On May 15, 2024, the Sanctions (EU Exit) (Miscellaneous Amendments and Revocations) Regulations 2024 was laid before parliament (“Regulations”).  Among other things, the Regulations included a package of new trade sanctions measures under the UK’s Belarus sanctions regime targeting aluminum, as well as expanding sanctions on electronics (including semiconductors, electronic integrated circuits, and the machinery / apparatus needed for their manufacture), navigational instruments and appliances, aircraft, spacecraft and related parts.  The new trade sanctions came into effect on May 16, 2024.

Continue Reading UK Imposes New Trade Sanctions on Belarus

This month has seen HM Treasury’s Office of Financial Sanctions Implementation (“OFSI”) roll out a new FAQ guidance format, as well as update a number of its existing guidance documents. In particular, OFSI has introduced changes to its enforcement and civil monetary penalties guidance, as well as to its general financial sanctions guidance in relation to the assessment of licence applications under the “extraordinary expenses” and “extraordinary situations” licensing grounds. Following the introduction of secondary legislation amending a number of UK sanctions regimes on May 15, 2024, corresponding changes also have been made to a range of OFSI guidance documents and other materials.   

Continue Reading A Round-Up of Recent Changes to OFSI Financial Sanctions Guidance

On May 10, 2024, the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an Interim Final Rule, effective August 8, 2024 (the “IFR”), that clarifies the scope of OFAC’s rejected transaction reporting requirement, and introduces other amendments to the Reporting, Procedures and Penalties Regulations (“RPPR”) at 31 CFR Part 501.

While reported enforcement actions under the RPPR are not common, there are past examples, such as one that we reported on in 2016 and a 2022 enforcement action involving Nodus International Bank, Inc. (“Nodus”), an international financial entity located in Puerto Rico, for failure to maintain full and accurate records related to the handling of blocked property and inaccurate reporting of the blocked property to OFAC. Given OFAC’s increasing regulatory focus on the RPPR requirements, such as rejected transaction reporting, one can expect that the agency may increase its enforcement focus in this area as well. Therefore, parties subject to OFAC’s regulatory jurisdiction, including organizations that are not financial institutions, would be well advised to consider how to integrate these changing RPPR requirements into their compliance programs.

Continue Reading OFAC Amends Reporting Requirements – Important Considerations for Compliance

On May 8, 2024, BIS published a correction to the interim final rule, further removing license requirements for certain items under ECCN 0x5zz.

Previously, the interim final rule stated that all 0x5zz ECCNs referenced in footnote 9 to the Commerce Country Chart in supplement no. 1 to part 738 that were previously controlled for NS1 or RS1 reasons for control would continue to require a license for export to Australia and the UK based on the license requirements specified in that footnote.  However, the correction clarifies that only portions of the referenced 0x5zz ECCNs will continue to require a license.

On April 19, 2024, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) issued an interim final rule under the U.S. Export Administration Regulations (“EAR”) that significantly streamlines export controls on certain defense-related technology products to Australia and the United Kingdom (“UK”). Aimed at enhancing technological innovation among the three countries in furtherance of the Australia, United Kingdom, United States (“AUKUS”) Trilateral Security Partnership, the interim final rule removes license requirements, expands the availability of license exceptions, and reduces the scope of end-use and end-user-based license requirements for exports, reexports, and transfers (in-country) to or within Australia and the UK.

In a statement, BIS said that it “anticipates these changes will reduce licensing burdens for trade with Australia and the UK by over 1,800 total licenses valued at over $7.5 billion per year.” BIS also states that the cumulative effect of these export control revisions under the EAR will be to treat Australia and the UK as destinations equivalent to Canada. BIS is soliciting public comments on the impacts of these changes to ensure that the export control revisions implemented advance AUKUS objectives, as well as potential additional revisions to the EAR that would further enhance defense industrial base cooperation and technology innovation with Australia and the UK. Interested parties should consider submitting comments to BIS by the June 3, 2024, deadline.

Notwithstanding this important regulatory development, export control revisions under AUKUS related to the U.S. International Traffic in Arms Regulations (“ITAR”) administered by the U.S. Department of State, Directorate of Defense Trade Controls (“DDTC”), have not yet been promulgated. Until that action occurs, industry will not be able to assess the full extent of U.S. export control revisions and continued licensing requirements that will be implemented under AUKUS.

Continue Reading BIS Removes Significant Export Control License Requirements for Australia and the UK under the Strategic AUKUS Partnership

May 1, 2024, saw two major developments under the Australia, United Kingdom, and United States (“AUKUS”) Trilateral Security Partnership.

