On March 7, 2022, the US Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued an alert to financial institutions warning about potential attempts to evade US sanctions and other restrictions imposed on Russia and Belarus (“Alert”). The Alert includes red flags that financial institutions should review to help identify potential attempts to avoid sanctions, with a particular focus on convertible virtual currency (“CVC”), and also reminds companies of their reporting obligations under the Bank Secrecy Act (“BSA”).
Key Methods of Sanctions Evasion
The Alert warns financial institutions that Russian and Belarussian parties may attempt to evade sanctions through non-sanctioned Russian and Belarussian financial institutions in third countries, including through CVC exchangers. FinCEN recommends that financial institutions review FinCEN’s previous publication on foreign corruption indicators by politically exposed persons (“PEPs”). Such advisory describes a number of typologies used by PEPs to access the US financial system through misappropriated state assets, using shell companies and engaging in corruption in the real estate sector in order to launder illicit gains.
Identified Red Flags
The Alert lists the following 13 red flags financial institutions should be on alert for:
- The use of corporate vehicles by parties to obscure true ownership, source of funds, or countries involved, particularly sanctioned countries.
- The use of shell companies to conduct international wire transfers, often from financial institutions located in jurisdictions different from the company registration.
- The use of third parties to shield the identity of sanctioned persons or PEPs.
- Transfers of accounts from jurisdictions or financial institutions that are experiencing a sudden rise in value to their respective areas or institutions, without a clear economic or business rationale.
- Jurisdictions associated with Russian financial flows that are experiencing a notable increase in new company formations.
- Newly established accounts that attempt to send or receive funds from sanctioned institutions or institutions removed from SWIFT.
- Non-routine foreign exchange transactions that may indirectly involve sanctioned Russian financial institutions, including transactions that are not consistent with activity over the prior 12 months.
- Customer transactions that are initiated from or sent to the following types of destinations: non-trusted sources; locations in Russia, Belarus, jurisdictions identified by Financial Action Task Force with having anti-money laundering deficiencies, and comprehensively sanctioned jurisdictions; or IP addresses previously flagged as suspicious.
- Customer transactions that are connected to CVC addresses listed on the US Treasury Department’s Office of Foreign Asset Control’s (“OFAC”) Specially Designated Nationals and Blocked Persons List. For additional information on OFAC’s prior guidance for the virtual currency industry, please see our prior blog post here.
- Customer use of CVC exchanger or foreign-located money services businesses in a high-risk jurisdiction with anti-money laundering deficiencies, particularly for CVC entities and activities, including inadequate due diligence and “know your customer” measures.
- Customer receipt of CVC from an external wallet, followed by immediate initiation of multiple, rapid trades among multiple CVCs with no apparent related purpose, and then an off-platform transaction.
- Customer transfer of funds involving a CVC mixing service.
- Customer’s direct or indirect transaction exposure identified by blockchain tracing software as related to ransomware.
Financial Institutions’ Reporting Obligations and Filing Instructions
The Alert also reminds financial institutions of their BSA reporting obligations, particularly with respect to Suspicious Activity Reports (“SAR”) if they know, suspect, or have reason to suspect an actual or attempted transaction involves funds derived from illegal activity or is designed to disguise the funds’ illegal source; is designed to evade BSA regulations; lacks a business or apparent lawful purpose; or involves the use of financial institutions to facilitate criminal activity, including the evasion of sanctions. When filing a SAR, the accompanying narrative should indicate a connection between the suspicious activity being reported and the activities highlighted in the Alert. FinCEN further advises financial institutions to expedite all reports of suspicious transactions related to the Alert and to call FinCEN’s Financial Institutions hotline at: 866-556-3974.