For chief compliance officers of U.S. companies, navigating Russian sanctions and export controls restrictions might feel like a full-time job on its own right now, not knowing when or where violations could occur in an ever-shifting enforcement landscape.
“The scale and scope of this sanctions regime is unlike like anything we have ever seen imposed on a major economy,” said Tom Best, a partner at Paul Hastings. In recent days and weeks, the White House and numerous regulatory and enforcement agencies have implemented sweeping sanctions and export control measures specific to Russia and Belarus, leaving it up to companies to come into compliance at breakneck speed.
“It is fast and furious, but it’s also a little unpredictable and unclear,” said Adria Perez, a partner at law firm Kilpatrick Townsend, in describing the current sanctions landscape.
For example, on March 11:
- President Joe Biden issued an executive order placing additional restrictions on certain imports and exports in Russia. The order prohibits the importation into the United States from Russia of fish, seafood, alcoholic beverages, and nonindustrial diamonds and the export of certain luxury goods to Russia. The order also imposes significant restrictions on new investments in Russia.
- The Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued a new round of sanctions “targeting Russian and Kremlin elites, oligarchs, and Russia’s political and national security leaders who have supported Russian President Vladimir Putin’s brutal and illegal invasion of Ukraine.”
In navigating changing sanctions and export control measures, many companies have tactically chosen to pause or scale back new or future business in Russia, citing risk mitigation reasons, reputation risk, or a combination of the two. Businesses are assessing not only what they cannot do from a sanctions-restriction standpoint but also “what they may not want to do based on their cultural values,” Perez said.
Task Force KleptoCapture quick to work
On March 2, Attorney General Merrick Garland announced the formation of “Task Force KleptoCapture,” an interagency team dedicated to enforcing U.S. sanctions, export restrictions, and economic countermeasures.
The task force is made up of experts in not only sanctions and export control enforcement but also anti-corruption, asset forfeiture, anti-money laundering, tax enforcement, national security investigations, and foreign evidence collection.
“We are already getting inquiries from the task force asking for companies’ help in finding assets, seizing assets, and identifying assets,” Best said. The task force is contacting entities and individuals who might have information about where there might be assets that can be sanctioned or seized.
“Right now, they are going after low-hanging fruit,” he said.
The Justice Department said it will use “cutting-edge investigative techniques—including data analytics, cryptocurrency tracing, foreign intelligence sources, and information from financial regulators and private sector partners—to identify sanctions evasion and related criminal misconduct.”
Sanctions compliance practices
To help sort through the gray area of evolving sanctions and export control restrictions, chief compliance officers can help walk companies through the following steps:
Map out your touchpoints linked to Russia, Ukraine, and Belarus. “To the extent you … know you have relationships with potentially sanctioned or sanctionable members of the Russian elite, Russian families, Russian officials, or Russian companies, understand exactly what that exposure is and where you may have ongoing business relationships with them,” Best said.
In addition, assess whether any employees, customers, vendors, suppliers, agents, or their financial institutions have been identified on any sanctions lists. Perez further recommended “having a solid understanding of where raw materials originate and understand which of your suppliers, if any, are affected by the applicable sanctions.”
“To the extent you … know you have relationships with potentially sanctioned or sanctionable members of the Russian elite, Russian families, Russian officials, or Russian companies, understand exactly what that exposure is and where you may have ongoing business relationships with them.”
Tom Best, Partner, Paul Hastings
Undertake appropriate due diligence. Conduct sanctions screening, for example, through OFAC’s sanctions list search, which uses “fuzzy logic” to search potential matches on the agency’s Specially Designated Nationals (SDN) List and Non-SDN Consolidated Sanctions List. Also, ensure your high-risk business partners—distributors, dealers, and agents—have undertaken appropriate due diligence to understand how the new sanctions affect their direct customers, Perez said.
Beware of red flags. For the financial services industry, the Financial Crimes Enforcement Network (FinCEN) on March 7 issued an alert listing 13 red flags “to assist in identifying suspected sanctions evasion activity and [remind] financial institutions of their reporting obligations under the Bank Secrecy Act.”
One red flag to be aware of is “nonroutine foreign exchange transactions that may indirectly involve sanctioned Russian financial institutions, including transactions that are inconsistent with activity over the prior 12 months,” OFAC warned. “For example, the Central Bank of the Russian Federation may seek to use import or export companies to engage in foreign exchange transactions on its behalf and to obfuscate its involvement.”
“In the face of mounting economic pressure on Russia, it is vitally important for U.S. financial institutions to be vigilant about potential Russian sanctions evasion, including by both state actors and oligarchs,” said FinCEN Acting Director Himamauli Das in a press release. “Although we have not seen widespread evasion of our sanctions using methods such as cryptocurrency, prompt reporting of suspicious activity contributes to our national security and our efforts to support Ukraine and its people.”
Train relevant employees and business partners. Keep relevant employees apprised of sanctions developments, evasion tactics, and warning signs. Accounts payable, accounts receivable, procurement, sales staff, and risk management all need to be aware of what sanctions restrictions and red flags to raise to the compliance and legal departments, Perez said. Many companies have an internal task force made up of an interdisciplinary team from these departments, she said.
Companies that rely on a large network of independent distributors and suppliers will often train them on their supplier code of conduct. “This is another opportunity to amp that up,” said Andrew Shoyer, a partner at law firm Sidley Austin.
Perez further suggested reviewing your supplier code of conduct and business partner and customer-related policies to ensure there are no compliance gaps that need attention.
Mitigate sanctions violations. If during an internal review any sanctions violations are uncovered, “stop the bleeding” by stopping the misconduct, Perez said. Depending on which sanctions were violated, there might also be a duty to disclose.
Shoyer recommended doing a root cause analysis to determine the source of the violation and mitigate the risk of it happening again. Even if there is not a duty to disclose, it’s prudent to assess whether to do a voluntary self-disclosure.
Consider audit rights carefully. If switching to a new business partner, undertake appropriate due diligence and ensure the appropriate compliance certifications are received. However, consider any audit rights carefully, Shoyer said, “because if you put audit rights in a contract and don’t use them at all, it looks worse.” To an enforcement agency, it might come across as negligence.
Moving forward, U.S. authorities will continue to take a global coordinated stance in sanctioning Russia, together with leaders in the European Union, the United Kingdom, Canada, and beyond. Thus, prudent chief compliance officers and in-house counsel should continue to pay attention to any new guidance in the coming days and weeks from OFAC, FinCEN, the Department of Commerce’s Bureau of Industry and Security, and other relevant agencies.
- Bureau of Industry and Security
- Chief Compliance Officer
- Financial Crimes Enforcement Network
- Internal Controls
- Office of Foreign Assets Control
- President Biden
- Risk Management
- Russia sanctions
- Specially Designated Nationals List
- Supply Chain
- Surveys & Benchmarking
- Task Force KleptoCapture
- Third Party Risk
- United States