First, the U.S. Department of State (the “Department”) issued a notice of proposed rulemaking (“NPRM”) that would amend the International Traffic in Arms Regulations (“ITAR”) to create an exemption for certain exports, reexports, retransfers, or temporary imports of defense articles or defense services, or certain brokering activities between or among authorized users within Australia, the United Kingdom, and the United States.

Second, the UK Department for Business and Trade (“DBT”) issued Notice to Exporters 2024/09: update on AUKUS, which was accompanied by publication of a draft Open General Licence to permit the export, transfer, and supply or delivery, of dual-use goods, military goods or technology to, between, and among the AUKUS partners (“Draft AUKUS OGL”).

These developments signal clearly to industry that the AUKUS partners are committed to fostering greater cooperation across defense and critical technologies through reforms of their export controls and licensing regimes. Interested parties may wish to consider submitting comments on one or both proposals. The deadline for comments on the proposed United States ITAR rule is May 31, 2024. The deadline for comments on the UK Draft AUKUS OGL is July 1, 2024. Importantly, the NPRM for the ITAR does not yet have the force and effect of law until a final or interim final rule is promulgated. Similarly, the Draft AUKUS OGL cannot currently be relied upon and will not come into effect until a final version is issued.

United States: ITAR Exemptions

The Department’s proposed exemption would be available for all defense articles or defense services, except for those contained within a limited excluded list. The proposed rule would also introduce a provision to allow for certain transfers of classified defense articles to certain dual nationals (subject to certain requirements described below) and would codify an expedited license review process for Australia, the UK, and Canada.

Continue Reading Trilateral AUKUS Partnership Further Strengthened with Proposed New U.S. ITAR Exemptions and UK Open General Licenses

On April 24, 2024, President Biden signed HR 815, “Making emergency supplemental appropriations for the fiscal year ending September 30, 2024, and for other purposes,” into law (the “National Security Supplemental” or the “NSS”). The National Security Supplemental appropriates funds to provide security assistance to Ukraine, Israel, and US partners in the Indo-Pacific and humanitarian aid for Gaza. Alongside the appropriations measures, the National Security Supplemental includes the “21st Century Peace through Strength Act”, a collection of fourteen sanctions, export controls, and related regulatory measures targeting Iran, Russia, and China, in addition to areas of concern including narcotics trafficking, terrorist financing, and misuse of information and communications technology and services (“ICTS”).

In this post, we assess these new developments and the areas where they will likely have the greatest impact.

Continue Reading President Signs Expansive Sanctions Bill Into Law; Doubling of Limitations Period for IEEPA Violations Likely to Have Major Impact

On April 12, 2024, in a coordinated action the Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) in the United States and the Foreign, Commonwealth, and Development Office, HM Treasury, and Department for Business and Trade (“DBT”) in the United Kingdom announced expanded sanctions targeting certain Russian metals, including limiting the use of in-scope metals on the two largest global metal exchanges and in over-the-counter derivatives trading by imposing new regulations on the activities of U.S. persons and persons subject to UK sanctions jurisdiction. The United States also added restrictions related to the importation of certain Russian metals produced after a certain date (but not items made from those metals).

Continue Reading United States and United Kingdom Take Coordinated Action Against Russian Federation Metals

On April 15, 2024, the U.S. Treasury Department (Treasury), as the Chair of the Committee on Foreign Investment in the United States (CFIUS or the Committee), published a notice of proposed rulemaking (NPRM) “to enhance certain CFIUS procedures and sharpen its penalty and enforcement authorities.”  In particular, the proposed new measures would expand the authority of CFIUS to gather information related to both notified and non-notified transactions, impose more significant civil penalties on transaction parties, and alter procedures related to the negotiation of mitigation agreements.  The proposed changes to CFIUS’s regulations are meant “to more effectively deter violations, promote compliance, and swiftly address national security risks in connection with CFIUS reviews,” Assistant Secretary for Investment Security Paul Rosen said in a statement on Thursday.  This represents the first significant update to the CFIUS regulations since the enactment and implementation of the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), which significantly expanded the scope of CFIUS’s jurisdiction. 

Continue Reading CFIUS Proposes Important Changes to Foreign Investment Rules with Focus on Enforcement

On April 2, 2024, HM Treasury’s Office of Financial Sanctions Implementation (“OFSI”) published a blog post addressing financial sanctions compliance in the maritime sector.  Maritime businesses currently are a particular area of focus for UK sanctions regulators and law enforcement due to the direct and multi-faceted impact of the UK’s Russia financial, trade, and transport sanctions on the maritime sector, as well as sustained efforts to curb sanctions circumvention touching the sector.  Given the complexity of the maritime shipping sector, OFSI recommends that shipping companies, port operators, insurers, financial institutions, and other maritime businesses should adopt a proactive and comprehensive approach to ensuring their compliance with UK financial sanctions that includes elements such as due diligence, thoughtful use of technology, and increased collaboration.  The OFSI blog post sets out a range of recommended compliance best practices and techniques reflecting those themes to assist the compliance efforts of maritime businesses.

