US agencies release tri-seal sanctions and export control anti-evasion guidance

On March 2, 2023, the US Department of Justice (DOJ), US Department of Commerce's Bureau of Industry and Security (BIS) and US Department of the Treasury's Office of Foreign Assets Control (OFAC) published a joint advisory on red flags and enforcement related to third-party intermediary evasion of US Russia-related sanctions and export controls. This advisory comes on the heels of Deputy Attorney General Lisa Monaco's announcement that DOJ would begin releasing joint advisories to help the private sector understand the agencies' evolving expectations on national security-related compliance.    

Common red flags

The joint advisory lists 13 examples of common red flags that may indicate that a third-party intermediary may be attempting to evade sanctions or export controls, including:

• Use of corporate vehicles (i.e., legal entities, such as shell companies and legal arrangements) to obscure (i) ownership, (ii) source of funds, or (iii) countries involved, particularly sanctioned jurisdictions.
• A customer's reluctance to share information about the end use of a product, including reluctance to complete an end-user form.
• Use of shell companies to conduct international wire transfers, often involving financial institutions in jurisdictions distinct from company registration.
• Declining customary installation, training or maintenance of the purchased item(s).
• IP addresses that do not correspond to a customer's reported location data.
• Last-minute changes to shipping instructions that appear contrary to customer history or business practices.
• Payment coming from a third-party country or business not listed on the End-User Statement or other applicable end-user form.
• Use of personal email accounts instead of company email addresses.
• Operation of complex and/or international businesses using residential addresses or addresses common to multiple closely-held corporate entities.
• Changes to standard letters of engagement that obscure the ultimate customer.
• Transactions involving a change in shipments or payments that were previously scheduled for Russia or Belarus.
• Transactions involving entities with little or no web presence.
• Routing purchases through certain transshipment points commonly used to illegally redirect restricted items to Russia or Belarus. Such locations may include China (including Hong Kong and Macau) and jurisdictions close to Russia, including Armenia, Turkey and Uzbekistan.

The advisory reminds financial institutions and other entities that conduct business with the US,  or that deal in US-origin goods or services or in foreign-origin goods otherwise subject to US export laws, that risk-based compliance programs should include controls tailored to the risks that the business faces, such as diversion by third-party intermediaries.

Enforcement

As a matter of best practices, the joint advisory recommends that companies stay apprised of BIS and OFAC enforcement and targeting actions which can offer examples of how intermediaries are engaging in Russia-related sanctions and export control evasion. It further notes that DOJ is actively pursuing criminal charges against companies who allegedly use front companies and intermediate transshipment points to obscure their activities and evade enforcement. As sanctions and export controls become more complex, companies must remain vigilant about their exposure to minimize risks of civil and criminal enforcement actions.

Additionally, the joint advisory notes that BIS continues to actively monitor information, including reporting pursuant to the Bank Secrecy Act, to identify any changes to historical transshipment points in light of the export controls and restrictions imposed on Russian and Belarusian entities in the past year. As new transshipment points arise, companies will need to remain agile and act upon identification of redirected restricted items through these jurisdictions.

The joint advisory also highlights each agency's policies and processes for voluntary self-disclosure of violations. Further, while this joint advisory focuses on Russia-related sanctions and export controls, it makes clear that these principles apply broadly to all US government enforcement regimes, including the Disruptive Technology Strike Force announced on February 16, 2023, which is a partnership between DOJ and Commerce that aims to investigate and prosecute the illicit transfer of sensitive technologies to hostile nation states. 

Takeaways

The US government is continuing to prioritize civil and criminal enforcement of sanctions and export controls. Financial institutions and other companies should review their compliance programs and determine if such programs incorporate best practices for mitigating risks, including screening current and new customers, intermediaries and counterparties against prohibited party databases (like the Consolidated Screening List and OFAC's Sanctions Lists) and conducting risk-based due diligence. As we noted previously in our briefing on the Financial Crime Enforcement Network (FinCEN) alert regarding red flags for sanctions evasion related to high value assets, the red flags in the advisory may offer insight into areas that may be subject to heightened scrutiny by enforcement authorities. As sanctions and export controls continue to ramp up, experienced counsel can assist with navigating the agencies' evolving expectations.