On September 20, 2021, the Biden administration announced its intention to end all COVID-related geographic travel suspensions, beginning in November 2021. Travel suspensions are currently in place for Brazil, China, India, Ireland, Iran, the Schengen countries, South Africa, and the UK. In lieu of these restrictions, all travelers to the United States will be required to verify full COVID vaccination. The vaccination requirement is in addition to the current requirement that all individuals present proof of a negative COVID test as a condition of embarking on travel to the United States.
On September 9, 2021, the long-awaited recast of the EU Dual-Use Regulation (the Regulation) will enter into force. It provides for new rules on cyber-surveillance technology, the provision of technical assistance, as well as export restrictions for reasons of public security and human rights considerations. Additionally, the new Regulation provides for large project authorizations as well as two new EU General Export Authorizations.
Like the United States and other like-minded countries, the EU regularly uses targeted financial sanctions against foreign organizations, legal entities, and individuals as a proportionate response in situations where an international disagreement or a crisis cannot effectively be resolved by conventional instruments of diplomacy, or to give weight to its demands against foreign powers. The procedure for the adoption of financial sanctions by the EU is in principle governed by strict standards as concerns due process and the respect of the rule of the law. However, when the parties targeted by sanctions seek legal redress, they are often frustrated by the outcome. This is illustrated by two judgments of the EU General Court in a matter involving Viktor Yanukovych, the former President of Ukraine, and his son, Oleksandr Yanukovych (see cases T-303/19 and T-302/19).
In 2015, the People’s Republic of China (PRC) enacted the first part of its comprehensive data security regime with the promulgation of the State Security Law, which provided a statutory basis for the construction of a nationwide network and information security system. The Cybersecurity Law (CSL), which followed in 2017, addressed cybersecurity protection and introduced the concept of a “Critical Information Infrastructure Operator” (CIIO). Subsequently, other laws, regulations, and rules have been promulgated addressing the requirements of China’s digital economy, related state security matters, and personal information privacy rights. Among those, the Data Security Law (DSL) became effective on September 1, 2021, and the Personal Information Protection Law (PIPL) will go into effect on November 1, 2021. After subsidiary regulations and rules addressing implementation of the DSL and PIPL have entered into force, China’s new data security architecture should be largely complete.
On August 20, 2021, the Biden administration issued a new Executive Order (“EO”) entitled “Blocking Property with Respect to Certain Russian Energy Export Pipelines.” At the same time, the Treasury Department’s Office of Foreign Assets Control (“OFAC”) added five entities and 13 vessels to the List of Specially Designated Nationals and Blocked Persons (“SDN List”) under the new EO.
These developments – the latest in a series of US actions related to the Nord Stream 2 and TurkStream pipelines – suggest that the United States is attempting to strike a balance between formally opposing the Nord Stream 2 project and cooperating with major allies who favor the pipeline’s completion, such as Germany. Importantly, the sanctions under the new EO are not as incrementally significant as they may seem: of the 18 new SDNs, all but four (two entities and two vessels) were already subject to sanctions under the Protecting Europe’s Energy Security Act of 2019 as amended (“PEESA”), which were imposed in May 2021 and were virtually identical to the new sanctions. Rather than reflecting a more aggressive US stance in opposition to Nord Stream 2, the new EO appears to be driven primarily by legal technicalities including a limitation on the sanctions that could be imposed under PEESA.
On July 20, 2021, the European Commission published its long-awaited legislative package titled “Anti-money laundering and countering the financing of terrorism” as announced in the Commission’s 2020 Action Plan for a comprehensive EU policy on preventing money laundering and terrorist financing (ML/TF).
As expected, the proposals seek to harmonize the application of more detailed anti-money laundering and counter-financing of terrorism (AML/CFT) rules, by suggesting to create an EU-level AML authority, to strengthen the supervisory framework and further harmonize and detail EU AML/CFT rules, and to adapt such rules to digitalization and technological innovation. Further, in promoting higher disclosure and transparency requirements, the proposed legislation could have far-reaching consequences in relation to those transacting or using cryptocurrencies.
In this Client Alert, we provide an overview of the four Commission proposals, including the creation of a new EU AML Authority (AMLA).
On August 9, 2021, the United States, United Kingdom and Canada announced further coordinated sanctions to mark one year since the allegedly fraudulent 2020 Belarusian presidential election in response to the continued undermining of democracy and human rights violations by the Lukashenko regime. The new sanctions follow the imposition by the United States, United Kingdom, European Union and Canada, on June 21, 2021, of targeted financial sanctions against dozens of individuals and entities as well as EU sectoral-style sanctions against certain sectors of the Belarusian economy, as discussed in our June 28, 2021 blog post.
