Category: Compliance and Due Diligence

Fentanyl. 2 mg. A lethal dose in most people. Courtesy: Drug Enforcement Administration in the public domain.

US companies transacting with chemical and pharmaceutical firms in China must conduct thorough due diligence research on their Chinese counterparts to mitigate the risk of unknowingly engaging with an entity involved in the production of fentanyl or its precursor chemicals. The White House has made combatting fentanyl a major priority, citing the dangers of illicit synthetic opioids which are easier to produce and transport and are significantly more lethal. US companies should expect increased governmental oversight and possible changes to US designations and other restrictions against Chinese firms.

  • China is the main—albeit indirect—source of fentanyl entering the United States, and despite Beijing’s ostensible efforts to control fentanyl-type drugs and related chemicals, they continue to make their way into the hands of Mexican drug cartels and subsequently into the United States.
  • As the opioid crisis tragically claims more American lives, US lawmakers are increasingly targeting Chinese entities involved in the production of fentanyl-related chemicals by introducing legislative proposals to sanction Chinese chemical manufacturers and law enforcement officials who neglect to combat the trafficking of these substances.

China now ranks as the fourth largest supplier of medicines to the United States, largely because of Beijing’s efforts to advance its domestic pharmaceutical sector by reducing the cost of drug development and aligning its regulatory framework with global standards. China’s efforts have led to the outsourcing of active pharmaceutical ingredients (APIs) to foreign countries, with China supplying the US market with 13 percent of its total APIs. Interspersed with the legitimate pharmaceutical trade with China is the shipment of fentanyl powder, precursor materials for manufacturing fentanyl, unregistered pill presses, stamps, and dies. Many of these shipments end up in Mexico, where they are used by the Sinaloa Cartel and Cartel Jalisco Nueva Generacion (CJNG)—the primary smugglers of illicit fentanyl to the United States—to manufacture fentanyl and then transported into the country.

  • The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) in May sanctioned Youli Technology Development Co., Ltd. and Yason General Machinery Co., Ltd. for their involvement in shipping pill press machinery to entities known for counterfeit pill manufacturing in the United States and Mexico.
  • The Justice Department recently charged four China-based chemical manufacturing companies with crimes related to fentanyl production and trafficking. One of the companies, Amarvel Biotech, shipped more than 200 kilograms of precursor fentanyl chemicals from China to the United States.

Despite US pressure, China is unlikely to crack down on its exports of fentanyl-related products without receiving concessions from the United States, including sanctions relief. Beijing has recently demanded that the United States remove export restrictions against China’s Ministry of Public Security’s Institute of Forensic Science—which was included on the Bureau of Industry and Security’s Entity List in 2020—in exchange for cooperation on the fentanyl crisis, suggesting that China exploits its international counternarcotics efforts to achieve its economic and foreign policy objectives. The severe punishments the Chinese government metes out for drug crimes internally compared with relatively light penalties imposed for mislabeling of precursor chemicals for overseas shipments further supports this assessment.

China’s emphasis on growth of the biotech sector has created a powerful industry that local officials may be hesitant to disrupt, making the likelihood of prosecutions of drug-related crimes, such as mislabeling of products shipped abroad, less likely. In addition, deteriorating US-China relations, China’s assertion that the US opioid crisis is the result of internal failings, and Beijing’s refusal to acknowledge the role its pharmaceutical companies play in the illicit drug trade puts the onus on US firms to research the activities of potential clients and business partners in the pharmaceutical sphere, which can be challenging since companies that are involved in the illicit fentanyl trade can also be involved in legitimate pharmaceutical business.

US companies in the chemical and pharmaceutical sectors that transact with Chinese entities should employ robust compliance teams to ensure they are not implicated in the illicit fentanyl trade, exacerbating the opioid crisis. Linguistic and jurisdictional expertise, as well as monitoring media coverage of current and potential business partners, are critical to ensuring that Chinese companies with ties to illicit fentanyl production are identified. Monitoring reports from government agencies involved in efforts to combat the fentanyl crisis can also help compliance teams identify red flags that could indicate trouble.

