What Can We Learn From OFAC Enforcement Actions?

The Office of Foreign Assets Control (OFAC) has closed eight enforcement actions so far in 2023. These enforcement actions targeted companies, financial institutions, and individuals in the United States and abroad, and they resulted in more than $550 million in settlements.

What can other companies, financial institutions, and individuals learn from these enforcement actions? OFAC publishes Enforcement Releases on its website, and these releases provide some notable insights into OFAC’s sanctions enforcement tactics and priorities. By understanding these tactics and priorities, potential targets of OFAC enforcement actions can take strategic steps to bolster their sanctions compliance programs and efforts and reduce their risk of facing OFAC scrutiny.
Notably, all eight of OFAC’s enforcement actions so far in 2023 resulted in settlements with the target. As discussed further below, the majority of these enforcement actions also resulted from voluntary self-disclosures—so it makes sense that the companies and financial institutions involved were interested in settling. There are several other notable consistencies among OFAC’s 2023 enforcement actions as well.

OFAC Enforcement Actions in 2023

Here is a brief summary of each of OFAC’s enforcement actions so far in 2023:

1. Godfrey Phillips India Limited

Statutory Maximum Civil Monetary Penalty (CMP): $1.78 million

Base Penalty Amount: $475,000 (non-egregious violation, no voluntary self-
disclosure)
Settlement Amount: $332,500

Godfrey Phillips India Limited (GPI) faced an enforcement action related to its use of U.S. financial institutions to process transactions for exporting tobacco to North Korea. According to OFAC, GPI “relied on several third-country intermediary parties to receive payment, which obscured the nexus to the DPRK and caused U.S. financial institutions to process these transactions.”

In agreeing to a $332,500 settlement with GPI, OFAC considered the following
aggravating factors under its Economic Sanctions Enforcement Guidelines:

  •  GPI acted “recklessly” and exercised a “minimal degree of caution or care for U.S. sanctions laws and regulations.”
  • Several company managers had actual knowledge that the conduct at issue “concerned the exportation of tobacco to [North Korea].”
  •  The company’s actions harmed U.S. foreign policy objectives “by providing a sought-after, revenue-generating good to the North Korean regime.”

    Mitigating factors in this case included:

  • GPI had not received a Penalty Notice or Finding of Violation from OFAC in the previous five years.
  •  GPI took remedial measures upon learning of the apparent violations, including implementing new know-your customer measures and recordkeeping requirements.
  •   GPI cooperated with OFAC during its investigation.

2. Wells Fargo Bank, N.A.

Statutory Maximum CMP: $1.066 billion

Base Penalty Amount: $533,369,211 (egregious violation, voluntary self-disclosure)

Settlement Amount: $30 million

Wells Fargo Bank, N.A. faced an enforcement action related to its predecessor Wachovia Bank’s decision to provide software to a foreign bank that used the software to process trade-finance transactions with sanctioned nations and entities. While noting multiple failures by the bank (including its failure to identify the issue for seven years “despite concerns raised internally within Wells Fargo on multiple occasions”), OFAC agreed to settle Wells Fargo’s potential half-billion-dollar liability for $30 million. Aggravating factors in this case included:

  •  Reckless disregard for U.S. sanctions requirements and failure to exercise a minimal degree of caution or care.
  • The fact that senior management “should reasonably have known” that the software was being used for transactions with sanctioned jurisdictions and entities.
  • Wells Fargo undermined the policy of OFAC’s sanctions programs for Iran, Sudan, and Syria by providing the software platform.

Mitigating factors in this case included:

  • Wells Fargo had a strong sanctions compliance program at the time of the apparent violations.
  • The “true magnitude of the sanctions harm underlying the conduct” is less than the total value of the transactions conducted using the software platform.
  • Wells Fargo had not received a Penalty Notice or Finding of Violation from OFAC in the previous five years and remediated the compliance issue immediately.

3. Uphold HQ Inc.

Statutory Maximum CMP: $44,468,494

Base Penalty Amount: $90,288 (non-egregious violation, voluntary self-disclosure)

Settlement Amount: $72,230

Uphold HQ Inc., a California-based money services business, faced an enforcement action related to its processing of transactions for customers who self-identified as being located in Iran or Cuba or as employees of the Government of Venezuela. The 152 transactions at issue involved a total value of $180,575. Aggravating factors in this case included:

  •  Failure to exercise due caution or care when conducting due diligence on customers who provided information indicating sanctions risks.
  • Uphold had reason to know that it was processing payments for customers in Iran and Cuba and who were employees of the Venezuelan government.

Mitigating factors in this case included:

  •  Uphold had not received a Penalty Notice or Finding of Violation from OFAC in the previous five years.
  • Uphold cooperated with OFAC’s investigation.
  •  Uphold undertook “numerous” remedial measures in response to OFAC’s investigation.

4. Microsoft Corporation

 
Statutory Maximum CMP: $404.6 million

Base Penalty Amount: $5.96 million (non-egregious violation, voluntary self-disclosure)

Settlement Amount: $2.98 million

Microsoft Corporation faced an enforcement action related to its exportation of “services or software” to Specially Designated Nationals (SDNs) and blocked persons in violation of OFAC’s Cuba, Iran, Syria, and Ukraine/Russia-related sanctions programs. According to OFAC’s Enforcement Release, “[t]he majority of the apparent violations . . . occurred as a result of [Microsoft’s] failure to identify and prevent the use of its products by prohibited parties.” Aggravating factors in this case included:

  • Microsoft demonstrated a reckless disregard for U.S. sanctions over a seven-year period.
  •  The apparent violations harmed U.S. foreign policy objectives by providing software and services to more than 100 SDNs or blocked persons, “including major Russian enterprises.”
  •  Microsoft is a “world-leading technology company operating globally with substantial experience and expertise in software and related services sales and transactions.”

Mitigating factors in this case included:

  • There was no evidence that anyone in Microsoft’s U.S. management was aware of the apparent violations at any time.
  • Microsoft cooperated with OFAC’s investigation.
  • Microsoft undertook “significant remedial measures and enhanced its sanctions compliance program through substantial investment” after learning of the apparent violations.

5. British American Tobacco P.L.C.

Statutory Maximum CMP: $508.61 billion

Base Penalty Amount: $508.61 billion (egregious violation, no voluntary self-
disclosure)
Settlement Amount: $508.61 billion

British American Tobacco P.L.C. entered into a settlement for the full statutory maximum CMP resulting from apparent violations of OFAC’s sanctions against North Korea. According to OFAC, the company engaged in a conspiracy “to export tobacco and related products to North Korea and receive payment for those exports through the U.S. financial system” by obscuring the source of the funds involved. Aggravating factors in this case included:

  •  The company “willfully conspired” to unlawfully transfer hundreds of millions of dollars from North Korea through U.S. banks.
  •  The company concealed its business in North Korea through “a complex remittance structure that relied on an opaque series of front companies and intermediaries.”
  • The company’s management had actual knowledge of the apparent conspiracy “from its inception through its termination.”
  •  The transactions at issue “helped North Korea establish and operate a cigarette manufacturing business . . . that has reportedly netted over $1 billion per year.”
  •  British American Tobacco is “a large and sophisticated international company operating in approximately 180 markets around the world.”