On August 5, 2021, HM Treasury’s Office of Financial Sanctions Implementation (“OFSI”) announced a GBP 50,000 monetary penalty against TransferGo Limited (“TransferGo”) for multiple breaches of The Ukraine (European Union Financial Sanctions) (No. 2) Regulations 2014 (the “UK Regulations”).
According to OFSI’s penalty report, TransferGo, a fintech company, transferred funds to accounts held by non-designated persons with the Russian National Commercial Bank (“RNCB”), an entity subject to an asset freeze. This resulted, according to OFSI, in 16 transactions made between March 20, 2018, and December 18, 2019, in which TransferGo “made funds available to a person designated under Council Regulation (EU) No 269/2014” (the “EU Regulation”) (i.e., RNCB).
The TransferGo case represents the fifth use of OFSI’s civil monetary penalty powers since they were introduced under Part 8 of the Policing and Crime Act 2017 (“PACA”). While OFSI’s enforcement priorities remain somewhat unclear given the relatively limited use of its powers to impose monetary penalties, the TransferGo case provides some useful hints.
OFSI is not only interested in traditional financial institutions
The TransferGo enforcement action underscores that OFSI has its sights set on fintech and other companies, “not just traditional financial institutions.” The TransferGo case – like OFSI’s 2019 enforcement action against Telia Carrier UK Limited (“Telia”) – suggests that OFSI’s investigations may continue to cover a broad range of sectors.
The value of OFSI’s penalties is fluctuating, but OFSI’s discretion as to what is “reasonable and proportionate” is at least as important when calculating penalties as the value of the funds/resources at issue
Under the PACA, OFSI has the discretion to determine the amount of a penalty up to the greater of GBP 1,000,000 or 50 percent of the value of the funds or resources involved in a sanctions breach. The version of OFSI’s Monetary Penalties for Breaches of Financial Sanctions Guidance (the “Guidance”) applicable to the TransferGo case states that, in calculating a penalty, OFSI has regard to what is “reasonable and proportionate.”
TransferGo’s penalty of GBP 50,000 related to transactions with a combined value of GBP 7,764.77. The maximum possible penalty was therefore GBP 1,000,000. TransferGo did not receive any voluntary disclosure discount on its penalty, as some of the pertinent transactions were only disclosed in response to information requests issued by OFSI.
The GBP 50,000 penalty imposed on TransferGo was therefore based on what OFSI considered to be a reasonable and proportionate penalty, taking into consideration a range of factors, including that TransferGo:
- is a FCA regulated authorized payment institution with knowledge of sanctions;
- issued instructions to send payments to accounts of individuals resident in Crimea using a Russian Bank Identification Code that identified RNCB as the receiving financial institution for the payments;
- demonstrated a poor understanding of financial sanctions throughout its engagement with OFSI;
- failed to inform OFSI of the breaches as soon as practicably possible, despite being a relevant institution under the UK Regulations; and
- fully cooperated with OFSI and promptly provided all information which was requested of it during OFSI’s investigation.
The approach to penalty calculation in the TransferGo enforcement action appears to echo OFSI’s move toward the more holistic assessment of cases, as reflected in recent revisions made to the Guidance concerning the connection between the value of a sanctions breach and the available penalty amount.
The importance of due diligence
The TransferGo enforcement action communicates OFSI’s position that a person transferring funds to accounts held by non-designated persons with designated banks breaches the prohibition in the UK Regulations on making funds available to a designated person if the person knew, or had reasonable cause to suspect, he/she/it was doing so.
OFSI’s penalty report makes clear its expectation that companies and individuals must ensure that they carry out due diligence on both the parties to transactions and the banks and financial institutions involved in those transactions to ensure that financial sanctions are not breached.
There is not always benefit to be derived from appealing OFSI’s initial penalty
Both Standard Chartered and Telia benefited from appealing OFSI’s initial penalty decision in previous enforcement actions. After challenging OFSI’s penalty decision through ministerial review, the Economic Secretary to the Treasury (the “Minister”) reduced Standard Chartered’s total penalty by GBP 11,030,000 (approximately 35 percent), having concluded that OFSI should have given greater weight to certain mitigating factors when calculating the penalty. Telia also had its penalty reduced on appeal by over 50 percent. These cases suggested that the subjects of OFSI enforcement actions may achieve significant penalty reductions by exercising their right to ministerial review under Section 147 of the PACA.
