Regulatory intelligence for US exporters

Part II: Sanctions Enforcement Actions

Behrouz Mokhtari of McLean, Virginia, and Tehran pleaded guilty Jan. 9 to two conspiracies to violate U.S. sanctions on Iran "by engaging in business activities on behalf of Iranian entities" without getting a license from the Treasury Department's Office of Foreign Assets Control, DOJ announced Jan. 9. Mokhtari will forfeit money, property and assets obtained from the schemes, including a Campbell, California, home, and a money judgment of over $2.8 million, DOJ said. The defendant faces a maximum of five years in prison for each of the two conspiracy counts.

Start A Trial

Virginia Man Admits to Conspiring to Evade US Sanctions on Iran

From 2018 to 2020, Mokhtari held management positions or control of various businesses in Iran and the United Arab Emirates, dubbed "the FSR Network." The defendant and his co-conspirators used this network to "provide services to Iranian entities and engage in transactions involving Iranian petrochemical products, including refining petrochemical products and transporting them by sea," DOJ said. Mokhtari used UAE bank accounts, including Bitubiz, to complete the transactions in U.S. dollars.

Mokhtari confessed to using Bitubiz as a conduit for the FSR Network to hide that his transactions violated U.S. sanctions on Iran. Bitubiz used daily ledgers to record the transactions, crediting most of the amount to Ayegh Isfahan Manufacturing -- a firm in which Mokhtari and others had ownership interests, DOJ said.

From 2013 to 2017, Mokhtari also engaged in a separate conspiracy to "support illicit shipments of petrochemical products to and from Iran in violation of the Iranian sanctions," DOJ said. In this scheme, the defendant created a Panama-based company, East & West Shipping, to buy two liquid petroleum gas tanker vessels to ship Iranian petrochemical goods for the benefit of Iranian entities linked to the Iranian government.

European Businessmen Charged in Scheme to Avoid Sanctions on Russian Yacht

Two businessmen -- Russian national Vladislav Osipov and British national Richard Masters -- were charged for their roles in a sanctions evasion and money laundering scheme connected with the ownership and operation of the $90 million superyacht Tango, DOJ announced. The yacht is owned by sanctioned Russian oligarch Viktor Vekselberg. According to indictments unsealed Jan. 20 in the U.S. District Court for the District of Columbia, Osipov and Masters are accused of conspiracy to defraud the U.S. and commit offenses against the U.S., violating the International Emergency Economic Powers Act and money laundering, DOJ said.

The businessmen "facilitated the operation" of the vessel through U.S. companies and the U.S. financial system all while hiding the oligarch's involvement despite Vekselberg being sanctioned in April 2018. Osipov "designed a complicated ownership structure of shell companies to hide Vekselberg’s ownership of the yacht, despite that Vekselberg designed the yacht, was the sole user, and was the ultimate beneficial owner," DOJ said.

Masters, meanwhile, ran a yacht management firm in Spain. This company took over the management of Tango after Vekselberg was sanctioned, allegedly conspiring with others to evade U.S. sanctions. Masters supposedly used a false name for the yacht, "the Fanta," to hide the ultimate purpose of payments for the oligarch. Due to this "obfuscation," U.S. banks processed hundreds of thousands of dollars of transactions for Tango that they otherwise would not have allowed had they known of Vekselberg’s involvement, DOJ said. These payments and Vekselberg’s involvement weren't reported to the Treasury Department.

Osipov and Masters "advised and enabled" Tango employees to continue to do business with U.S. companies by using "various workarounds to avoid sanctions, such as payments in other currencies and through third parties." Because of these sanctions evasion practices, the yacht's internet, technology, weather forecasting systems, computing systems, satellite television, luxury goods and teleconferencing software were all U.S.-origin products, DOJ said.

“Today’s indictments and the arrest [of Masters] executed by Spanish law enforcement demonstrate the FBI’s continued focus on tracking down and holding accountable those who assist sanctioned Russian oligarchs,” FBI Deputy Director Paul Abbate said. “The FBI, along with our international partners, will continue to aggressively investigate and pursue anyone who facilitates the corrupt practices of others, placing our institutions at risk.”

North Korean Intelligence Officer Sentenced for Scheme to Aid Sanctioned Companies

The U.S. District Court for the District of Columbia sentenced Mun Chol Myong, a North Korean national, to time served of 45 months in prison for money laundering offenses, DOJ announced Jan. 20. Mun is the first North Korean national to be extradited to the U.S., and he will be subject to deportation after the completion of his sentence, DOJ said.

From April 2013 to November 2018, Mun and others conspired to send funds through the U.S. for the "purpose of promoting bank fraud," using front companies and faked transaction documents to hide that the payments benefited sanctioned North Korean parties, DOJ said. Authorities identified more than $1.2 million in illegal transactions. The charges against Mun alleged he was affiliated with North Korea's primary intelligence organization, the Reconnaissance General Bureau.

Mun pleaded guilty to all counts of the indictment, which included one count of conspiracy to commit money laundering and four counts of money laundering.

Russian Oligarch's Associate Charged With Sanctions Evasion for Concealing Real Estate Properties

Vladimir Voronchenko, a Russian citizen and legal permanent resident of the U.S., was charged with participating in a scheme to net over $4 million to maintain four properties in the U.S. owned by sanctioned oligarch Viktor Vekselberg, DOJ announced Feb. 7 Voronchenko also tried to sell two of the properties.

Vekselberg was listed as a Specially Designated National in 2018 after Russia annexed parts of Ukraine.The oligarch was redesignated in March 2022, with OFAC blocking his yacht and private plane.

From 2008 to 2017, though, Vekselberg via a series of shell companies, bought four properties, two in New York and two in Florida, collectively worth around $75 million. Voronchenko retained an attorney "in connection with the acquisition of" and eventual attempts to sell the properties. Right after Vekselberg was designated as an SDN, though, the source of funds used to maintain and service the properties changed, the agency said. The "attorney’s interest on lawyer’s trust account" began receiving wires from a bank account in the Bahamas held in the name of a shell company controlled by Voronchenko, DOJ alleged.

From 2018 to 2022, around 25 wire transfers totaling around $4 million were sent to the attorney's account. Voronchenko was then charged with conspiring to violate and evade U.S. sanctions in violation of the International Emergency Economic Powers Act, violating IEEPA, conspiring to commit international money laundering, and international money laundering. Each charge comes with a maximum of 20 years in prison.

2 Lebanese Nationals Charged With Sanctions Avoidance Scheme

Mohammad Ibrahim Bazzi, a citizen of Lebanon and Belgium, and Talal Chahine, a Lebanese citizen, were charged as part of a conspiracy to launder money, cause U.S. citizens to conduct illegal transactions with a Specially Designated Global Terrorist and conduct illegal transactions with a sanctioned terrorist, the U.S. Attorney's Office for the Eastern District of New York announced Feb. 24. Each charge carries the possible punishment of up to 20 years in prison.

In 2018, the U.S. sanctioned Bazzi as a Specially Designated Global Terrorist for helping finance Hezbollah, a listed terrorist organization in Lebanon. After his designation, Bazzi, along with Chahine, allegedly conspired to force an unnamed U.S. individual to liquidate interests in "certain real estate assets located in Michigan and covertly transfer hundreds of thousands of dollars in proceeds of the liquidation out of the United States to Bazzi and Chahine in Lebanon without the requisite OFAC licenses, in violation of the International Emergency Economic Powers Act."

During recorded communications, the defendants floated numerous ways to hide that Bazzi was the recipient of the sale, DOJ said. It said suggestions discussed included transferring the funds through a Chinese third party as part of a fake purchase of restaurant equipment or through a Lebanese third party as part of a false real estate purchase. They also discussed transferring the funds through Chahine's Kuwait-based family members and as part of a fake franchising agreement for a Lebanese-based restaurant chain in the U.S.

OFAC Fines Indian Tobacco Company for Indirect Exports to North Korea

The Office of Foreign Assets Control fined an Indian tobacco manufacturer $332,500 March 1 for violating U.S. sanctions against North Korea. Mumbai-based Godfrey Phillips India Limited (GPI), which didn’t voluntarily disclose the violations, settled with OFAC after the company used U.S. banks to receive payments for indirect tobacco shipments to North Korea, OFAC said, and used third-party companies to try to hide the payments’ connection to North Korea.

The violations began in 2015 when a GPI vice president reached out to a Thailand-based company, which was acting as an intermediary for a North Korean tobacco company, about selling its tobacco to North Korea, OFAC said in an enforcement notice. GPI exported “free samples” of its tobacco and cigarettes to the North Korean customer at least five times between 2015 and 2017, the agency said.

In 2016, a GPI assistant manager emailed the Thai company about “a prospective order of tobacco” for the North Korean customer, OFAC said. The agency said three other senior GPI officials “proceeded to discuss the logistics of exporting a shipping container full of tobacco” -- as opposed to a “small package” -- and whether they could export the shipment directly to North Korea. The officials discussed whether GPI was “willing” to write North Korea on the container’s bill of lading, according to the notice, or whether they would need to route the shipment through Dalian, China.

After a GPI manager said they would need to “confer” with the company’s finance department, the company ultimately decided to omit North Korea from the bill of lading, OFAC said. Instead, they listed the Thai company as the customer and China as the destination.

Several months later, the Thai company placed orders on behalf of the North Korean customer for more than 174,000 pounds of tobacco, OFAC said. The company used four Hong Kong-organized intermediaries to send the payments to GPI, the agency said, which included three payments to GPI’s bank account at a non-U.S. bank in India and one India-based branch of a U.S. bank. This caused “three U.S. financial institutions to clear the payments,” OFAC said, which totaled about $370,000 and violated U.S. sanctions.

OFAC said the maximum civil penalty was more than $1.7 million, but the agency decided on a lower amount because the violations were non-egregious. The agency said GPI hadn’t received a penalty notice in the previous five years and took remedial action to improve its sanctions compliance program, including implementing screening procedures, know your customer measures and recordkeeping requirements. The company also cooperated with OFAC’s investigation and agreed to toll the statute of limitations.