The OFSI Blog

The OFSI blog is the latest in a series of publications by OFSI focused on the maritime sector, including OFSI’s recently published financial sanctions guidance for maritime shipping.  The complex, international nature of the maritime sector, coupled with the increased use of deceptive shipping practices by those seeking to evade and circumvent the unprecedented package of sanctions imposed in response to Russia’s invasion of Ukraine, has placed a renewed focus on the sector’s management and mitigation of sanctions risk. 

The OFSI blog recommends six key steps that maritime businesses should incorporate into their compliance programmes to ensure compliance with UK financial sanctions.

  1. Customer Due Diligence

The OFSI blog identifies understanding who directly or indirectly owns and controls counterparties as a fundamental building block for UK financial sanctions compliance.  OFSI expects maritime businesses to conduct thorough due diligence that verifies the identity of customers, partners, and intermediaries before entering into a business transaction.  For example, OFSI has suggested that it may be prudent to consider the ultimate beneficial ownership of any involved ports, terminal operators, charterers, operators, cargo owners, and suppliers when conducting due diligence on a potential business transaction.

To satisfy this obligation, maritime businesses should consider collecting and maintaining key information on those they wish to do business with (and their beneficial owners) such as names, addresses, phone numbers, email addresses, and photo IDs.  This information can be used to assess and interpret the results of sanctions screening efforts against applicable sanctions lists such as the UK Sanctions List and OFSI’s Consolidated List of Financial Sanctions Targets in the UK, which details designations made in relation to a range of UK financial sanctions measures.  Maritime businesses may wish to consider performing further due diligence checks using free online tools or subscription-based resources. 

The extent of due diligence efforts should be calibrated to the level of risk posed by the proposed business transaction.  In that regard, OFSI previously has identified certain actors in the maritime sector as being particularly exposed to financial sanctions risk, including maritime insurance companies, charterers, classification societies, suppliers of cargo, customs and port state controls, flag registries, ship brokers, ship owners, bunker suppliers, shipyards, and financial institutions involved in maritime trade finance.  Maritime businesses should ensure that their customer due diligence efforts are appropriately tailored to the risk profile of their particular activities.

  1. Compliance Policies and Procedures

OFSI expects maritime businesses to establish and implement robust compliance policies and procedures that are tailored to the sanctions risks faced by the maritime industry in general, as well as the particular maritime business by virtue of the nature of its business activities.  The policies and procedures should provide clear guidelines for identifying, assessing, and mitigating sanctions-related risks across all aspects of a company’s activities, including, for example, vessel chartering, cargo handling, financial transactions, and supply chain management.  Businesses may wish to consider implementing some of the following measures as part of their sanctions compliance programmes:

  • communicating compliance expectations with counterparties, partners, subsidiaries, and affiliates;
  • developing, implementing, and adhering to written compliance policies, procedures, and controls;
  • establishing disciplinary consequences for engaging in conduct prohibited by sanctions;
  • protecting employees that disclose illicit behavior from retaliation and establishing a confidential mechanism for reporting suspected or actual illicit activity or sanctions violations; and/or
  • conducting periodic auditing of the efficacy of the sanctions policies, procedures, and controls that have been implemented.
  1. Screening Tools

The use of advanced technology and screening tools can enhance the effectiveness and efficiency of sanctions compliance efforts.  Automated screening systems can aid in the identification of potential matches against sanctions lists, flag potentially suspicious activities, and allow for the real-time monitoring of transactions and counterparties.  However, OFSI also cautions maritime businesses that they bear the ultimate responsibility for managing their sanctions risk, even if they make use of third-party technology and screening tools to assist their compliance efforts.  It is therefore good practice for maritime businesses to have a firm understanding of the search parameters and other rules applied by their third-party providers to ensure that their tools are appropriate to the needs of, and risks associated with, their business. 

  1. Training and Awareness

Regular training sessions that educate employees of maritime businesses on applicable sanctions regulations, the importance of vigilance, and their compliance obligations, should form a key pillar of a robust sanctions compliance programme.  In addition to the provision of sanctions training during the onboarding process, consideration also should be given to providing periodic refresher training and implementing additional awareness raising initiatives when new types of sanctions or new geographic sanctions regimes are introduced.  Regular communications of this kind can help to promote a culture of compliance within an organisation and encourage employees to identify and report suspicious activities and warning flags, as well as respond appropriately to compliance challenges they encounter in the course of their work.