  • Fentanyl originating from China is primarily shipped in small quantities with high purity (above 90 percent) through intermediary transit countries and mislabeled or stated as not being for human consumption to avoid detection.
  • There is evidence of fentanyl operations moving from China to India as certain precursor chemicals become harder to obtain in China. Understanding the means through which these substances are shipped and the ways illicit actors adapt to regulations can help point to illegal operations.
  • To avoid detection Chinese and Mexican criminal networks also engage in trade of wildlife products, timber, and real estate, avoiding formal banking systems through in-kind trades. If a potential business partner in China is also involved in the wildlife trade or real estate, and accepts virtual currencies as payments, their activities may warrant a closer look.
  • Banks and financial institutions should be aware of certain typologies related to the trafficking of fentanyl and other synthetic opioids, including online sales from Chinese companies to risky jurisdictions in Mexico, where transnational criminal organizations purchase fentanyl and its precursors for manufacture and sales to the United States. The use of front companies operating in a chemical manufacturing field or shell companies that do not appear to be related to the pharmaceutical industry to collect payments should also raise red flags.

The Drug Enforcement Administration in May flagged the use of social media applications and encrypted communications platforms in fentanyl trafficking. Research into social media accounts of Chinese pharmaceutical companies and their employees could provide insights into possible illicit activities. Expert analysis can also provide insights into supply chains that could involve money laundering and chemical precursors.

Expert FiveBy analysts can help conduct the necessary due diligence while adapting to constantly changing US sanctions and export controls, as well as financial methodologies that could help your firm or financial institution avoid possible involvement in the fentanyl trade and the consequent financial penalties and reputational risk.

For a free consultation, click below.

FiveBy IntelSentry

This week’s regulatory compliance note—a tri-seal effort between the Commerce Department’s Bureau of Industry and Security (BIS), the Justice Department, and OFAC—summarized the procedures for voluntary self disclosure of potential violations of sanctions and export controls. The note also highlighted that disclosures can result in significant mitigation of civil or criminal liabilities, while also helping expose threats to US national security and foreign policy objectives.

  • The compliance note highlights that prompt, voluntary self-disclosures could result in a reduction—and, in some cases, a waiver—of the potential criminal liability.
  • If a company voluntarily self-discloses potential criminal violations, fully cooperates, and remediates the causes of violations, the Justice Department generally will not seek a guilty plea, and the company likely will receive a non-prosecution agreement and avoid a fine, although the note stresses that a non-prosecution agreement may not apply if aggravating factors exist.
  • A disclosure only to OFAC or BIS, but not to the Justice Department’s National Security Division will not qualify for the non-prosecution policy.
  • OFAC and BIS both stress that a company will significantly reduce its penalties if it discloses, researches, and mitigates the root causes of their violations in a timely manner.

Aggravating factors could include failure to have a compliance program, willful ignorance of US sanctions and export controls, or attempts to hide violations.

A thorough look at settlements reached between regulators and violators shows that voluntary self-disclosure is a significant mitigating factor in reducing fines and penalties. A settlement between British American Tobacco in April showed the company not only to have engaged in egregious conduct, transacting with North Korean entities and generating revenue for the Kim regime, but also failed to disclose the conduct and attempted to conceal it. The violations resulted in more than $508 million in fines.

In contrast, a settlement with Microsoft that same month showed that the company not only voluntarily disclosed possible violations that occurred between 2012 and 2019, but also implemented significant remedial measures upon discovery of the apparent violations, resulting in a roughly $3 million fine—a fraction of the maximum penalty.

The note highlights the importance of having a robust and comprehensive compliance program, with timely disclosure and remediation being part of the process. A self-initiated lookback at potential violations, an examination of the root causes of the violations that includes data, linguistic, jurisdictional, and legal analysis, and appropriate enhancements to existing compliance efforts can not only mitigate penalties, but also help US firms and financial institutions avoid violations in the first place.

FiveBy has the capabilities, certified sanctions specialists, data and forensic analysts, and cultural and linguistic experts to help your firm or financial institution examine root causes of possible violations, structure a comprehensive self-disclosure to regulators, and enhance compliance efforts to help avoid inadvertent violations in the future. Click below to request a free consultation.

