Several important legislative, regulatory, and enforcement updates took place related to economic sanctions and export controls for the second quarter of 2019. Kirkland & Ellis attorneys discuss these actions, and what they may indicate about trends and takeaways in the second half of 2019.
The View from Washington: Key Compliance Takeaways
- The Department of the Treasury Office of Foreign Assets Control (OFAC) continued to build on its heightened Q1 enforcement efforts, bringing 13 settlement and penalty actions against non-U.S. financial institutions, as well as U.S. and non-U.S. companies across a wide array of industries including shipping, software, and e-commerce travel.
- OFAC issued A Framework for Compliance Commitments (the Framework), which formally puts companies on notice of its expectations with respect to an effective economic sanctions compliance program (SCP). Notably, OFAC expressly indicated that it would take into account whether a company maintains an effective SCP in determining what penalties to impose in the event of violations.
- OFAC’s action quickly followed the U.S. Department of Justice’s (DOJ) publication of its Evaluation of Corporate Compliance Programs guidance, indicating marked interagency attention and coordination in corporate enforcement actions and an increased government-wide focus on national security and foreign policy-related cases.
- With respect to export controls, the U.S. Department of Commerce Bureau of Industry and Security’s (BIS) placement of Huawei Technologies Co. Ltd. (Huawei) on the Entity List coupled with the president’s issuance of the Executive Order on Securing the Information and Communications Technology and Services Supply Chain (the Executive Order), would seem to raise the stakes of the trade war and reflect increasing strategic competition between the U.S. and China.
Legislative and Regulatory Updates
OFAC Compliance Framework
On May 2, OFAC published its Framework, setting out guidance regarding its expectations for effective SCPs. The Framework formalizes the enhanced focus on SCPs seen in recent enforcement actions, and indicates that the presence or absence of an effective SCP will be a factor for consideration in assessing appropriate penalties for apparent violations.
OFAC indicated that, at a minimum, an effective SCP consists of
five elements: (1) management commitment; (2) risk assessment; (3)
internal controls; (4) testing and auditing; and (5) training. OFAC
emphasizes that an effective SCP needs to be risk-based, i.e.,
shaped to the organization and its risk factors, as well as
dynamic, i.e., constantly updated and recalibrated.
Entity Listing and Executive Order
On May 16, BIS designated Huawei and 68 of its affiliates on the
Entity List, an action which effectively denies Huawei access to
the U.S. supply chain by imposing a licensing requirement (with a
policy of denial) with respect to the export, re-export, and
transfer to Huawei of parts, components, software, and technology
subject to the Export Administration Regulations.
Under a temporary general license in effect until August 19, BIS has authorized certain transactions with Huawei, including those necessary to maintain and support existing fully operational networks and equipment, subject to pre-existing contracts between Huawei and third parties.
Perhaps indicative that Huawei is an instrument in the ongoing trade negotiations between the U.S. and China, on June 29, President Trump announced at the G20 in Japan that he was prepared to ease restrictions on Huawei. However, on July 9, Commerce Secretary Ross stated that, though the U.S. would issue licenses to export to Huawei “where there is no threat to U.S. national security,” both the scope of items requiring licenses and the licensing policy of denial remain unchanged.
The Huawei Entity List additions came on the same day as President Trump’s May 15 Executive Order, which lays a framework for forthcoming rules that could impose a broader sectoral ban on dealing with Huawei and other Chinese companies. As the Executive Order gives relevant federal agencies the authority to act against what the U.S. may determine poses an unacceptable risk to national security, it could also cover parties from countries including Iran, North Korea, and Russia.
With implementing rules expected in October, the full contours of the covered prohibitions, and the extent of their reach, have yet to be determined.
Non-U.S. Financial Institutions
On April 9, OFAC reached a $639 million settlement with Standard Chartered Bank (SCB) for apparent violations of the former Burma and Sudan sanctions programs, as well as the Iran, Syria, and Cuba sanctions programs.
From June 2009 to June 2014, SCB processed 9,335 sanctioned
country transactions valued at over $437 million through or to the
United States, in many cases involving SCB’s Dubai branch
processing transactions for Iran-related customers through its
office in New York or other U.S. financial institutions. SCB had
not voluntarily self-disclosed, and the apparent violations were
Notably, the OFAC settlement was part of a $1.1 billion global settlement with related state, federal, and U.K. authorities pursuant to an investigation initiated by OFAC in 2013 into Iranian accounts SCB Dubai continued to maintain, despite SCB having entered into a settlement with OFAC for similar conduct in 2012.
On April 15, OFAC announced settlements totaling $611 million with UniCredit Bank AG, UniCredit Bank Austria AG, and UniCredit S.p.A. (together, UniCredit), for apparent violations of multiple sanctions programs, including the Iran, Syria, Cuba, and former Libya programs. OFAC noted that the apparent violations were not voluntarily disclosed, and were in multiple instances egregious. The UniCredit settlements resulted from coordinated interagency effort, and were announced in conjunction with enforcement actions by DOJ and New York state authorities, which led to a combined $1.3 billion resolution.
Between January 2007 and December 2012, UniCredit processed more than 2,800 sanctioned country-related payments valued at over $650 million through U.S. financial institutions. OFAC found that UniCredit Bank AG acted with intent to circumvent U.S. sanctions in maintaining formal “OFAC neutral” procedures to conceal the sanctioned country nexus in transactions to be processed through intermediary U.S. financial institutions.
It also found that the bank acted with reckless disregard in operating U.S. dollar accounts on behalf of the Islamic Republic of Iran Shipping Lines (IRISL) and its subsidiaries and affiliates, and in failing to implement controls to prevent such activity. OFAC likewise found UniCredit acted with reason to know it was violating U.S. law in processing U.S. dollar-denominated payments under letters of credit issued for delivery of oil from Kazakhstan, while having access to information showing that its customer would ultimately send that oil to Iran.
