Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On September 23, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a final rule amending the Cuban Assets Control Regulations (CACR) to further implement portions of the President’s foreign policy to deny the Cuban regime sources of revenue. Among other things, the final rule (i) amends an interpretive provision and several general licenses regarding lodging and related transactions at certain properties in Cuba identified on the State Department’s “Cuba Prohibited Accommodations List,” including those owned or controlled by the Cuban government; (ii) amends four general licenses to restrict the importation of Cuban-origin alcohol and tobacco products into the U.S.; (iii) amends a general license to eliminate the authorization for U.S. persons to attend or organize professional meetings or conferences in Cuba (specific licenses may be issued on a case-by-case basis for certain transactions); and (iv) eliminates a general license that authorizes U.S. persons “to participate in or organize certain public performances, clinics, workshops, other athletic or non-athletic competitions, and exhibitions, and replaces it with a specific licensing policy” (again permitting the authorization of specific activities via specific license on a case-by-case basis). The final rule also makes several technical and conforming changes, and is effective September 24.
On September 22, the DOJ announced that a Florida-based asphalt company pleaded guilty to conspiracy to violate the anti-bribery provisions of the FCPA, agreeing to pay a $16.6 million criminal fine to resolve the charges. According to the information filed in the U.S. District Court for the Eastern District of New York, the company and its affiliates bribed foreign officials in Brazil, Venezuela, and Ecuador with millions of dollars in order to “obtain contracts to purchase or sell asphalt to the countries’ state-owned and state-controlled oil companies, in violation of the FCPA.” Between 2010 and 2015, to execute the bribery scheme in Brazil, the company entered into fake consulting agreements with intermediaries and sent international wires from company bank accounts to offshore bank accounts controlled by the bribe intermediaries. The intermediaries would then pay bribes to Brazilian government officials on the company’s behalf. In Venezuela, between 2012 and 2018, the company used similar fake consulting agreements to bribe Petróleos de Venezuela, S.A. (PDVSA) officials and used code names to hide the names of PDVSA officials in emails and texts. Lastly, in 2014, the company again used similar sham consulting arrangements to bribe Ecuador’s state-owned oil company to secure a contract to supply asphalt.
The announcement notes that the DOJ recently unsealed charges and guilty pleas of five individuals involved in the bribery scheme, including a company senior executive, a company trader, two bribe intermediaries, and a former PDVSA official. Additionally, the announcement states that a different company trader pleaded guilty in 2017 for his role in the scheme and a pending criminal complaint against a former PDVSA official was also recently unsealed in federal court.
On September 22, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against five key individuals for allegedly “facilitate[ing] the illegitimate Maduro regime’s efforts to undermine democracy in Venezuela.” The sanctions, issued pursuant to Executive Order 13692, reflect Treasury’s continued efforts to hold persons who offer support to the Maduro regime accountable. As a result, all property and interests in property belonging to the identified individuals subject to U.S. jurisdiction are blocked, and “any entities that are owned, directly or indirectly, 50 percent or more by the designated individuals, are also blocked.” U.S. persons are generally prohibited from dealing with any property or interests in property of blocked or designated persons.
On September 21, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) designated three high-ranking individuals of the Atomic Energy Organization of Iran (AEOI), numerous AEOI subsidiaries, equipment supply companies, and various senior officials working on Iran’s missile programs pursuant to Executive Order (E.O.) 13382, which allows for sanctions for engaging in or supporting the proliferation of weapons of mass destruction (WMD). As a result of the sanctions, all property and interests in property of the designated persons that are in the United States or in the possession or control of U.S. persons must be blocked and reported to OFAC. OFAC further warned foreign financial institutions that knowingly facilitating significant transactions or providing significant support to the designated entities may subject them to sanctions and could sever access to the U.S. financial system.
In addition, the U.S. Department of Treasury announced a new Executive Order titled, "Blocking Property of Certain Persons with Respect to the Conventional Arms Activities of Iran,” which authorizes the Secretary of the Treasury, in conjunction with the Secretary of State, to impose asset blocking sanctions on any person engaged in any activity that materially contributes to the supply, sale, or transfer of destabilizing conventional weapons and acquisition of arms and related materiel by Iran.