The agency also pointed to several aggravating factors, including the fact that GPI “acted recklessly” and “failed to exercise a minimal degree of caution or care” for U.S. sanctions. Several of the company’s senior managers also had “actual knowledge” that the shipments were illegal, OFAC said, adding that the exports harmed U.S. foreign policy objectives by providing a “sought-after, revenue-generating good to the North Korean regime.”

The case highlights how foreign companies can violate U.S. sanctions if they process their transactions through the U.S. financial system, including through foreign branches of U.S. banks, OFAC said. The agency stressed that the “absence of a compliance program” may increase the “likelihood” of a sanctions violation, and said companies should look out for “deceptive practices” used by North Korean companies, including employing third-parties in other countries to coordinate shipments and payments.

GPI didn't respond to a request for comment.

US Fines Wells Fargo Nearly $100M for 'Unsound' Sanctions Compliance Practices

The U.S. on March 30 fined Wells Fargo nearly $100 million for allegedly breaching U.S. sanctions against Iran, Syria and Sudan, violations that stemmed from its "unsafe or unsound" sanctions compliance practices. The bank was fined $30 million by the Treasury Department's Office of Foreign Assets Control and $67.8 million by the Federal Reserve after OFAC said Wells Fargo's subsidiary allowed a European bank to use its trade finance platform to process more than $500 million in sanctioned transactions.

Along with the fine, the bank, as part of a settlement agreement with OFAC, must submit an annual sanctions compliance certification to the agency for the next five years. Wells Fargo will have to certify that it’s providing “adequate resources” to its compliance department, promoting a “culture of compliance” among senior management and conducting regular risk assessments, audits, training and more.

OFAC said the violations occurred between 2010 and 2015, "when Wells Fargo provided a software system developed by Wells Fargo's predecessor, Wachovia Bank" to a European bank. That bank, which OFAC didn’t name, used the software system to process 124 illegal transactions, including payments that violated the Iranian Transactions and Sanctions Regulations, the Syrian Sanctions Regulations and the now-repealed Sudanese Sanctions Regulations.

The software system stemmed from a 2006 agreement between Wachovia and the European bank in which the parties said the European bank had the “primary responsibility” to screen for “sanctions issues related to transactions processed on its Hosted versions” of the Eximbills software platform. The two banks also agreed the European bank wouldn’t process transactions with sanctioned jurisdictions through its hosted versions of Eximbills, and instead would use only its “own, separate systems, not provided by Wachovia, to manage such transactions.”

The next year, the European bank switched to a single platform to manage all its trade finance services, including those involving sanctioned jurisdictions and people, OFAC said. Wachovia then “specially designed a customized version” of Eximbills for the European bank “to ‘host’ on” its own systems to deal with transactions involving sanctioned jurisdictions. This custom version of Eximbills allowed Wachovia to redirect any potential sanctioned transaction back to the European bank if that bank “inadvertently sent a transaction involving a sanctioned jurisdiction or person to Wachovia's Comprehensive version of Eximbills.”

OFAC said this process led to seven sanctions violations, adding that the European bank “continued to rely on Wachovia's (and then Wells Fargo's) technology infrastructure at the bank's branch in Hong Kong and data facility in North Carolina to manage the 124 non-OFAC-compliant transactions.”

The agency also said there was “no indication” that senior management from Wachovia or Wells Fargo “had actual knowledge” that the European bank was using the platform to process sanctioned transactions. It also said a “lack of clear communications” within Wachovia led to “different interpretations” about whether it would be implicated in any potential sanctions violations involving the platform. “Regardless,” OFAC said, “Wells Fargo's senior management should reasonably have known” the bank was using the platform to conduct transactions with sanctioned parties.

OFAC said that after Wells Fargo acquired Wachovia in 2008, Wells Fargo employees “on multiple occasions” mentioned to senior management the “potential sanctions-related risks arising from the trade insourcing relationships it inherited from Wachovia. Nonetheless, there was no regular or systematic process in place at Wells Fargo to periodically review” whether the European bank was “appropriately screening Hosted trade instruments.”

Although Wells Fargo didn’t stop the European bank from using the platform to process sanctioned transactions until 2015, OFAC said Wells Fargo’s compliance teams “raised questions” about the relationship in the years prior. Around 2010 to 2011, as Wells Fargo began integrating the legacy Wachovia trade services businesses, a consultant told Wells Fargo that “contracts with insourcing clients contained inconsistent anti-money laundering and sanctions compliance clauses,” OFAC said, which “prompted Wells Fargo to begin the process of reviewing and standardizing its insourcing contracts.”

In 2012, Wells Fargo's lawyers “recognized potential parallels” between a “major” OFAC sanctions enforcement action that year and Wells Fargo’s Eximbills platform. Another OFAC enforcement action in 2013 got the “attention” of senior executives, the agency said, “who raised compliance questions” about the Eximbills platform. OFAC said these “discussions resulted in an internal working group,” which determined that the hosted platform was “relatively low-risk,” but they still developed a plan to protect the bank from sanctions risks. This included strengthening sanctions compliance language in “the relevant contracts,” obtaining “periodic certifications that the foreign banks were not placing potentially non-OFAC compliant items on Eximbills” and periodically auditing the foreign banks' Eximbills data.

But OFAC said this plan was never implemented because the recommendations were “rolled into a larger project that was reviewing the trade outsourcing/insourcing business at a more holistic level.” As a result, the European bank continued to process the “non-OFAC-compliant transactions” for at least two more years.

In late 2015, Wells Fargo “finally” discovered the compliance issues during a “business review” of its relationship with the European bank, OFAC said. “The issue was immediately escalated to senior management,” OFAC said, and Wells Fargo “promptly suspended” the bank’s access to Eximbills and submitted a voluntary disclosure to OFAC.

"Wells Fargo is pleased to resolve this legacy matter involving conduct that ended in 2015, which we voluntarily self-reported and fully cooperated with OFAC and the Federal Reserve Board to address,” a Wells Fargo spokesperson said March 31. The $30 million fine by OFAC is the agency’s largest civil penalty since April 2019, when it fined three branches of another bank, UniCredit Group, a combined $611 million for violating sanctions against Myanmar, Cuba, Iran, Libya, Sudan and Syria (see 1904150048).

OFAC Fines Financial Digital Trading Platform for Sanctions Violations

The Office of Foreign Assets Control on March 31 fined a California money services firm just over $72,000 for violating U.S. sanctions against Iran, Cuba and Venezuela. OFAC said Uphold HQ, a global digital trading platform, failed to screen transactions for customers located in Iran or Cuba and for employees of a sanctioned Venezuelan energy company, resulting in 152 transactions worth more than $180,000.

Between 2017 and 2022, the company and its affiliates maintained accounts for customers who “provided information during the account onboarding process indicating their location in Iran or Cuba,” OFAC said. Uphold didn’t screen those locations to make sure it was complying with U.S. sanctions, the agency said, and processed 53 transactions worth $22,870.02 for customers located in Iran, 25 transactions totaling $142,683.74 for customers located in Cuba, and 16 transactions with an Iranian virtual currency exchange totaling $13,705.50.

In 2019 and 2020, Uphold also processed 58 transactions totaling $1,316.54 for two customers who said they were employees of Petroleos de Venezuela, Venezuela’s state-owned energy company. Uphold in 2021 began “collecting enhanced customer diligence information,” including employment information, but “did not use this information” to ensure it was complying with sanctions against Venezuela until May 2022, OFAC said.

The agency said the maximum civil monetary penalty for Uphold was more than $44 million, but the agency decided on a lower amount because the company voluntarily disclosed the violations and the penalties were non-egregious. OFAC also pointed to several mitigating factors, including the fact that Uphold hadn’t received a penalty notice in the previous five years and cooperated with OFAC’s investigation, providing the agency with “well-organized and detailed documentation and spreadsheets.”

Uphold also entered into a tolling agreement with OFAC and undertook “numerous” remedial compliance measures, including suspending account access to all sanctioned users, weekly “quality assurance testing” of its screening systems, “real-time virtual currency wallet address screening,” sanctions training for its staff, more compliance department resources “in line with growth of the business” and periodic sanctions risk assessments. The company also implemented a new “information technology solution” to screen customer information and introduced automatic restrictions against users who try to send transfers to “beneficiaries” in sanctioned jurisdictions.

OFAC also pointed to several aggravating factors, including the fact that Uphold “failed to exercise due caution or care” when it onboarded or screened customers. Based on the information the customers provided to Uphold, OFAC said the company “had reason to know” it was processing payments for people in sanctioned jurisdictions.

The agency said the case highlights the importance of financial firms “maintaining robust controls to screen information provided by customers to identify sanctions risks.” OFAC said companies should be screening information provided by customers during “account opening and diligence processes” and should “consider ways to address the potential for customers to circumvent such screening controls.”

"We appreciate that OFAC recognized our full cooperation and remediation of the issues involved in this matter," Uphold CEO Simon McLoughlin said in a March 31 statement. "These were self-identified and self-reported matters that reflect the rigour of our compliance review processes."

Microsoft to Pay $3.3 Million to Settle Sanctions, Export Control Violations

Microsoft will pay more than $3.3 million combined to settle alleged export control and sanctions violations largely related to its foreign subsidiaries, the Bureau of Industry and Security and the Office of Foreign Assets Control said in a pair of news releases April 6.

Many of the alleged sanctions violations, and all of the alleged export controls violations, resulted from the activities of Microsoft’s Russian subsidiary. Microsoft voluntarily self-disclosed the alleged violations to both BIS and OFAC, cooperated with the joint investigation by the two agencies and “took remedial measures after discovering the conduct at issue, which predated the export controls and sanctions imposed in connection with the current Russian war in Ukraine,” the BIS news release said.

“U.S. companies will be held accountable for the activities of their foreign subsidiaries,” BIS Assistant Secretary for Export Enforcement Matthew Axelrod said. “As this coordinated resolution demonstrates, BIS and OFAC will work together to ensure that U.S. export control and sanctions laws are enforced effectively, wherever in the world the underlying conduct occurs,” he said.

