New sanctions and restrictions against Russia being discussed in the EU and among the G7 countries will likely complicate compliance efforts in the short term. G7 leaders will discuss methodologies to trace the Russian diamond trade at their summit this week with the aim of imposing effective restrictions in their efforts to tighten sanctions against Russia. G7 members are expected to agree to adjust their approach to sanctions so that all exports to Russia are automatically banned unless they are on a list of approved items.

• OFAC today sanctioned more than 300 individuals, entities, vessels, and aircraft, targeting Russia’s ability to move money, acquire critical technologies for its war effort, and violate sanctions.

• The UK has sanctioned 86 new individuals and entities that are involved in Russia’s military-industrial complex, energy, metals, and shipping industries, especially those that have allegedly been involved in stealing Ukrainian grain.

• The Financial Crimes Enforcement Network(FinCEN) and the Commerce Department’s Bureau of Industry and Security (BIS) have issued an alert urging continued vigilance for potential Russian sanctions evasion and export control violations.

• Canada has imposed more than 70 new sanctions that focus on individuals who support Russia’s war in Ukraine and are involved in human rights violations.

The EU probably will not permanently shutter natural gas pipelines the Kremlin turned off following its invasion of Ukraine, even though the G7 members are discussing the issue at their summit. The G7 is considering a measure that would bar countries like Germany and Poland from resuming natural gas imports from Russia even if the Kremlin turns the pipelines back on. G7 members such as Germany and Italy still maintain pipeline links to Russia, and consensus would be elusive, which almost certainly means that the EU’s 11th tranche of sanctions will not include the ban.

Berlin is also warning the bloc against targeting China as one of the countries helping Russia wage war and evade sanctions. The EU has been discussing imposing sanctions against at least eight Chinese companies that are helping Russia obtain restricted goods and technologies.

Monitoring reports about upcoming developments in the volatile sanctions environment is critical for robust compliance efforts. FiveBy’s expert analysts will not only alert you to possible regulatory changes, but recommend courses of action to ensure your firm remains on the right side of the law. In addition, given the rapid pace of designations, FiveBy experts can help US firms and financial institutions detect and quickly shut down existing engagements with newly designated individuals and entities, as well as any companies they may own or control.

Please click below for a free consultation and sign up for free Insights in your Inbox every week.

FiveBy IntelSentry

---

Compliance and Due Diligence

OFAC this week sanctioned a major actor in the ransomware game, Mikhail Matveev, the head of a ransomware group—Babuk—that in 2021 threatened to expose police informants and other sensitive information if the DC Metro Police didn’t pay a ransom. Matveev also was involved in the development and deployment of the Hive, LockBit, and Babuk ransomware variants, among others. Matveev was also charged by the Justice Department, but he will almost certainly never see justice because cyber criminals operate with relative impunity in Russia.

Small businesses in Kazakhstan are seeing a windfall from all the sanctioned and otherwise restricted goods that are transiting the country en route to Russia. Small dealers are doing everything they can to deliver these goods into Russia, including driving on back roads to avoid detection.

Hungary says it will not support the 11th EU sanctions package against Russia and the 500 million euro military support tranche for Ukraine unless Kyiv removes Hungarian OTP Bank from its sanctions list. Ukraine’s National Corruption Prevention Agency earlier this month designated OTP Bank as an “international sponsor of war” because of its continuing operations in Russia. The EU believes Hungary’s veto can be overcome.

EU member countries are preparing to help their companies exit Russia, amid increasing concerns that they will be taxed to fund Russia’s war efforts. New proposals in the 11th sanctions package include licenses for financial transactions and legal services for companies to exit Russia, relaxing the ban on EU law firms providing commercial services to Russian clients.

Skincare company Murad has reached a settlement with OFAC and will pay $3.3 million to settle allegations that it conspired to export goods and services to Iran in violation of US sanctions, highlighting the fact that all companies should have robust sanctions compliance programs—regardless of whether or not they operate in heavily restricted sectors. The California-based company allegedly entered into agreements with an Iran-based distributor to sell its products in the Middle East.

More than two dozen EU companies are still helping supply the Russian army with tactical goods despite western sanctions. Russian military contractors that have so far avoided European and US sanctions lists are importing western equipment for Russia’s war in Ukraine, including microchips for missiles, shells, fuses, tactical boots, body armor, engines for warships, and many other goods.

