Insights: Week Of December 5, 2022



Happy International Anticorruption Day!

Courtesy of Pixabay

The International Anticorruption Day and Global Human Rights Day (on December 10) are both significant annual observances that have prompted governments to impose sanctions on violators of human rights and kleptocrats who engage in acts of corruption that undermine democratic institutions and erode effective governance. The Biden administration in June 2021 established the battle against corruption and kleptocracy as a core national security interest, recognizing that authoritarians are empowered by corruption to undermine democracies and increase instability worldwide.

  • OFAC today, appropriately designated 40 individuals and entities across nine countries, including Iran, North Korea, China, Russia, the Philippines, and others, for what Treasury assesses to be connections to corruption and human rights abuses. Treasury also sanctioned 157 Chinese vessels, two individuals, and 10 entities for illegal, unreported, and unregulated (IUU) fishing, which threatens  the livelihoods and human rights of fishers around the world, as well as exacerbates the effects of climate change.

US partners also took action today to target individuals and entities responsible for human rights abuses.

  • The UK today sanctioned 30 individuals over civil rights abuses, including Russian and Iranian officials whom it considers responsible for torture, sexual violence, and violent repression. The EU is also releasing designations against Iran over human rights abuses, both for its violent suppression of protests and its supply of drones to Russia for use in Ukraine. And Canada has imposed sanctions on Russia, Iran, and Myanmar today, citing human rights violations.

The White House this week publicly came out in support of the ENABLERS Act that would require non-banking professionals who handle funds on behalf of their clients to conduct customer due diligence and determine the origin of the money. The legislation is aimed at stemming corrupt Russian oligarchs’ and other kleptocrats’ access to the US financial system, but despite the Biden administration’s support, it was stripped from the National Defense Authorization Act. Proponents hope to attach it to this year’s omnibus spending bill.

Despite the delay in the passage of the ENABLERS Act, the White House’s public support, along with recent statements by senior Treasury officials, indicate that stopping corruption, on which human rights violators and kleptocrats rely to maintain their destructive activities, will continue to be a priority for the Biden administration.

FiveBy’s expert analysts stand ready to help you not only identify and block possible human rights violators, oligarchs, and corrupt actors from transacting with your company, but also examine possible reputational risks of engaging with clients and business partners who may be politically exposed persons, or who transact with sanctioned or corrupt entities.

Click below for a free consultation and demo.


Compliance and Due Diligence

The Biden administration this week added 24 entities to the Bureau of Industry and Security (BIS) Entity List for supporting Russia’s military or defense industrial sector, Pakistan’s nuclear activities, or supplying an Iranian electronics company. The entities are based in Latvia, Pakistan, Russia, Singapore, and Switzerland. The full list of the entities that were added is here.

OFAC this week sanctioned a number of entities and individuals—mostly in Turkey—and one vessel as Specially Designated Global Terrorists. Sitki Ayan—a close childhood friend of President Erdogan—and his network of companies are designated for facilitating oil sales on behalf of Iran’s IRGC and Hizballah and laundering money for the FTOs. Ayan’s son, Bahaddin, who was sanctioned for his links to his father’s ASB Group of Companies, is also mentioned in the ICIJ Paradise papers as being a senior officer of PAL Shipping Trader One Co.

The EU yesterday sanctioned eight individuals for involvement in the conflict in Democratic Republic of Congo (DRC). The new designations include Willy Ngoma, spokesman of the M23 rebel group which has been fighting Congo’s army in the east, and Alain Goetz, a Belgian businessman, who the EU says was is the beneficial owner and former director of a gold mining company registered in Uganda that profits from mines controlled by militia groups in the DRC.

Several EU members want the bloc to amend its Russia sanctions to clarify the exemption for Russian grain and fertilizer shipped to poor countries. The chair of the African Union recently claimed that the continent has become “collateral damage” in EU efforts to punish Russia for its invasion of Ukraine.

The EU is working on a new sanctions package against Russia that could include a ban on four media channels and increased export controls of dual-use items, including drones, as well as a ban on transactions with Russian marketing and market research firms. The EU will also propose a ban on new investments in Russia’s mining sector and sanctions on three additional Russian banks, including the Russian Regional Development Bank. Diamonds and nuclear sector are still notably missing from the sanctions package.

EU satellite operator Eutelsat this week said that it will request its partners stop showing Iran’s Press TV following sanctions over broadcasts of forced confessions.

Despite the Uyghur Forced Labor Protection Act, about which we wrote in September, the global auto industry continues to source raw materials and components from China’s Xinjiang region. A recent report identifies major Chinese companies that have participated in forced labor programs in Xinjiang, or have recently sourced their materials and products from there. Automakers such as Volkswagen, Honda, Ford, GM, Mercedes, Toyota, and Tesla have likely sold cars containing raw materials or components that have links to forced labor in Xinjiang. The report highlights the importance of comprehensive insight into supply chains to reduce reputational and ESG risks.

Santander UK has been fined nearly $132 million—one of the largest fines of its kind—after an investigation by the UK’s Financial Conduct Authority (FCA) found “serious and persistent gaps” in its money laundering controls, resulting in hundreds of millions of pounds of suspicious transactions through customer accounts. The FCA found that the bank’s failures resulted in millions of suspicious transactions that were not flagged or reported.