Mitigating factors in this case included:

  • British American Tobacco has not received a Penalty Notice or Finding of Violation in the past five years.
  •  British American Tobacco cooperated with OFAC’s investigation.

6. Poloniex, LLC

Statutory Maximum CMP: 19.69 billion

Base Penalty Amount: $99.23 million (non-egregious violation, voluntary self-disclosure)

Settlement Amount: $7.59 million

Poloniex, LLC, which operates an online trading platform in the United States, agreed to settle after it was discovered that the company committed 65,942 apparent violations of various sanctions programs by processing transactions with a combined value of over $15 million. In settling for a small fraction of the base penalty amount, OFAC noted that Poloniex was a “small start-up” when most of the apparent violations were committed and that its acquiring company had already adopted a more-robust OFAC compliance program.

7. Murad, LLC

Statutory Maximum CMP: $22.22 million

Base Penalty Amount: $11.11 million (egregious violation, voluntary self-disclosure)

Settlement Amount: $3.33 million

Murad, LLC, a California-based cosmetics company, faced an OFAC enforcement action after it self-disclosed that it had exported products worth $11 million to Iran. While OFAC found that the company acted willingly in violating its sanctions on Iran, as mitigating factors OFAC noted the company’s remedial response and the “benign
consumer nature” of the products involved.

8. Swedbank Latvia AS

Statutory Maximum CMP: $112.32 million

Base Penalty Amount: $6.24 million (non-egregious violation, no voluntary self-disclosure)

Settlement Amount: $3.43 million

Swedbank Latvia AS faced an enforcement action related to the use of its e-banking platform by a customer with a Crimean IP address to send payments to persons in Crimea through U.S. correspondent banks. While OFAC noted that Swedbank Latvia is “a sophisticated financial institution with over one million customers” and failed to exercise due caution or care, it also noted that the bank took “significant remedial action” in response to the apparent violations and “substantially cooperated” with its investigation.

Insights from OFAC’s 2023 Enforcement Actions To Date

As these recent enforcement actions show, OFAC appears to be willing to give substantial weight to companies’ and financial institutions’ good-faith compliance efforts as well as their remedial efforts after discovering apparent sanctions violations. Cooperation was a key factor in several of OFAC’s 2023 enforcement actions as well. When facing OFAC scrutiny or the need to make a voluntary self-disclosure, companies and financial institutions must work with their counsel to make informed decisions, and they must move forward with a strategic plan in place focused on achieving a favorable outcome in light of the facts at hand.

For more news on OFAC Enforcement Actions, visit the NLR Corporate & Business Organizations section.

G7 Sanctions Enforcement Coordination Mechanism and Centralized EU Sanctions Watchdog Proposed

On Feb. 20, 2023, Dutch Minister of Foreign Affairs Wopke Hoekstra gave a speech titled “Building a secure European future” at the College of Europe in Bruges, Belgium where he made a plea to “(…) sail to the next horizon where sanctions are concerned.” The Dutch Foreign Minister said European Union (EU) “(…) sanctions are hurting the Russians like hell (…)” but at the same time the measures “(…) are being evaded on a massive scale.” Hoekstra believes this is in part because the EU has too little capacity to analyze, coordinate, and promote the sanctions. However, arguably, there is also a lack of capacity at the EU Member-State level to enforce sanctions.

Against this background the Dutch Foreign Minister proposed to set up a sanctions headquarters in Brussels, Belgium, i.e., a novel watchdog or body to tackle the circumvention of EU sanctions. Such a body might represent the nearest EU equivalent to the U.S. Office of Foreign Assets Control (OFAC). OFAC both implements and enforces U.S. economic sanctions (issuing regulations, licenses, and directives, as well as enforcing through issuing administrative subpoenas, civil and administrative monetary penalties, and making criminal referrals to the U.S. Department of Justice). In Hoekstra’s words:

“A place where [EU] Member States can pool information and resources on effectiveness and evasion. Where we do much more to fight circumvention by third countries. This new HQ would establish a watch list of sectors and trade flows with a high circumvention risk. Companies will be obliged to include end-use clauses in their contracts, so that their products don’t end up in the Russian war machine. And the EU should bring down the full force of its collective economic strength and criminal justice systems on those who assist in sanctions evasion. By naming, shaming, sanctioning, and prosecuting them.”

The Dutch Foreign Minister’s proposal – which is also set out in a separate non-paper – apparently is backed and supported by some 10 or so EU Member States, including Germany, France, Italy, and Spain.

Additionally, on Feb. 23, 2023, the press reported the international Group of Seven (G7) is set to create a new tool to coordinate their enforcement of existing sanctions against the Russian Federation (Russia). The aim of the tool, tentatively called the Enforcement Coordination Mechanism, would be to bolster information-sharing and other enforcement actions.

Background

Like other Members of the G7, the EU has adopted throughout 2022 many economic and other sanctions to target Russia’s economy and thwart its ability to continue with its aggression against Ukraine. Nevertheless, currently EU Member States have different definitions of what constitutes a breach of EU sanctions, and what penalties must be applied in case of a breach. This could lead to different degrees of enforcement and risk circumvention of EU sanctions.

As we have reported previously, on Nov. 28, 2022, the Council of the EU adopted a decision to add the violation of restrictive measures to the list of so-called “EU crimes” set out in the Treaty on the Functioning of the EU, which would uniformly criminalize sanctions violations across EU Member States. This proposal still needs the backing of EU Member States, which have traditionally been cautious about reforms that require amendments to their national criminal laws.

Next steps

The decision on when and how to enforce EU sanctions currently lies with individual EU Member States, who also decide on the introduction of the EU’s restrictive measures by unanimity. As such, the Dutch Foreign Minister’s proposal requires the backing and support of more EU Member States. If adopted, the new proposed body could send cases directly to the European Public Prosecutor’s Office (EPPO), assuming the separate “EU crimes” legislative piece was also adopted.

Notably, the Dutch Foreign Minister’s proposal appears to suggest a stronger targeting of third countries, which are not aligned with the EU’s sanctions against Russia or help in their circumvention (e.g., Turkey, China, etc.).

