InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OFAC issues sanctions, general licenses, and FAQs on Russia’s invasion of Ukraine
On September 15, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), in coordination with the Departments of Commerce and State, announced sanctions against 22 individuals and two entities connected to Russia’s invasion of Ukraine. According to OFAC, the designated persons include multiple individuals who have furthered the Government of the Russian Federation’s objectives in Ukraine, both prior to and during Russia’s invasion of Ukraine in 2022. Also included among those designated is a neo-Nazi paramilitary group that has aided Russia’s military in Ukraine, and two of the group’s senior leaders. As a result of the sanctions, all property and interests in property belonging to the sanctioned individuals and entities subject to U.S. jurisdiction are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” OFAC further noted that “transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or blocked persons are prohibited unless authorized by a general or specific license issued by OFAC, or exempt,” which “include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.”
The same day, OFAC issued Russia-related General License (GL) 51, authorizing the wind down of transactions involving the Limited Liability Company Group of Companies Akvarius, and GL 52, which relates to journalistic activities and the establishment of news bureaus. According to the GL 51, “all transactions ordinarily incident and necessary to the wind down of any transaction involving Limited Liability Company Group of Companies Akvarius (Aquarius), or any entity in which Aquarius owns, directly or indirectly, a 50 percent or greater interest, that are prohibited by Executive Order (E.O.) 14024,” are authorized as of October 15, subject to certain qualifications. According to GL 52, “news reporting organizations that are U.S. persons, and individual U.S. persons who are journalists or broadcast or technical personnel, are authorized to engage in certain transactions where such transactions are ordinarily incident and necessary to such U.S. persons’ journalistic activities or to the establishment or operation of a news bureau and are prohibited” by E.O. 14024, subject to certain qualifications.
Additionally, OFAC published several frequently asked questions clarifying “Russian Harmful Foreign Activities Sanctions,” which include guidance on the use of the National Payment Card System (NSPK) or the Mir National Payment System given the broad sanctions imposed on Russia’s financial system this year.
CISA urges companies to take action to combat malicious cyber activity
On September 14, the Cybersecurity and Infrastructure Security Agency, along with several other federal agencies and international partners, released a joint cybersecurity advisory (CSA) highlighting continued malicious cyber activity taken by advanced persistent threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC). The CSA recommended that companies continually test their security programs to protect against longstanding online threats that may arise from IRGC-affiliated actors known for exploiting vulnerabilities for ransom operations. “Our unified purpose is to drive timely and prioritized adoption of mitigations and controls that are most effective to reducing risk to all cyber threats,” CISA said in its announcement. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson added that the U.S. Treasury Department “is dedicated to collaborating with other U.S. government agencies, allies, and partners to combat and deter malicious cyber-enabled actors and their activities, especially ransomware and cybercrime that targets economic infrastructure.” He noted that the CSA provides information on specific tactics, techniques, and procedures used by IRGC-affiliated actors, and advised both the public and private sector to use the information to strengthen cybersecurity resilience and reduce the risk of ransomware incidents. Organizations are encouraged to review a 2021 Treasury advisory, which highlights the sanctions risks associated with ransomware payments and provides steps for companies to take to mitigate the risk of being a victim of ransomware (covered by InfoBytes here).
OFAC issues Zimbabwe-related sanctions
On September 15, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13469 against a Zimbabwe individual for his role in undermining Zimbabwe’s democratic processes and institutions. OFAC also removed eleven others from the Specially Designated Nationals List (SDN List) under the Zimbabwe sanctions program. According to OFAC, the sanctioned individual, among other things, undermined political parties that opposed the policies of the ruling Zimbabwe African National Union-Patriotic Front party, and, in 2020, supported Zimbabwe security services’ use of pressure and intimidation on prominent opposition figures. As a result of the sanctions, all property and interests in property belonging to the sanctioned individual that are in the U.S. or in the possession or control of U.S. persons, and “any entities that are owned 50 percent or more by one or more designated persons” are blocked. Additionally, U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license.
