An investigation by a group of journalists led by Organized Crime and Corruption Reporting Project (OCCRP) and several partners has revealed details about how sanctioned Russian oligarchs hide and move their assets. Leaked emails show that Boris Rotenberg (and likely others) move companies around, open and close new accounts, and change ownership by shedding shares and giving their companies to close family members and associates in response to new sanctions or questions by regulators. The Rotenberg Files include reporting about help from western enablers, highly-placed Russian allies in the West, and use of hidden loans through financial institutions in questionable jurisdictions.

FiveBy Director of Risk Intelligence, Irene Kenyon, has been quoted in one of these reports, and more investigations will be published in the near future. FiveBy experts are often asked to provide insights on risk-related news, industry trends, and other sanctions and money-laundering issues and can help US firms and financial institutions avoid these risks.

We judge that the Rotenberg Files highlight important methodologies that other oligarchs probably use—likely with modifications—to evade sanctions, gain access to the global financial system, hide assets, and purchase property. Expert analysts can help identify and monitor these transactions and other vulnerabilities to help your firm or financial institution avoid possible troublesome transactions, engagements with risky entities and individuals, and vulnerabilities that can result in financial or even criminal penalties.

Click below to schedule a free consultation with FiveBy’s certified experts.

FiveBy IntelSentry

---

Compliance and Due Diligence

The EU this week agreed on its long-awaited 11^th package of sanctions against Russia. The package includes measures aimed at countering sanctions evasion and adds 71 persons and 33 entities to the EU’s sanctions list, with some sanctioned in response to the illegal deportation of Ukrainian children to Russia. As previously reported, the list includes three China-based companies after the bloc removed five Chinese entities from the draft list last week. Other mechanisms to address Russian sanctions evasion were also reportedly watered down, including a proposal to target countries that aren’t doing enough to prevent Russia from evading export restrictions.

Will the United States impose sanctions on South Africa? The country is working to get removed from the FATF grey list by addressing eight areas of strategic deficiencies identified by the global AML watchdog. However, after being accused of allowing the Lady R cargo vessel to dock at the Simonstown naval command near Cape Town and load weapons in December; the public denial last week of Russia’s bombing of Kyiv during the South African peace mission to Ukraine, even as the group was being ushered into shelters during the air raid; and the attempt to bring dozens of boxes with weapons into the country, South Africa’s economic difficulties could be exacerbated by western sanctions. The Nedbank Group—a South African financial services group—recently assessed that Pretoria’s ties to Moscow were resulting in negative sentiment toward the country’s economy.

OFAC this week imposed sanctions on Burma’s Defense Ministry, as well as two banks the agency says enable foreign currency transactions between the military regime and foreign markets. Myanma Foreign Trade Bank and Myanma Investment and Commercial Bank—state-owned financial institutions in Burma that primarily function as foreign currency exchanges and enable the conversion of kyat to US dollars and euros—are now both on the SDN list.

OFAC has settled with Swedbank Latvia for $3.4 million for violations of Crimea sanctions. Although the 386 violations were not voluntarily self-disclosed, OFAC deemed them non-egregious. One of the aggravating factors was that the bank collected and stored customer IP data but did not integrate it into its sanctions screening processes. The settlement highlights regulators’ expectation that any and all tools, including geolocation and IP addresses will be used to ensure compliance with US sanctions.

Treasury this week sanctioned two South Sudanese officials allegedly responsible for conflict-related sexual violence in South Sudan. OFAC says the two abused their political and military authorities to engage in abductions, rapes, and gang rapes.

OFAC on Friday sanctioned three entities and five individuals under the transnational criminal organization (TCO) authority for being involved in a transnational human smuggling operation. Two of the individuals—Ofelia Hernandez Salas and Raul Saucedo Huipio—in March were indicted by the Justice Department for their role in this global human smuggling conspiracy.

A recent study has found that sanctioning China if it invaded Taiwan would have mixed deterrent results. The economic restrictions and sanctions imposed against Russia would be more difficult to apply to China, given the country’s importance to the global economy, and would make the costs for all parties a lot higher. What tools of economic statecraft would be effective? The study asserts that G7 responses would likely seek to reduce collateral damage by targeting Chinese industries and entities that rely heavily and asymmetrically on G7 inputs, markets, or technologies, such as China’s aerospace industry.