  1. Remaining Alert to Change

To accommodate the ever-evolving nature of UK financial sanctions prohibitions and their targets, OFSI counsels maritime businesses to keep abreast of changes relevant to their activities such as the introduction of new sanctions, regulatory developments impacting the implementation or enforcement of existing sanctions, and key takeaways from sanctions enforcement actions relevant to their businesses.  This can be achieved in a number of ways, for example, by subscribing to relevant alerts and publications issued by sanctions authorities, engaging with compliance experts, and participating in industry forums.  OFSI also notes that maritime businesses must ensure that their compliance programmes and risk mitigation strategies remain fit for purpose by adapting them to respond to changing requirements in a timely manner.

  1. Information Sharing and Collaboration

The OFSI blog identifies collaboration and information sharing between industry, sanctions regulators, and law enforcement as an increasingly important tool to combat sanctions evasion and illicit activity in the maritime sector.  In particular, OFSI suggests that maritime businesses may wish to participate in information sharing initiatives, industry associations, or other public-private partnerships that create awareness of challenges particular to the maritime sector and encourage the sharing of best practices for reducing risks, as well as intelligence and insights that better enable maritime businesses to strengthen their collective efforts against sanctions breaches.  For example, vessel owners and clubs may wish to share information with banks or other financial services providers, or flag administrations could engage in regular exchanges of information with the International Maritime Organisation and parties in the Registry Information Sharing Compact. 


The compliance efforts of maritime businesses are an area of current focus for UK sanctions regulators.  To best prepare for possible future scrutiny, affected businesses should: (i) ensure that their sanctions risk assessment is up to date; (ii) benchmark their existing sanctions policies, procedures, and controls against the best practices identified in OFSI’s blog post, and maritime sector guidance recently issued by OFSI; and (iii) consider whether any adjustments or enhancement to those controls are necessary.  For more information on these developments, contact the authors of this post, Alexandra Melia or Elliot Letts, in Steptoe’s Economic Sanctions team in London.

On March 21, 2024, the Department of Commerce’s Bureau of Industry and Security (“BIS”) issued a final rule under the U.S. Export Administration Regulations (“EAR”) that imposes new export controls on certain individuals and entities identified on the U.S. Department of the Treasury’s Office of Foreign Assets Control’s (“OFAC’s”) List of Specially Designated Nationals and Blocked Persons (“SDN List”).  More specifically, the final rule imposes a BIS licensing requirement on exports, reexports, or transfers (in-country) of all items “subject to the EAR” when certain categories of SDNs are parties to the transaction.  The covered types of SDNs are designated under 11 OFAC-administered sanctions programs (as noted by BIS), including those relating to Russia, Belarus, transnational criminal organizations, and narcotics traffickers (as well as making slight changes to similar preexisting controls on SDNs designated for activities related to terrorism or proliferation of weapons of mass destruction).

The U.S. government has described these broader EAR restrictions as a “force multiplier” to complement OFAC’s jurisdiction, by allowing these controls in Part 744 of the EAR to “act as a backstop for activities over which OFAC does not exercise jurisdiction.”  OFAC’s sanctions regulations generally prohibit U.S. persons from engaging in any transactions or dealings involving SDNs and blocked parties (i.e., entities owned 50 percent or more by one or more SDNs or blocked parties), and the property or interest in property of such parties in the United States or within the possession or control of a U.S. person must be blocked (i.e., frozen) and reported to OFAC.  Non-U.S. persons can violate U.S. sanctions programs by, among other things, “causing” a U.S. person to violate U.S. sanctions.  With limited exceptions such as under the Cuban Assets Control Regulations and the Iranian Transactions and Sanctions Regulations, OFAC’s sanctions regulations generally do not specify whether they apply to transactions taking place entirely outside the United States that do not involve U.S. persons simply because the transactions involve items subject to the EAR.  This new rule aims to close this gap by providing BIS with clear authority to take export controls enforcement action in such cases where U.S. products or technologies, but not U.S. persons, are involved.   

As a result of BIS’s rule, non-U.S. persons outside the United States, who may not clearly be prohibited (absent the involvement of U.S. persons) by U.S. sanctions regulations from dealing in the property or interests in property of an SDN or blocked party, will now generally be subject to licensing requirements under the EAR if reexporting or transferring (in-country) any item “subject to the EAR” when an SDN designated under at least one of these sanctions programs is a “party to the transaction,” including as purchaser, intermediate consignee, ultimate consignee, or end user.  This underscores the guidance in the Tri-Seal Compliance Note of March 6, 2024 that non-U.S. persons have export controls (and sanctions) licensing obligations under U.S. law, even if operating wholly offshore, and therefore, they should consider enhancing compliance screening protocols and controls to prevent violations of U.S. export controls and sanctions.

Continue Reading Export Controls and Sanctions Converge: New BIS Restrictions on SDNs