Whether or not an EU sanctions oversight body is established, the Dutch proposal signals the current appetite for enhanced multilateral coordination on economic sanctions implementation and tougher, more consistent enforcement of economic sanctions violations. The G7’s proposed Enforcement Coordination Mechanism points in the same direction.

©2023 Greenberg Traurig, LLP. All rights reserved.

OFAC Offers Guidance in the Wake of Tornado Cash Sanctions

The U.S. Treasury Department’s Office of Foreign Asset Control (OFAC) updated its “frequently asked questions” (FAQs) Tuesday, providing guidance relating to the sanctions against Tornado Cash, the Ethereum “mixer” it blacklisted in August, following allegations that North Korea used Tornado Cash to launder stolen digital assets. The updated information from OFAC comes as a welcome snippet of communication, allowing for clarity on the scope of the action taken against Tornado Cash, as well as providing guidance for U.S. persons affected by the blacklisting who, through no fault of their own, were caught up in federal action.

The updated FAQs provide guidance on four points: (1) the ability to withdraw funds from wallets associated with the Tornado Cash blacklist; (2) whether the OFAC reporting obligations apply to “dusting” transactions; (3) whether U.S. persons can engage in transactions involving addresses implicated in the blacklist without a license; and (4) what, more generally, is prohibited in the wake of the OFAC blacklisting of Tornado Cash.

(1)        Withdrawing Funds

If a U.S. person sent virtual currency to Tornado Cash, but did not complete the mixing transaction or otherwise withdraw such virtual currency prior to August 8, 2022 (the effective date of the OFAC blacklist), such person can request a specific license from OFAC to engage in transactions involving that virtual currency (assuming such person conducts the contemplated transactions within U.S. jurisdiction).

In order to obtain this license, such persons will need to provide, “at a minimum, all relevant information regarding these transactions with Tornado Cash, including the wallet addresses for the remitter and beneficiary, transaction hashes, the date and time of the transaction(s), as well as the amount(s) of virtual currency.”

OFAC indicates that they will embrace a favorable licensing policy towards such applications, so long as the contemplated transactions did not involve conduct that it deems to be otherwise sanctionable, and that licensing requests can be submitted by visiting the following link: https://home.treasury.gov/policy-issues/financial-sanctions/ofac-license-application-page.

(2)        “Dusting” Transactions

Dusting is the act of sending unsolicited and nominal amounts of virtual currency or other digital assets to third parties. This can be done in order to cause consternation on the part of the recipient, particularly in a situation where there is confusion as to the legality of receiving such funds or actions.

OFAC indicates that it has been made aware of Dusting involving virtual currency or other virtual assets from Tornado Cash, and indicates that while, technically, OFAC’s regulations would apply to these transactions, to the extent that these Dusting transactions have no other sanctions associated with them other than Tornado Cash, “OFAC will not prioritize enforcement against the delayed receipt of initial blocking reports and subsequent annual reports of blocked property from such U.S. persons.”

In short, while not a desirable transaction to take place, OFAC does not intend to pursue action against persons simply because they are the target of Dusting.

(3)        Engaging in Transactions With Tornado Cash

OFAC clarified that, without explicit license from OFAC, U.S. persons are prohibited from engaging in any transaction involving Tornado Cash, including any transaction done via currency wallet addresses OFAC has identified as part of the blacklist.

Specifically, “[i]f U.S. persons were to initiate or otherwise engage in a transaction with Tornado Cash, including or through one of its wallet addresses, such a transaction would violate U.S. sanctions prohibitions, unless exempt or authorized by OFAC.”

(4)        Further Tornado Cash Guidance

Referencing FAQs 561 and 562, OFAC reemphasized their authority to include as identifiers on the Specially Designated Nationals and Blocked Persons List (SDN List) specific virtual currency wallet addresses associated with blocked persons, and that such SDN List entry for Tornado Cash included as identifiers certain virtual currency wallet addresses associated with Tornado Cash, as well as the URL address for Tornado Cash’s website.

While the Tornado Cash website has been deleted, it remains available through certain Internet archives, and accordingly OFAC emphasized that engaging in any transaction with Tornado Cash or its blocked property or interests in property is prohibited for U.S. persons.

Interacting with open-source code itself, in a way that does not involve a prohibited transaction with Tornado Cash, is not prohibited. By way of example, “U.S. persons would not be prohibited by U.S. sanctions regulations from copying the open-source code and making it available online for others to view, as well as discussing, teaching about, or including open-source code in written publications, such as textbooks, absent additional facts.  Similarly, U.S. persons would not be prohibited by U.S. sanctions regulations from visiting the Internet archives for the Tornado Cash historical website, nor would they be prohibited from visiting the Tornado Cash website if it again becomes active on the Internet.”

While this update to FAQs come as a welcome bit of clarity, Web3 investors, entrepreneurs, and users should continue to tread carefully when engaging with opportunities and technologies on the periphery of Tornado Cash and the accompanying OFAC action. When questions arise, it is important to seek out informed counsel, to discuss the risks of proposed actions and how best to mitigate that risk while working to pioneer new and emerging technologies.

© 2022 Dinsmore & Shohl LLP. All rights reserved.

Beware OFAC in a Time of Sanctions

On Monday, April 25, 2022, the U.S. Treasury Department’s Office of Foreign Asset Control (“OFAC”) announced a settlement with Toll Holdings Limited (“Toll”), an Australian freight forwarding and logistics company, with respect to Toll’s originations and/or receipt “of payments through the U.S. financial system involving sanctioned jurisdictions and persons.” Toll, which is not an American entity, and is neither owned by Americans nor located in the U.S. or any of its territories, was involved in almost 3000 transactions where payments were made in connection with sea, air, and rail shipments to, from, or through North Korea, Iran, or Syria, AND/OR involving the property of a person on OFAC’s Specially Designated Nationals and Blocked Persons List. OFAC did not have direct jurisdiction over Toll, BUT because the payments for Toll’s freight forwarding and logistics services flowed through U.S. financial institutions, Toll “caused the U.S. financial institutions to be engaged in prohibited activities with … sanctioned persons or jurisdictions.”

Each OFAC violation can be the basis of civil sanctions. Here the 2853 violation would have supported the imposition of civil sanctions totaling over $826 million. Toll was “happy” to settle OFAC’s enforcement action for $6 million. OFAC found that the Toll violations were “non-egregious,” in part due to the rapid growth of Toll after 2007 through acquisitions of smaller freight forwarding companies. OFAC noted that by 2017 Toll had almost 600 invoicing, data, payment, and other systems spread across its various units. OFAC also noted that Toll did not have adequate compliance procedures and procedures in place and did not attend to those issues until an unnamed bank threatened to cease doing business with Toll because Toll was using its U.S. dollar account to transact business with sanctioned jurisdictions and/or persons. OFAC took note of Toll’s voluntary self-disclosure, well-organized internal investigation, and extensive remedial measures.