A bipartisan group of senators, led by Lisa Murkowski and Jeanne Shaheen this week reintroduced the Global Respect Act that would sanction foreign individuals responsible for human rights violations against lesbian, gay, bisexual, transsexual, and intersex individuals abroad. Representatives Brian Fitzpatrick and Sara Jacobs have introduced companion legislation in the House of Representatives.

China has exploited loopholes and weaknesses in the US export control regime to gain access to restricted microchips. Current controls focus on physical exports, and most Chinese technology firms access chips virtually using services offered by cloud computing companies. These services are not monitored to prevent usage by blacklisted foreign entities under current US restrictions.

Albania has improved its AML/CFT regime, but not enough to be removed from the FATF grey list. MONEYVAL says Albania has improved compliance with one recommendation on transparency and beneficial ownership, and another on the regulation and supervision of non-financial businesses and professions.

Google has launched an AI-driven AML product that uses machine learning to help clients in the financial sector comply with AML regulations. Google Cloud has done away with the rules-based programming that is typically included in traditional AML programs. Instead, it allows users to input rules and customize the tool using their own risk indicators or typologies.

Documents acquired by Iranian dissidents indicate that Tehran is working to establish an international organization to circumvent sanctions. The “Club of Sanctioned Countries” includes Russia, Belarus, Syria, Venezuela, Cuba, North Korea, Sudan, Congo, Lebanon, Somalia, Zimbabwe, Afghanistan, Libya, Mali, Nicaragua, as well as certain companies and banks in China and other countries. A number of these jurisdictions are embargoed, and US firms and financial institutions should carefully monitor the others given the extra risk associated with transacting with entities there.

Five law enforcement agencies have formed a task force on crimes associated with the darknet and digital currencies. The Darknet Marketplace and Digital Currency Task Force will target crypto-enabled crimes, such as drug trafficking, money laundering, PII theft, and child exploitation. Homeland Security Investigations Arizona, the Office for US Attorneys, the Internal Revenue Service Criminal Investigation, the Drug Enforcement Administration and the Postal Inspection Service signed a memorandum of understanding on the new task force last week.

The Justice Department this week announced the creation of a new National Security Cyber Section – known as NatSec Cyber – within its National Security Division. NatSec Cyber will work on disrupting and responding to malicious cyber activity, while promoting partnerships in tackling cyber threats by hostile nation-state adversaries.

The UK this week announced new sanctions against four individuals accused of engaging in sexual violence in the Democratic Republic of the Congo (DRC) and Syria. The sanctions target two militia leaders in the DRC for violating international humanitarian law by commanding groups to carry out acts of sexual violence. They also include the Syrian Army Chief and Minister of Defense who authorized sexual and gender-based violence, including systematic rape of civilians.

The Bank of China has stopped yuan transactions between Russian clients and banks in the United States, UK, EU, and Switzerland out of concerns about secondary sanctions, since Russia has been using the yuan to circumvent financial restrictions. The Bank of China will no longer provide correspondent services to Russian clients.

General Electric will no longer service gas turbines in Russian power stations because of US sanctions imposed last month that prevent US companies from offering engineering services in Russia. US companies may also be restricting access to technical schematics and databases, which are essential for foreign specialists who conduct inspections and repairs on Russian soil.

The UK this week announced legislation that will allow sanctions against Russia to remain and Russian assets to be frozen until Moscow agrees to pay compensation to Ukraine. The new measures will also require all sanctioned individuals to disclose assets held in the UK and authorize frozen assets to be donated to Ukraine’s reconstruction.

Chinese encryption chips supplied by a company on the Bureau of Industry and Security Entity List are being used by US government agencies and international military organizations. Encryption keys protect confidential information held by organizations like NATO, NASA, the US Navy, and the UK military, which use encryption microcontroller chips supplied by Chinese chipmaker Hualan Microelectronics (aka Sage Microelectronics), which was added to the Entity List in 2021.

A Moneyval report released this week says that Cyprus has made some progress in implementing AML measures, but still needs improvement. Asset recovery and successful confiscations of criminal assets have been found deficient.

Fraud and Abuse

Payment platform Plaid has created a collaborative network to stop identity fraud. The Plaid Beacon network is open to FinTechs, financial institutions, and Plaid customers, allowing them to share information about stolen identities and compromised accounts.