FiveBy IntelSentry

Photo by Jingming Pan on Unsplash

The US State, Treasury, Commerce, Homeland Security, and Labor Departments, along with the United States Agency for International Development (USAID), today issued an advisory to warn US persons and companies about the involvement of illicit actors in the gold trade in sub-Saharan Africa. Issued in coordination with sanctions against four companies linked to US-designated Russian warlord Yevgeny Prigozhin, the advisory encourages US firms and individuals to strengthen due diligence practices in an effort to prevent malign actors from exploiting the sector, which is essential to the livelihoods and communities in the region.

The US government encourages responsible investments in the sector and highlights the significant potential to further develop the gold sector in the region by improving efforts to incorporate artisanal and small-scale gold mining activities into the formal gold trade in Sub-Saharan Africa, developing refining capabilities in the region, and other related activities that can help develop the industry in the region. The advisory urges responsible investments in all aspects of the gold sector in Africa, including mining, trading, refining, manufacturing, and retail.

But significant risks do exist, and US entities and individuals must be cautious to perform adequate due diligence to identify suspicious behaviors that could indicate sanctions evasion, money laundering, financing of terrorism, forced labor and other human rights abuses, corruption, smuggling, and environmental dangers to mitigate those risks.

Expert risk analysts can help your firm identify risky behaviors and file suspicious activity reports (SARs) when appropriate. Recognizing risk indicators is critical to protecting your business and preventing reputational damage. Red flags associated with money laundering, labor and human rights abuses, environmental damage, and corruption must be identified and examined. The use of cash-intensive businesses and operations, fraudulent declaration of gold as scrap, involvement of high-risk individuals, sanctioned individuals or entities, or government officials flagged for corruption, can all be indicators of illicit activities in the mining sector.

Due diligence should include a comprehensive examination of labor practices to steer clear of links to worker exploitation, including children, which is unethical and can cause significant reputational damage. Thorough research can also help US firms avoid being subject to Withhold Release Orders (WROs), which authorize the US Customs and Border Protection (CBP) to detain questionable goods at all US ports of entry unless the importer can prove the absence of forced labor in its shipment’s supply chain, which can negatively impact profits.

Specific due diligence focused on environmental concerns to avoid commercial and reputational risks associated with contributing to environmental degradation is also critical. Industry participants should identify these risks in their supply chains and work to find alternatives to mercury and cyanide used in gold mining, which damage the environment.

The designation of several entities linked to Wagner chief Yevgeny Prigozhin today targets entities involved in mining operations in the Central African Republic (CAR) and Sudan. Since several Wagner entities were designated in 2020, Prigozhin and the Wagner Group have continued to actively participate in Russia’s war in Ukraine and in various engagements across Africa, which help the Kremlin fund its aggression.

This activity has resulted in extreme violence, civilian casualties, and extensive corruption. Recent reporting indicates that the Wagner Group is working to expand its gold mining and processing operations in N’dassima in CAR, potentially earning the organization significant new income. The Wagner Group has prevented officials from visiting the region where this mine is located, raising further concerns about the extent of its operations and impact on local communities. This also allows the Wagner Group to extract and export gold outside of official channels, thus depriving CAR of royalties and other revenues.

FiveBy assesses that engagement with expert analysts to identify red flags associated with gold mining in Sub-Saharan Africa, mitigate reputational and business risks, and restrict illicit actors access to this lucrative source of funds is critical to protecting your firm from possible financial and even criminal penalties.

For a free consultation, please click below.

FiveBy IntelSentry

Shahed 129 UAV seen during the Eqtedar 40 defence exhibition in Tehran. Licensed under the Creative Commons Attribution 4.0 International license. Attribution: Fars Media Corporation

The Departments of Commerce, Justice, State, and Treasury this morning issued joint guidance on Iran’s unmanned aerial systems (UAS)-related activities. The problem of Iranian drones supporting Tehran’s proxies in the region is not new. Iran-backed Houthi rebels have been using Iran’s drones against Saudi Arabia for several years, and Iran has been providing UAS technologies and training to its proxies, such as Hizballah, HAMAS, and others for more than a decade.

Russia’s war in Ukraine has resulted in a renewed urgency to ensure that Iranian drones do not use prohibited western technologies, and we judge that the joint advisory is as much a warning to US industry about conducting enhanced due diligence of potential counterparties, business partners, and intermediaries, as it is a guidance about the threats Iran’s UAS industry poses to global peace and order and the red flags of which US firms should be cognizant.