OFAC traces its origins to the War of 1812, when the then Secretary of the Treasury imposed sanctions on the United Kingdom in retaliation for the impressment of American sailors. The Treasury Department has had a special office dealing with foreign assets since 1940 (and the outbreak of World War II), with statutory authority found in the Trading With The Enemy Act of 1917 (as World War I raged), and a series of federal laws involving embargoes and economic sanctions. OFAC received its current name as part of a Treasury Department order on October 15, 1962 (contemporaneous with the Cuban missile crisis).

The Toll settlement reflects the growing use by OFAC of public enforcement against foreign businesses for “causing” violations by involving U.S. payment systems. The use of U.S. dollars in any part of a transaction will typically involve the U.S. financial system, directly or indirectly – that subjects the entirety of the transaction to U.S regulatory jurisdiction, including that of OFAC. The Toll settlement evidences OFAC’s increasing willingness to exercise its expansive jurisdiction over foreign businesses, even those involving primarily extraterritorial transactions — for example, the increase in OFAC sanctions of foreign businesses seen as facilitating the Russian invasion of Ukraine.

Foreign businesses must give serious and continuing attention to having substantial policies and procedures in place to insure compliance with U.S. sanctions and, thereby, to avoid OFAC enforcement actions. Companies can start by reviewing OFAC’s Framework for Compliance Commitments and implementing the recommendations there. In addition, all parties to a transaction should be screened against sanction lists (OFAC’s, and also those of the U.K. and E.U.). Companies should consider adopting preventive measures, not only to deter violations, but also to demonstrate a vigorous compliance program.  Similarly, these issues MUST be considered as part of any merger or acquisition (as the Toll experience suggests).Finally, all counterparties, including financial intermediaries, should be evaluated for potential sanction list issues. Otherwise, a foreign business may have to “pay the Toll” for its shortcomings.

Experienced American business lawyers may prove helpful in designing and/or evaluating the compliance programs of non-U.S. companies.

©2022 Norris McLaughlin P.A., All Rights Reserved

OFAC Reaffirms Focus on Virtual Currency With Updated Sanctions Law Guidance

On October 15, 2021, the US Department of the Treasury’s Office of Foreign Asset Control (OFAC) announced updated guidance for virtual currency companies in meeting their obligations under US sanctions laws. On the same day, OFAC also issued guidance clarifying various cryptocurrency-related definitions.

Coming on the heels of the Anti-Money Laundering Act of 2020—and in the context of the Biden administration’s effort to crackdown on ransomware attacks—the recent guidance is the latest indication that regulators are increasingly focusing on virtual currency and blockchain. In light of these developments, virtual currency market participants and service providers should ensure they are meeting their respective sanctions obligations by employing a “risk-based” anti-money laundering and sanctions compliance program.

This update highlights the government’s continued movement toward subjecting the virtual currency industry to the same requirements, scrutiny and consequences in cases of noncompliance as applicable to traditional financial institutions.

IN DEPTH

The release of OFAC’s Sanctions Compliance Guidance for the Virtual Currency Industry indicates an increasing expectation for diligence as it has now made clear on several occasions that sanctions compliance “obligations are the same” for virtual currency companies who must employ an unspecified “risk-based” program (See: OFAC Consolidated Frequently asked Questions 560). OFAC published it with the stated goal of “help[ing] the virtual currency industry prevent exploitation by sanctioned persons and other illicit actors.”

With this release, OFAC also provided some answers and updates to two of its published sets of “Frequently Asked Questions.”

FAQ UPDATES (FAQ 559 AND 546)

All are required to comply with the US sanctions compliance program, including persons and entities in the virtual currency and blockchain community. OFAC has said time and again that a “risk-based” program is required but that “there is no single compliance program or solution suitable for all circumstances” (See: FAQ 560). While market participants and service providers in the virtual currency industry must all comply, the risk of violating US sanctions are most acute for certain key service providers, such as cryptocurrency exchanges and over-the-counter (OTC) desks that facilitate large volumes of virtual currency transactions.

OFAC previously used the term “digital currency” when it issued its first FAQ and guidance on the subject (FAQ 560), which stated that sanctions compliance is applicable to “digital currency” and that OFAC “may include as identifiers on the [Specially Designated Nationals and Blocked Persons] SDN List specific digital currency addresses associated with blocked persons.” Subsequently, OFAC placed certain digital currency addresses on the SDN List as identifiers.

While OFAC previously used the term “digital currency,” in more recent FAQs and guidance, it has used a combination of the terms “digital currency” and “virtual currency” without defining those terms until it released FAQ 559.

In FAQ 559, OFAC defines “virtual currency” as “a digital representation of value that functions as (i) a medium of exchange; (ii) a unit of account; and/or (iii) a store of value; and is neither issued nor granted by any jurisdiction.” This is a broad definition but likely encompasses most assets, which are commonly referred to as “cryptocurrency” or “tokens,” as most of these assets may be considered as “mediums of exchange.”

OFAC also defines “digital currency” as “sovereign cryptocurrency, virtual currency (non-fiat), and a digital representation of fiat currency.” This definition appears to be an obvious effort by OFAC to make clear that its definitions include virtual currencies issued or backed by foreign governments and stablecoins.

The reference to “sovereign cryptocurrency” is focused on cryptocurrency issued by foreign governments, such as Venezuela. This is not the first time OFAC has focused on sovereign cryptocurrency. It ascribed the use of sovereign backed cryptocurrencies as a high-risk vector for US sanctions circumvention. Executive Order (EO) 13827, which was issued on March 19, 2018, explicitly stated:

In light of recent actions taken by the Maduro regime to attempt to circumvent U.S. sanctions by issuing a digital currency in a process that Venezuela’s democratically elected National Assembly has denounced as unlawful, hereby order as follows: Section 1. (a) All transactions related to, provision of financing for, and other dealings in, by a United States person or within the United States, and digital currency, digital coin, or digital token, that was issued by, for, or on behalf of the Government of Venezuela on or after January 9, 2018, are prohibited as of the effective date of this order.

On March 19, 2018, OFAC issued FAQs 564, 565 and 566, which were specifically focused on Venezuela issued cryptocurrencies, stating that “petro” and “petro gold” are considered a “digital currency, digital coin, or digital token” subject to EO 13827. While OFAC has not issued specific FAQs or guidance on other sovereign backed cryptocurrencies, it may be concerned that a series of countries have stated publicly that they plan to test and launch sovereign backed securities, including Russia, Iran, China, Japan, England, Sweden, Australia, the Netherlands, Singapore and India. With the release if its most recent FAQs, OFAC is reaffirming that it views sovereign cryptocurrencies as highly risky and well within the scope of US sanctions programs.