The TransferGo enforcement action goes against that nascent trend. Having reviewed the case materials, the Minister upheld OFSI’s decision both to impose the penalty on TransferGo and on the amount of the penalty, concluding that the initial penalty was “within the range of reasonable and proportionate options open to OFSI.”
It also is worth noting that the Minister rejected TransferGo’s request for anonymity in the event that its penalty was upheld following the ministerial review process. The Minister considered anonymizing the penalty to be contrary to the objectives of OFSI’s sanctions enforcement regime and not in the public interest.
OFSI will continue to investigate and impose penalties for financial sanctions breaches occurring under EU sanctions regulations
The sanctions breaches in the TransferGo case occurred prior to the end of the Brexit transition period in 2018 and 2019 and were therefore breaches of the relevant EU Regulation. The case underlines OFSI’s commitment to continue investigating and, where appropriate, imposing monetary penalties for breaches occurring under EU sanctions regulations prior to the end of the Brexit transition period on December 31, 2020.
- Sanctions compliance for fintech and non-financial institutions is of growing importance, as OFSI has demonstrated its appetite for bringing enforcement actions for financial sanctions breaches in a range of sectors.
- It is crucially important for companies and financial institutions to conduct robust due diligence checks to ensure that they understand with whom they are doing business. Implementing such steps will enable companies/financial institutions to mitigate their potential risk through, among other things, the early identification of designated persons involved in potential transactions.
- The investigation and disclosure to OFSI of potential breaches of financial sanctions should be undertaken carefully and with appropriate cooperation, to maximize the likelihood of a swift and satisfactory outcome. While OFSI’s penalty report acknowledged TransferGo’s full cooperation with OFSI’s investigation, it also stated that “had TransferGo voluntarily disclosed these transactions it could have received a discount of 50% of the baseline penalty amount.”
On June 24, 2021, US Customs and Border Protection (CBP) issued a Withhold Release Order (WRO) pursuant to 19 USC 1307 against Xinjiang, China-based Hoshine Silicon Industry Co. Ltd. and its subsidiaries (Hoshine). The WRO instructs CPB personnel to detain shipments of silica-based products produced by Hoshine and its subsidiaries, including “materials and goods (such as polysilicon) derived from or produced using those silica-based products.”
On the same day, the US Commerce Department’s Bureau of Industry and Security (BIS) added Hoshine Silicon Industry (Shanshan) Co., Ltd and four other Xinjiang-based companies to the Entity List based on allegations of their participation “in the practice of, accepting, or utilizing forced labor” in their production processes.
On June 23, 2021, the Department of Labor (DOL) published a Federal Register notice updating its List of Goods Produced by Child Labor or Forced Labor (TVPRA List) to include polysilicon from China.
Meanwhile, the US Senate Foreign Relations Committee (SFRC) advanced a bill that, if passed, would impose additional restrictions on the importation of goods from China’s Xinjiang Province.
China’s Anti-Foreign Sanctions Law (the “Law”), which was enacted and became effective on June 10, 2021, authorizes the Chinese government to develop an “anti-sanctions list” and to impose countermeasures on listed persons involved in “discriminatory restrictive measures.” It also creates a private right of action for Chinese citizens and organizations to sue in a Chinese court.
The anti-sanctions list and related countermeasures resemble some of the measures that have already been taken by the Chinese Ministry of Foreign Affairs (“MOFA”), which has announced sanctions against dozens of organizations and individuals in the U.S. and other countries in connection with issues relating to Xinjiang, Hong Kong, and Taiwan. Some of those previous sanctions have included denial of entry into China, a prohibition against conducting business with China, and in some cases also freezing of assets. In addition, the Chinese Ministry of Commerce (“MOFCOM”) announced an “Unreliable Entity List” regime in May 2019 (see our previous blog post on this here), which similarly targets foreign entities, e.g., for taking “discriminatory measures” against Chinese individuals or organizations. However, unlike the MOFA sanctions, MOFCOM has not yet taken any actions under the Unreliable Entity List regime. Most recently, MOFCOM promulgated Rules on Counteracting Unjustified Extraterritorial Application of Foreign Legislation and Other Measures (the “MOFCOM Blocking Rules”), released in January 2021 (see our client advisory on the MOFCOM Blocking Rules here). Those ministry-level measures had certain limitations, and the enactment of the Law has been a priority of Chinese legislators in order to provide a clearer statutory basis for administrative measures that will ultimately enhance the country’s anti-sanctions “toolkit.”
