Investigation into supply chains is becoming more critical as regulators increasingly focus on methodologies that allow sanctioned individuals and entities to access the global financial system and restricted technologies, as well as help goods made with forced labor to enter the United States.

• The US government will likely demand more transparency in China’s supply chains—particularly in the textiles and solar industries—now that China has opened up after its draconian Covid restrictions. US regulators say that they consider “corporate compliance with the Uyghur Forced Labor Prevention Act just as important as compliance with the Foreign Corrupt Practices Act,” and companies are likely to reconsider ties with Xinjiang because of the risks and additional efforts involved in researching their supply chains.

• An Istories investigation (link to translation from Russian) into the supply chains that allow sanctioned Russian conglomerate Rostec to purchase components for electronic warfare systems, circumventing sanctions, reveals that a company called VMK has been integral in helping Rostec and its subsidiaries obtain restricted electronics and components for Rostec-owned Radio Electronic Technologies Concern (KRET). 

In-depth research and regional expertise will help US companies gain clarity into supply chains and efforts to obscure questionable business practices, as well as obtain insights into third-party partners and suppliers. Companies that transact in high-risk jurisdictions must gain a thorough understanding of their supply chain ecosystems.

FiveBy’s expert analysts can help firms gain valuable insights into their vulnerabilities that require an understanding of the nature of their products and services, their uses, end-customers, and the jurisdictions in which they operate.

Ready to get started? Click below to access FiveBy’s IntelSentry analytic service.

FiveBy IntelSentry

---

Compliance and Due Diligence

The EU this week sanctioned dozens of Iranian entities, including government officials. Iran’s Revolutionary Guard (IRGC) still has not been designated as a terrorist group. However, the EU Parliament’s nonbinding majority vote to blacklist the IRGC last week indicates a designation could still occur.

OFAC this week designated Hizballah Money Exchanger Hassan Moukalled for enabling the designated terrorist organization “to continue to exploit and exacerbate Lebanon’s economic crisis.” Moukalled’s sons and his money service business, CTEX Exchange, were also sanctioned, noting corruption as a reason for designation, in line with the Biden Administration’s identification of corruption as a national security threat in 2021.

Among the OFAC designations this week was a Chinese company that provided satellite imagery in Ukraine to the Wagner mercenaries in support of their combat operations. Changsha Tianyi Space Science and Technology Research Institute (aka Spacety China) has offices in Beijing and Luxembourg. Treasury also designated Wagner as a transnational criminal organization, which is what we have been expecting since last week.

The United States this week also sanctioned the former president and current vice president of Paraguay for corruption. Former president Horacio Cartes Jara and current vice president Hugo Velazquez Moreno are accused of participating in corruption schemes and having links to Hizballah. Paraguay is part of the tri-border area (TBA) in South America, along with Brazil and Argentina, which is a hotbed of Hizballah illicit financial activity. Four companies owned or controlled by Cortes were also sanctioned: Tabacos USA, Bebidas USA, Dominicana Acquisition and Frigorifico Chajha.

UK Prime Minister Rishi Sunak when he was head of the UK Treasury helped Wagner crime boss Yevgeniy Prigozhin sue an investigative journalist, circumventing UK sanctions. A special license issued to Prigozhin enabled him to sue Bellingcat’s Eliot Higgins, targeting his reporting about Prigozhin’s links to the Kremlin and Wagner’s operations in Africa and the Middle East. In light of these revelations, the Treasury is reviewing its license processes. 

Japan has announced new sanctions on Russia. The restrictions, which will take effect on 03 February, will prohibit shipments of goods that can enhance Russia’s military capabilities, including semiconductor equipment and components, power generators, explosives, and vaccines.

The EU has proposed new sanctions on Belarus for supporting Putin’s war in Ukraine. The measures resemble those already imposed on Russia, including restrictions on key technologies and the country’s energy sector.

FinCEN this week issued an alert to financial institutions on sanctioned Russian entities, oligarchs, and their family members potentially using investments in US real estate to launder money and evade sanctions. Read our advisory on illicit actors’ use of the US real estate market to park their assets and clean illicit funds.

The United States will propose additional Haiti sanctions targets to the UN. Although the UN Security Council in October agreed to sanction anyone who threatens the peace and stability on the island, so far, only Barbecue—the country’s most prominent gangster, Jimmy Chérizier—has been sanctioned. 

The United States is assessing that some Chinese companies are providing non-lethal military assistance to Russia for use in the Ukraine war, although whether the Chinese government is aware of the activity is unclear. US officials are communicating their concerns to Beijing, because although the support stops short of qualifying as sanctions evasion, the material support helps Russia continue its attacks in Ukraine.

The State Department this week sanctioned former Panamanian president Ricardo Martinelli for significant corruption, including accepting bribes in exchange for government contracts. The former president’s sons, Ricardo and Luis Martinelli, this week returned home after serving a 36-month sentence in the United States for money laundering in the Odebrecht international corruption and bribery scandal.

UK online gambling firm, Intouch Games, has been fined roughly $7.6 million after the UK’s Gambling Commission found failures to prevent money laundering. Intouch was cited for allegedly failing to put in place policies and procedures to address money-laundering risk factors. Intouch also apparently failed to follow its customer identification and due diligence policies to find out the source of the clients’ funds.

Fraud and Abuse

A former FBI special agent and a Russian court and government interpreter have been charged with violating US sanctions on Russia. Charles McGonigal and Sergey Shestakov conspired to provide services to sanctioned Russian oligarch Oleg Deripaska. As a special agent, McGonigal investigated Deripaska and possibly warned the billionaire about forthcoming sanctions against him. Both McGonigal and Shestakov worked to have Deripaska removed from the SDN list.