The reference to a “digital representation of fiat currency” appears to be a reference to “stablecoins.” In theory, stablecoins are each worth a specified value in fiat currency (usually one USD each). Most stablecoins were touted as being completely backed by fiat currency stored in segregated bank accounts. The viability and safety of stablecoins, however, has recently been called into question. One of the biggest players in the stablecoin industry is Tether, who was recently fined $41 million by the US Commodities Futures Trading Commission for failing to have the appropriate fiat reserves backing its highly popular stablecoin US Dollar Token (USDT). OFAC appears to have taken notice and states in its FAQ that “digital representations of fiat currency” are covered by its regulations and FAQs.

FAQ 646 provides some guidance on how cryptocurrency exchanges and other service providers should implement a “block” on virtual currency. Any US persons (or persons subject to US jurisdiction), including financial institutions, are required under US sanctions programs to “block” assets, which requires freezing assets and notifying OFAC within 10 days. (See: 31 C.F.R. § 501.603 (b)(1)(i).) FAQ 646 makes clear that “blocking” obligations applies to virtual currency and also indicates that OFAC expects cryptocurrency exchanges and other service providers be required to “block” the virtual currency at issue and freeze all other virtual currency wallets “in which a blocked person has an interest.”

Depending on the strength of the anti-money laundering/know-your-customer (AML/KYC) policies employed, it will likely prove difficult for cryptocurrency exchanges and other service providers to be sure that they have identified all associated virtual currency wallets in which a “blocked person has an interest.” It is possible that a cryptocurrency exchange could onboard a customer who complied with an appropriate risk-based AML/KYC policy and, unbeknownst to the cryptocurrency exchange, a blocked person “has an interest” in one of the virtual currency wallets. It remains to be seen how OFAC will employ this “has an interest” standard and whether it will take any cryptocurrency exchanges or other service providers to task for not blocking virtual currency wallets in which a blocked person “has an interest.” It is important for cryptocurrency exchanges or other service providers to implement an appropriate risk-based AML/KYC policy to defend any inquiries from OFAC as to whether it has complied with the various US sanctions programs, including by having the ability to identify other virtual currency wallets in which a blocked person “has an interest.”

UPDATED SANCTIONS COMPLIANCE GUIDANCE

OFAC’s recent framework for OFAC Compliance Commitments outlines five essential components for a virtual currency operator’s sanctions compliance program. These components generally track those applicable to more traditional financial institutions and include:

  1. Senior management should ensure that adequate resources are devoted to the support of compliance, that a competent sanctions compliance officer is appointed and that adequate independence is granted to the compliance unit to carry out their role.
  2. An operative risk assessment should be fashioned to reflect the unique exposure of the company. OFAC maintains both a public use sanctions list and a free search tool for that list which should be employed to identify and prevent sanctioned individuals and entities from accessing the company’s services.
  3. Internal controls must be put in place that address the unique risks recognized by the company’s risk assessment. OFAC does not have a specific software or hardware requirement regarding internal controls.
    1. Although OFAC does not specify required internal controls, it does provide recommended best practices. These include geolocation tools with IP address blocking controls, KYC procedures for both individuals and entities, transaction monitoring and investigation software that can review historically identified bad actors, the implementation of remedial measures upon internal discovery of weakness in sanction compliance, sanction screening and establishing risk indicators or red flags that require additional scrutiny when triggered.
    2. Additionally, information should be obtained upon the formation of each new customer relationship. A formal due diligence plan should be in place and operated sufficiently to alert the service provider to possible sanctions-related alarms. Customer data should be maintained and updated through the lifecycle of that customer relationship.
  4. To ensure an entity’s sanctions compliance program is effective and efficient, that entity should regularly test their compliance against independent objective testing and auditing functions.
  5. Proper training must be provided to a company’s workforce. For a company’s sanctions compliance program to be effective, its workforce must be properly outfitted with the hard and soft skills required to execute its compliance program. Although training programs may vary, OFAC training should be provided annually for all employees.

KEY TAKEAWAYS

As noted in OFAC’s press release issued simultaneously with the updated FAQ’s, “[t]hese actions are a part of the Biden Administration’s focused, integrated effort to counter the ransomware threat.” The Biden administration’s increased focus on regulatory and enforcement action in the virtual currency space highlights the importance for market participants and service providers to implement a robust compliance program. Cryptocurrency exchanges and other service providers must take special care in drafting and implementing their respective AML/KYC policies and in ensuring the existence of risk-based AML and sanctions compliance programs, which includes a periodic training program. When responding to inquiries from OFAC or other regulators, it will be critical to have documented evidence of the implementation of a risk-based AML/KYC program and proof that employees have been appropriately trained on all applicable policies, including a sanctions compliance policy.

Ethan Heller, a law clerk in the firm’s New York office, also contributed to this article.

© 2021 McDermott Will & Emery
For the latest in Financial, Securities, and Banking legal news, read more at the National Law Review.

Apollo Settles Alleged Sanctions Violations: Aircraft Lessors Pay Attention

The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury has broad delegated authority to administer and enforce the sanctions laws and related sanctions programs of the United States. As a key component of its enforcement authority, OFAC may investigate “apparent violations” of sanctions laws and assess civil monetary penalties against violators pursuant to five statutes, including the Trading with the Enemy Act and the International Emergency Economic Powers Act.1

An “apparent violation” involves “conduct that constitutes an actual or possible violation of U.S. economic sanctions laws.”2 An OFAC investigation of an “apparent violation” may lead to one or more administrative actions, including a “no action” determination, a request for additional information, the issuance of a cautionary letter or finding of violation, the imposition of a civil monetary penalty and, in extreme cases, a criminal referral.3 Investigations of apparent violations by OFAC often lead to negotiated settlements where a final determination is not made as to whether a sanctions violation has actually occurred.4

Upon the conclusion of a proceeding that “results in the imposition of a civil penalty or an informal settlement” against or with an entity (as opposed to an individual), OFAC is required to make certain basic information available to the public.5 In addition, OFAC may release on a “case-by-case” basis “additional information” concerning the penalty proceeding,6 and it often does. Such additional information will sometimes include informal compliance guidance, cautionary reminders and best practices recommendations. Such information is routinely consumed by corporate compliance officers seeking fresh insight on ever-evolving compliance and enforcement trends, particularly in the context of proceedings relating to industries with which they are involved.