On September 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned an Iranian cyber threat group, 45 associated individuals, and one additional “front company” for allegedly being involved in a Government of Iran (GOI) malware campaign targeting international travel companies, Iranian dissidents, and journalists. Specifically, OFAC alleges that the front company “advances Iranian national security objectives and the strategic goals of Iran’s Ministry of Intelligence and Security (MOIS) by conducting computer intrusions and malware campaigns against perceived adversaries.” OFAC asserts that the 45 individuals provided support for MOIS cyber intrusions by serving as managers, programmers, and hacking experts. The front company has allegedly targeted hundreds of individuals and entities from more than 30 different countries, including using “malicious cyber intrusion tools” to target approximately 15 U.S. companies primarily in the travel sector.
As a result, all property and interests in property belonging to, or owned by, the identified individuals subject to U.S. jurisdiction are blocked, and “any entities 50 percent or more owned by one or more designated persons are also blocked.” U.S. persons are also generally prohibited from engaging in transactions with the designated individuals.
The FBI also issued a Public Intelligence Alert on the Iranian cyber threat group.
On September 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $894,111 settlement with a New York-based telecommunications systems and software company for four apparent violations of the Sudanese Sanctions Regulations (SSR). According to OFAC’s web notice, between June 2014 and October 2015, the company—through its wholly owned subsidiary—allegedly “indirectly exported warrantied satellite equipment and facilitated services and training to a government-owned entity in Sudan” in apparent violation of the SSR. Among other things, OFAC noted that the company and its subsidiary knew that the end-user of the equipment and services was the Sudan Civil Aviation Authority (SCAA), but the companies still organized the shipment of equipment through a Canadian company despite receiving multiple warnings about OFAC’s export restrictions for Sudan. Once it became known that the SCAA was the ultimate end-user, OFAC contended that the subsidiary’s former Director of Logistics and Export Compliance Official allegedly “attempted to transfer OFAC compliance obligations from [the subsidiary] to the Canadian [c]ompany.” Additionally, OFAC denied the subsidiary’s license application to provide certain warranty services.
In arriving at the settlement amount, OFAC considered various aggravating factors, including that (i) the subsidiary “demonstrated reckless disregard for U.S. sanctions requirements and failed to exercise a minimal degree of caution or care by approving warranty services for equipment provided to SCAA while an OFAC license was still pending”; (ii) the subsidiary did not heed warning signs indicating the transactions could have led to the apparent violations; and (iii) the subsidiary’s explanations in response to OFAC subpoenas and a request for information were inconsistent, which required OFAC expending “significant additional time and resources” building an accurate record of the apparent violations. OFAC also considered that it had not issued a violation against the company or its subsidiary in the five years preceding the earliest transaction at issue.
On September 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13224 against two Lebanon-based companies for being owned, controlled, or directed by Hizballah. According to OFAC, the two companies are leveraged by Hizballah “to conceal money transfers to Hizballah’s own accounts,” which “further enrich[es] Hizballah’s leadership and supporters, and depriv[es] the Lebanese people of much-needed funds.” These sanctions are part of Treasury’s continuing efforts to disrupt the full range of Hizballah’s illicit financial activity. Since 2017, OFAC has designated more than 90 Hizballah-affiliated individuals and entities. As a result of the sanctions, all property and interests in property of the individuals, “and of any entities that are owned, directly or indirectly, 50 percent or more by them, individually, or with other blocked persons, that are in the United States or in the possession or control of U.S. persons, are blocked and must be reported to OFAC.” OFAC noted that its regulations “generally prohibit” U.S. persons from participating in transactions with the designated individuals, including “the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person or the receipt of any contribution or provision of funds, goods or services from any such person.” OFAC further warned that engaging in certain transactions with the designated individuals subjects persons to the risk of secondary sanctions pursuant to E.O. 13224 and the Hizballah Financial Sanctions Regulations, which implement the Hizballah International Financing Prevention Act of 2015. Furthermore, OFAC noted that it has the authority to “prohibit or impose strict conditions on the opening or maintaining in the United States of a correspondent account or a payable-through account by a foreign financial institution that knowingly facilitates a significant transaction for a terrorist group like Hizballah, or a person acting on behalf of or at the direction of, or owned or controlled by, [a Specially Designated Global Terrorist] such as Hizballah.”