"Microsoft takes export control and sanctions compliance very seriously, which is why after learning of the screening failures and infractions of a few employees, we voluntarily disclosed them to the appropriate authorities," a Microsoft spokesperson said in an emailed statement. "We cooperated fully with their investigation and are pleased with the settlement."

The alleged export controls violations related to the sale of software license agreements to companies on the BIS Entity List, BIS said. Between December 2016 and December 2017, Microsoft Rus “caused another Microsoft subsidiary” to enter into license agreements for software subject to the Export Administration Regulations with the listed Russian companies FAU ‘Glavgosekspertiza Rossii’ and United Shipbuilding Corporation.

In the case of FAU ‘Glavgosekspertiza Rossii,’ a Russian government institution involved in construction projects, including in Crimea, Microsoft Rus employees “ordered software licenses through one of Microsoft’s Open sales programs in the names of parties not on the Entity List,” BIS said. “In the case of United Shipbuilding, an increased number of software licenses were added under non-listed affiliates’ enterprise agreements.”

The sanctions violations “occurred in the context of Microsoft’s volume licensing sales and incentive programs, under which the Microsoft Entities engaged with third-party distributors and resellers to sell Microsoft software products,” OFAC said.

Between July 2012 and April 2019, Microsoft companies “engaged in 1,339 apparent violations of multiple OFAC sanctions programs when they sold software licenses, activated software licenses, and/or provided related services from servers and systems located in the United States and Ireland to SDNs, blocked persons, and other end users located in Cuba, Iran, Syria, Russia, and the Crimea region of Ukraine. The total value of these sales and related services was $12,105,189.79,” OFAC said.

The causes of the sanctions violations included “a lack of complete or accurate information on the identities of the end customers for Microsoft’s products,” OFAC said. “For example, in certain volume-licensing programs involving sales by intermediaries, Microsoft was not provided, nor did it otherwise obtain, complete or accurate information on the ultimate end customers for its products from Microsoft’s distributors and resellers.”

Microsoft Rus employees “appear even to have intentionally circumvented Microsoft’s screening controls to prevent other Microsoft affiliates from knowing the identity of the ultimate end customers,” OFAC said. “For example, following OFAC’s 2014 designation of Stroygazmontazh, a Russian company operating in the oil and gas industry, and Microsoft’s initial rejection of one of this entity’s subsidiaries as a potential customer upon screening, certain Microsoft Russia employees successfully used a pseudonym for that subsidiary to arrange orders on behalf of the SDN.”

The total $3.3 million penalty includes a $624,013 BIS penalty for the export control violations, as well as a $2,980,265.86 OFAC penalty for the sanctions violations. BIS gave Microsoft a $276,382 credit as long as the company fulfills the terms of the OFAC settlement.

Aggravating factors identified by OFAC include a “reckless disregard” for U.S. sanctions by failing to identify such a high number of violations, as well as conduct that harmed U.S. foreign policy objectives and the “substantial experience and expertise” Microsoft has in software sales and transactions.

Mitigating factors included that personnel in Microsoft’s U.S. offices were not aware of the violations at the time they occurred; the violations were discovered as a result of a “retrospective review of thousands of past transactions” that included a team of more than 20 Russian-speaking attorneys, OFAC said. Microsoft also voluntarily self-disclosed the violations, terminated the accounts and undertook “significant remedial measures and enhanced its sanctions compliance program,” including by way of additional resources.

The action “highlights the importance of companies conducting business through foreign-based subsidiaries, distributors, and resellers having sufficient visibility into end users with which they may have an ongoing relationship, including through the provision of services after an initial sale, to avoid engaging in business dealings with prohibited parties,” OFAC said. It also “emphasizes the importance of ensuring a company’s employees, including employees located in foreign jurisdictions, adhere to the company’s sanctions compliance program.”

It also “underscores the persistent efforts of actors in the Russian Federation to evade U.S. sanctions. Sanctioned Russian enterprises may use a variety of means, including obscuring the identity of actual end users, to circumvent U.S. restrictions,” OFAC said.

US Citizen Sentenced for Conspiring to Violate US Sanctions on Iran

Niloufar Bahadorifar, a U.S. citizen originally from Iran, was sentenced to four years in prison for conspiring to violate U.S. sanctions on Iran by providing financial services to the Iranian government and for structuring cash deposits, DOJ announced April 7. The Irvine, California, resident was found guilty of conspiring to violate the International Emergency Economic Powers Act.

Starting in 2015, Bahadorifar provided financial and other services to Iranian individuals and entities, including to co-defendant Mahmoud Khazein, who plotted to kidnap a journalist in the U.S. in a bid to quell dissent against the Iranian regime, DOJ said. While Bahadorifar was not charged in the kidnapping conspiracy, she caused a payment to be made to a private investigator for surveillance of the journalist on Khazein's behalf. Bahadorifar also structured cash deposits worth at least $470,000.

U.S. Attorney Damian Williams said Bahadorifar "willfully violated sanctions and knowingly provided financial support to Iranian intelligence assets." Helping "malign foreign governments by violating sanctions can have devastating consequences, including for those targeted by hostile regimes for retribution. This office will continue to prosecute efforts to subvert sanctions and is proud to protect victims from repressive regimes."

US Charges President of Raw Materials Company With Evading Russia Sanctions

John Unsalan, the president of building materials supplier Metalhouse, was arrested and charged with violating U.S. sanctions on oligarch Sergey Kurchenko and two of Kurchenko's companies by providing them with over $150 million for steel-making materials, DOJ announced April 17. Unsalan faces 10 counts of violating the International Emergency Economic Powers Act, one count of conspiring to evade U.S. sanctions, one count of conspiring to commit international money laundering and 10 counts of international money laundering, each of which comes with a maximum 10-year prison sentence.

From 2018 to 2021, Unsalan used Metalhouse to transfer over $150 million to Kurchenko, who was sanctioned in 2015 for misappropriating Ukrainian state assets. Kurchenko's companies, Kompaniya Gaz-Alyans and ZAO Vneshtorgservis, were listed in 2018 for providing support to the governments in the separatist-controlled regions in eastern Ukraine.

Unsalan's arrest “should serve as a warning to those who seek to do business with sanctioned individuals or entities that endanger the security of the United States and our allies,” Attorney General Merrick Garland said. “The Justice Department is relentlessly pursuing those whose seek to evade sanctions imposed against the Russian regime and whose crimes enable the regime to continue its unjust, illegal war in Ukraine.” The indictment stemmed from the work of Task Force KleptoCapture, the interagency group charged with enforcing U.S. sanctions on Russia.

US Charges Tornado Cash Founders With Sanctions Violations, Listing One

DOJ on Aug. 23 indicted two co-founders of virtual currency mixer Tornado Cash, which it said facilitated more than $1 billion in money laundering transactions for the Lazarus Group, the sanctioned North Korean cybercrime organization. The agency said Roman Storm of Auburn, Washington, and Russian national Roman Semenov knowingly conspired to violate U.S. sanctions.

The Treasury Department also sanctioned Semenov. The agency said Semenov knew Tornado Cash was being used to launder “large volumes of stolen virtual currency” for the Lazarus Group and worked to “increase the anonymity” of the service to allow those activities to continue. Treasury sanctioned Tornado cash in 2022 2208080031).

Storm and Semenov, two of the three co-founders of Tornado Cash, created the service to allow users to “engage in untraceable transfers of cryptocurrency,” DOJ said, adding that they didn’t implement know-your-customer or anti-money laundering programs “as required by law.” Lazarus Group used Tornado Cash in April and May 2022 to launder “hundreds of millions of dollars in hacking proceeds,” DOJ said.

Soon after, Storm and Semenov made a “change” to the Tornado Cash service and publicly announced “they were compliant with sanctions,” DOJ said. But “in their private chats, they agreed that this change would be ineffective.” The agency said they continued to operate Tornado Cash and ‘facilitate hundreds of millions of dollars in further sanctions-violating transactions, helping the Lazarus Group to transfer criminal proceeds.”

Both founders “turned a blind eye to the illicit activity and made public representations that they were compliant with sanctions laws,” FBI Assistant Director in Charge James Smith said. Matthew Olsen, DOJ’s assistant attorney general for national security, said the agency will “use every tool in our arsenal to pursue and dismantle the criminal networks that enable U.S sanctions violations wherever they operate.”

Storm and Semenov each were charged with one count of conspiracy to commit money laundering and one count of conspiracy to violate the International Emergency Economic Powers Act, which each carry a maximum 20-year prison sentence. Each also is charged with conspiracy to operate an unlicensed money transmitting business, which carries a maximum five-year prison sentence.

British Tobacco Company Settles With US Over Alleged Sanctions Breaches

A British cigarette manufacturer agreed to pay American authorities more than $635 million to settle alleged sanctions violations after the U.S. on April 25 said the company illegally sent tobacco and tobacco products to North Korea. British American Tobacco will pay about $508 million to the Treasury Department’s Office of Foreign Assets Control, the agency's largest fine in more than four years, and pay an additional fine as part of a deferred prosecution agreement with DOJ.

OFAC said BAT conspired to illegally receive payments from North Korea through U.S. banks in violation of the North Korea Sanctions Regulations and the Weapons of Mass Destruction Proliferators Sanctions Regulations. The company didn’t disclose the violations, OFAC said, calling the case “egregious.”

The alleged violations stemmed from an agreement between BAT’s Singapore subsidiary and North Korea in 2001 to create a joint venture in North Korea that would manufacture and distribute the company’s cigarettes. About six years later, BAT's top London executives agreed to sell its stake in the venture for one euro to a Singapore-based trading group. The sale was to address BAT’s “concerns over its public association with North Korea and difficulty remitting profits out of the country,” OFAC said.

The terms of the divestment, completed in 2007, “purposefully obscured” BAT’s ownership and control over the joint venture, the agency said, and allowed the Singapore company to act "as a vehicle" for BAT to continue earning money from the joint venture.