The United States this week sentenced a former energy company executive for running a $15 million investment fraud. Joey Stanton Dodson defrauded investors while an executive at Citadel Energy and made false claims about use of investor funds. Dodson funneled company money into his personal accounts and used it to pay investors in his previous scams.

Russian internet giant Rostelecom recorded 21.5 million attacks on about 600 Russian entities in the telecom, retail, financial, and public sectors. Ukraine has successfully used cyber activities to defend against Russia since the war began, and the experience could be an asset in the country’s bid to join NATO, after it formally joined NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) this week.

The FBI has confirmed that North Korean threat actors Lazarus Group and APT38 hacked and stole $100 million from crypto service Horizon Bridge. The hackers used “a malware campaign known as ‘TraderTraitor’” for the operation.

Binance between May 2018 and September 2022 apparently processed $346 million in Bitcoin for Bitzlato, which was designated as a primary money laundering concern by the Treasury Department last week. FinCEN says that Binance was the biggest crypto exchange that transacted with Bitzlato; others included Russian-language darknet drugs marketplace Hydra, a small exchange called LocalBitcoins, and a crypto investment website called Finiko, which FinCEN described as a Russia-based crypto Ponzi scheme. Binance says that it is cooperating with investigators.

The former head of Venezuela’s highest court this week was indicted in Miami federal court on charges of granting legal favors for bribery payments which he spent on chartered private jets, expensive watches, luxury goods, and real estate in South Florida. Maikel Moreno allegedly laundered the $10 million in bribes through local banks.

The Chainalysis annual crime report focused on money laundering assesses that crypto criminal cash-out services over the past year have experienced a consolidation, with a smaller number of services operating than in the previous year. Chainalysis also estimates that out of the 915 of these cash-out services, just five cryptocurrency exchanges now handle nearly 68 percent of all black market cash-outs.

Italian authorities this week detained 56 suspected ‘Ndrangheta members and seized more than $217 million in assets that were obtained through extortion of tourist and construction sectors. The operation was focused in particular on the activities of the La Rosa ‘ndrina, a branch of the ‘Ndrangheta, active in the southern area of the Tropea tourist resort. Charges include weapons trafficking, fraud, corruption, kidnapping, money laundering, and other activities at which ‘Ndrangheta excels.

The FBI has disrupted the activities of the Hive ransomware group, which targeted hospitals, schools, and financial institutions in more than 80 countries. The Bureau infiltrated Hive and stopped more than $130 million in ransom demands.

The Justice Department is suing Google alleging that it monopolizes key digital advertising technologies that website publishers depend on to sell ads and that advertisers rely on to buy ads and reach potential customers. The complaint alleges that Google has “used anticompetitive, exclusionary, and unlawful conduct to eliminate or severely diminish any threat to its dominance over digital advertising technologies.”

Three members of a family in Virginia this week were sentenced to prison for conspiring to use violence and emotional abuse to keep a woman in servitude. Zahida Aman arranged for her son’s marriage to the Pakistani victim in 2002, but even after her son left his wife, the defendants kept the victim in their Virginia home to serve the extended family by using threats and physical violence. The defendants slapped, kicked and pushed the victim, beat her with wooden board, and on one occasion hog-tied her hands and feet and dragged her down the stairs in front of her children.

Researchers have shut down VASTFLUX, a massive ad fraud scheme that “spoofed more than 1,700 applications from 120 publishers and impacted roughly 11 million devices.” The scheme used a DNS evasion technique that injected malicious JavaScipt code into digital ads to generate ad views and inflate the value of ad spaces.

Richard Masters, a British individual wanted by US authorities for allegedly helping a Russian oligarch evade sanctions, has been arrested in Spain. Masters has been charged with facilitating a sanctions-evasion and money-laundering scheme involving the Tango—a $90 million super yacht belonging to sanctioned oligarch Viktor Vekselberg. Russian businessman, Vladislav Osipov, has also been charged in the United States but remains at large.

A Swedish court this week cleared Swedbank’s former CEO Birgitte Bonnesen of covering up the bank’s AML failures in the Baltic states. Bonnesen was charged with aggravated fraud for publicly denying that Swedbank had a money-laundering problem, even though she knew about it. The court said that Bonnesen’s statements were unclear and general, but did not rise to the level of fraud.

The UK National Cyber Security Centre is warning that hacking groups linked to Russia and Iran are tricking victims into clicking malicious links by impersonating journalists and other experts. The efforts are not related, but hackers are working to steal emails from victims working in academia, defense, the media, and government, as well as from activists and NGOs.

Senator John Kennedy is warning that adversaries, such as Russia and China, can misuse the US legal system to gain access to sensitive intellectual property and technology by funding lawsuits against US companies and exploiting the discovery process. Kennedy this month sent a letter  to Supreme Court Chief Justice John Roberts and Attorney General Merrick Garland raising the national security risks linked to third-party litigation funding, which has little to no transparency requirements.

An investigation by Youtubers Iskandar Souza and Paulo Gomes revealed that some third-party retailers in China are selling GPUs that appear new but have been altered to hide the fact that they were used for crypto mining. Some telltale signs include a yellow tint on the memory on the GPU, which is caused by either prolonged use or resoldering onto newer boards, missing or discolored warranty stickers, and loosened screws.

Several Ukrainian defense officials this week resigned (read: were fired) over corruption issues such as stealing state funds and using front companies to sell food to the military at inflated prices. Miliary corruption was a key issue that allowed Russia to successfully invade Crimea in 2014, and these anticorruption efforts could strengthen Ukraine’s efforts against Russia during the current conflict and counter Russian messaging about corruption aimed at sowing distrust and doubt about helping Ukraine among western allies.