The CEO of the company that owns the submersible that recently went missing on an expedition to the wreckage of the Titanic in February was sued for fraud. Richard Stockton Rush, the founder and CEO of OceanGate Expeditions—one of the five people aboard the missing sub—is the sole named defendant in the suit filed by Marc and Sharon Hagle, who paid thousands of dollars to be part of the company’s first expedition to the Titanic wreckage. The submersible was behind schedule and the expedition was canceled, citing equipment failure.

Wilson Aerospace LLC this week sued Boeing, accusing it of trade secret and copyright infringement, civil conspiracy, fraud, negligent misrepresentation, and breach of contract for stealing and misusing proprietary information. Wilson claims that Boeing’s Space Launch System project faced repeated and ongoing delays, resulting in substantial cost overruns and a possible loss of the NASA contract. The aerospace design and manufacturing company, asserts that Boeing sought its expertise to help with the project, but once it had the proprietary information it needed, it terminated Wilson’s work.

India’s Enforcement Directorate (ED) this week conducted raids at 15 locations in Mumbai in connection with a money laundering investigation into businessman Sujit Patkar. The allegations against Patkar and three partners involve fraudulently obtained contracts for managing Covid-19 hospitals during the pandemic.

The president of Brazil’s securities watchdog CVM this week urged employees from Americanas who have information about the retailer’s alleged multi-billion-dollar fraud to testify in exchange for potential plea deals. Americanas last week admitted to significant accounting fraud, including “fraudulently altered” financial statements.

A Singapore court this week sentenced two former employees of Wirecard Asia to prison for their role in the widespread fraud at the German payments firm. James Aga Wardhana and Chai Ai Lim—both former senior finance executives at Wirecard Asia Holdings—were respectively sentenced to 21 months and 10 months in prison for conspiring to misappropriate funds.

Singapore’s central bank this week imposed fines collectively worth $2.83 million on Citibank, DBS, and Oversea-Chinese Banking Corp (OCBC), as well as insurer Swiss Life, for breaching AML/CFT regulations. The central bank found they had inadequate controls in place to prevent money laundering and terrorism financing.

The “imposter scam” is currently the top form of fraud in the United States. The scammer will impersonate an authority figure, such as a police officer or another government official or authority figure, and scare the victim into paying them money. The fraud is more believable because the con artists use the names of real law enforcement officers that show up with caller ID from an actual office. The Federal Trade Commission says nearly 200,000 people have been targeted this year alone, and last year $2.6 billion was lost to imposter scams.

A federal jury on Friday convicted David Copeland for his role in a $54 million bribery and kickback scheme involving TRICARE, a federal health insurance program for active duty and retired service members and their families. Copeland was part-owner and senior sales manager at Florida Pharmacy Solutions (FPS), which specialized in compounded prescription drugs. Copeland, and his accomplices, engaged in “test billing”—a scheme that develops the most expensive combination of compounded drugs possible to maximize reimbursement from TRICARE.

Another federal jury on Friday convicted Patrice Runner for operating a decades-long mass-mailing fraud scheme that stole more than $175 million from victims in the United States. The scheme targeted the elderly and vulnerable, sending letters that purported to be individualized, personal communications from so-called “psychics,” promising that the recipient had the opportunity to achieve great wealth and happiness with the psychic’s assistance, in exchange for payment of a fee.

TikTok has acknowledged that sensitive information about US creators who sign up to earn money through the app is stored in China after TikTok CEO Shou Zi Chew testified that US data has “always been stored in Virginia and Singapore.” When confronted with the contradiction, the platform claimed that there is a difference between user data that is collected by the app and “information that creators give to TikTok so they can be paid for content they post.”

Switzerland’s State Secretariat for Economic Affairs (SECO) this week found that a German arms dealership violated export conditions by shipping 11 Swiss-made Mowag Eagle vehicles to Ukraine without clearances. Switzerland has refused for its military materiel to be shipped to Ukraine, claiming it would violate the country’s neutrality.

US servicemembers have a high exposure rate to scams from digital payment apps because they need to secure real estate and other essential services quickly. They are also susceptible to scammers stealing their credentials because of their stable source of income.