Between 2009 and 2016, the North Korean company remitted U.S. dollar payments to BAT’s Singapore subsidiary “through a complex, multi-step process,” OFAC said. This involved the North Korean company sending funds from its account with U.S.-sanctioned Foreign Trade Bank (FTB) in North Korea “through various accounts in China that contained the interests of FTB and front companies” for U.S.-sanctioned Korea Kwangson Banking Corporation (KKBC), OFAC said. The process was “meant to reduce the risk of the money being frozen ‘in any leg of the transaction’ process,” OFAC said.

The agency said “multiple” internal memos and emails showed BAT managers in the Asia Pacific knew as early as 2005 that they could be violating sanctions. But BAT and its subsidiaries didn’t stop the conduct, even after both KKBC and FTB were sanctioned by OFAC, the agency said. OFAC said company employees “sought to conceal their apparently violative conduct from banks,” including by letting a wire transfer expire rather than respond to a question from a bank that would have “revealed the payment’s connection to North Korea.”

OFAC said BAT’s conspiracy led to 228 payments totaling more than $250 million. BAT’s Singapore subsidiary also sold cigarettes to the North Korean embassy in Singapore, OFAC said, causing U.S. banks to process 15 transactions worth nearly $30,000 combined.

OFAC fined BAT $508,612,492, the maximum civil monetary penalty the agency could have levied against the company and OFAC’s largest penalty since fining the German, Austrian and Italian branches of UniCredit Group banks more than $611 million in 2019 (see 1904150048). The agency said it settled on the fine because BAT and its subsidiaries “willfully conspired” to transfer hundreds of millions of dollars through U.S. banks and were “aware” that the transfers were blocked by U.S. sanctions.

OFAC also pointed to the fact that BAT tried to hide the transactions and payments “through a complex remittance structure that relied on an opaque series of front companies,” ignored requests for information from banks and asked counterparties to remove mentions of North Korea from documents. Upper management also had “actual knowledge” about the “conspiracy,” OFAC said.

The payments also helped North Korea establish and operate a cigarette manufacturing business, which has “reportedly” netted the country’s government over $1 billion per year, OFAC said. The agency also noted that BAT is a large and sophisticated international company.

Although BAT entered into settlement agreements with U.S. authorities, the company said its Singapore subsidiary entered into a plea agreement with DOJ. The agency also announced charges against North Korean banker Sim Hyon-Sop and Chinese facilitators Qin Guoming and Han Linlin for their roles in helping North Korea secure the tobacco.

Jack Bowles, BAT’s chief executive, said: “we deeply regret the misconduct arising from historical business activities that led to these settlements, and acknowledge that we fell short of the highest standards rightly expected of us.” The company has recently “transformed” its compliance and ethics program, Bowles said, and will make “continued refinements” to its program as part of the settlement.

OFAC said the company cooperated with OFAC’s investigation, including by suspending the statute of limitations and “providing detailed document productions” and “prompt responses” to OFAC requests. Under the OFAC settlement, BAT agreed to “maintain” certain sanctions compliance measures for the next five years, including by ensuring its management promotes a “culture of compliance.” The company must also conduct an OFAC risk assessment, maintain written compliance policies and procedures, conduct internal and external audits, train its staff on compliance procedures and submit an annual compliance certification to OFAC for the next five years.

US Charges North Korean Foreign Trade Bank Rep in 2 Crypto Laundering Conspiracies

Sim Hyon Sop, a representative of a North Korean foreign trade bank, was charged in U.S. District Court for the District of Columbia in two federal indictments for his role in two different money laundering conspiracies meant to raise funds for North Korea via cryptocurrency, in violation of U.S. sanctions, DOJ announced April 24. Sim allegedly conspired with over-the-counter cryptocurrency traders to "use stolen funds to buy goods for North Korea and for conspiring with North Korean IT workers to generate revenue through illegal employment at blockchain development companies" in the U.S., DOJ said.

In one conspiracy, Sim and three OTC traders allegedly laundered stolen funds from virtual currency exchanges to pay for products on behalf of the North Korean state. In the second conspiracy, Sim and certain North Korean IT workers allegedly laundered proceeds of illegal IT development work. Sim, Chinese national Wu Huihu, Hong Kong British national Cheng Hung Man and the owner of the username live:jammychen0150 allegedly conspired to launder cryptocurrency and buy goods via Hong Kong-based front companies in violation of U.S. sanctions, DOJ said. Sim, Wu and Cheng were previously sanctioned by the Treasury Department (see 2304240024).

Assistant Attorney General Kenneth Polite said the "charges announced today respond to innovative attempts by North Korean operatives to evade sanctions by exploiting the technological features of virtual assets to facilitate payments and profits, and targeting virtual currency companies for theft. We will continue to work to disrupt and deter North Korean actors and those who aid them by following the money on the blockchain and shining a light on their conduct.”

New York Lawyer Pleads Guilty to Conspiring to Launder Money to Aid Oligarch's Sanctions Evasion

New York lawyer Robert Wise pleaded guilty to participating in a scheme to make around $3.8 million in payments to maintain six real properties in the U.S. owned by sanctioned Russian oligarch Viktor Vekselberg. Wise pleaded guilty to one count of conspiring to commit international money laundering and faces a maximum of five years in prison, DOJ said April 25. He also forfeited more than $3.7 million and agreed "to be satisfied" by a $210,441 payment.

Vekselberg was listed as a Specially Designated National in 2018 after Russia annexed parts of Ukraine.The oligarch was redesignated in March 2022, with OFAC blocking his yacht and private plane. Vekselberg bought six real properties in the U.S. between 2008 and 2017, collectively worth around $75 million. Vladimir Voronchenko, an associate of Vekselberg indicted in February (see 2302070060), retained Wise to aid in the purchase of the properties, DOJ said.

Wise, using funds in a lawyer's trust account from Vekselberg, made payments to maintain and service the properties, DOJ said. After the oligarch was sanctioned, the source of the funds changed to a bank account in the Bahamas held by Smile Holding, a shell company controlled by Voronchenko, and from a Russian bank account held by a Russian national related to Voronchenko. Wise used these funds in violation of U.S. sanctions.

OFAC Reaches $7.5M Settlement With Crypto Platform

Cryptocurrency trading platform Poloniex reached a $7.5 million settlement with the Office of Foreign Assets Control on May 1 to resolve allegations that it violated U.S. sanctions. The Delaware-based company allowed customers in sanctioned jurisdictions to trade, deposit and withdraw digital assets worth a combined $15 million, OFAC said May 1, adding that Poloniex didn’t voluntarily disclose the alleged violations.

The company started business in 2014 but didn’t establish a sanctions compliance program until 2015, OFAC said. The program screened new customers but didn’t “retroactively” check existing customers. “As a result, customers who had self-identified before May 2015 as residing in a sanctioned jurisdiction” were “generally able to continue using Poloniex’s platform,” OFAC said.

As part of its compliance program, Poloniex began monitoring IP address data to detect logins from sanctioned jurisdictions, conducting “additional diligence” on those logins and closing certain accounts “based on that diligence,” the agency said. But it didn’t place a “block” on those accounts’ IP addresses until June 2017. The company “made efforts” to limit accounts with a nexus to Iran, Cuba, Sudan, Crimea and Syria, but some customers in those regions were able to continue using the trading platform, OFAC said.

The agency said Poloniex’s compliance controls “began to substantially reduce the rate” of the alleged violations, but some continued, including violations related to a “small number of accounts opened by persons then located in Crimea.” OFAC said Poloniex operated the trading platform until it was sold in 2019, and the company is now owned by a consortium of entities, which includes backing from Justin Sun, founder of crypto platform Tron, according to CoinDesk.

OFAC said the platform processed about 65,000 digital asset-related transactions that involved accounts in sanctioned jurisdictions, mostly in Crimea but also in Cuba, Iran, Sudan and Syria. The agency could have imposed a maximum penalty of about $20 billion but settled on a lesser fine because the case was non-egregious. OFAC said Poloniex hadn’t received a penalty notice in the previous five years, was a “small start-up” at the time of most of the alleged violations, provided “substantial cooperation” with OFAC’s investigation, and many of the transactions were for a “small amount” and represented a “very small percentage” of the platform’s total annual transactions.

The agency also pointed to steps the company took to improve its compliance program. Poloniex was bought by Circle Internet Financial in 2018, which introduced a range of new measures, including freezing users’ accounts until a know-your-customer verification was completed, automated reviews and a verification tool for identity documents, a protocol that prevented users from activating an account if the profile information matched a sanctioned country, closing any accounts that listed “Crimea” in the profile information, creating a “Crimea IP blacklist” and hiring more compliance employees.

OFAC said the settlement highlights that digital-asset trading companies should develop a “tailored, risk-based sanctions compliance program,” especially because many crypto exchanges are “new companies.” These firms should make sure they’re using “all available location-related information for sanctions compliance purposes and integrating such information into a risk-based sanctions compliance program to mitigate the risk of providing services to persons in sanctioned jurisdictions,” OFAC said. “Companies implementing new compliance controls should also ensure that they apply those controls not only to new customers, but to existing ones as well.”

US Skincare Company, Former Official Settles With OFAC Over Sanctions Violations

The Office of Foreign Assets Control reached a $3.3 million settlement on May 17 with a California-based skincare company and a $175,000 settlement with its former unnamed senior executive for illegal exports to Iran in violation of U.S. sanctions. Murad, owned by multinational company Unilever, worked with distributors in Iran and the United Arab Emirates to ship goods to Iran, leading to at least 62 exports worth more than $11 million, OFAC said.

The agency said Murad didn’t have a sanctions compliance program, adding its compliance resources were mostly centered on product safety. Although it was later acquired by Unilever, which had sanctions compliance procedures in place, those were “inadequate in relation to the sanctions risks” Murad faced, OFAC said. It also said Unilever's headquarters in the U.K. “lacked an adequate understanding of OFAC sanctions.”

The violations stemmed from a distribution agreement between Murad and the Iranian distributor in 2009. OFAC said Murad’s former executive signed the agreement and caused the company to begin exporting its products to Iran “despite having applied for but never receiving a specific license or other applicable guidance from OFAC.” None of Murad’s exports were eligible for a general license or exempt from sanctions licensing requirements, the agency said.