The advisory reminds US industry that Iran relies on foreign procurement to obtain technologies for its drones that it cannot produce domestically and stresses that Tehran often prefers US-origin technologies for its UAS, including electronics, guidance systems, engines and spare parts, and flight computers. It calls attention to the applicable sanctions and export restrictions and  highlights possible penalties that could ensue for violations.

  • Failure to comply with OFAC sanctions regulations can result in civil and criminal penalties.
  • Violators of export controls under the Export Administration Regulations (EAR) can also face administrative or criminal enforcement actions. The Bureau of Industry and Security can also deny export privileges to those who violate US sanctions and restrictions against Iran.
  • The Justice Department also prosecutes defendants for willful violations of sanctions and export controls.

The US government has created multiple task forces to track violations of numerous regulations, including the Disruptive Technology Strike Force and Task Force KleptoCapture to protect US advanced technologies from acquisition and exploitation by nation-state adversaries and enforce the sweeping sanctions, export controls, and economic countermeasures imposed against Russia for its invasion of Ukraine. The creation of bodies to help identify and punish violators indicates a continuously increasing focus on enforcement of sanctions and export controls and a determination to hold violators accountable.

US technology companies should be aware of and examine closely the red flags associated with efforts to evade sanctions or violate export controls, including efforts to obscure ownership, source of funds, and embargoed jurisdictions through the use of corporate vehicles, such as shell companies. If a counterparty refuses installation, training or maintenance of the technology they purchased, this may be a red flag. Be on the lookout for email or web address spoofing and examine closely the IP addresses that differ from the customer’s stated location. These are just some of the danger signs of which US firms should be aware when selling possibly sensitive technologies.

FiveBy’s expert analysts can help provide insights into your customers, your customer’s customers, and your supply chains. They can highlight jurisdictional risks, help determine end-users, identify atypical shipping routes and risky transshipment points, and discern possible anomalies in addresses provided by intermediaries that could ship sensitive, US-origin technologies to prohibited parties or designations.

Click below for a free consultation and help protect your firm.

FiveBy IntelSentry

Courtesy of em_framing at PixaBay

OFAC today issued an alert to warn US individuals, firms, and financial institutions about possible violations of the price cap on Russian crude oil imposed last year, especially through the Eastern Siberia Pacific Ocean (ESPO) pipeline and ports on Russia’s eastern coast.

OFAC notes that Russian oil may be trading above the price cap and may be using covered services related to maritime oil transport provided by unwitting US providers. Non-US persons involved in the exports may be providing incomplete or false documentation to conceal the illegal trade.

  • The agency warns ship owners about automatic identification system (AIS) manipulation—a common sanctions evasion technique in which ships spoof their locations—as a method of disguising Russian port calls and selling Russian oil above the price cap.
  • Failure to itemize shipping, freight, customs, and insurance costs, which are not included in the price cap—is also a red flag that may indicate efforts to ship oil at a price above the cap.
  • A refusal by a counterparty to provide documentation showing that Russian oil or petroleum products were purchased at or below the price cap should also be considered a red flag for possible efforts to evade the restriction.

OFAC notes that US actors involved in commodities trades can mitigate their risk of penalties by showing good-faith efforts to comply with the price cap, such as retaining invoices, contracts, and receipts/proof of payment. Failure to properly vet counterparties and retain relevant documents can result in OFAC enforcement actions. OFAC expects that US service providers involved in commodities trading will continue to implement and perform the standard due diligence.

Engaging with experts to help navigate the complexities and challenges of Russian sanctions evasion can help US firms and financial institutions moderate the risks of regulatory penalties and reputational damage. FiveBy analysts stand ready to help you perform needed due diligence research and help identify red flags that will demonstrate good-faith efforts to obey US laws. Click below for a free consultation with certified FiveBy compliance experts who possess jurisdictional and linguistic knowledge to help mitigate your risks.

