On March 7, 2022, the Financial Crimes Enforcement Network (FinCEN) issued an alert calling on financial institutions to be “vigilant” in guarding against attempts to evade the recent imposition of expanded Russia sanctions. The latest financial and economic sanctions imposed by the Office of Foreign Assets Control (OFAC) seek to “isolate Russia from the global financial system and degrade the Kremlin’s ability to project power,” and also to “isolate the severely damaged Russian economy by prohibiting trade in products that are key to the economic and financial interests of all Russian elite.”

The sanctions authorize the targeting of persons engaged in “deceptive or structured transactions or dealings to circumvent any United States sanctions, including through the use of digital currencies”¹  such as convertible virtual currencies (CVC)—the importance of which is emphasized in the alert.  Further, OFAC prohibits “[a]ny transaction that evades or avoids, has the purpose of evading, causes a violation of, or attempts to violate any of the prohibitions set forth in this order.”²

FinCEN highlights 13 red flags as key to identifying potential sanctions evasion:³

• Use of various corporate vehicles to obscure ownership, source of funds, or countries involved.
• Use of shell companies to conduct international wire transfers.
• Use of third parties to shield the identity of sanctioned persons.
• Accounts in jurisdictions or with financial institutions experiencing a sudden rise in funds transfers.
• Jurisdictions associated with Russian financial flows with an increase in new company formations.
• Newly established accounts that attempt to send or receive funds from a sanctioned institution.
• Non-routine foreign exchange transactions that may indirectly involve sanctioned Russian banks.
• Transactions initiated from or sent to the following types of IP addresses: non-trusted sources; locations in Russia, Belarus, FATF-identified jurisdictions, and comprehensively sanctioned jurisdictions; or IP addresses previously flagged as suspicious.
• Transactions connected to CVC addresses on OFAC’s Specially Designated Nationals and Blocked Persons List.
• Use of a CVC exchanger or foreign-located money services business (MSB) in a high-risk jurisdiction.
• Receipt of CVC from an external wallet, immediately followed by initiation of multiple trades among multiple CVCs with no apparent related purpose, followed by a transaction off the platform.
• Initiation of a transfer of funds involving a CVC mixing service.
• Direct or indirect receiving transaction exposure identified by blockchain tracing software as related to ransomware.

Reporting obligations

The alert stresses the importance of all financial institutions (especially those engaged in CVC transfers such as CVC exchangers and administrators⁴) identifying and immediately reporting suspicious activity associated with potential sanctions evasion and ransomware attacks.

FinCEN reminds financial institutions of their various Bank Secrecy Act (BSA) reporting requirements, which are independent of any OFAC reporting and blocking obligations.⁵ For example, if a financial institution has blocked a transaction for sanctions purposes, it is still required to file a suspicious activity report (SAR) in addition to the OFAC blocking report if the facts and circumstances of the transaction are suspicious independent of sanctioned party involvement. FinCEN has requested that financial institutions reference “FIN-2022-RUSSIASANCTIONS” in their SARs and describe how the suspicious activity being reported relates to the compliance concerns raised in the alert.

Emphasis on CVCs

The alert reiterates that financial institutions’ anti-money laundering (AML)/combating the financing of terrorism/counter proliferation and sanctions compliance obligations apply to CVC transactions just like any other.  The US government’s concern is that sanctioned persons will deploy a number of measures to evade sanctions, including through CVC exchangers and administrators and by using non-sanctioned Russian financial institutions and financial institutions located in third countries. 

According to FinCEN, it is not practical for the Russian government to move large amounts of money through CVCs—but sanctioned persons and other illicit actors may attempt to do so to evade sanctions and hide assets.  CVC exchangers and administrators, as well as other financial institutions, are well positioned to observe attempted or completed transactions tied to CVC wallets or other CVC activity associated with sanctioned persons.

Next steps for financial institutions

Financial institutions should prioritize addressing the issues described in the FinCEN alert and complying with the recently imposed “mother of all sanctions,” because failure to do so could result in an enforcement action and significant penalties.

Financial institutions should, at a minimum, document changes made to their AML and OFAC processes in response to the new sanctions and ensure that the appropriate personnel have received updated training.  In addition, given the high number of Russian government officials and oligarchs recently targeted with new sanctions, financial institutions also should ensure that they are taking reasonable steps to ascertain whether an individual is a foreign politically exposed person, including by conducting enhanced due diligence for private banking accounts held for non-US persons as appropriate.

Over the past few weeks, the sanctions landscape has been constantly (and quickly) evolving.  Financial institutions are advised to actively monitor legal developments and respond in kind.

_____

¹ Executive Order 14024, Section 1(a)(ii)(G).

² Executive Order 14024, Section 4.

³ The red flag indicators highlighted in this alert are examples and are not a comprehensive list of indicators of possible sanctions evasion activity. Because no single financial red flag is determinative of illicit or suspicious activity, financial institutions should consider the relevant facts and circumstances of each transaction, in keeping with a risk-based approach to compliance.

⁴ CVC administrators are generally considered MSBs under the BSA.

⁵ Depending on the facts and circumstances, a financial institution may still have the following BSA reporting requirements (if applicable):  Currency Transaction Report (CTR), Report of Cash Payments Over $10,000 Received in a Trade or Business (Form 8300), Report of Foreign Bank and Financial Accounts (FBAR), Report of International Transportation of Currency or Monetary Instruments (CMIR), Registration of Money Service Business (RMSB), and Designation of Exempt Person (DOEP).

[View source.]