On November 7, 2019, OFAC released enforcement information that has caught the attention of the aircraft leasing community, particularly U.S. aircraft lessors and their owned or controlled Irish lessor subsidiaries.7 The matter involved a settlement by Apollo Aviation Group, LLC8 of its potential civil liability for apparent violations of OFAC’s Sudanese Sanctions Regulations (SSR) that existed in 2014–5.9 Although the amount of the settlement was relatively modest, the enforcement activity by OFAC in the proceeding has attracted scrutiny by aircraft lessors because, for the first time in recent memory, a U.S. aircraft lessor has paid a civil penalty to OFAC for alleged sanctions violations.

At the time of the apparent violations, Apollo was a U.S. aircraft lessor which became involved in two engine leasing transactions that came back to haunt it.

In the first transaction, Apollo leased two jet engines to a UAE lessee which subleased them to a Ukrainian airline with which it was apparently affiliated. The sublessee, in turn, installed both engines on an aircraft that it “wet leased”10 to Sudan Airways, which was on OFAC’s List of Specially Designated Nationals and Blocked Persons within the meaning of the “Government of Sudan.” Sudan Airways used the engines on flights to and from Sudan for approximately four months before they were returned to Apollo when the lease ended. Meanwhile, in a separate transaction, Apollo leased a third jet engine to the same UAE lessee, which subleased the engine to the same Ukrainian airline, which installed the engine on an aircraft that it also wet leased to Sudan Airways. Sudan Airways used the third engine on flights to and from Sudan until such time as Apollo discovered how it was being used and demanded that the engine be removed from the aircraft.

Both leases between Apollo and its UAE lessee contained restrictive covenants “prohibiting the lessee from maintaining, operating, flying, or transferring the engines to any countries subject to United States or United Nations sanctions.”11 Thus, by allowing the engines to be installed by its sublessee on aircraft that were eventually wetleased to Sudan Airways, and flown to and from Sudan during the country’s embargo, the lessee presumably breached the operating restrictions and covenants imposed by Apollo in the leases. Moreover, once Apollo learned that the first two engines had been used, and the third engine was being used, for the benefit of Sudan Airways, it demanded that the third engine be removed from the aircraft that the sub-lessee had wet-leased to Sudan Airways, and this was done.12

One might reasonably conclude from these facts that Apollo acted like a good corporate citizen. So what did Apollo do wrong from a sanctions compliance standpoint?

OFAC stated that Apollo may have violated section 538.201 of the SSR, which at the time “prohibited U.S. persons from dealing in any property or interests in property of the Government of Sudan,”13 as well as section 538.205 of the SSR, which at the time “prohibited the exportation or re-exportation, directly or indirectly, of goods, technology or services, from the United States or by U.S. persons to Sudan.”14

What are the takeaways and possible lessons to be drawn by aircraft lessors from this settlement based upon these alleged violations and the facts upon which they were based?

First, according to OFAC, Apollo did not “ensure” that the engines “were utilized in a manner that complied with OFAC’s regulations,” notwithstanding lease language that effectively required its lessee to comply.15 OFAC is clearly suggesting here that aircraft lessors have a duty to require sanctions compliance by their lessees. And, in view of the fact that many sanctions programs are enforced on a strict liability basis, OFAC’s comment that Apollo failed to “ensure” compliance by its lessee and sublessees makes sense. Apollo was not in a position to avoid civil liability by hiding behind the well-drafted language of its two leases. If a sanctions violation occurred for which Apollo was strictly liable, the mere fact that its lessee’s breach of the lease was the proximate cause of the violation would not provide a safe harbor.

As an example of Apollo’s alleged failure to “ensure” legal compliance, OFAC observed that Apollo did not obtain “U.S. law export compliance certificates from lessees and sublessees,”16 a comment which is somewhat puzzling. To our knowledge, there is nothing in the law requiring a lessor to obtain export compliance certificates, at least not in circumstances where an export or re-export license is not otherwise required in connection with the underlying lease transaction. Moreover, as a practical matter, it would be difficult, at best, for an aircraft lessor to force the direct delivery of certificates from a sublessee or sub-sub-lessee with whom it lacks privity of contract. In view of the foregoing, one assumes that OFAC was looking for Apollo to install procedures by which its lessee would self-report on a regular basis its own compliance (and compliance by downstream sublessees) with applicable export control laws and the relevant sanctions restrictions contained in the lease.

Second, OFAC found that Apollo “did not periodically monitor or otherwise verify its lessee’s and sublessee’s adherence to the lease provisions requiring compliance with U.S. sanctions laws during the life of the lease.”17 In this regard, OFAC observed that Apollo never learned how and where its engines were being used until after the first two engines were returned following lease expiration and a post-lease review of engine records, including “specific information regarding their use and destinations,” actually conducted.

In view of the foregoing, OFAC stressed the importance of “companies operating in high-risk industries to implement effective, thorough and on-going, risk-based compliance measures, especially when engaging in transactions concerning the aviation industry.”18 OFAC also reminded aircraft and engine lessors of its July 23, 2019, advisory warning of deceptive practices “employed by Iran with respect to aviation matters.”19 While the advisory focused on Iran, OFAC noted that “participants in the civil aviation industry should be aware that other jurisdictions subject to OFAC sanctions may engage in similar deception practices.”20 Thus, according to OFAC, companies operating internationally should implement Know Your Customer screening procedures and “compliance measures that extend beyond the point-of-sale and function throughout the entire business of lease period.21

As a matter of best practices, aircraft lessors should implement risk-based sanctions compliance measures throughout the entirety of a lease period, and most do. Continuous KYC screening by lessors of their lessees and sublessees is a common compliance practice. Periodic reporting by lessees as to the use and destination of leased aircraft and engines appears to be a practice encouraged by OFAC.22 Lessors can also make it a regular internal practice to spot check the movement of their leased aircraft through such web-based platforms as Flight Tracker and Flight Aware. If implemented by lessors, such practices may enable early detection of nascent sanctions risks and violations by their lessees and sublessees.

Finally, OFAC reminded lessors that they “can mitigate sanctions risk by conducting risk assessments and exercising caution when doing business with entities that are affiliated with, or known to transact business with, OFAC-sanctioned persons or jurisdictions, or that otherwise pose high risks due to their joint ventures, affiliates, subsidiaries, customers, suppliers, geographic location, or the products and services they offer.” Such risk assessment is an integral part of the risk-based sanctions compliance program routinely encouraged by OFAC, as outlined in its Framework for OFAC Compliance Commitments on May 2, 2019.23 For aircraft and engine lessors, conducting pre-lease due diligence on the ownership and control of prospective lessees and sublessees, as well as the business they conduct, the markets they serve, the equipment they use and the aviation partners with whom they engage, are key to identifying and understanding the sanctions risks that a prospective business opportunity presents.


See U.S. Department of the Treasury, Office of Foreign Assets Control, Inflation Adjustment of Civil Monetary Penalties, Final Rule, 84 Fed. Reg. 27714, 27715 (June 14, 2019).