FiveBy IntelSentry

Photo credit: Michael Gaida on Pixabay

The US government’s enforcement of the Uyghur Forced Labor Prevention Act (UFLPA) is resulting in an increased number of shipments being detained at the US border, costing importers millions of dollars. The Department of Homeland Security’s enforcement efforts are exposing the underlying forced labor connections of goods imported by US companies and putting these firms’ reputations at risk. FiveBy assesses that US companies that import apparel, footwear, textile, electronics, solar panels, and automotive parts from entities with ties to China, Malaysia, and Vietnam are most at risk of losing profits and having their shipments detained or confiscated.

  • Since UFLPA went into effect last year, US Customs and Border Protection (CBP) has stopped more than 3,200 shipments, valued at more than $900 million, for inspection. Of these shipments 424—$23.82 million worth—were denied, resulting in losses for US importers. In addition, there are currently 1,723 shipments pending inspection with a total of $545.22 million hanging in the balance.
  • Of the denied shipments, many included apparel, footwear, and textile products—not surprising considering that the Xinjiang region in China produces more than 20 percent of the world’s cotton.
  • The vast majority of shipments currently pending with CBP—a total of 1,058—are electronic products, with industrial and manufacturing materials taking second place. These shipments mostly originating in Malaysia, Vietnam, China, and the Philippines, highlight the necessity of closer examination of goods with supply chains connected to these countries.
  • Products from the pharmaceuticals, health and chemicals, industrial and manufacturing, agriculture and prepared products, consumer products and mass merchandising, machinery, and base metal industries were also stopped by the CBP. These shipments mostly originated in China, Vietnam, Malaysia, Cambodia, and Hong Kong.

Customs officials in January confirmed that the majority of imports detained since the UFLPA went into effect have been solar panels made with polysilicon that was assumed to have been produced in Xinjiang. However, a report released in December by a research team at Sheffield Hallam University’s Helena Kennedy Centre for International Justice and nonprofit human rights organization, NomoGaia, also suggests that most major car manufacturers are using parts that originated in Xinjiang and were made with forced labor.

  • The exhaustive report—the culmination of a six-month investigation—found that 96 companies with ties to the auto industry were mining, processing, or manufacturing parts in the Xinjiang region, and that more than 100 international car and car part manufacturers were possibly sourcing from these companies.
  • During a recent Forced Labor Technical Expo, keynote speaker and Sheffield Hallam University professor Laura Murphy also highlighted that the school by the end of the year plans to make available in pilot form a free supply chain mapping tool. FiveBy judges that the use of this and other, similar tools will become more critical as the United States more aggressively enforces the UFLPA.

The Department of Homeland Security has created a list of entities in China tied to forced labor practices, and adding more entities to this list is one of the department’s top priorities, according to the Undersecretary for Strategy, Policy, and Plans, Robert Silvers. Persuading US partners and allies to pursue similar enforcement regimes is also high on the department’s priority list, indicating that companies with branches and subsidiaries overseas will need to understand and obey import restrictions in those countries as well.

The unique nature of the UFLPA puts the onus on the importer to provide evidence that the goods they are bringing into the United States were NOT made with forced labor – a difficult task considering the complex nature of supply chains and murky origins of many products, as well as efforts to obscure the origins of many goods to hide questionable business practices. Expert investigators can help US companies importing goods from abroad identify the origins of not only the products being shipped, but also their component parts to ensure that US firms are not engaging—even indirectly—with entities that may be using forced labor. Red flags indicating links to forced labor include companies in China that hire workers through government recruiters, provide “vocational training” and “aid to Xinjiang,” source components or other goods from factories located near detention centers, or are connected to the government’s “reeducation” efforts.

Jurisdictional and linguistic expertise, as well as monitoring developments in China and the United States and media coverage of potential business partners are critical to ensuring that goods linked to forced labor are not imported into the United States or stopped at the border, causing financial losses to the importers. A periodic review of business partners’ compliance programs can help US firms avoid financial losses, and examining all entities in the supply chain can be critical to securing the evidence CPB needs to allow the goods to enter the country. Expert FiveBy analysts can help monitor, interpret, and adapt to constantly changing US sanctions and export controls, helping protect your company’s bottom line and reputation.

For a free consultation and help with in-depth analysis of your supply chain, business partners, and other entities that may link to forced labor in Xinjiang, please click below.