The Disruptive Technology Strike Force—an interagency body that includes the Justice and Commerce Departments, the FBI, and Homeland Security Investigations (HSI) and works to prevent malign actors and states from obtaining sensitive technologies and equipment— is working on several cases to tackle export restriction violations. The task force is working to dismantle alleged procurement networks created to help the Russian military and intelligence services obtain sensitive technologies. Two cases have charged former software engineers with stealing software and hardware source code from US tech companies to sell it to Chinese competitors. A Chinese national also has been charged with violating US sanctions by attempting to sell materials used to produce weapons of mass destruction to Iran.

The Bureau of Industry and Security this week issued a temporary denial order (TDO) suspending the export privileges of Florida company MIC P&I, LLC, Russian airline Smartavia, freight forwarder Intermodal Maldives, and Oleg Patsulya and Vasilii Besedin—two Russian nationals residing in Florida—for diverting civilian aircraft parts to Russia. The actions were coordinated through the Disruptive Technology Strike Force.

Billionaire Len Blavatnik has sold his stake in Russian aluminum producer Rusal—his last major Russian asset. His interest in Rusal had a market value of about $610 million at the end of 2022. Blavatnik, a naturalized US citizen, had been trying to sell the Rusal stake for several years, but he held the shares through a partnership with sanctioned Russian oligarch Viktor Vekselberg, which complicated the process.

A new report from a UK government panel says that the trading of unbacked crypto assets, such as Bitcoin and Ethereum, should be regulated as gambling rather than financial services. The UK Treasury Committee argued that the price volatility and lack of intrinsic value mean unbacked crypto assets will “inevitably pose significant risks to consumers.”

A new corporate entity type is helping Russia adapt to the increasingly stringent western sanctions. “International Companies” (MKs) allow Russian entities to enjoy benefits similar to those of offshore companies in Cyprus or others—such as anonymity and easy access to foreign currency flows—but with reduced sanctions risk.

Although the Myanmar state-run timber company is sanctioned, the United States continues to import thousands of tons of timber from the country. A recent report has identified two companies, East Teak Fine Hardwoods and J Gibson McIlvain, that have comprised 88 percent of all teak imports from Myanmar during the past two years.

The European Council this week adopted the world’s first comprehensive set of rules for crypto assets regulation (MiCa). The rules, which were already approved by EU member states and the European parliament, require crypto firms to be authorized by the EU and to comply with safeguards against money laundering and terrorism financing.

The Commerce Department has imposed a 10-year export privilege ban on Virgil Griffith, an Ethereum developer serving a five-year prison sentence for violating sanctions by providing services to North Korea. As a result, Griffith will be restricted from engaging in any transactions involving commodities, software, or technology that fall under the jurisdiction of US export regulations.

Shipping groups are increasingly seeking contract clauses that would make walking away from deals in the event of western sanctions on Beijing easier. Vessel owners are seeking clearer protection against the impact of western sanctions when negotiating deals with Chinese counterparts such as shipbuilders, lenders, and traders chartering freight services.

The Justice Department is increasing scrutiny of crypto tumblers and exchanges that flout AML regulations. The DOJ will focus on crypto companies that either engage in criminal behavior themselves, or turn a blind eye to money laundering or other financial crimes on their platforms.

Binance is ceasing its operations in Canada, citing a “challenging regulatory environment.” Canadian Securities Administrators (CSA) in February revealed new guidance that prohibited crypto asset trading platforms in the country from allowing customers to buy or deposit stablecoins without the CSA’s prior approval, which would require passing the CSA’s various due diligence checks.

Fraud and Abuse

Deutsche Bank has agreed to pay up to $75 million to settle a lawsuit by an unnamed victim of Jeffrey Epstein, who alleged the bank benefited from human trafficking by retaining him as a client. The Jane Doe claims the bank earned millions of dollars from facilitating Epstein’s sex trafficking.

A multi-millionaire Tory donor is apparently a key figure linked to a major money laundering investigation conducted by the UK’s National Crime Agency. A court ruling showed that Javad Marandi received $49 million directly from the bank account of one of the companies used to launder funds through a scheme known as the “Azerbaijan Laundromat,” and one of the companies he owns received another $107 million from the same account.