About six years later, the Murad executive, in partnership with the Iranian company’s CEO, signed a new distribution agreement with a UAE company to become its “sole distributor in the Middle East.” This agreement didn’t “specify Iran as a territory serviced” by the UAE distributor, OFAC said, but Murad’s executive “should have understood that the UAE Distributor would export the Company’s products to Iran, which it subsequently continued to do.”

Unilever bought Murad in 2015, a few months after Murad signed the second distribution agreement, OFAC said. During the acquisition process, Murad continued to send products to Iran without OFAC licenses, and the executive was “responsible for at least three of these transactions,” the agency said. Murad also “provided support” for the UAE distributor to open an independent “company-branded store” in Tehran.

Murad never disclosed its Iran sales to Unilever, OFAC said, and Unilever didn’t discover the violations during its pre-acquisition due diligence. Unilever also failed to discover an Iranian website with the name “,” which had Murad’s products for sale and was active for more than three years after the Unilever acquisition.

Unilever discovered Murad’s Iran business two months after it closed the purchase when one of Unilever’s U.S. employees was forwarded an email from the UAE distributor’s CEO “explaining the time it took for” Murad’s products to reach Tehran from California, OFAC said. The next day, Unilever’s corporate counsel directed the Murad executive to tell the UAE distributor to “cease all exports” to Iran, the agency said. The Murad official “followed these instructions” but first “alerted” another senior Murad official “of the need to ensure that the UAE Distributor’s CEO would not suggest that any” Murad executives approved the export of Murad’s products to Iran.

Despite being told that the UAE company couldn’t send the goods to Iran, Murad’s executive and others continued exporting goods to the UAE company for sale in Iran, OFAC said. The company eventually “placed an internal hold” on all orders from the UAE distributor, ending an eight-year “conspiracy.”

OFAC said the maximum civil penalty it could have imposed was more than $22 million, but it settled on a lesser amount because Murad voluntarily disclosed the violations. Even so, the agency said the violations constituted an “egregious case,” pointing to the company’s willful violations of U.S. sanctions and senior executives' “actual knowledge” of distributor agreements to sell products in Iran.

The agency also pointed to several mitigating factors, including its “thorough internal investigation” to find sanctions compliance “deficiencies” and its efforts to develop compliance training and implement sanctions screening. OFAC also pointed to the “benign consumer nature” of Murad’s cosmetic products and the “small overall share” of the company’s overall sales that involved Iran. Murad also hadn’t received a penalty notice in the previous five years and cooperated with OFAC’s investigation.

OFAC said the Murad executive didn’t voluntarily disclose the violations, which also represented an “egregious case.” The agency said the official was “aware” of the exports to Iran, failed to make sure the UAE distributor stopped sales to Iran and oversaw multiple departments responsible for the export despite knowing they were illegal.

The agency could have imposed a $2.7 million fine against the executive but settled on a lesser amount partly because the person no longer works for Murad and isn’t “engaged in international business activity,” the exports involved “benign consumer goods,” the person hadn’t received a penalty notice in the previous five years and cooperated with OFAC’s investigation.

A Unilever spokesperson said the company is "committed to complying with U.S. economic sanctions laws, and to working to ensure that all our subsidiaries and acquired businesses do as well." Unilever "extended our full cooperation to U.S. authorities to resolve this matter," the spokesperson said in a May 18 email. Murad didn't respond to a request for comment.

OFAC said the case highlights that U.S. sanctions on Iran “encompass a wide range of potentially violative conduct,” and companies with sanctions exposure need “measures to ensure that senior management both commit to and maintain a culture of compliance throughout the company.”

It also pointed to the importance of “clear and efficient reporting streams” within a company “that can rapidly identify red flags for further evaluation.” Sometimes a foreign company looking to acquire a U.S. company “may lack sufficient familiarity with U.S. sanctions laws,” which “could prevent the prompt identification of and response to potentially prohibited conduct.” Firms should be careful when conducting “pre- and post-acquisition due diligence,” OFAC said, adding companies “should closely oversee their new business elements, in addition to their pre-existing units, to identify any sanctions-related risks” after the transaction completes.

OFAC Reaches $3.4M Settlement With Latvian Bank for Alleged Sanctions Violations

A Latvia-based bank reached a $3.4 million settlement with the Office of Foreign Assets Control to resolve allegations it violated U.S. sanctions relating to Crimea, OFAC said June 20. Swedbank Latvia AS, a subsidiary of Sweden-based Swedbank AB, allowed a customer to use its e-banking platform from an internet protocol address in Crimea to send payments to persons in Crimea through U.S. correspondent banks, OFAC said, which resulted in 386 violations of U.S. sanctions.

OFAC said the alleged violations began before Russia’s 2014 invasion of the Crimea region of Ukraine, when Swedbank Latvia onboarded a shipping industry client in Crimea. Between February 2015 and October 2016, the client initiated 386 transactions totaling more than $3.3 million through accounts belonging to its “special purpose companies” that were processed through U.S. correspondent banks, the agency said.

Around March 2016, the client tried to use the e-banking platform to send the payments from an IP address in Crimea, but the U.S. correspondent bank rejected the payments and alerted Swedbank Latvia. Swedbank Latvia tried to “obtain additional information” from this U.S. bank but didn’t receive a response, OFAC said, and the client “falsely assured Swedbank Latvia that none of the transactions involved Crimea.” A “relationship manager” at Swedbank Latvia then rerouted the rejected payments to a different U.S. correspondent bank, which processed the transactions, OFAC said.

The agency said Swedbank Latvia didn’t voluntarily disclose the violations but fined it $3,430,900, down from the maximum penalty of more than $112 million, due to several mitigating factors, including its decision to eventually end the client relationship and implement “geofencing” that stops customers from sending payments through online banking platforms from IP addresses in sanctioned jurisdictions. OFAC also said the bank introduced an “automated system control within their transaction screening solution to identify potential resubmissions of payments after rejection,” established “enhanced due diligence and screening procedures for high-risk customers,” and put in place “enhanced diligence and transparency protocols for responses to correspondent banks.” The bank also expanded its compliance staff and improved its know-your-customer, anti-money laundering and financial sanctions controls.

OFAC also pointed to several aggravating factors, including the fact that the bank “solely” relied on its client’s assurances “when it possessed contrary information, including KYC and IP Data.” Swedbank Latvia had “reason to know” that the client’s assurances were “incorrect,” OAC said, particularly because it had addresses, telephone numbers and other information “clearly indicating” a “physical presence in Crimea.”

Although Swedbank Latvia collected and stored customer IP data, it didn’t integrate this data into its sanctions’ screening processes, OFAC said, leading to the compliance failures. “If screened, the IP data would have indicated that the Client was present in Crimea at the time of the Apparent Violations”

OFAC said the case highlights the importance of “implementing and maintaining effective, risk-based sanctions compliance controls, especially for sophisticated financial institutions” operating close to “high-risk” regions. It also shows the importance of “undertaking reasonable efforts to investigate red flags,” OFAC said. “Ignoring or failing to heed such warnings can cause apparent violations to multiply quickly. Rather than dismissing such concerns and relying on unsubstantiated assurances, financial institutions and other persons made aware of such issues should diligently work to identify risks that may exist.”

Swedbank didn’t respond to a request for comment.

DOJ Charges Former Think Tank Official With Sanctions Violations

DOJ on July 10 indicted Gal Luft, former co-director of a Maryland think tank, on charges related to “multiple international criminal schemes,” including arms trafficking and violating U.S. sanctions against Iran. The agency said Luft, a dual U.S.-Israeli citizen who worked at the Institute for the Analysis of Global Security, for “years” worked as a Chinese agent to “advance the interests” of the Chinese government, including by acting as a middleman in a range of illegal weapons and oil deals.

Luft helped to broker illegal arms deals between Chinese companies and people in Libya, the United Arab Emirates, Kenya and Qatar, DOJ said, and worked to complete those deals without licenses required by the Arms Export Control Act. He also helped to broker Iranian oil deals by soliciting buyers and passing on pricing information, the agency said, and helped to set up meetings between Iranian officials and a Chinese energy company. He also made “multiple false statements” during an interview with U.S. law enforcement about his role in these deals, telling authorities that he “tried to prevent oil deals with Iran and had not been present during meetings with the Chinese energy company and Iranians,” DOJ said.

Luft was charged with conspiracy to violate the AECA, which carries a maximum five-year prison sentence; three counts of violating the AECA, each of which carries a 20-year maximum sentence; conspiracy to violate the International Emergency Economic Powers Act, which carries a 20-year maximum sentence; and more.

Former FBI Agent Pleads Guilty to Aiding Sanctioned Russian Oligarch

Charles McGonigal, a former senior FBI official, pleaded guilty in connection with a scheme to violate U.S. sanctions against Russia, DOJ announced Aug. 15. McGonigal was charged with conspiring to violate the International Emergency Economic Powers Act in January after DOJ said he “provided services” to sanctioned Russian oligarch Oleg Deripaska in exchange for payments, including by agreeing to investigate a Russian oligarch who was a rival of Deripaska.

McGonigal, “by his own admission, betrayed his oath and actively concealed his illicit work at the bidding of a sanctioned Russian oligarch,” Assistant Attorney General Matthew Olsen said. McGonigal’s guilty plea “shows the Department of Justice’s resolve to pursue and dismantle the illegal networks that Russian oligarchs use to try to escape the reach of our sanctions and evade our laws.”

DOJ Announces First Corporate Resolution Involving Sanctioned Iranian Oil

DOJ on Sept. 8 announced its "first-ever criminal resolution" involving a company that violated sanctions by facilitating the sale and transport of Iranian oil. The agency said the cargo -- more than 980,000 barrels of Iranian oil that was allegedly shipped by the Islamic Revolutionary Guard Corps -- is now the subject of a civil forfeiture action in the U.S. District Court for the District of Columbia. The forfeiture complaint alleges the oil is "subject to forfeiture based on U.S. terrorism and money laundering statutes," DOJ said.