The Anti-Sanctions List and Related Countermeasures
The Law authorizes the Chinese government to create an “anti-sanctions list,” and to designate on this list individuals and organizations that directly or indirectly participate in the formulation, determination, or implementation of “discriminatory restrictive measures.” While there are still questions surrounding what specific acts are targeted, generally they include actions (a) by a foreign country, in violation of international law and “the basic norms of international relations,” (b) “using various pretexts or its own laws to contain or suppress China,” (c) to “take discriminatory restrictive measures against Chinese citizens or organizations,” and “interfere in China’s internal affairs.” This broad definition leaves considerable discretion to the Chinese government to target foreign sanctions that it finds to be contrary to China’s interests. MOFCOM’s Unreliable Entity List provisions use a similar term—“discriminatory measures,” and MOFCOM’s Blocking Rules use the term “unjustified extraterritorial application” of foreign legislation and other measures. The Law’s focus on restrictive measures that are viewed as being in violation of international law or “basic norms of international relations” similarly indicates an intent to target “extraterritorial” foreign sanctions.
The countermeasures that may be imposed on persons designated on this “anti-sanctions list” may include the following:
- denial of entry into China or deportation from China;
- freezing of assets located in China;
- prohibition against doing business with individuals and organizations located in China; and
- an undefined set of “any other necessary measures.”
In addition to the listed persons themselves, these countermeasures may also be imposed against:
- listed individuals’ spouses and immediate family members;
- listed organizations’ senior management or actual controllers;
- other organizations for which a listed individual serves as part of senior management; and
- organizations that are effectively controlled by, or in whose establishment or operation a listed individual or organization participates.
Designations on the anti-sanctions list and the imposition of countermeasures are excluded from judicial challenges in a Chinese court.
Individuals and organizations within China are required to comply with the countermeasures imposed under the Law (however, this requirement does not apply to Hong Kong/Macau unless or until the Law is added to Annex III of the Basic Law of the Hong Kong/Macau Special Administrative Region).
The Private Right of Action
In addition to providing for listing and countermeasures, the Law grants a private right of action against any organization or individual that implements, or assists with the implementation of, a foreign country’s discriminatory restrictive measures, as defined above. The Law allows Chinese parties to sue in a Chinese court for injunctive relief and damages in such cases.
This provision resembles Article 9 of the MOFCOM Blocking Rules, which allows Chinese citizens or organizations to sue “a person” for damages if the person has violated a MOFCOM prohibition order against an unjustified extraterritorial application of foreign law.
But it is not clear how this Article 12 of the Law will be implemented, including whether it will be implemented through the MOFCOM Blocking Rules or in a similar way that would require a prior MOFCOM prohibition order or an administrative action to find “discriminatory restrictive measures,” though a plain reading of the Law suggests that, unlike Article 9 of the MOFCOM Blocking Rules, the private right of action granted by the Law is not conditioned on a prior administrative action. If that is the case, it may be left for courts to determine what “discriminatory restrictive measures” are within the scope of the Law, and when a party’s implementation of such measures becomes actionable in a Chinese court.
There are additional questions about the jurisdiction of Chinese courts to hear claims under the Law in the context of international business transactions when arbitration is agreed upon as the exclusive dispute resolution mechanism under the relevant contract. China’s Supreme People’s Court has longstanding guidance stating that, if a dispute resolution clause provides for arbitration of all disputes arising out of or in connection with the contract, and one party sues under that contract, Chinese courts do not have jurisdiction over such claims. In such a situation, there is a question about whether a Chinese court would hear related claims for relief under the Law. We would expect some clarifications/mechanism that may allow Chinese courts to hear such claims at some point. Notably, the MOFCOM Blocking Rules appear to allow claims in Chinese court following the exercise of a contractual arbitration provision if an arbitration award unfavorable to a Chinese person is issued pursuant to a foreign law that has been blocked by a MOFCOM prohibition order.
“So, What Now?”
The immediate impact of the Law on the international business community is likely limited, as it largely reflects pre-existing Chinese policies, which have generally been implemented with caution to date. For the general steps that potentially affected parties may consider as part of their compliance strategies, please see our client advisory on the MOFCOM Blocking Rules here.