Sanctions and Cyber and Crypto, Oh My: The Convergence of Emerging Regulatory and Enforcement Risks Requires Agile Responses Across Sectors | Bracewell LLP
At a sanctions conference in Washington DC on May 5, government officials, practitioners and businesses highlighted the government’s focus on tackling corruption, in more traditionally siled areas. While the Russian sanctions are a hot topic in themselves, government officials from all agencies noted that even outside of the measures resulting from Russia’s invasion of Ukraine, the United States has not stopped enhance their expectations regarding the creation, implementation and oversight of Anti-Money Laundering (“AML”), Foreign Corrupt Practices Act (“FCPA”), ESG and compliance programs to penalties.
The conference was an important reminder of the six critical areas that companies need to address in cross-coordinating their compliance efforts:
- Sanctions (US, UK, EU and comparable regimes)
- Anti-Money Laundering (to include cryptocurrencies)
- Anti-Corruption (Foreign Corrupt Practices Act Due Diligence)
- Trade controls (CCL and IEEPA concerns)
- Department of State Licensing Requirements (Arms Export Control Act and ITAR)
- ESG (with a strong focus on internal controls)
In this continued whole-of-government approach to anti-corruption, national security and foreign policy, the United States continues to accelerate the use of sanctions and other initiatives, such as the creation of several task forces , to raise the temperature on Russia and other foreign adversaries as well as the private sector. But today’s compliance risks aren’t quite the same as they were in the past, now presenting an assortment of arrows in the government’s growing quiver.
In recent months, the Office of Foreign Asset Control (“OFAC”) has become increasingly active with initiatives that have arguably supplanted AML and FCPA due diligence as primary concerns for entities engaging in cross-border transactions . Notably, Andrea Gacki, director of OFAC Enforcement, highlighted a more interdisciplinary and interagency approach to sanctions enforcement in the coming year.1 In his keynote address at the conference, Gacki confirmed that cybercurrency and virtual currency are a top priority for OFAC and that the agency will focus on technology, virtual currency and non-financial industries. The White House also confirmed that the administration is focused on staying ahead of new and emerging trends in sanctions evasion and is implementing an interagency enforcement strategy.
Unsurprisingly, Gacki also pointed out that “it’s never too early to have a sanctions compliance program in place,” reminding companies that the government has high expectations for internal controls.2 Most companies know that proactive and thorough compliance programs are essential in the AML and FCPA space, but as new compliance issues such as the continued rise in ransomware attacks and the accessibility of crypto- currencies, challenge existing programs, it is becoming increasingly difficult to trust that all areas of transactional risk are being addressed effectively.
It’s no wonder that many companies are expressing growing concern about meeting government expectations and feeling pressure to step up compliance efforts on a wide range of related topics. Addressing these concerns largely comes down to effectively determining who you are doing business with, where your products and services are going, and the collateral consequences that might arise from those transactions. Often, the analysis of commercial interests must take into account the choppy seas of changing regulations and a realistic assessment of short- and long-term risks arising from government action.
In light of these developments, companies should consider approaching compliance with a broader mandate, assessing the risks of overlap, and ensuring that lawyers and other outside advisors look beyond a single issue. narrow. Subject matter expertise is essential, but silos of expertise can cause red flags to fail to be detected. The ideal strategy would be one that reflects the government’s interdisciplinary approach to the fight against corruption and the application of sanctions.
1. Sharp ends of sanctions enforcement are criminal investigations by the Department of Commerce, FBI, and Department of Homeland Security into violations of the International Emergency Economic Powers Act, which are prosecuted by multiple components of the DOJ, labor groups and US law firms. .
2. Recent statements from the Departments of Justice, State, Commerce, and Treasury point to higher expectations and burdens on know-your-customer, anti-money laundering, and internal control practices . Regulators in the UK and EU are taking a similar approach, adding to the complexity of gaining confidence in the ultimate merits of cross-border transactions.