OFAC publishes additional guidance related to sanctioned virtual currency “mixer”
On September 13, the U.S. Treasury Department’s Office of Foreign Assets Control published new cyber-related frequently asked questions concerning transactions involving a virtual currency mixer sanctioned last month for allegedly laundering more than $7 billion in virtual currency since 2019. As previously covered by InfoBytes, the company “repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis,” and provided financial, material, or technological support for, or in support of, cyber-enabled activity contributing to a significant threat to the national security, foreign policy, or economic health or financial stability of the U.S. The FAQs outline requirements for completing virtual currency transactions without violating U.S. sanctions regulations, discuss whether OFAC reporting obligations apply to transactions involving unsolicited and nominal amounts of virtual currency, and reiterate that transactions involving identified virtual currency wallet addresses are prohibited absent a specific OFAC license. The FAQs noted that as part of the SDN List entry, OFAC included as identifiers certain virtual currency wallet addresses associated with the company as well as the company’s URL address. OFAC provided additional clarification on interactions with open-source code that does not involve a prohibited transaction with the sanctioned company.
OFAC sanctions individuals and entities connected to IRGC-QF
On September 14, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions as part of a joint action with the DOJ, Department of State, FBI, U.S. Cyber Command, National Security Agency, and Cybersecurity and Infrastructure Security Agency, against ten individuals and two entities for their roles in conducting malicious cyber acts, including ransomware activity. The individuals and entities designated are affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), which “is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities.” OFAC also noted that a joint cyber security advisory was published to highlight continued malicious cyber activity by advanced persistent threat actors that the authoring agencies assess are affiliated with IRGC. As a result of the sanctions, all property, and interests in property of the designated individuals and entities, “and of any entities that are owned, directly or indirectly, 50 percent or more by them, individually, or with other blocked persons, that are in the United States or in the possession or control of U.S. persons, must be blocked and reported to OFAC.” U.S. persons are generally prohibited from engaging in transactions with the designated persons. OFAC further warned that engaging in certain transactions with the individuals and entities designated today entails risk of additional sanctions.
OFAC sanctions Iranians involved in production of UAVs to Russia
On September 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Orders 13382 and 14024 against an Iran-based air transportation service provider, as well as three companies and one individual involved in the research, development, production, and procurement of Iranian unmanned aerial vehicles (UAVs) and UAV components. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson reiterated that the U.S. “is committed to strictly enforcing our sanctions against both Russia and Iran and holding accountable Iran and those supporting Russia’s war of aggression against Ukraine,” and stressed that the U.S. will “not hesitate to target producers and procurers who contribute to Iran and its IRGC’s UAV program, further demonstrating [the U.S.’s] resolve to continue going after terrorist proxies that destabilize the Middle East.” The sanctions follow designations implemented by OFAC last year against members of a network of companies and individuals that provided critical support to Iran’s Islamic Revolutionary Guard Corps Qods Force’s use of UAVs (previously covered by InfoBytes here).
As a result of the sanctions, all property and interests in property belonging to the sanctioned individuals and entities subject to U.S. jurisdiction are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons. Additionally, OFAC warned that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
OFAC sanctions Iran’s MOIS over cyber activities
On September 9, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order (E.O.) 13694 against Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for conducting malicious cyber-enabled activities targeting government and private-sector organizations and across various critical infrastructure sectors, including the U.S. and its allies. OFAC noted that in July, MOIS and the Iranian government sponsored cyber-threat actors who disrupted the Albanian government computer systems. OFAC previously flagged MOIS pursuant to E.O.s 13224, 13472, and 13553 for supporting multiple terrorist groups, as well as for commissioning serious human rights abuses against the Iranian people.
As a result of the sanctions, all property and interests in property belonging to the sanctioned targets that are in the U.S. or in the possession or control of U.S. persons, and “any entities that are owned 50 percent or more by one or more designated persons” are blocked. Additionally, U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license. Additionally, OFAC warned that “any foreign financial institution that knowingly conducts or facilitates a significant transaction for or on behalf of the persons designated today could be subject to U.S. correspondent or payable-through account sanctions.”
