How new sanctions regime in the U.S. affects financial institutions

In October, the Biden administration released its long-awaited review of U.S. sanctions policy, outlining the approach it intends to take in the future when deploying one of the U.S.’s most powerful national security and foreign policy tools.

At a mere seven pages long, the document provides little in the way of specifics, but it does lay the groundwork for a more targeted, multilateral, results-oriented sanctions regime. The review also highlights at least one key policy area that financial institutions should pay particular attention to, which is the rising popularity of cryptocurrencies as a means for criminals to game and circumvent the U.S. financial system.

“The review itself does not have any immediate effect on specific sanctions programs,” says attorney James Treanor, whose practice areas include white-collar crime, compliance, and sanctions issues for the Washington, D.C. office of law firm Cadwalader, Wickersham & Taft. “[The review] is much more of a concept document about principles and best practices that we can expect to see implemented going forward.”

According to Irene Kenyon, Director of Risk Intelligence at FiveBy Solutions and a former senior intelligence officer for the U.S. Treasury’s Office of Intelligence and Analysis, the Biden administration is trying to implement a more “thoughtful, introspective” sanctions regime — that is, one that features “a more functional interagency process and the willingness to coordinate not just with other government agencies, but with our allies as well.”

More targeted sanctions

Often referred to as a “whole of government” approach, this emphasis on interagency communication and more coordination with allies is a significant departure from the more unilateral, go-it-alone approach to sanctions policy favored by the previous administration.

The Biden administration also wants to scale back broad embargos that inadvertently affect innocent civilian populations and implement a more precise, deliberate approach to sanctions in support of “American values” such as human rights, democracy, and anti-terrorism.

In short, the U.S.’s revised policy framework stipulates that sanctions should:

• Support a clear policy objective within a broader U.S. government strategy.
• Be the right tool for the specific circumstances.
• Anticipate and mitigate economic and political implications for sanction targets, the U.S. economy, allies, and third parties.
• Include a multilateral coordination and engagement strategy.
• Be easily understood, enforceable, and — where possible — reversible.

Precisely how these principles will be applied is still unknown, but Kenyon says the basic idea is to “identify what works and what doesn’t” and use that information to craft a more deliberate, effective, multilateral approach to sanctions policy. To that end, President Biden also recently reinstated the position of State Department sanctions coordinator, which has been vacant since 2017.

According to Kenyon, targeted sanctions provide the U.S. with a number of advantages and options.

First, targeted sanctions avoid many of the problems that broad embargoes can cause in sanctioned countries, particularly among poorer populations that tend to suffer the most.

Second, says Kenyon, “targeted sanctions allow the U.S. to push back against specific people and policies — such as human-rights abuses — that conflict with U.S. interests, without resorting to military threats.”

And third, because targeted sanctions are so specific, it is much easier to determine whether they have been effective or not.

Targeted sanctions = more complexity

For financial institutions, however, an administration that issues more targeted sanctions — as well as more exemptions, general licenses, and other diplomatic carrots and sticks — is likely to require a more thorough and diversified approach to sanctions compliance. And, according to Cadwalader attorney James Treanor, the trend toward more nuanced, targeted sanctions will almost certainly have a significant impact on compliance professionals.

“More targeted sanctions will definitely make compliance more difficult for financial institutions. It’s relatively easy to screen an entity or person against the Specially Designated Persons and Blocked Persons List (SDN),” says Treanor, “but it gets more complicated when you’re trying to parse different types of activity with an entity where — with certain Russian banks and companies, for instance — you can continue to process payments, say, but you could be prohibited from dealings in their debt or equity.”

The crypto conundrum

Perhaps the most significant portion of the review pertains to the rise of various digital currencies as a way for criminals to operate outside of the U.S. banking system, potentially diminishing the effectiveness of U.S. sanctions and undermining the strength of the U.S. dollar.

“Digital currencies allow the creation of what is essentially a parallel financial system, one that isn’t necessarily tied to the U.S. financial system or institutions over which the Office of Foreign Assets Control (OFAC) and other agencies have jurisdiction,” says Treanor. “In some ways, these tools seem almost custom-made for those who wish to limit their potential exposure to U.S. sanctions — a risk that is specifically addressed in the Treasury review.”

The criminal potential of cryptocurrencies is such a concern that, a week before Treasury released its sanctions review, OFAC issued its own set of crypto guidelines and best practices for financial institutions and digital currency operators. OFAC’s guidance was essentially a warning to all “technology companies, exchangers, administrators, miners, and wallet providers” that the digital nature of their businesses does not relieve them of the responsibility for developing and implementing sanctions-related risk-assessment programs, nor does it mean they can’t be penalized or prosecuted.

At the end of September, in fact, OFAC released its first-ever crypto-based sanction against a Russia-based crypto exchange called Suex for laundering more than $160 million in bitcoin and being linked to at least eight ransomware variants. In a separate case, the Financial Crimes Enforcement Network (FinCEN) fined the digital currency exchange BitMEX $100 million for operating for six years without implementing an anti-money laundering/customer identification program or reporting suspicious financial activity, among other violations.

All of these actions combined signifies the degree to which the U.S. government has elevated the regulatory oversight of virtual currencies to the top of its priority list.

Don’t wait — be proactive

For financial institutions involved in — or planning to get into — the digital currency space, the big takeaway from Treasury’s sanctions review is that regulatory scrutiny of digital transactions is only going to get tighter, so now is the time to assess and revise compliance programs to make sure they are consistent. Furthermore, there is no need to wait for further guidance from the Treasury, because OFAC has already issued a list of best practices for virtual currency management and regulatory compliance.

In principle, there is nothing new in these virtual best practices, either. As with normal know-your-customer (KYC) procedures, they include:

• Regular and ongoing risk assessments
• Monitoring for activities and relationships associated with sanctioned jurisdictions and persons
• Regular sanctions list screening
• IP address tracking and blocking
• Use of geolocation tools
• Regular testing and auditing of screening protocols
• Ongoing mandatory sanctions training

But as FiveBy Solutions’ Irene Kenyon notes, many financial institutions only do the bare minimum required by law for sanctions screening. Consequently, she says, the most likely result of the U.S.’s change in sanctions strategy is going to be increased pressure on financial institutions to beef up their due diligence and KYC protocols concordant with Treasury’s efforts to be more precise about the targeting of sanctions.

“As the government focuses on more precise and targeted sanctions on specific issues, financial institutions and other U.S. firms will need to pay extended attention to possible targets and get out of the habit of simply screening against sanctions lists,” says Kenyon. “This change in sanctions strategy is going to require greater due diligence on the part of financial institutions. They really need to know their customers on a much more granular level, because that’s what Treasury is expecting.”