FiveBy IntelSentry

Transacting in Russian-occupied territories in Ukraine has become riskier for western firms and financial institutions because Russia has been seizing businesses and schools in these jurisdictions and forcing them to register with Russian tax authorities. The new registrations and tax IDs of previously Ukrainian-owned entities make due diligence research, such as determining ownership, control, and location more challenging. US companies must ensure that they are not providing US-origin products and technologies to entities that are now controlled by Russia and that could support Russia’s operations and reeducation programs in Ukraine.

Certified FiveBy experts understand how to identify Ukrainian entities that may have been seized by Russia.

We have found that more than 2,000 entities in Ukraine have been registered as Russian companies, presenting regulatory, human rights, and reputational risks for US firms transacting in the region. Because Moscow considers these captured Ukrainian establishments to be “Russian,” software and other technologies supplied to an educational institution in Russia could be diverted to occupied Ukraine and used for military and “reeducation” activities.

  • The Russian government has seized existing Ukrainian government establishments and private businesses, as well as assets abandoned by fleeing Ukrainians, including buildings, computer equipment, and vehicles which Russian forces have used for military operations.
  • Russia has captured Ukrainian educational institutions and altered curricula in an effort to reeducate the populace. Russian administration representative in the Zaporizhzhie region, Elena Shapurova, this month signed a decree ending the compulsory study of the Ukrainian language in the region’s schools starting next fall. US-origin technologies, software, and equipment that end up in Russian-controlled schools in Ukraine could be used for reeducation purposes and to help eliminate the Ukrainian culture and identity.
  • Public procurement records reveal that Russian entities will redirect products to what appear to be other Russian entities that are registered with Russian tax IDs, but are in fact located in occupied Ukraine. The Tver government in February organized an order of laptops for educational institutions to be delivered to the Donetsk region. Supplier Gross Komp LLC is not subject to sanctions, is registered in Moscow, can purchase these laptops from western suppliers, and can forward them to the embargoed jurisdiction. Human-driven research into Russian government tenders will help catch these transactions and help prevent US goods and technologies from winding up in the hands of the Russian military or being used in human rights violations.

As Russia’s war in Ukraine rages into its second year, its military equipment has become damaged and depleted, and Moscow has turned to stripping civilian appliances for parts to repair and produce military gear. Western companies must examine their customers for possible connections to Russia’s defense sector and red flags that indicate possible diversion of dual-use components to Russia’s army.

  • Products with dual-use parts such as washing machines, refrigerators, and fans produced by western firms such as EBM, Schneider Electric, NMB-MAT, Siemens, GWE, and Ziehl-Abegg were purchased in December by Moscow-based Soyuzmetallservis LLC. Although the company’s main business activity is “wholesale trade in metals and metal ores,” its general manager Sergei Antonov also manages two metal producers in embargoed Donetsk that have a prewar history of producing metals and alloys for Russia. In addition, the company’s ultimate beneficial owner, Evgeny Yurchenko, has close ties to the Russian military-industrial complex.

Companies that sell seemingly innocuous goods such as education software, personal computers, and appliances to Russian entities could be penalized for violating export controls if they do insufficient research into end-users, and if their products wind up supporting Russia’s war in Ukraine. Significant reputational damage can also result from inadequate due diligence. FiveBy can help US companies conduct enhanced due diligence research on their business partners, customers, supply chains, and end-users to prevent financial penalties and reputational harm.

Contact FiveBy for a free consultation and reduce your risks.

FiveBy IntelSentry

Courtesy of Pixabay

Executive Summary

The US government is taking a more hardline posture to enforce sanctions and export controls, which almost certainly will result in increased financial and criminal penalties for violators. Since Russia began its invasion of Ukraine in February 2022, US regulators have significantly expanded sanctions and other restrictions against Moscow and widened the scope of export controls to prevent Russia from obtaining the critical goods and technologies it needs to continue its war.

We judge that the increased focus on enforcement of existing sanctions and export controls will substantially impact banking and financial services, technology companies, and manufacturers of defense materiel. Applying a heightened, risk-based approach to supply-chain and end-user research will become more critical to avoiding regulatory penalties and possible criminal prosecution.

