September 26, 2022

Volume XII, Number 269


September 23, 2022

Subscribe to Latest Legal News and Analysis

KYC in a Digital World, How New Sanctions and AML Expectations Have Upped the Stakes and What you Need to Do About it

“Know your customer” is a bed rock principle of anti-money laundering and sanctions compliance programs, but it’s not always easy, particularly as more sophisticated and aggressive players have taken the field in recent months.  For example, in response to Russia’s invasion of Ukraine, the United States has issued sweeping sanctions and export control measures against Russia’s banks, elites, and other state firms, all of whom could be lurking in proposed transactions. The Biden Administration has warned companies that it is ramping up efforts to enforce these new measures, and put the world on notice of potential consequences.

On Friday of last week, the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) issued another round of new guidance clarifying that U.S. citizens and companies are required to comply with very broad sanctions against Russia, including when “facilitating” transactions using cryptocurrency. Consistent with a whole-of-government approach, the Department of Justice (DOJ) also recently announced the launch of an interagency task force, the KleptoCapture Task Force, that will seek to ensure the full effect of the sanctions “by targeting the crimes of Russian officials, government-aligned elites, and those who aid or conceal their unlawful conduct.” The following day, the DOJ announced the indictment of a U.S. citizen for providing services to a Russian individual sanctioned in 2014, during the previous round of Russia/Ukraine sanctions. The complex web of sanctions issued by the U.S. and its allies continue to expand on a near-daily basis, creating increased risk for U.S. businesses. The DOJ Task Force has vowed to “leave no stone unturned” in its effort to investigate and prosecute those who endeavor to evade sanctions. U.S. companies thus should anticipate increased efforts by DOJ, Department of the Treasury, Department of Commerce, and other federal agencies to aggressively investigate violations of sanctions and export control measures, which continue to evolve.

This heightened enforcement posture by the Administration presents a significant regulatory challenge to U.S. entities, especially financial institutions and FinTech companies. In an expanding digital world, it becomes easier for sophisticated individuals and entities to disguise identities, nationalities, and location, especially when they may be aided by tier one foreign state actors. U.S. entities with global operations should continue to conduct the robust due diligence to examine all potential ties to Russia, including the extent to which they have operations, customers, business partners, vendors, and employees in this region. Companies should also ensure that KYC and anti-money laundering (AML) controls are in place and meet or exceed industry standards and government expectations, including but not limited to conducting a full review and strengthening of the following features of their programs:

  • Geolocation screening;

  • Programs to reliably identify a customer’s counterparties;

  • IP address monitoring; and

  • Contemporaneous OFAC list screening programs, including utilizing so-called “fuzzy logic tools.”

Many government officials and agencies, such as FinCen, also have expressed concerns about Russian actors using cryptocurrencies to evade sanctions. An executive order issued by President Biden on March 9 cautioned that digital assets “may also be used as a tool to circumvent United States and foreign financial sanctions regimes and other tools and authorities.” Enhanced diligence is warranted by U.S. companies given that sanctioned Russian entities and individuals have been known to use complex, sophisticated techniques, including using shell companies and cryptocurrencies, to obscure ownership and financial flows.

Depending on the circumstances, companies may wish to consider engaging outside counsel and consultants to navigate export controls and sanctions risks. The Biden Administration’s recent actions make it clear that Treasury, DOJ and other agencies  have devoted considerable resources to lead and energize an interagency effort to ensure the efficacy of U.S. sanctions on Russia by targeting violators and their facilitators, and U.S. companies should prepare accordingly to mitigate legal, reputational and commercial risks.

© 2022 Bracewell LLPNational Law Review, Volume XII, Number 75

About this Author

Seth DuCharme Insurance Lawyer Bracewell LLP

Seth DuCharme draws on his 14 years of experience as a senior-level law enforcement officer to advise companies and individuals on cases involving cybersecurity and breach response, Foreign Corrupt Practices Act (FCPA) diligence and litigation, export controls, sanctions compliance and anti-money laundering.

Seth served in the United States Attorney’s Office for the Eastern District of New York from 2008 through 2021. He held various positions at the Eastern District, including Chief of the Criminal Division, Chief of the National Security & Cybercrime Section, and Acting United...

Brittney Justice Litigation Attorney Bracewell

Brittney Justice represents clients across a range of industries in litigation and government enforcement and investigations in federal and state courts. She provides advice on diverse matters, including securities litigation, complex commercial disputes, environmental claims and government investigations. 

Prior to joining Bracewell, Brittney was a legal intern with Texas’ First Court of Appeals.