Sanctions: Not Just for Banks
Europe is girding for war, but the United States and other countries are still attempting to convince Russian President Vladimir Putin to rethink his intentions in Ukraine. On Monday, for example, President Joe Biden announced that he had signed a new executive order outlining sanctions that are designed to cut off Russia’s government, financial sector, and wealthy investors from U.S. financing.
Specifically, the executive order prohibits:
New investment by a U.S. person, wherever located, in two provinces that have broken from Ukraine and that President Putin formally recognized as independent this past weekend;
The importation into the United States, either directly or indirectly, of any goods, services, or technology from the two provinces;
The export, re-exportation, sale or supply, either directly or indirectly, from the United States or by a U.S. person, wherever located, of any goods, services, or technology from the two provinces; and
Approval, financing, facilitating or guarantee by a U.S. person, wherever located, of a transaction by a foreign person, if that transaction would be prohibited if performed by a U.S. person or within the United States.
President Biden also imposed sanctions on Russia’s sovereign debt, which means the Russian government cannot raise new debt from the U.S. financial institutions. The European Union, United Kingdom, Australia, Japan, and Canada joined the United States in imposing sanctions on Russian banks and individuals.
But do these rules impact only traditional financial institutions? What impact will they have on the financial technology community? Let’s take a look.
Who Has to Abide by Sanctions?
As the law firm Cleary Gottlieb has explained, U.S. sanctions laws apply to:
All U.S. citizens and lawful permanent residents, wherever they are located;
All individuals and entities located within the United States;
All entities organized under the laws of the United States or any jurisdiction of the United States, including foreign branches of those entities; and
Certain activities by non-U.S. persons that involve a U.S. nexus, such as U.S. persons or goods or services exported from the United States.
In other words: yes, fintech companies clearly are on the hook and must comply with the orders President Biden has already issued, and any future orders. In fact, the anti-money laundering technology company Comply Advantage has warned, “Customers that are subject to international sanctions may attempt to use fintech services to evade the economic restrictions against them. Fintech firms should screen their customers against relevant international sanctions lists.”
And just who will come after violators?
What Is the Office of Foreign Assets Control?
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) is in charge of administering and enforcing U.S. economic and trade sanctions. As The National Law Review has explained, OFAC regulations prohibit engaging in transactions with “blacklisted” foreign governments, companies, and individuals designated on its sanctions list.
Current Deputy Secretary of the Treasury Wally Adeyemo has made it clear the department believes in fintech and the innovations the industry has promised, even when it comes to global financial transactions. At a conference last fall, he told an audience of fin-techies, “You see cryptocurrency and related fintech innovations as ways to make the global economy easier to navigate for everyone. … We hope that technology will help reduce the cost people pay to transact across borders, for example.”
But OFAC also will not look kindly on fintechs that violate sanctions laws. In fact, last October OFAC issued guidance that made it clear that cryptocurrency firms must abide by sanctions requirements. The guidance also outlined the industry’s compliance obligations.
Over the last 15 months, OFAC also has made it increasingly clear that it is willing to impose serious penalties on fintech companies that violate sanctions.
U.S. Firms Have Been Fined for Violating Sanctions
In 2020 and 2021, OFAC imposed civil penalties on at least three fintech payment services companies.
In December 2020, OFAC agreed to a $93,830 settlement with BitGo, Inc., a digital wallet management service, for apparently violating multiple sanctions programs related to digital currency transactions. The fine was ten times the value of the transactions at issue in the case, which totaled less than $10,000.
In February 2021, OFAC reached a half-million-dollar settlement with BitPay, a payment processor for merchants that accept digital currency as payment for goods and services. BitPay was responsible for 2,102 apparent sanctions violations. Cleary Gottlieb said, “The settlement highlights that financial service providers facilitating digital currency transactions must not only establish sanctions compliance programs to screen their own customers but also must monitor third-party non-customer transaction information.”
Then, in July 2021, the online money transmitter and prepaid access provider Payoneer agreed to pay nearly $1.4 million for 2,220 apparent violations of sanctions programs against Ukraine, Iran, Sudan, and Syria and for processing payments on behalf of sanctioned persons on OFAC’s List of Specially Designated Nationals and Blocked Persons.
In its Payoneer judgment, OFAC said, “This action highlights that money services businesses — like all financial service providers — are responsible for ensuring that they do not engage in unauthorized transactions prohibited by OFAC sanctions, such as dealings with blocked persons or property, or engaging in prohibited trade-related transactions with jurisdictions and regions subject to sanctions.”
Some companies are so spooked that they are even barring individuals from sanctioned countries like Iran from participating in free online conferences. As TechCrunch has explained, while it is “unclear” if sanctions apply to educational programs, last November ConsenSys Academy, an Ethereum-centric educational organization, banned 50 Iranian students from its online platform. ConsenSys told the Iranian participants that a “recent review of our records shows that you indicated that you are located in a country that we are prohibited from providing goods or services to under U.S. law.”
Other Countries Have Fined Fintech Companies for Violating Sanctions
Sanctions enforcement also is picking up in other countries.
As FinTech Futures has explained, in August 2021 the United Kingdom’s (UK) Treasury Office of Financial Sanctions Implementation (OFSI), which is responsible for administering the UK financial sanctions and penalizing violators, imposed a £50,000 civil monetary penalty against fintech company TransferGo for breaching financial sanctions related to Ukraine. FinTech Futures said, “This case may reflect a growing sanctions enforcement focus beyond ‘traditional’ financial institutions to fintech companies and payment services providers.” Indeed, the OFSI’s penalty notice to TransferGo emphasized financial sanctions do not merely apply to “traditional” financial institutions.
These steps that the Biden administration took earlier this week are likely just the initial ones. The White House also is expected to try to cut off Russia’s access to high-end microchips that are used in smartphones, computers, and medical and defense equipment, for example, and there are calls for President Biden and U.S. allies to cut off Russia’s financial system from the critical financial conduit, Swift.
With U.S. lawmakers increasingly interested in technology, cryptocurrency, and fintech firms due to privacy, antitrust, and fraud concerns, we agree with FinTech Futures, which concluded, “[F]intech companies cannot afford to neglect sanctions compliance.”