2 31 C.F.R. Part 501, Appendix A, Section I.A.

3 31 C.F.R. Part 501, Appendix A, Section II.

4 31 C.F.R. Part 501, Appendix A, Section V.C.

5 31 C.F.R. §501.805(d)(1). Such information includes “(A) [t]he name and address of the entity involved, (B) [t]he sanctions program involved, (C) A brief description of the violation or alleged violation, (D) [a] clear indication whether the proceeding resulted in an informal settlement or in the imposition of a penalty, (E) [a]n indication whether the entity voluntarily disclosed the violation or alleged violation to OFAC, and (F) [t]he amount of the penalty imposed or the amount of the agreed settlement.” Id. OFAC communicates all such information through its website. 31 C.F.R. § 501.805(d)(2).

6 31 C.F.R. § 501.805(d)(4).

See OFAC Resource Center, Settlement Agreement between the U.S. Department of the Treasury’s Office of Foreign Assets Control and Apollo Aviation Group, LLC (Nov. 7, 2019) (https://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Page…) (the Settlement Announcement).

8 In December 2018, Apollo was acquired by The Carlyle Group and currently operates as Carlyle Aviation Partners Ltd. According to the Settlement Announcement, neither The Carlyle Group nor its affiliated funds were involved in the apparent violations at issue. See id. at 1 n.1.

See 31 C.F.R. Part 538, Sudanese Sanctions Regulations (7-1-15 Edition). Note that most sanctions with respect to Sudan were effectively revoked by general license as of October 2, 2017, thereby authorizing transactions previously prohibited by the SSR during the time period of the apparent violations by Apollo. However, as is true when most sanctions programs are lifted, the general license issued in the SSR program did not “affect past, present of future OFAC enforcements or actions related to any apparent violations of the SSR relating to activities that occurred prior to the date of the general license.” Settlement Announcement at 1 n.2. See also OFAC FAQ 532 (https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_other.aspx#sudan_whole). 

10 A “wet lease” is “an aviation leasing arrangement whereby the lessor operates the aircraft on behalf of the lessee, with the lessor typically providing the crew, maintenance and insurance, as well as the aircraft itself.” See Settlement Announcement at 1 n.3.

11 Id. at 1.

12 Unfortunately, Apollo did not learn that the first two engines were used in violation of lease restrictions until they were returned following lease expiration and it conducted a post-lease review of the relevant engine records. 

13 The alleged application of section 538.201 to Apollo in the circumstances confirms the broad interpretive meaning that OFAC often ascribes to terms such as “interest,” “property,” “property interest” and “dealings,” which appear in many sanctions programs.

14 The alleged application of section 538.205 to Apollo in the circumstances suggests that a U.S. lessor of aircraft and jet engines may be tagged with the “re-export” of such goods and related services from one foreign country to another, notwithstanding the existence of a contractual daisy-chain of lessees, sub-lessees, and/or wetlessees that actually direct and control such flight decisions. In the context of U.S. export control laws, the Export Administration Regulations (EAR) define the term “re-export” to include the “actual shipment or transmission of an item subject to the EAR from one foreign country to another foreign country, including the sending or taking of an item to or from such countries in any manner.” 15 C.F.R. § 734.14(a)(1). Thus, for export control purposes, the flight of an aircraft subject to the EAR from one foreign county to another foreign country constitutes a “re-export” of the aircraft to that country. 

15 Settlement Announcement at 1.

16 Id.

17 Id., at 1–2.

18 Id. at 3. (emphasis added).

19 IdSee OFAC, Iran-Related Civil Aviation Industry Advisory (July 23, 2019) (https://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Pages/20190723.aspx)

20 Id.

21 Id. (emphasis added).

22 In Apollo, OFAC reacted favorably to certain steps alleged to have been taken by Apollo to minimize the risk of the recurrence of similar conduct, including the implementation of procedures by which Apollo began “obtaining U.S. law export compliance certificates from lessees and sublessees.” Id.

23 See https://www.treasury.gov/resource-center/sanctions/Documents/framework_ofac_cc.pdf.


© 2019 Vedder Price

More sanctions actions on the National Law Review Antitrust & Trade Regulation law page.

U.S. Agencies Implement Latest Trump-Cuba Policy Changes

On May 30, 2019, the Office of Foreign Assets Control (OFAC) amended the Cuban Assets Control Regulations (Cuba Regulations), 31 C.F.R. Part 515 (2019), removing authorization for group people-to-people education travel to Cuba. Certain previously authorized group people-to-people education travel may continue to be authorized under a grandfathering provision that will also be added to the regulation. The revisions are effective as of June 5, 2019.

Importantly, the revocation reflects the Trump administration’s significant shift in policy towards Cuba, as the revisions implement changes restricting non-family travel first announced by National Security Advisor John Bolton in an April 17, 2019, foreign policy address. Under an earlier tightening of restrictions in 2017, OFAC had only restricted the General License for group people-to-people travel to require such travel be conducted by organizations subject to U.S. jurisdiction (see previous GT Alert, U.S. Implements President Trump’s Cuba Policy), while this latest move removes the authorization entirely.

Previously authorized group people-to-people travel will be eligible for continued authorization under the grandfathering provision if the traveler has already completed at least one travel-related transaction (such as purchasing a flight or reserving an accommodation) prior to June 5, 2019.

In conjunction with the above, the Bureau of Industry and Security (BIS) amended the Export Administration Regulations (EAR) license exceptions and its licensing policies to “generally prohibit non-commercial aircraft from flying to Cuba and passenger and recreational vessels from sailing to Cuba.”

The License Exception Aircraft, Vessels and Spacecraft (AVS) in EAR § 740.15 has been amended by BIS to remove private and corporate aircraft, cruise ships, sailboats, fishing boats, and other similar aircraft and vessels from eligibility for the license exception. This means that all such aircraft and vessels subject to the EAR may no longer be exported or reexported to Cuba under the AVS exception, and operators will instead need to apply for a BIS license.

The following types of aircraft and vessels remain eligible for License Exception AVS: 1) commercial aircraft operating under Air Carrier Operating Certificates and other Federal Aviation Administration certificates; 2) authorized air ambulances; and 3) cargo vessels for hire for use in transportation of separately authorized items.

Parties that intend to travel to Cuba or to provide Cuba-related transportation services should carefully review the revised regulations to determine whether the new measures impose licensing requirements or other compliance obligations. Parties with previously scheduled group people-to-people travel to Cuba may wish to check the dates of their travel-related transactions and confirm that at least one purchase was made prior to June 5, 2019.

Although these latest revisions do not affect the remittance allowances permitted under the Cuba Regulations, Ambassador Bolton specifically mentioned in the April 17 speech that new restrictions on remittances will be forthcoming. Interested parties should, therefore, expect the restrictions on remittances to be implemented in the near future.

