On December 29, 2016, OFAC (the U.S. Department of the Treasury, Office of Foreign Assets Control) imposed sanctions on five Russian entities and four Russian individuals in connection with their alleged efforts to interfere with the recent U.S. presidential election.

The new sanctions were imposed pursuant to Executive Order (EO) 13757, issued by President Obama, effective December 29, 2016. EO 13757 amends EO 13694 (originally issued on April 1, 2015), by expanding the types of significant, malicious cyber-related activities that are sanctionable. OFAC also imposed sanctions on two other individuals in Russia for allegedly engaging in significant, malicious cyber-related activities for private financial gain pursuant to authority that already existed in EO 13694. This is the first time OFAC has imposed sanctions pursuant to EO 13694 since its issuance. Simultaneously, OFAC also issued a number of new Frequently Asked Questions (FAQs) on EO 13694 as amended and related compliance obligations.

Amendment of EO 13694

As originally issued, EO 13694 authorized sanctions to be imposed on any person determined by the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities:

• originating from, or directed by persons located, in whole or in substantial part, outside the United States;

• that are reasonably likely to result in, or have materially contributed to, a significant threat to national security, foreign policy, or the economic health or financial stability of the United States; and

• that have the purpose or effect of resulting in one of four specified harms.⁽¹⁾ 

EO 13757 expands the types of cyber-related activities that are sanctionable under EO 13694 to include activities that have the purpose or effect of tampering with, altering, or causing a misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions.

EO 13694 defines "misappropriation" as including any taking or obtaining by improper means, without permission or consent, or under false pretenses. OFAC clarified in its FAQ 489 that: "[i]mportantly, to be eligible for sanctions under this provision, an individual or entity must not only 'misappropriate' information, but it must also do so with the purpose of interfering with or undermining election processes or institutions." In FAQ 444, OFAC indicated that this new authority "is intended to address situations where, for jurisdictional or other issues, certain significant malicious cyber actors may be beyond the reach of other authorities available to the U.S. government."

The persons sanctioned pursuant to amended EO 13694 have been added to OFAC’s Specially Designated Nationals and Blocked Persons List (the SDN List, and each person thereon, an SDN) with the program indicator "[CYBER2]". All property and interests in property that are in or come within the United States or that are in or come within the possession or control of a U.S. person of any person sanctioned pursuant to EO 13694 as amended are blocked and may not be transferred, paid, exported, withdrawn, or otherwise dealt in. This blocking obligation also extends to any entity in which one or more SDNs directly or indirectly holds a 50% or greater interest. In addition, U.S. persons are generally prohibited from engaging in any transaction or dealing with persons whose property and interests in property are blocked. Furthermore, individuals sanctioned pursuant to EO 13694 as amended are generally prohibited from entering the United States. 

Persons Sanctioned under Amended EO 13694

The persons sanctioned pursuant to amended EO 13694 are:  

• Vladimir Stepanovich Alexseyev, First Deputy Chief of Russia’s Main Intelligence Directorate (in Russian, Glavnoe razvedyvatel'noye upravleniye, and hereafter GRU);

• Sergey Gizunov, Deputy Chief of GRU;

• Igor Korobov, Chief of GRU;

• Igor Kostyukov, First Deputy Chief of GRU;

• Autonomous Noncommercial Organization Professional Association of Designers of Data Processing Systems (a.k.a ANO PO KSI);

• Federal Security Service (a.k.a Federalnaya Sluzhba Bezopasnosti; a.k.a. FSB);

• Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie; a.k.a. GRU; a.k.a. Main Intelligence Department);

• Special Technology Center (a.k.a. STC, LTD); and

• Zorsecurity (f.k.a. Esage Lab; a.k.a. Tsor Security).

OFAC’s press release regarding this action, as well as the SDN List, contain additional identifying information on these persons, including, in some instances, their names in Cyrillic. 

Other Designations Pursuant to EO 13694

OFAC has also added two Russian individuals to the SDN List pursuant to EO 13694’s pre-existing authority to impose sanctions related to engaging in a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain:  

• Evgeniy Mikhayilovich Bogachev

• Aleksey Alekseyevich Belan

Additional identifying details for these individuals can be found in the OFAC and U.S. Department of the Treasury press releases on the amendment to EO 13694 and on the SDN List. 

FAQ 445 – OFAC’s Guidance on Compliance with EO 13694

In FAQ 445, OFAC reminds U.S. persons and persons otherwise subject to OFAC jurisdiction (especially technology/online commerce companies) to ensure that they are not engaging in unauthorized trade or other transactions with SDNs or in jurisdictions targeted by comprehensive sanctions programs. OFAC further advises that companies should develop tailored, risk-based compliance programs that may include sanctions list screening or other appropriate measures, while cautioning that companies should resist the temptation to rely on a "one-size-fits-all" approach.

Final Thoughts

While the amendment to EO 13694 has expanded the scope of the U.S.’s cyber-related sanctions program, it is unclear whether, and to what extent these, and other Russia-related sanctions will remain in place once President-elect Trump assumes office. The uncertainty about how the Trump Administration will address these issues magnifies the inherent uncertainty of the U.S. (and international) sanctions regimes, which continue to evolve, often with little or no notice, and typically with immediate effect. In any event, it remains critical that corporations and financial institutions whose business involves the Crimea region of Ukraine or other sanctioned countries, regions or persons continue to carefully monitor developments and build flexibility into their plans. 

^{(1) The four specified harms are:}
(a) harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector;
(b) significantly compromising the provision of services by one or more entities in a critical infrastructure sector;
(c) causing a significant disruption to the availability of a computer or network of computers; or
(d) causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.