The U.S. alleged a scheme involving "multiple entities affiliated with Iran's IRGC and the IRGC-Qods Force (IRGC-QF) to covertly sell and transport Iranian oil to a customer abroad." As part of the scheme, participants allegedly tried to hide the oil's origin by using ship-to-ship transfers, fake automatic identification system reporting and falsified documents. The oil is the property of the IRGC and IRGC-QF, both of which are designated foreign terrorist organizations, DOJ said.

In April, Empire Navigation, the company operating the vessel, agreed to ship the Iranian oil to the U.S. as part of a deferred prosecution agreement and a seizure warrant, DOJ. The agency said the operation has been completed.

OFAC Fines 3M More Than $9M for Alleged Iran Sanctions Violations

Global manufacturing firm 3M reached a $9.6 million settlement with the Office of Foreign Assets Control on Sept. 21 after it allegedly violated U.S. sanctions on Iran. OFAC said the company’s Swiss subsidiary knowingly sold reflective license plate sheeting through a German reseller to Bonyad Taavon Naja, an entity controlled by Iran’s Law Enforcement Forces.

The violations began in 2015, OFAC said, when employees at a 3M subsidiary in Dubai started working on a proposal to sell the license plate sheeting to a German company that would then resell the sheeting in Iran. The Dubai subsidiary was preparing to take advantage of the Joint Comprehensive Plan of Action, otherwise known as the Iran nuclear deal, that would lift certain U.S. sanctions against Iran.

After the JCPOA took effect in January 2016, OFAC published a general license to authorize foreign subsidiaries of U.S. companies to conduct certain transactions with Iran if those deals excluded the Iranian military or other law enforcement entities. When the license took effect, 3M shared guidance with its employees about the JCPOA and the new authorization, and the company’s trade compliance department began “to formulate a procedure for doing business in Iran” involving the German reseller.

The plan involved the German company reselling the sheeting to “transport authorities in Iran,” but OFAC said 3M’s trade compliance personnel misunderstood the description of the German reseller, which led to a sanctions screening mistake. The agency said 3M’s compliance department screened against a proposal that omitted a page on the “parties involved” and “product end use,” and only the German company was screened and not the actual Iranian end-user.

In April 2016, the German reseller notified a 3M subsidiary that it didn’t plan to incorporate the reflective license plate sheeting into the production of finished blank plates, but would instead resell the sheeting to Bonyad Taavon Naja in Iran. “Despite this departure from the previously approved version of the proposal, the Proponents did not bring this change to Trade Compliance’s attention,” OFAC said.

Soon after, the 3M subsidiary received an “outside due diligence report” involving the Iranian company which “flagged a connection” to Iran’s Law Enforcement Forces. The 3M subsidiary “dismissed the need for further investigation, stating that the cited connections to the LEF were ‘expected’ given that license plate issuance is a government function,” OFAC said.

The agency said employees at both Dubai-based 3M Gulf Proponent and Switzerland-based 3M East Proponents “obfuscated details of the sale from colleagues for fear that it would be re-reviewed by Trade Compliance and spur a more fulsome review.” They also “repeatedly misrepresented the use of the” sheeting, OFAC said. “When numerous managers involved in planning the logistics of the Iran business raised concerns about the deal,” the subsidiary “ignored them” or “falsely claimed they had already received approval from Trade Compliance.”

Between September 2016 and September 2018, OFAC said 3M East sent 43 shipments of the sheeting to the German reseller, which then resold it to the Iranian entity. OFAC also said a U.S.-person employee of 3M Gulf “performed substantial work in furtherance of these sales to Iran,” and “received sales incentives partially based on the Iran business.” The person knew that their actions were potentially subject to sanctions and received “internal guidance on this prohibition on multiple occasions.”

The company discovered the alleged violations after OFAC rescinded its general license in 2018, the agency said. The manufacturing firm voluntarily self-disclosed the violations to OFAC, fired or reprimanded culpable employees, hired new trade compliance counsel, improved its sanctions training and ended business with the German reseller.

OFAC said it could have imposed a maximum penalty of $27,481,363, but decided on a fine of $9,618,477, the agency's second-largest penalty so far in 2023 behind its $30 million fine of Wells Fargo in April (see 2303310017). OFAC pointed to several mitigating factors, including the fact that 3M had a risk-based compliance program in place, performed a “thorough” investigation of the alleged violations, improved its compliance procedures, introduced “enhanced” due diligence procedures for any business involving a sanctioned country and more. The company also provided “substantial cooperation” during OFAC’s investigation and agreed to toll the statute of limitations.

The agency also pointed to several aggravating factors, including the fact that 3M Gulf senior managers “willfully” violated U.S. sanctions, and “numerous other” 3M employees were “reckless in their handling” of the company’s sales. OFAC also said 3M employees had “actual knowledge” of the identity of the specific end user months before the distributor agreement was signed, and noted that the Iranian company was affiliated with Iranian perpetrators of human rights abuses.

OFAC said the case highlights the importance of “effective” sanctions controls to deal with a “changing sanctions landscape.” The agency also stressed that parent companies are expected to oversee U.S. sanctions compliance within their subsidiaries and empower employees to alert headquarters of business dealings that may need further review.

NY Bank Settles With OFAC for Maintaining Accounts Linked to Iran

The Office of Foreign Assets Control on Sept. 21 reached a $31,867.90 settlement with New York-based Emigrant Bank after it allegedly violated U.S. sanctions on Iran by maintaining an account for two Iranian residents. OFAC said the bank maintained a certificate of deposit (CD) account for the two people for about 26 years, and processed 30 transactions between June 2017 and March 2021 worth about $91,000.

OFAC said Emigrant first opened the CD account in 1995 and renewed it every five years before closing it in 2021. The agency said the two Iranian residents “provided ample information” to the bank “indicating their Iranian residency,” and the bank had “actual knowledge” of their Iranian address.

In 2016, the account holders requested a wire transfer from the account to a U.S. resident account at another U.S. bank. When the beneficiary bank asked for information about the Iranian address, Emigrant analyzed the account and “erroneously concluded that the transfers were permissible as personal remittances and processed the payment forward,” OFAC said.

It wasn’t until 2019, when the bank upgraded its sanctions screening platform, that its compliance function flagged the account. But OFAC said Emigrant employees “overrode the alert” on the account because of “erroneous guidance” from 2016. Emigrant management became aware of the account’s ties to Iran in 2021 “due to a regulatory examination” and began an investigation, OFAC said. The bank closed the account and voluntarily disclosed the matter to OFAC.

The agency said it could have imposed a $9,928,410 penalty against Emigrant but decided on the lesser fine because the agency had not issued a penalty notice to the bank in the previous five years and because the bank took “appropriate remedial steps” to fix the issue. OFAC also said all of the transactions within the statute of limitations were sent to the Emigrant account of the account holders’ son and daughter-in law, who are U.S. residents, and the payments “resulted in negligible harm to U.S. sanctions policy objectives.”

OFAC also pointed to several aggravating factors, including the fact that Emigrant “acted without due caution or care” in failing to implement effective sanctions compliance controls. It also noted that Emigrant is a “longstanding” private bank and a sophisticated financial institution.

Telecom Consultant Pleads Guilty to Breaching OFAC Licenses

Farhad Nafeiy, a California-based telecommunications consultant, pleaded guilty Oct. 3 to violating the International Emergency Economic Powers Act after he breached the scope of sanctions licenses from the Office of Foreign Assets Control.

DOJ said Nafeiy’s OFAC licenses allowed him to advise non-Iranian telecommunications companies on doing business with Iran, but they didn’t authorize him to provide any hardware, software or technology directly to Iran. Nafeiy “exceeded” the licenses when he sold $400,000 worth of software upgrades to telecommunications equipment in Iran, DOJ said, adding that Nafeiy “knew he exceeded these licenses when he did so.”

Nafeiy also was charged with and admitted to evading federal taxes when he failed to pay income tax on some of the proceeds from those sales, DOJ said. His sentencing is scheduled for Jan. 29.

Building Materials Supplier President Pleads Guilty in Scheme That Violated Sanctions

John Unsalan, president of U.S. building materials supplier Metalhouse, pleaded guilty Oct. 3 in connection with violations of Russia-related sanctions. Unsalan allegedly breached sanctions against Russian oligarch Sergey Kurchenko and two of his companies by providing them with over $150 million for steel-making materials (see 2304180033). DOJ said Unsalan pleaded guilty to one count of conspiracy to commit money laundering to “promote violations” of the International Emergency Economic Powers Act, which carries a maximum 20-year prison sentence, and agreed to forfeit about $160 million in proceeds he obtained from the conspiracy. The U.S. dismissed the remaining counts of the indictment against Unsalan as part of a plea deal.

US Company’s Lack of Location Controls Leads to OFAC Settlement, Fine

An Illinois-based financial services firm reached a $206,213 settlement with the Office of Foreign Assets Control Nov. 6 after the company allowed its prepaid reward card programs to be used by people in sanctioned regions, including Iran, Syria, Cuba and the Crimea region of Ukraine. OFAC said Swift Prepaid Solutions’ lack of “comprehensive geolocation controls” led to 12,391 violations of U.S. sanctions programs.

The company, doing business as daVinci Payments, offered online payment reward card programs for corporate, non-profit and government clients, allowing them to issue prepaid cards as part of a loyalty or promotional incentive for employees and customers. The company had sanctions compliance procedures in place, and required card users to provide their names, addresses and email addresses on daVinci’s website, which OFAC said were screened against sanctions lists.

But during a compliance review that began in March 2020, daVinci discovered on 12,378 occasions it had redeemed prepaid cards for users with internet protocol addresses associated with Iran, Syria, Cuba and Crimea. After the company began preventing access to its platform from IP addresses associated with those regions, it soon discovered it had redeemed prepaid cards for 13 more users who had used email addresses with suffixes -- which OFAC said are “sometimes called top-level domains” -- associated with sanctioned jurisdictions that the company didn’t catch. For example, those suffixes may have included ".sy" for Syria and ".ir" for Iran, OFAC said.

