Insights: Week Of September 5, 2022

Compliance Expenses are Increasing

FiveBy Solutions this week officially launched Risk Assessment Services—a program we have been highlighting for several months that offers bespoke solutions to help clients enhance their AML and sanctions compliance programs without breaking the bank. Small and medium-sized firms and financial institutions that rely solely on automation to ensure they are not transacting with malign actors, sanctioned individuals or entities, or kleptocrats or their associates could be missing a big piece of the compliance puzzle by not engaging with experts to make sense of the reams of data that automated tools sometimes generate.

Fuzzy results, name variations, false positives or negatives, fraudulent addresses and tax IDs, and other methodologies to evade sanctions and obscure the origins of funds may expose US firms and financial institutions to regulatory and reputational risk.

That’s where FiveBy comes in.

We built our Risk Assessment Services to provide expert analysis by experienced and certified threat finance professionals, engaged on-demand and on a case-by-case basis.

  • We empower clients who may not have the resources of a larger corporation to both maintain compliance with federal policies and improve their internal risk mitigation strategies.
  • We provide the “so-what” that helps make sense of raw data and highlight the risks associated with a potential client or business partner.
  • We monitor regulatory, sanctions, and political changes, as well as evolving money-laundering and sanctions-evasion methodologies.
  • We help clients protect their business from abuse by illicit actors.

Risk Assessment Services offers US firms and financial institutions an opportunity to examine vague or unclear results generated by their automated tools and gain valuable insights into potential clients and business partners and the risks involved in transacting with them. For more information, click below.


Compliance and Due Diligence

FiveBy assesses in a new advisory that US companies must conduct in-depth investigations not just into their business partners, but also into their supply chains to ensure compliance with the Uyghur Forced Labor Protection Act. This research will require strong area and cultural knowledge as well as language skills and a holistic understanding of both China and the sanctions and other restrictions instituted by the US government. 

Coinbase is backing a lawsuit against OFAC over Treasury’s designation of Tornado Cash. The lawsuit was filed this week by six Tornado Cash users who accused OFAC of violating their First Amendment free speech rights and overstepping its authority when it sanctioned the crypto mixer, which the government says has been used by illicit actors to launder funds, including by North Korean hackers..

The United States this week sanctioned four Iranian companies and one individual involved in the production of unmanned aerial systems (UAS) and shipping weapons to Russia. Safiran Airport Services coordinates Russian military flights between the two countries, including those that transport UAS, personnel, and related equipment to Russia. The other three companies—Paravar Pars, Design and Manufacturing of Aircraft Engines, and Baharestan Kish Company—are involved in UAS production.

Former chess champ and current Renew Democracy Initiative and Human Rights Foundation chairman, Garry Kasparov, has some advice about how to plug holes in western sanctions regimes for maximum impact against Russia. He says additional import restrictions on technologies such as aircraft parts, sonar systems, antennas, spectrophotometers, test equipment, GPS systems, vacuum pumps and oil-field equipment should be imposed. He also says the West should do everything possible to facilitate the continued brain drain that has been a problem for Russia for years.

The Commerce Department’s Bureau of Industry and Security (BIS) has relaxed restrictions barring the export of some encryption technologies to Chinese telecoms giant Huawei in response to concerns expressed by US businesses about whether they need to seek a license before bringing some tech to standards talks. The businesses say that the confusion “undermined US participation and leadership” in the talks. The United States also wants to ensure that China, through companies like Huawei, does not create standards that benefit authoritarian governments.

Russian oligarch Vladimir Lisin, whose tankers export oil products to the EU, in violation of sanctions, is not subject to sanctions but is helping Russia ship its oil to EU countries. A recent investigation revealed that oil tankers owned by Lisin’s company regularly come close to the Constanta port in Romania and reload Russian oil and oil products onto EU-flagged ships in the neutral waters of the Black Sea. The ships then carry the oil to EU countries, evading sanctions.

Hungary has—for now—dropped its demand to lift sanctions imposed by the EU on Russian oligarchs, Alisher Usmanov, Petr Aven, and Viktor Rashnikov. The Czech presidency of the Council of the EU ahead of this week’s meeting of EU envoys, reached an agreement with Budapest to avoid Hungary blocking the designation renewal that needs to happen before September 15.

Since traveling and vacationing in Europe is more difficult for Russians lately, many are flocking to Belarus to access western goods and financial services that are no longer available at home. Numerous foreign retailers still operate in Belarus, giving Russian tourists an opportunity to bring home western products they have been unable to get .

The Baltic states and Poland have agreed to restrict the movement of Russian citizens through their borders with Russia. The measures would “restrict the entry into the Schengen area for Russian citizens traveling for tourism, culture, sport and business purposes” because of national security concerns.

President Biden has decided not to designate Russia as a state sponsor of terrorism, claiming that the move could delay food exports and jeopardize deals to move goods through the Black Sea.

