerabilities for ransom operations. “Our unified purpose is to drive timely and prioritized adoption of mitigations and controls that are most effective to reducing risk to all cyber threats,” CISA said in its announcement. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson added that the U.S. Treasury Department “is dedicated to collaborating with other U.S. government agencies, allies, and partners to combat and deter malicious cyber-enabled actors and their activities, especially ransomware and cybercrime that targets economic infrastructure.” He noted that the CSA provides information on specific tactics, techniques, and procedures used by IRGC-affiliated actors, and advised both the public and private sector to use the information to strengthen cybersecurity resilience and reduce the risk of ransomware incidents. Organizations are encouraged to review a 2021 Treasury advisory, which highlights the sanctions risks associated with ransomware payments and provides steps for companies to take to mitigate the risk of being a victim of ransomware (covered by InfoBytes here).
OFAC sanctions individuals and entities connected to IRGC-QF
On September 14, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions as part of a joint action with the DOJ, Department of State, FBI, U.S. Cyber Command, National Security Agency, and Cybersecurity and Infrastructure Security Agency, against ten individuals and two entities for their roles in conducting malicious cyber acts, including ransomware activity. The individuals and entities designated are affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), which “is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities.” OFAC also noted that a joint cyber security advisory was published to highlight continued malicious cyber activity by advanced persistent threat actors that the authoring agencies assess are affiliated with IRGC. As a result of the sanctions, all property, and interests in property of the designated individuals and entities, “and of any entities that are owned, directly or indirectly, 50 percent or more by them, individually, or with other blocked persons, that are in the United States or in the possession or control of U.S. persons, must be blocked and reported to OFAC.” U.S. persons are generally prohibited from engaging in transactions with the designated persons. OFAC further warned that engaging in certain transactions with the individuals and entities designated today entails risk of additional sanctions.
OFAC sanctions Iranians involved in production of UAVs to Russia
On September 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Orders 13382 and 14024 against an Iran-based air transportation service provider, as well as three companies and one individual involved in the research, development, production, and procurement of Iranian unmanned aerial vehicles (UAVs) and UAV components. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson reiterated that the U.S. “is committed to strictly enforcing our sanctions against both Russia and Iran and holding accountable Iran and those supporting Russia’s war of aggression against Ukraine,” and stressed that the U.S. will “not hesitate to target producers and procurers who contribute to Iran and its IRGC’s UAV program, further demonstrating [the U.S.’s] resolve to continue going after terrorist proxies that destabilize the Middle East.” The sanctions follow designations implemented by OFAC last year against members of a network of companies and individuals that provided critical support to Iran’s Islamic Revolutionary Guard Corps Qods Force’s use of UAVs (previously covered by InfoBytes here).
As a result of the sanctions, all property and interests in property belonging to the sanctioned individuals and entities subject to U.S. jurisdiction are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons. Additionally, OFAC warned that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
OFAC sanctions Iran’s MOIS over cyber activities
On September 9, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order (E.O.) 13694 against Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for conducting malicious cyber-enabled activities targeting government and private-sector organizations and across various critical infrastructure sectors, including the U.S. and its allies. OFAC noted that in July, MOIS and the Iranian government sponsored cyber-threat actors who disrupted the Albanian government computer systems. OFAC previously flagged MOIS pursuant to E.O.s 13224, 13472, and 13553 for supporting multiple terrorist groups, as well as for commissioning serious human rights abuses against the Iranian people.
As a result of the sanctions, all property and interests in property belonging to the sanctioned targets that are in the U.S. or in the possession or control of U.S. persons, and “any entities that are owned 50 percent or more by one or more designated persons” are blocked. Additionally, U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license. Additionally, OFAC warned that “any foreign financial institution that knowingly conducts or facilitates a significant transaction for or on behalf of the persons designated today could be subject to U.S. correspondent or payable-through account sanctions.”
OFAC issues updated Iran general license and related FAQ
On August 25, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) issued Iran General License (GL) M-2, “Authorizing the Exportation of Certain Graduate Level Educational Services and Software,” which authorizes accredited graduate and undergraduate degree-granting academic institutions in the U.S. to engage with Iranian students in online educational services and exploration of software through September 1, 2023, provided certain criteria are met. OFAC also published an updated FAQ related to GL M-2. Effective August 25, GL M-2 supersedes and replaces GL M-1.