OFAC said daVinci processed redemptions totaling nearly $550,000 for cardholders in sanctioned jurisdictions. The agency could have imposed a maximum civil penalty of more than $4 billion but decided on a lesser amount due to several mitigating factors, including the fact that daVinci voluntarily disclosed the violations. OFAC also noted that the company hadn’t received a penalty notice in the previous five years and took “a number of significant remedial measures,” including by proactively conducting an internal review, implementing IP blocking controls, conducting real-time screening and blocking of email address suffixes and beginning “independent third-party testing at regular intervals.” The agency also said daVinci cooperated with OFAC’s investigation.

The agency pointed to one aggravating factor: daVinci failed to “exercise due caution or care” when it redeemed prepaid cards for users who appeared to be in sanctioned regions. The company “knew or had reason to know” that the users were in sanctioned regions “but did not incorporate this information into its compliance program or controls.”

The case highlights the importance of “obtaining and using all available information” to verify a customer’s identity or residency for sanctions compliance purposes, OFAC said, including by using location data, such as IP address and top-level domains. Companies face risks if they only rely on information provided by the customer “rather than a holistic information-gathering system that can mitigate evasion or misrepresentation,” the agency said. Businesses also should regularly review their compliance programs for any gaps and consider “periodic independent testing to ensure adequate controls.”

Both Swift Prepaid Solutions and daVinci payments couldn’t be reached for comment.

OFAC Reaches Record Sanctions Settlement With Crypto Exchange Binance

The Office of Foreign Assets Control on Nov. 21 announced a $968 million settlement with Binance, the world’s largest virtual currency exchange, for allegedly violating multiple U.S. sanctions programs when the company allowed people who were either subject to sanctions or located in sanctioned jurisdictions to use its platform. OFAC said Binance senior management knew they were illegally allowing sanctioned users to access its online exchange platform and took steps to “undermine” the company’s own compliance procedures.

The settlement represents the largest civil sanctions penalty in OFAC’s history. Binance didn’t voluntarily disclose the violations, Treasury said, calling the case “egregious.”

The penalty was announced alongside a $3.4 billion settlement between Binance and the Financial Crimes Enforcement Network for violating the Bank Secrecy Act and a $1.8 billion criminal fine, DOJ announced. OFAC said it will waive around $900 million of its settlement amount as long as the company pays that amount to DOJ for “violations arising out of the same pattern of conduct during the same period of time.” The company also pleaded guilty to charges related to violations of the International Emergency Economic Powers Act, agreed to retain an independent multiyear compliance monitor and committed to improve its anti-money laundering and sanctions compliance programs.

Treasury Secretary Janet Yellen said Binance “turned a blind eye to its legal obligations in the pursuit of profit. Its willful failures allowed money to flow to terrorists, cybercriminals, and child abusers through its platform.” She added that the “historic” penalties and monitorship “mark a milestone for the virtual currency industry. Any institution, wherever located, that wants to reap the benefits of the U.S. financial system must also play by the rules that keep us all safe from terrorists, foreign adversaries, and crime, or face the consequences.”

OFAC said the sanctions violations took place between August 2017 and October 2022 when Binance “matched and executed” virtual currency trades through its online exchange platform between U.S. users and people either subject to sanctions or located in sanctioned jurisdictions. Although Binance had a compliance program in place, OFAC said the company didn’t effectively implement the controls, adding that senior management had more of an “interest in feigning compliance rather than addressing the company’s actual risk.”

The agency pointed to multiple instances in which Binance failed to address sanctions risks, including one case in 2019 in which an engineer “repeatedly alerted” a manager about the “continued presence of sanctioned jurisdiction users.” OFAC said that person wrote: “This is a bigger issue than you realize and we’ve kind of slacked on addressing this properly for quite some time.”

Despite this, Binance touted its “purported sanctions compliance controls to third parties in support of maintaining its banking relationships,” OFAC said. In 2018, a senior executive “misled” a financial institution by writing in a compliance form that Binance used internet protocol blocking to prohibit business from sanctioned countries, but OFAC said that “misrepresented Binance’s actual compliance procedures.” The agency also said the executive "communicated a commitment” to sanctions compliance “that did not in fact exist.”

As part of its settlement with OFAC, Binance agreed to maintain an independent compliance monitor for five years along with a host of other compliance commitments, including regular sanctions compliance training for employees, improved compliance controls and audits. The company for five years also must annually certify to OFAC that it's complying with the settlement.

If Binance breaches the settlement, OFAC may impose an additional penalty “up to the statutory maximum,” which in this case is more than $592 trillion.

OFAC pointed to several aggravating factors that led to the record settlement, including that Binance knew that its conduct likely constituted violations of U.S. law and that its matching engines were “routinely” matching U.S. users with users from sanctioned jurisdictions “over many years and at significant volumes.” Binance senior management also mischaracterized its sanctions controls, encouraged the use of virtual private networks, “surreptitiously allowed U.S. users and sanctioned jurisdiction users to trade even after ostensibly blocking them” and gave “economic benefit to a substantial number of” people in sanctioned territories. The agency also noted Binance was a “commercially sophisticated actor.”

The agency also pointed to several mitigating factors, including Binance’s lack of a penalty notice in the previous five years and its “substantial cooperation” with OFAC. Many of the sanctions violations “involved transactions for relatively small amounts,” the agency said, and Binance’s “operating income from such transactions represented a relatively small total.”

Binance said the settlement agreements "acknowledge our company’s responsibility for historical, criminal compliance violations, and allow our company to turn the page on a challenging yet transformative chapter of learning and growth." When it first launched, Binance "did not have compliance controls adequate for the company that it was quickly becoming, and it should have," it said. "Binance grew at an extremely fast pace globally, in a new and evolving industry that was in the early stages of regulation, and Binance made misguided decisions along the way. Today, Binance takes responsibility for this past chapter."

2 Texas Men Convicted of Trying to Violate US Sanctions on Iran

Zhenyu Wang and Daniel Lane, both Texas residents, were convicted on Nov. 15 of attempting to skirt U.S. sanctions on Iran in violation of the International Emergency Economic Powers Act, DOJ announced. DOJ said they both tried to "transact in sanctioned Iranian petroleum and launder the proceeds" and were convicted of attempting to violate IEEPA, conspiracy to violate IEEPA, and conspiracy to commit money laundering.

From 2019 to 2020, the Texas men crafted a conspiracy to buy Iranian petroleum and "mask the origins" and sell it to a Chinese refinery in violation of U.S. sanctions. The men were charged in February 2020 along with three co-conspirators (see 2002120031), though they were indicted on the present charges in August 2020 (see 2008270029). They each face a maximum of 45 years in prison, 25 years of which would be served due to the charges related to U.S. sanctions evasion.

Assistant Attorney General Matthew Olsen said DOJ "will not tolerate those who would violate U.S. sanctions and imperil our national security for personal profit."

Nasdaq Agrees to $4M Sanctions Settlement Stemming From Compliance ‘Deficiencies

New York-based stock exchange Nasdaq agreed to pay more than $4 million to settle allegations that its former Armenian subsidiary, which owned the Armenian stock exchange, violated U.S. sanctions against Iran. The Dec. 8 enforcement notice released by the Office of Foreign Assets Control, which details violations stemming from transactions more than a decade ago, said Nasdaq failed to apply its sanctions compliance policies to the Armenian stock exchange, which illegally allowed the Armenian branch of an Iranian bank to participate.

OFAC said Nasdaq in 2008 bought OMX AB, a Swedish financial company that owned and operated the Armenian stock exchange, and renamed it Nasdaq OMX Armenia OJSC. The company continued to operate the exchange, including by operating trading platforms that gave Armenian banks -- including Iran-based Bank Mellat’s Armenian subsidiary, Mellat Bank SB CJSC -- access to overnight liquidity loans and foreign exchange. OFAC said Bank Mellat’s subsidiary, Mellat Armenia, “regularly participated in the credit resource and foreign exchange markets operated and overseen” by Nasdaq OMX Armenia.

Nasdaq OMX Armenia knew Mellat Armenia participated in those markets, and its website even “identified Mellat Armenia as a market participant,” OFAC said, listing the bank’s “trading name, address, and contact information.” The stock exchange’s fee assessments also “required monthly analyses of the trades in which the Iranian-owned bank had participated,” the agency said.

But OFAC said Nasdaq OMX Armenia and Nasdaq, its parent company, never “properly understood the sanctions implications of Mellat Armenia’s participation on the platforms.” This “lack of understanding” continued until September 2014, when Nasdaq submitted a voluntary self-disclosure to OFAC.

The agency suggested Nasdaq and its subsidiary should have identified the compliance concerns sooner, saying its 2012 “Global International Business Conduct Policy” outlined Nasdaq’s “worldwide policy of compliance with trade laws and regulations governing its international business activities.” OFAC said the policy “explicitly stated” that it applied to all Nasdaq employees, including subsidiaries, and included a section “specifically addressing economic sanctions laws and regulations.” The section required all employees to contact Nasdaq’s general counsel office before conducting activities with a list of countries or parties subject to U.S. sanctions, including Iran and Mellat Armenia.

OFAC said “neither Nasdaq nor Nasdaq OMX Armenia, however, appears to have taken steps to update or apply its sanctions compliance policies to Nasdaq OMX Armenia’s conduct with respect to Mellat Armenia” once the Armenian Stock Exchange became blocked from providing services to the Iranian government in 2012. The agency noted that even though a 2012 Nasdaq risk assessment questionnaire said Mellat Armenia was a participant in the change -- and specifically said Iran’s state-owned Bank Mellat owned Mellat Armenia -- “Nasdaq took no action in response.”

OFAC pointed to another compliance failure in 2013, saying a different Nasdaq questionnaire showing Mellat Armenia as a market participant was sent to Nasdaq’s risk management division in Stockholm and forwarded to Nasdaq’s compliance and legal department in the U.S. Those compliance officers “did not appear to sufficiently understand the implications of the reference to Mellat Armenia,” OFAC said, and Nasdaq OMX Armenia continued to provide the bank credit resource and foreign exchange services until Nasdaq’s voluntary disclosure in 2014.

In total, Nasdaq OMX Armenia earned about $16,000 in commissions and fees from processing the transactions relating to the bank. OFAC added that Nasdaq wound down its ownership interest in the Armenian Stock Exchange after disclosing the potential violations.