Ukrainian NGO, Trap Aggressor, has found 31 loopholes that Moscow has been using to evade western sanctions. Gaps in sanctions policies, lack of enforcement, selectivity (we can’t possibly designate Russian oil or gas!), and loose interpretation of sanctions policy are only some of the ways Russia continues to function economically despite the hobbling it continues to receive.

Russia says it will not resume natural gas deliveries to Europe via Nord Stream 1 until the “collective West” lifts sanctions against the country, negating the Kremlin’s previous claims that sanctions prevented Russia from repairing the pipeline’s turbines. The demand also contradicts Moscow’s claims that western sanctions have had little effect on Russia’s economy, as internal documents show Russia bracing for the economic impact of shutting off energy supplies to Europe, which could result in a GDP decline of as much as 12 percent by 2024, and Russia desperately tries to bully the West into sanctions relief.

The UK Treasury wants crypto exchanges and wallet providers operating in the country to report suspected sanctions violations. Under the updated guidance, crypto companies must freeze assets and report them to the Office of Financial Sanctions Implementation (OFSI) if they suspect that the transaction is from a sanctioned entity.

FiveBy’s Director of Risk Intelligence this week discussed sanctions and their relevance in a multi-polar world with LTC Sargis Sangari, USA (Ret.), the CEO of the Near East Center for Strategic Engagement (NEC-SE). Discussion focused on the effectiveness of the current sanctions regime against Russia, enforcement strategies, and how FiveBy can help US firms and financial institutions more effectively navigate the volatile regulatory sanctions environment.

Fraud and Abuse

Former members of the Russia-based cybercriminal organization, Conti, have been targeting Ukraine. Google’s Threat Analysis Group began tracking the threat group, UAC-0098, in April, after detecting an email phishing campaign that sent out a variant of the Anchor backdoor malware developed by Conti. The group started by targeting Ukrainian hotels, and by May was impersonating Ukraine’s national cyber police urging hospitality organizations to download a system update via email links. The attackers also impersonated representatives of Elon Musk and Microsoft, targeting the Ukrainian retail, technology, and government sectors.

Iranian hackers linked to the IRGC have likely been targeting US government officials, Iranian dissidents, and journalists. Between March and June 2021, the hackers used a compromised email account of an employee at a US-based think tank to target US government officials focused on Middle East and Iran policy.

Turkey, already under monitoring by FATF for AML/CFT lapses, has passed a law allowing the transfer of cash, gold, and other assets to the country without revealing their origins and without penalties. The amendment, approved by parliament, which is controlled by President Erdoğan’s Justice and Development Party (AKP), prompted the opposition to assert that Turkey has turned into an illicit finance haven.

Former Trump aide Steve Bannon is facing money-laundering and conspiracy charges in New York. Prosecutors say that while Bannon promised donors that all the funds they donated to WeBuildTheWall Inc. would fund a border wall between Mexico and the United States, he funneled hundreds of thousands of dollars to two other people involved in the scheme. Bannon has pleaded not guilty.

A yearlong investigation into a criminal syndicate in Australia that allegedly laundered millions of dollars through a local gaming venue has resulted in three arrests. The Australian Federal Police (AFP) has charged the network with laundering millions in cash by purchasing jackpots from patrons by paying the winners cash in exchange for their winning checks, which the syndicate members would cash in their own names as legitimate gambling proceeds.

The Los Angeles Unified School District this week confirmed that a major ransomware attack targeted its IT infrastructure. The district said disruptions included access to email, computer systems, and applications. It did not reveal whether the ransom was paid.

The mastermind military contractor behind a major Navy corruption scandal this week escaped house arrest. Leonard Francis (aka Fat Leonard) cut off his GPS ankle monitor and fled. His company, Glenn Defense Marine Asia, provided food, fuel, and water to Navy ships in the Pacific and allegedly overcharged the Navy by nearly $35 million. Navy officers involved in the fraud also tried to recruit others to participate in what became the Navy’s worst corruption scandal.

A judge in Liechtenstein is investigating money transfers between companies owned by Lebanon’s central bank governor Riad Salame and the brother of Lebanese Prime Minister Najib Mikati. Judge Michael Jehle has confirmed that authorities in Vaduz have sent a request for “mutual legal assistance in criminal matters” to Lebanese authorities, but declined to provide further details. Salame is being investigated by several other European countries for embezzlement and money laundering. Authorities in three European countries this year froze $130 million linked to Salame.

The AFP now has a dedicated crypto unit to target cyber criminals who illegally use digital assets because Australia has witnessed a dramatic upsurge in cryptocurrency related crimes and various crypto related investment scams. The new unit will tackle cyber criminals bypassing the financial system for money laundering and illegal investment offers, involving cryptocurrency and using cold-calls, emails, SMS, or social media advertising.

FiveBy provides to our clients a weekly news roundup of relevant insights to help avoid issues associated with both regulatory and reputational risk. We hope you find this useful, if you would like to see other things included, let us know at

Leave a Reply

Your email address will not be published. Required fields are marked *