On September 16, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two Russian nationals who were allegedly involved in phishing campaigns targeting virtual asset service providers in 2017 and 2018, resulting in losses of at least $16.8 million. Specifically, the Russian nationals spoofed web domains of legitimate virtual currency exchanges to steal customers’ login information and gain access to their real accounts. According to OFAC, they used a “variety of methods to exfiltrate their ill-gotten virtual currency” and subsequently laundered the money to a personal account, attempting to “conceal the nature and source of the funds by transferring them in a layered and sophisticated manner through multiple accounts and multiple virtual currency blockchains.” OFAC designated the individuals pursuant to Executive Order 13694, which targets “malicious cyber-enabled activities, including those related to the significant misappropriation of funds or personal identifiers for private financial gain.”
OFAC emphasized that anti-money laundering and countering the financing of terrorism regimes “pose a critical chokepoint in countering and deterring” this type of cybercriminal activity. As a result, all property and interests in property belonging to the designated individuals subject to U.S. jurisdiction are blocked, and “U.S. persons generally are prohibited from dealing with them.”
On September 14, the Financial Crimes Enforcement Network (FinCEN) issued a final rule, under its sole authority, to remove the anti-money laundering (AML) program exemption for non-federally regulated banks. According to FinCEN, the rulemaking was prompted by the “gap in AML coverage” between banks that have a federal functional regulator and those that do not, which has created “a vulnerability to the U.S. financial system that could be exploited by bad actors.” The final rule would bring non-federally regulated banks that are currently required to comply with certain Bank Secrecy Act (BSA) obligations, such as filing currency transaction reports and suspicious activity reports to detect unusual activity, into compliance with the same standards applicable to all other banks. Specifically, the final rule outlines minimum standards for non-federally regulated banks to ensure the establishment and implementation of required AML programs, and extends customer identification program (CIP) requirements, as well as beneficial ownership requirements outlined in FinCEN’s 2016 customer due diligence (CDD) rule (covered by InfoBytes here), to banks not already subject to these requirements. FinCEN believes that non-federally regulated banks will be able to take a risk-based approach when tailoring their AML and CIP programs to fit their size, needs, and operational risks, and that those banks should be able to build on “existing compliance policies and procedures and prudential business practices to ensure compliance. . .with relatively minimal cost and effort.” The final rule takes effect November 16.
For more details, please see a Buckley Special Alert on the final rule.
On September 10, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced its decision to sanction four Russia-linked individuals for allegedly attempting to influence the U.S. electoral process. According to OFAC, these designations are intended to “promot[e] accountability for Kremlin-linked individuals seeking to undermine confidence in U.S. democratic processes.” Three of the designated individuals are employed by the Internet Research Agency (IRA), a Russian “troll factory,” which was previously designated by OFAC along with its Russian financier, for providing material support to IRA activities. The three designated individuals allegedly supported the IRA’s cryptocurrency accounts, which OFAC claimed are used to “fund activities in furtherance of their ongoing malign influence operations around the world.” As a result, all property and interests in property belonging to, or owned by, the identified individuals subject to U.S. jurisdiction are blocked, and “any entities 50 percent or more owned by one or more designated persons are also blocked.” U.S. persons are also generally prohibited from engaging in transactions with the designated individuals.
- Thomas A. Sporkin to discuss "Managing internal investigations and advanced government defense" at the Securities Enforcement Forum
- Jeffrey P. Naimon to discuss "2021 - A new beginning/what's to come" at the QuestSoft Lending Compliance & Risk Management Virtual Conference
- H Joshua Kotin to discuss "Mortgage servicing in a recession: Early intervention, loss mitigation and more" at the NAFCU Virtual Regulatory Compliance Seminar
- Daniel R. Alonso to discuss "Independent monitoring in the United States" at the World Compliance Association Peru Chapter IV International Conference on Compliance and the Fight Against Corruption
- Jonice Gray Tucker to discuss "Cyber security, incident response, crisis management" at the Legal & Diversity Summit
- Jonice Gray Tucker to discuss "The future of fair lending" at the Mortgage Bankers Association Regulatory Compliance Conference
- Michelle L. Rogers to discuss "Major litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Kathryn L. Ryan to discuss "Pandemic fallout – Navigating practical operational challenges" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute
- Daniel P. Stipano to discuss "BSA/AML - Covid impact and regulatory/guidance roundup" at an NAFCU webinar