OFAC said Nasdaq committed 151 violations of the Iranian Transactions and Sanctions between Dec. 28, 2012, and Sept. 3, 2014, which had a total value of nearly $230 million. The agency said it could have fined Nasdaq $458 million but settled on a lesser penalty partly because the violations were self-disclosed, and OFAC determined the case to be non-egregious.

Other mitigating factors included that OFAC hadn’t issued a penalty notice to Nasdaq in the previous five years and Nasdaq cooperated fully with the agency’s investigation, including by agreeing to toll the case’s statute of limitations. OFAC also said the “true magnitude of the sanctions harm” was “significantly less” than the value of the transactions and added that Nasdaq was “subsequently eligible” for a license to authorize certain activities between the Armenian Stock Exchange and Mellat Armenia.

Nasdaq also took “remedial measures” to address its sanctions compliance “deficiencies,” OFAC said, including by divesting from Nasdaq OMX Armenia, creating a “dedicated sanctions working group” and a new compliance training program, improving its screening software and conducting assessments of its compliance programs.

OFAC also pointed to several aggravating factors, including Nasdaq’s failure to “exercise due caution or care” in complying with U.S. sanctions and that it had “actual knowledge” Mellat Armenia was trading on the exchange. The agency also noted Nasdaq is a “large, commercially sophisticated, international financial services corporation.”

The case highlights that mergers and acquisitions can lead to increased sanctions risks, OFAC said, and companies should be sure to integrate their compliance standards to any newly acquired businesses, including through “adequate compliance training, resources, and culture.” The agency said “basic screening” of the Armenian Stock Exchange’s members during the acquisition phase may have addressed the issue before any violations occurred.

OFAC also stressed the importance of multinational companies conducting “routine sanctions risk assessments” and of disclosing a violation as soon as possible after discovering it, noting that Nasdaq became aware of the issues in 2012 but continued processing the transactions until 2014. “A well-designed and -implemented compliance program” allows companies to “remediate deficiencies in a timely manner to prevent additional violations,” OFAC said.

A Nasdaq spokesperson said Dec. 11 that it's "pleased to resolve this matter," adding that it "maintains a robust compliance program and is committed to adhering to the highest levels of ethics and integrity."

Crypto Exchange's Subpar Screening Procedures Led to Sanctions Violations, OFAC Says

The Office of Foreign Assets Control reached a $1.2 million settlement with San Francisco-based currency exchange CoinList Markets on Dec. 13 after it said the exchange violated Ukraine-/Russia-Related Sanctions Regulations by processing transactions for users in Crimea. Although the company had several sanctions compliance measures in place -- including screening of new and existing customers against OFAC and other sanctions lists and blockchain analytics tools to identify touchpoints with high-risk jurisdictions -- OFAC said its screening procedures failed to capture users who said they lived in a non-embargoed country but who “nevertheless provided an address within Crimea.”

CoinList, founded in 2017, illegally processed 989 transactions between April 2020 and May 2022 when it opened accounts for customers who listed “Russia” as their country of residence but who listed an address in Crimea in another data field, OFAC said. The company’s screening protocols “failed to recognize that ‘Crimea’ or a city name in Crimea, provided in another data field, indicated likely residence in Crimea.”

OFAC said the violations weren’t self-disclosed, adding that CoinList failed to “exercise due caution or care for its sanctions compliance obligations” and “knew or had reason to know” it was conducting transactions for people living in Crimea. In total, OFAC said the company processed transactions worth about $1.25 million over two years.

The company took several remedial compliance measures to fix its screening problems, OFAC said, including updating its filter settings to automatically reject users who report a residential address with a Crimean city. It also invested in new vendors for “review and verification of identity documents” and restricted party screening, along with tools to detect the use of virtual private networks that can obscure a user’s location.

CoinList didn’t respond to a request for comment.

US Sanctions, Indicts Leaders of Iranian UAV Procurement Scheme

The U.S. on Dec. 19 sanctioned 10 companies and four people with ties to Iran’s unmanned drone program, including Hossein Hatefi Ardakani, the Iranian-based leader of the network who helped illegally procure hundreds of thousands of dollars worth of U.S. and foreign-made components to Iran. Along with the new sanctions, DOJ charged Ardakani and his accomplice, China-based Gary Lam, for violating U.S. export controls.

Both Ardakani and Lam, also known as Lin Jinghe, worked to illegally export U.S. dual-use microelectronics and other items commonly used in unmanned aerial vehicles to Iran in 2014 and 2015, DOJ said. Those exports included high electron mobility transistors, monolithic microwave integrated circuit power amplifiers and analog-to-digital converters, each of which was subject to license requirements for anti-terrorism, national security and regional stability reasons.

The two used a “web” of foreign companies to hide the exports and evade U.S. sanctions, DOJ said. In one case, Lam, who worked for a Chinese company, convinced an “unwitting” French company to buy analog-to-digital converters from a U.S. firm. Lam then “caused a division” of the French company to ship the items to Hong Kong before they were reexported to Iran, DOJ said. The two used a “variation of this tactic” on companies in Canada, Hong Kong and China on three other occasions, allowing them to send items to Iran that can be used in radar, infrared imaging and other dual-use technologies.

The Office of Foreign Assets Control sanctioned the companies used by Ardakani and Lam, including Malaysia-based Skyline Advanced Technologies SDN BHD, Hong Kong-based Dirac Technology HK Limited, Malaysia- and Hong Kong-based Integrated Scientific Microwave Technology SDN BHD, Malaysia- and Hong Kong-based Arta Wave SDN BHD and Malaysia-based Nava Hobbies SDN BHD.

DOJ said it’s seeking to seize more than $800,000 combined from Nava Hobbies and Arta Wave, citing the companies' violations of sanctions against Iran and money laundering violations. OFAC said Nava Hobbies helped ship electrical motors, electrical fuel pumps, and servomotors for Ardakani, and Arta Wave shipped thousands of UAV servomotors or helped ship other servomotors on behalf of Iran’s Islamic Revolutionary Guard Corps Aerospace Force Self Sufficiency Jihad Organization.

Ardakani and Lam were both charged with conspiracy to export U.S. goods to Iran and to defraud the U.S., which carries a maximum five-year prison sentence; illegally exporting and attempting to export goods to Iran, which carries a maximum 20-year sentence; and conspiracy to engage in international money laundering, which also carries a maximum 20-year prison sentence. DOJ said both are at large and believed to be abroad.

U.S.-origin technology “has zero place in Iranian UAVs,” said Matthew Axelrod, the Bureau of Industry and Security’s top export enforcement official. “As these allegations demonstrate, those who procure dual-use microelectronics for the Islamic Revolutionary Guard Corps will be held accountable.” Matthew Olsen, head of DOJ’s National Security Division, said the U.S. will “aggressively investigate, disrupt, and hold accountable criminal networks that supply sensitive technology to hostile and repressive governments in contravention of U.S. sanctions.”

Others designated by OFAC include Iran-based Kavan Electronics Behrad Limited Liability Company, Iran-based Mehdi Dehghani Mohammadabadi, Iran-based procurement agent Gholamreza Ebrahimzadeh Ardakani, Iran-based Teyf Tadbir Arya Engineering Company, Iran-based Basamad Electronic Pouya Engineering Limited Liability Company, Iran-based Saman Industrial Group, and Indonesia-based firm Surabaya Hobby CV and the company’s owner Agung Surya Dewanto.

OFAC Fines Firm That Insured Property of Sanctioned Russian Oligarch

A New York insurance company reached a $466,000 settlement with the Office of Foreign Assets Control on Dec. 21 after the U.S. said it provided insurance policies for the blocked company of a sanctioned Russian-Ukrainian oligarch. OFAC said Privilege Underwriters Reciprocal Exchange, which provides insurance policies for luxury homes, cars and boats, continued collecting insurance payments from the company for more than two years after its owner was added to the agency’s Specially Designated Nationals List.

The alleged violations stemmed from 2010, when the insurance company, known as PURE Insurance, issued a private fleet auto insurance policy, a jewelry and art insurance policy, and two high-value homeowners insurance policies to Medallion, a company owned by Viktor Vekselberg. OFAC said the policies were renewed each year, including after Vekselberg was added to the SDN List in April 2018. Medallion also became blocked under OFAC’s 50% rule, which imposes sanctions on any company majority owned by Vekselberg.

Despite the sanctions, PURE continued collecting insurance payments, OFAC said. The company's compliance failure was partly due to its underwriters failing to upload shareholder information from "the corporate disclosure statement” into PURE’s underwriting systems, OFAC said, where corporate ownership information is stored. The agency also said that when PURE onboarded Medallion in 2010, the insurance company didn't require non-U.S. policy holders to be “escalated for review and approval” by its management and compliance department.

In total, PURE collected 38 premium payments worth more than $308,000 for the four policies between May 1, 2018, and July 24, 2020. OFAC said PURE also paid a $7,500 claim involving one of the policies on July 22, 2020.

OFAC said it could have imposed a maximum civil monetary penalty of more than $13 million, but it settled on a lesser amount because the case was "non-egregious," PURE cooperated with OFAC's investigation and because it took “remedial measures,” including screening all of its customers through third-party vendors. It also began uploading all customers’ corporate disclosure statements into its system and seeking management and compliance approval for any involving a non-U.S. entity. PURE also signed an agreement to suspend the case’s statute of limitations and hadn’t received a penalty notice in the previous five years.

OFAC also pointed to several aggravating factors, including the fact the alleged violations weren’t voluntarily disclosed. PURE also “failed to exercise due caution or care for its sanctions compliance obligations,” including after its customer’s property was made subject to sanctions, which caused it to provide insurance coverage to a blocked person for more than two years. OFAC also said PURE had “reason to know” it was receiving payments from a sanctioned person, and the company “should have understood the connection between its customer and the customer’s designated owner.”

A PURE spokesperson didn’t respond to a request for comment.

The case highlights the importance of companies “continually” assessing their risk, especially as sanctions lists are updated, OFAC said. “Controls that were adequate at one point in time may not remain sufficient when new sanctions are imposed or existing sanctions are modified.”