Sectoral Sanctions Enforcement
On April 25, OFAC announced a $75,375 settlement with Haverly Systems Inc. (Haverly), a New Jersey oil and gas software services company, for two apparent violations of the Ukraine Related Sanctions Regulations. OFAC found that Haverly extended payment terms for software licensing and support services invoices to Russian oil and gas company Rosneft, a party on the Sectoral Sanctions Identification List (SSI List), in violation of the maturity tenor provided by the applicable sanctions (Directive Two).
Though OFAC found Haverly acted with reckless disregard in processing the payments despite receipt of rejected SWIFT messages, which at times noted potential sectoral sanctions issues, OFAC found the case to be non-egregious due to factors including the likelihood that it would have licensed the proposed payments, Haverly’s small size, and its remedial efforts to implement an SCP with regular risk assessments and appropriate screening.
Blocked Vessel Funds Transfers
On May 2, OFAC announced an $871,837 settlement with MID-SHIP Group LLC (MID-SHIP) for apparent violations of the Weapons of Mass Destruction Proliferators Sanctions Regulations. Between February 2011 and November 2011, the New York-based marine transportation service company processed five electronic funds transfers, totaling approximately $472,861, for payments associated with two blocked vessels owned by IRISL.
OFAC noted MID-SHIP’s possession of information connecting the vessels to Iran, as well as the IMO numbers included on the Specially Designated Nationals and Blocked Persons List (SDN List), as indicators it had the ability to perform third-party diligence. The presence of multiple aggravating factors, including reckless disregard for compliance obligations and management knowledge that financial institutions had rejected at least two past payments, led OFAC to determine the case, which was not voluntarily disclosed, to be egregious.
Building on its 2018 and 2019 shipping advisories, OFAC emphasized the heightened need for compliance programs for companies operating in high-risk industries such as international shipping and logistics.
Cuba Travel-Related Services
On June 13, OFAC announced settlements with three providers of electronic travel booking services, Expedia Group, Inc. (Expedia), Hotelbeds USA Inc. (Hotelbeds), and Cubasphere Inc. (Cubasphere), for apparent violations of the Cuban Assets Control Regulations (CACR).
Expedia entered into a $325,406 settlement for the voluntarily disclosed conduct of certain of its foreign subsidiaries that led to its dealing in blocked property of Cuba or Cuban nationals through the provision of travel assistance or travel-related services. Between April 2011 and October 2014, Expedia and its foreign subsidiaries provided travel-related services for travel between Cuba and countries other than the United States, or within Cuba.
OFAC emphasized that Expedia was slow to integrate one of its
new foreign subsidiaries into its sanctions compliance system,
including by failing to notify that foreign subsidiary that it was
subject to U.S. law until 15 months after the acquisition.
Hotelbeds, the U.S. subsidiary of Spanish company Hotelbeds Group, agreed to a $222,705 settlement for assisting 703 persons with Cuba-related travel services in apparent violation of the CACR, conduct which it did not voluntarily disclose to OFAC.
Between December 2011 and June 2014, Hotelbeds knowingly provided travel services to non-U.S. persons by selling accommodations and giving instructions for payment to a Spanish account from which Hotelbeds was thereafter credited. OFAC noted that this practice resulted from a misplaced belief that the CACR would not prohibit Cuba-related transactions if the customers were not U.S. persons and the payments were not made through U.S. bank accounts.
Similarly, Cubasphere and its president entered into a $40,320 settlement for performing prohibited travel-related services to and within Cuba by providing 104 individuals with full-service tours on four trips to Cuba between December 2013 and February 2014.
OFAC found that Cubasphere and its president received direct payments from groups and individuals for activities associated with the trips to Cuba, and obtained Cuban visas and cover letters from U.S. religious organizations purportedly to engage in humanitarian and religious activities, which were later determined not to be an accurate reflection of the groups’ true sightseeing and tourism-based travel itineraries. The parties did not voluntarily disclose the matter to OFAC.
Conspiracy to Illegally Export
On May 22, New Jersey resident Gene Shilman pled guilty to one count of conspiracy to violate the Arms Export Control Act (AECA), the International Emergency Economic Powers Act (IEEPA), and the Export Control Reform Act of 2018 (ECRA). The defendant pled guilty to conspiring to illegally ship export-controlled items including firearm components, night vision goggles, and bulletproof vests to Ukraine and Russia, without appropriate State or Commerce Department authorizations.
The conspiracy was organized by individuals outside of the United States, using Shilman’s email accounts to order regulated goods from various dealers in the United States and thereafter receive wire transfers from overseas locations to pay for the purchases.
On June 26, part-time Los Angeles resident and electrical
engineer Yi-Chi Shih was convicted of conspiracy to violate IEEPA
through illegal export of high-speed semiconductor chips known as
monolithic microwave integrated circuits (MMICs) to China, and of
other charges including mail and wire fraud. Together with Kiet Ahn
Mai, who was also charged with conspiracy in January 2018 and
pled guilty to smuggling in December 2018, Shih conspired to gain
access to the computers of a U.S. company that manufactures MMICs
by posing as U.S. customers looking to purchase custom MMICs for
use in the United States.
Prosecutors alleged that Shih and Mai concealed that the MMICs would be shipped to China, and that the MMICs were to be sent to a BIS Entity List company, Chengdu GaStone Technology Company, of which Shih was the former president.
This column does not necessarily reflect the opinion of The Bureau of National Affairs, Inc. or its owners.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.