The Netherlands plans new controls on exports of chip-making equipment to China. The Netherlands has been in negotiations with the United States about new export restrictions on semiconductor equipment sales to China, and an agreement could come as soon as next month. The Dutch government since 2018 has not granted ASML Holdings—a world leader in semiconductor production equipment that has significant customers in China—licenses to export its most advanced machines to China because they are considered “dual use” with potential military applications.

Yemen’s central bank has frozen the assets and accounts of 12 business groups and traders for supporting or being linked to the Iran-backed Huthis. The head of the central bank has formally instructed local exchange firms to close the accounts of the 12 oil and trade organizations and individuals and cease doing business with them.

The Commerce Department has extended the denial of export privileges of three US-based firms: Quicksilver Manufacturing, Rapid Cut LLC, and US Prototype Inc. for illegally exporting satellite, rocket, and defense technology to China. The Department in June said that the companies sent technical drawings and blueprints from US customers to China to 3-D print satellite, rocket, and defense-related prototypes without authorization.

Fraud and Abuse

Hackers this week launched a DDoS attack on Russia’s VTB in an effort to paralyze the bank’s services. The bank described the DDoS attack as the largest in its history. VTB said the majority of attacks had come from abroad, but that it was particularly concerned by traffic from Russian IP addresses.

A federal grand jury this week indicted a former Assistant City Attorney and Atlanta police officer in a scheme to defraud the Paycheck Protection Program (PPP). Shelitha Robertson and her co-conspirators allegedly submitted fraudulent PPP loan applications on behalf of various companies they owned and controlled and fraudulently obtained more than $7 million in PPP loan funds, which Robertson allegedly used to purchase luxury items and transfer money to family members and co-conspirators. She is charged with conspiracy to commit wire fraud, wire fraud, and money laundering.

US-designated Russian agent and former Ukrainian lawmaker Andriy Derkach has been charged with using an intermediary to hide his purchase and ownership of real estate in Beverly Hills. Federal prosecutors say that years before he was designated, Derkach and his wife tried to open a brokerage account at a US bank but were turned down after an adverse media check. So the pair in 2013 transferred nearly $4 million from overseas accounts in the names of shell companies to a bank account controlled by an intermediary to purchase the two properties.

Armando Ndambi Guebuza, the oldest son of Mozambique’s former president, this week was sentenced to 12 years in prison for embezzlement and money laundering in the country’s “hidden debt” scandal. The corruption investigation began after three state-owned companies got more than $2 billion in loans from international banks guaranteed by the Mozambique government without parliamentary approval, prompting the country’s economic collapse.

The United States this week unsealed an indictment charging Frank Schneider, an alleged participant in the OneCoin $4 billion Ponzi scheme, with wire fraud and money laundering. OneCoin fraudulently branded itself as a cryptocurrency when it was launched in 2014, telling investors that it could be mined and had real value. In reality OneCoin did not exist on the blockchain, and the founder, “Crypto Queen” Ruja Ignatova, disappeared a few years ago.

Authorities are investigating Brazil’s producers of high-end musical bows for trafficking protected brazilwood to the United States, Europe, and Asia. Brazilwood has been used for centuries to make bows used to play stringed classical instruments, but today the one remaining forest where the hardwood grows is among the most threatened biomes on the planet.

A new report by the French initiative, “All Eyes on Wagner,” reveals that Russia’s Wagner group supplies international markets with blood diamonds sourced from the Central African Republic’s conflict areas. The report alleges that Wagner secretly controls diamond export company Diamville and that the group effectively took over the local diamond sector by forcing local dealers to sell exclusively to Diamville or risk violent reprisals.

Nottinghamshire Police in the UK are warning of the dangers of online schemes that promise quick and easy money to students, young people, or low-income individuals to act as money mules to move illicit proceeds. International officials have been focusing on money mules in recent years, with almost 2,500 money mules and their recruiters arrested last month as part of the eighth iteration of European Money Mule Action (EMMA8). Police are warning teenagers about recruitment through media channels such as Snapchat and Instagram.

Iranian hacker group, Agrius, has been engaged in data wiper attacks aimed at diamond industries in South Africa, Israel, and Hong Kong. The wiper is believed to have been delivered via a supply-chain attack targeting an Israeli software suite developer early this year. Victims include HR firms and IT consulting companies, as well as a diamond wholesaler in Israel; a South African entity working in the diamond industry; and a jeweler based in Hong Kong.

Two new ransomware schemes target 1) healthcare organizations that offer online consultations by sending them booby-trapped patient medical records and 2) public company executives by editing their inboxes to make it appear that they are involved in insider trading. Two different ransom groups: CLOP (aka Cl0p, aka TA505) and a newer ransom group known as Venus are involved. The Department of Health and Human Services last month warned that Venus ransomware attacks were targeting US healthcare organizations.

FiveBy provides to our clients a weekly news roundup of relevant insights to help avoid issues associated with both regulatory and reputational risk. We hope you find this useful, if you would like to see other things included, let us know at

Leave a Reply

Your email address will not be published. Required fields are marked *