Enhanced Global Efforts Against Evasion

The Justice and Commerce departments on February 16, 2023 launched the Disruptive Technology Strike Force that will investigate and prosecute violations of export controls. The strike force is part of an increased enforcement focus that could result in financial and criminal penalties for noncompliant companies. Its priorities include preventing authoritarian governments, such as China, Iran, Russia, and North Korea from acquiring equipment that supports their military and mass surveillance operations. Agencies such as the Bureau of Industry and Security (BIS), FBI, and Homeland Security Investigations will work to protect sensitive US-origin technologies “related to supercomputing and exascale computing, artificial intelligence, advanced manufacturing equipment and materials, quantum computing, and biosciences.”

But the United States is not alone.

  • Germany plans to crack down on companies that help Russia evade sanctions and export controls, including threatening criminal prosecution for false export declarations. Companies will have to provide transparent “end-use statements,” guaranteeing their goods will not be sent to Russia.
  • The European Bank for Reconstruction and Development in February began investigating a sharp increase in Russian imports from its neighbors, coinciding with a drop in western imports due to tighter restrictions. These neighboring countries are probably an evasion route for Russia to gain access to critical technologies and other goods.
  • The G7 nations are creating a new tool to coordinate enforcement of existing sanctions against Russia in an effort to improve compliance. The “Enforcement Coordination Mechanism” will improve information sharing, including about countries and firms suspected of aiding Russia’s war in Ukraine by facilitating sanctions evasion or helping Russia access prohibited tools and technologies.
  • The EU plans to ask third countries that have seen a surge in imports from the EU of advanced technologies and other goods that could be used for military purposes by Russia to enhance trade monitoring. The EU’s foreign policy chief Josep Borrell recently highlighted that the bloc will begin punishing third countries and third parties for helping Russia evade financial and export restrictions.

Recognizing the Risks

Russia’s military is highly dependent on western technology, lacking domestically produced analogues. As western export controls and sanctions enforcement efforts become more stringent, Russian individuals, entities, and their facilitators have increased efforts to develop more sophisticated evasion techniques that will allow them to acquire restricted products.

Despite Russia’s long history of sanctions and export-control evasion, many western companies had insufficient compliance measures in place even before last year’s invasion of Ukraine. However, stopping Russia’s aggression became a major US foreign policy objective last year, and increased enforcement almost certainly makes these companies vulnerable to regulatory penalties, criminal charges, and reputational risk.

A Tri-Seal Compliance Note released by the Commerce, Treasury, and Justice Departments this month highlights the increased risks of evasion and export control violations. The note calls for companies to “include controls tailored to the risks the business faces, such as diversion by third-party intermediaries.”

The joint Financial Crime Enforcement Network (FinCEN) and BIS alert released last year similarly outlines red flags indicating Russian sanctions and export control evasion, many of which are complex and require nuanced expertise to detect. To limit their exposure, companies must conduct comprehensive investigations into current and potential customers and business partners, adapt to the changing regulatory environment quickly, and develop a comprehensive understanding of the risks particular to its business.

Recent incidents examined by FiveBy Solutions show the importance of enhanced and tailored due diligence approaches that require more extensive research and understanding of supply chains, Russia’s business environment, and contract terminology, as well as sanctions, export controls, and other restrictions imposed against Russia after its invasion.

The nature of a customer’s underlying business (specifically military or government-related work), type of service(s) or product(s) offered, and geographical presence pose additional export control evasion risks by Russian and Belarussian entities. Inadequate Know Your Customer (KYC) measures can lead to product diversion—a critical threat to a company’s reputation and bottom line.

Last year, a Reuters investigation found that the publicly traded US company Extreme Networks provided Russian missile manufacturer MMZ Avangard with more than $500,000 in “computer networking equipment for its office IT systems.” MMZ Avangard possibly obtained the equipment through a surrogate buyer, “a seemingly innocuous corporation near Moscow.” Extreme Networks’ management also dismissed compliance concerns about the sales raised by multiple employees. Management commitment, which is one of the pillars of an effective sanctions compliance program, would have helped the company avoid the resulting adverse media, reputational damage, and possible regulatory penalties.