Mail theft and fraud continues to increase, so the post office is planning to implement new security measures. The US Postal Service will install 12,000 high-security collection boxes across the United States and install new electronic locks on thousands of mailboxes in an effort to prevent criminals from targeting letter carriers for their keys.

France has issued an arrest warrant for Lebanon Central Bank chief Riad Salameh after the latter failed to appear in court to be questioned and charged with corruption. Salameh promises to appeal the warrant, claiming it’s a violation of the law.

A Virginia man this week pleaded guilty to laundering and embezzling money from the Kuwaiti Embassy’s health office in Washington DC. Ahmed El Khebki (aka Ahmed Khider El Khebki) and his co-conspirators stole money earmarked for medical care for Kuwaiti citizens who traveled to the United States by creating fake medical companies. They submitted fraudulent invoices to the health office, claiming that they had provided medical services to real Kuwaiti citizens under the auspices of those fake companies. Complicit employees approved the invoices and wrote checks to the fake companies.

The founder of darknet “carding” site Skynet Market, which was used to sell stolen financial information on the internet, this week pleaded guilty to leading a conspiracy to sell stolen financial information on the dark web. Operating under the moniker ggmccloud1, Michael Mihalo and his co-conspirators sold the stolen credit card numbers and other information on marketplaces, such as AlphaBay Market, Wall Street Market, and Hansa Market.

Apple says that its App Store anti-fraud measures have prevented fraudulent activities and transactions worth more than $2 billion in 2022. Apple also rejected nearly 1.7 million app submissions for failing to meet “the App Store’s high standards for privacy, security, and content.” Reasons for rejections included privacy violations, spam, copycats, or misleading users, and hidden or undocumented features in the app.

Former Audi CEO Rupert Stadler this week admitted to committing fraud by negligence in the company’s emissions scandal under a deal that would get him a suspended sentence. Stadler had been on trial for fraud over his role in the scandal after Volkswagen and Audi admitted in 2015 to having used illegal software to cheat on emissions tests.

A Ghanaian social media influencer has been extradited from the UK to the United States, where she will stand trial for her alleged involvement in online romance scams that defrauded lonely elderly Americans out of hundreds of thousands of dollars. The FBI says that between 2013 and 2019, Mona Montrage was also secretly a member of a criminal conspiracy working to defraud American citizens, manipulating lonely people online and stealing their money.

Cybercriminals are increasingly employing double and triple extortion as a strategy in ransomware attacks, downloading private data from victims’ machines in addition to encrypting files on the victims’ devices. They also use triple extortion, in which ransomware gangs encrypt files, extract sensitive data, and add distributed denial-of-service (DDoS) attacks to the mix for further leverage. If the ransom is not paid, not only will the files stay locked, but regular services will be affected by DDoS.

Former Brazilian President Fernando Collor has been convicted of corruption and money laundering after having received about $6 million in bribes between 2010 and 2014 in exchange for facilitating advantageous contracts between DVBR (Derivados do Brasil) and BR Distribuidora, a subsidiary of state-controlled oil company Petrobras. The latest charges are an outgrowth of the so-called “Car Wash” probe, which sent dozens of politicians and business leaders to prison. Collor was impeached in 1992.

Brooklyn-based crypto trading platform Coin Cafe will pay back $4.3 million to investors after the New York Attorney General’s office accused the company of misleading customers about “exorbitant and undisclosed” fees. The company, which was granted a New York BitLicense in January, advertised free wallet storage on its website but charged fees that sometimes entirely emptied investors’ accounts.

The former CFO of a Seattle startup, Nevin Shetty, this week was indicted for wire fraud. Shetty allegedly diverted roughly $35 million from the startup’s coffers to a cryptocurrency platform under his personal control. Shetty reportedly established a platform, known as HighTower Treasury, in February 2022 shortly before being notified that he was being let go because of concerns about his performance.

FiveBy Director of Risk Intelligence, Irene Kenyon, appeared on the Highly Regulated podcast, discussing compliance issues, including common compliance mistakes, risk mitigation strategies, and other regulatory topics.