Treasury issues guidance on Russian oil sales cap
On September 9, the U.S. Treasury Department announced preliminary guidance on implementing a maritime services policy and related price exception for seaborne Russian oil. As previously covered by InfoBytes, OFAC recently announced that it planned to publish preliminary guidance on implementing the price cap to provide a high-level overview of the directive, including how U.S. persons can comply in advance of formal guidance and legal implementation. According to the preliminary guidance, the policy is intended to establish a framework for Russian oil to be exported by sea under a capped price, and establish a ban on services for any shipments of seaborne Russian oil above the capped price. Objectives of the guidance include: (i) maintaining a reliable supply of seaborne Russian oil to the global market; (ii) reducing upward pressure on energy prices; and (iii) reducing the revenues the Russian Federation earns from oil after its own war of choice in Ukraine has inflated global energy prices. The policy contains an exception, which applies to “jurisdictions or actors that purchase seaborne Russian oil at or below a price cap to be established by the coalition (the “price exception”).” The policy, which relates to a broad range of services in connection with the maritime transportation of Russian Federation origin crude oil and petroleum products, will become effective December 5, 2022 for the maritime transportation of crude oil and on February 5, 2023 for the maritime transportation of petroleum products.
Fed vice chair for supervision outlines future priorities
On September 7, Federal Reserve Board Vice Chair for Supervision Michael Barr laid out his goals for making the financial system safer and fairer during a speech at the Brookings Institution, highlighting priorities related to risk-focused capital frameworks and bank resiliency, mergers and acquisitions, digital assets and stablecoins, climate-related financial risks, innovation, and Community Reinvestment Act modernization plans. Addressing issues related to resolvability, Barr signaled that the Fed would begin “looking at the resolvability of some of the other largest banks [in addition to globally systemically important banks] as they grow and as their significance in the financial system increases.” With respect to bank mergers, Barr commented that “the advantages that firms seek to gain through mergers must be weighed against the risks that mergers can pose to competition, consumers and financial stability.” He said he plans to work with Fed staff to assess how the agency performs merger analysis and whether there are areas for improvement. Barr also discussed financial stability risks posed by new forms of private money created through stablecoins and stressed that Congress should work quickly to enact legislation for bringing stablecoins (especially those intended to serve as a means of payment) within the prudential regulatory perimeter. He added that the Fed plans to make sure that the crypto activity of supervised banks “is subject to the necessary safeguards that protect the safety of the banking system as well as bank customers,” and said “[b]anks engaged in crypto-related activities need to have appropriate measures in place to manage novel risks associated with those activities and to ensure compliance with all relevant laws, including those related to money laundering.”
Treasury discusses combating corruption
On September 7, U.S. Treasury Department Assistant Secretary for Terrorist Financing and Financial Crimes Elizabeth Rosenberg spoke at the Brookings Institution as part of a series of discussions regarding corruption and the Department’s efforts to strengthen global beneficial ownership standards against corruption. During her remarks, she discussed Treasury’s focus on three efforts to counter corruption: (i) analyzing the risks associated with corruption; (ii) putting in place an effective legal framework to prevent corruption in our financial system; and (iii) implementing targeted measures, such as sanctions, to expose and hold accountable corrupt individuals and their facilitators. She noted that her office’s 2022 Money Laundering Risk Assessment “described the persistent themes of corrupt individuals engaging in fraud, embezzlement, bribery, extortion, and the misuse of companies and other legal entities.” (Covered by InfoBytes here.) Rosenberg also discussed strengthening global beneficial ownership standards at the intergovernmental Financial Action Task Force “to focus the body’s efforts on the effective implementation of the UN Convention on Corruption, on the misuse of citizenship-by-investment programs by corrupt individuals and their families, and on financial gatekeepers that get rich helping senior officials steal from their citizens.” She further described Treasury efforts, both public and non-public, to expose corrupt officials. She closed her prepared remarks by committing to continue both defensive and offensive strategies to counter corruption and to advance rules that are designed to “make our financial system more resilient and bring forward new analysis on vulnerabilities to corruption in our economy.”