  • Although Extreme Networks’ equipment was provided to MMZ Avangard through an intermediary, the company’s lack of concern about the end-user of its equipment undermined a major US foreign policy objective, damaged the company’s reputation, and possibly exposed it to fines or criminal prosecution. A more sophisticated analysis of the intermediary beyond a surface-level list check, including analysis of the company’s contracts and end-users, could have helped prevent these transactions.

The media this month reported that Haas Automation has sold machinery and components to Russian holding company Abamet, which is selling US technologies to Russian military entities. Although Abamet is not currently included on OFAC’s Specially Designated Nationals (SDN) list or the Entity List, it almost certainly will wind up restricted after being highlighted in media reports.

  • Haas denied the allegations, claiming that it stopped doing business with Russia in March 2022. But Haas also admitted that its components and machinery could have changed ownership without its knowledge, highlighting the importance of identifying the end-users of products and considering possible reputational damage should they wind up in restricted hands.

Transactions involving entities whose website or business registration states the entities work on “special purpose projects.”

Russian companies rarely list “special purpose projects” as their primary business activity, and this is a red flag that indicates an entity’s possible involvement in military/security activities. These entities often list other, seemingly innocuous activities as their lines of business on their websites, and some entities do not have a web presence at all—another red flag. Linguistic expertise and knowledge and understanding of Russian business culture can be critical in determining the level of risk these companies represent.

Aiburg JSC has minimal web presence, but an in-depth investigation by FiveBy found that the entity develops systems for drones and manned aircraft. These activities on their own might not necessitate evasion of export controls, and Aiburg is not included on the Entity List or the SDN list. These, however, are dual-use technologies, and additional research found that the entity has worked on testing and documenting software for military unmanned aerial systems (UAS) control systems. An entity such as Aiburg JSC needs to be treated with extra caution and the end-users for US-origin technologies sold to Aiburg JSC need to be closely examined to avoid the risk of running afoul of export control restrictions.

Transactions involving companies that are physically co-located with or have shared ownership with an entity on the BIS Entity List or the Treasury Department’s SDN List.

Russia-based PNPPK-Kvantek LLC is not on the BIS Entity List or subject to OFAC sanctions, but it is registered at same address as its largest shareholder, BIS-listed Perm Scientific-Industrial Instrument-Making Company PJSC. PNPPK-Kvantek LLC’s main “official” activity is production of communication devices and manufacture of electronics and software. Its BIS-listed parent produces navigation, meteorological, geodetic, geophysical, and similar instruments, apparatus, and instruments for Russian military and intelligence agencies.

  • PNPPK-Kvantek presented Perm products at Army-2019, Russia’s high-profile, annual military expo demonstrating new military technology developments. Although PNPPK-Kvantek does not appear on any sanctions lists, expert analysis indicates that the company is directly linked with its parent and could potentially divert US origin technologies to the restricted shareholder with which it shares an address.

Conclusion

Russia’s resolve to continue fighting in Ukraine and its dependence on western technologies for its military hardware indicates that Russian entities will continue developing new and more complex methodologies to evade export controls and financial restrictions. US firms must enhance their compliance measures, given regulators’ more aggressive approach to sanctions and export control violations aimed at preventing Russia from gaining access to prohibited US-origin technologies. Inadequate compliance programs will almost certainly result in severe fines, criminal charges, and negative media exposure.

FiveBy’s expert, certified analysts can help companies navigate the increasingly complex regulatory and evasion environment as Russia’s war in Ukraine rages on. In-depth analysis can help mitigate the increased risks for both US and non-US companies, and jurisdictional expertise will almost certainly help expose higher-risk customers and business partners, examine complex supply chains, and help strengthen controls.

FiveBy is a specialized risk intelligence consultancy with unique expertise in compliance and fraud management. Companies and organizations contact FiveBy when they see risks that could affect their reputation and regulatory risk, their ability to support customers, their intellectual property, or their bottom line. FiveBy provides unique insight and experience to transform these risks into opportunities. Our tech and business savvy, our certified compliance experts, and our proven track record, means you can rely on us to address those vulnerabilities, enabling you to focus on your day-to-day business. Whether you work with FiveBy on an assessment, to address a one-off incident, or to create robust processes to address future risks – we’ll always be in your corner. We stay ahead of the game, so you don’t have to.