 

©2019 Greenberg Traurig, LLP. All rights reserved.

Export Sanctions List: Know Your Customer

If your company sells products to customers or distributors located in foreign countries during this time of sanctions and export controls, you should consider the surprising case of Cobham Holdings Inc. a cautionary tale.

The U.S. Treasury Department’s Office of Foreign Asset Control (“OFAC”) publishes a sanctions list of foreign individuals and entities to which U.S. companies may not sell goods or services without first obtaining an export license. OFAC may fine the U.S. companies that violate these sanction regulations. Prudent companies check the OFAC sanctions list before selling products to foreign customers. In fact, many companies have purchased software that searches the sanctions list for prohibited individuals and entities. If your foreign customer is not found on the sanctions list, your company is free to sell products to that customer.

That’s what Cobham Holdings Inc. thought, but on November 27, 2018 they settled a case with OFAC that involved sales to a foreign customer that was not on the sanctions list. Cobham agreed to pay a fine of $87,507 for exporting approximately $745,000 worth of silicon switches to Almaz Antey Telecommunications LLC in Russia between 2014 and 2015 when that entity was not named on OFAC’s list of “Specifically Designated Nationals and Blocked Persons”. Cobham used software to search for OFAC sanctions, the customer came up clean, and Cobham shipped the goods.

Cobham used the software to search for “Almaz Antey Telecom” but not “Almaz Antey.” If it would have searched for the latter, there were numerous hits for entities under the Almaz Antey umbrella, including the entity allegedly responsible for providing the missile that shot down Malaysia Airlines Flight MH17 over Ukraine in 2014. Upon further investigation, OFAC determined that Almaz Antey owned 51% of Almaz Antey Telecommunications LLC. As a result, OFAC initially informed Cobham that it would face potential fines up to $1.9 million.

Cobham was able to reduce the potential fine by agreeing to utilize new and improved screening software, along with a business intelligence tool and new internal checks for high risk transactions. Given that companies now know (or should know) of the potential pitfalls of using these software solutions as a stand-alone procedure, OFAC may not be so generous to the next company to run afoul of its sanctions and export controls through negligence or inadvertent software errors.

This case highlights not only the dangers of exclusively relying on software solutions to search the combined sanctions list, but the inherent risk of the vast number of related entities and the difficulty of understanding their ownership structure. Even if your customers come up clean on the sanctions search, if they are owned more than 50% by a sanctioned entity, then the transaction is still prohibited. Best efforts must be used to ensure that neither the foreign customer nor its majority owner is on the OFAC sanctions list, and a simple software solution or minimal approach may not be enough. A thorough analysis of all relevant facts and information related to your customers and sanctioned entities is vital to ensure your company will not run into the same snare as Cobham.

 

©2019 von Briesen & Roper, s.c
Read more legal news at the National Law Review.

OFAC Allows Joint Medical Research with Cuba

OFAC Medical ResearchThe Department of the Treasury, Office of Foreign Assets Control (OFAC), has modified the Cuban Assets Control Regulations (CACR) (31 C.F.R. Part 515) to allow joint medical research between persons subject to U.S. jurisdiction and Cuban nationals. In the context of the CACR, a “person subject to U.S. jurisdiction” includes any non-U.S. entity owned or controlled by a U.S. person or company directly or indirectly.

It is important to note that the focus of this rule is the development and sale of Cuban origin pharmaceutical products into the United Sates and not the sale of U.S. origin products into Cuba. The changes published today have no impact on the sale of U.S. origin pharmaceutical products into Cuba, and the modified rules do not eliminate the need for sales into Cuba to be licensed by the U.S. Department of Commerce and/or the Department of the Treasury.

As a result of this rule change, effective October 17, 2016, U.S. pharmaceutical companies and their foreign subsidiaries, as well as U.S. nationals, are authorized to engage in various types of transactions “incident to obtaining approval from the U.S. Food and Drug Administration (FDA) of Cuban origin pharmaceuticals, including discovery and development, pre-clinical research, clinical research, regulatory review, regulatory approval and licensing, regulatory post-market activities, and the importation into the United States of Cuban-origin pharmaceuticals,” as well as the “marketing, sale, or other distribution in the United States of FDA-approved Cuban-origin pharmaceuticals, including the importation into the United States of Cuban-origin pharmaceuticals.”

In its most recent Portfolio of Opportunities for Foreign Investment, Cuba identified the biotechnology and pharmaceutical sector, where BioCubaFarma has been producing vaccines and drug products for years, as one of the targets of foreign investment through strategic partnerships. Specifically, the Cuban government stated that it was promoting joint R&D projects, distribution and representation arrangements and technology transfer arrangements that complemented domestic projects in the sector. This week’s changes to the CACR will facilitate participation in these types of investments and activities in Cuba by U.S. companies.

©2016 Drinker Biddle & Reath LLP. All Rights Reserved

U.S. Designations Targeting a Major Panamanian Money Laundering Organization Not Aided by the Panama Papers Leak

Yesterday, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced designations against the Panama-based Waked Money Laundering Organization, including its leaders, network of supporters and associates, and companies. According to press reports, Colombian law enforcement arrested the organization’s leader, Nidal Ahmed Waked Hatum, at a Bogota airport the day prior to the designations.

In total, OFAC added 8 individuals and 68 business entities to the List of Specially Designated Nationals (SDN List) pursuant to the Foreign Narcotics Kingpin Designation Act (Kingpin Act). Narcotics traffickers have used these businesses to obscure the source of drug money through a variety of means, including trade-based money laundering, bulk cash smuggling, real estate development, and illicit financial services.  The designation of Balboa Bank & Trust is particularly noteworthy, as it reflects Treasury’s continued willingness to use the Kingpin Act against financial institutions.  As noted in a previous entry, OFAC had not designated a bank pursuant to the Kingpin Act prior to November 2015.

OFAC clearly anticipates that these designations will cause significant disruptions, as it concurrently issued three General Licenses authorizing certain wind down transactions involving a hotelnewspapers, and a shopping mall.  U.S. persons should carefully consider the scope and expiration dates of these licenses prior to engaging in any dealings with these designated companies.

The designations do not signal the beginning of United States government actions in response to the Panama Papers leak.  Any potential use of those documents will be limited by the legal ethical issues surrounding the use of intentionally disclosed materials likely protected by the attorney-client privilege.  In addition to the legal ethical limitations, the evidentiary which serves as the administrative record for the designations would have required several months for investigation, drafting and interagency approval.  OFAC could not have finalized such an extensive package of designations within one month of the leak.

Copyright Holland & Hart LLP 1995-2016.