This year, we have witnessed an extraordinary set of coordinated economic sanctions and export control regulatory actions against Russia after its invasion of Ukraine. In contrast to the fast and furious pace of regulatory action, enforcement actions did not keep pace.

This year’s enforcement actions by the US Treasury Department’s Office of Foreign Assets Control (OFAC) are notable for their jurisdictional reach and expansion of liability theories that aren’t necessarily supported by the plain language of their regulatory authority. The Commerce Department’s Bureau of Industry & Security (BIS) enforcement actions have targeted the aerospace industry, especially in relation to Russia and Belarus. The Department of Justice (DOJ) expended much of its resources on seizing and forfeiting assets linked to Russian oligarchs, galvanizing its multilateral networks.

Interestingly, OFAC continued to target the Iranian petroleum and petrochemical sector despite news reports of intensive negotiations to revive the Joint Comprehensive Plan of Action (JCPOA).

Below we discuss some representative enforcement actions to date.

  1. Airbnb Payments, Inc.

On January 3, Airbnb Payments, Inc., a registered money services business, agreed to pay USD 91,172.29 for apparent violations of OFAC’s Cuba sanctions. The apparent violations involved processing payments from Airbnb guests who traveled to Cuba for reasons outside of OFAC’s authorized categories and processing payments involving non-US persons engaging in Cuba travel transactions prior to OFAC issuing a specific license to Airbnb, Inc., the parent company of Airbnb Payments.

Takeaways: When entering new commercial markets subject to US sanctions, companies should anticipate the legal risks and complexities, and fully implement risk-based sanctions compliance controls into their infrastructure, especially for internet-based services. OFAC credited Airbnb’s proactive identification of compliance deficiencies, implementation of appropriate remedial measures, voluntary self-disclosure (VSD), and cooperation.

  1. S&P Global, Inc

On April 1, S&P Global, a US company that provides business information and financial analytics, agreed to pay USD 78,750 for apparent violations of OFAC’s Ukraine-Related Sanctions Regulations in 2016 and 2017. The apparent violations occurred when S&P Global and a company it acquired reissued and re-dated multiple invoices to continue to extend credit to Rosneft, a Russian state-owned oil company, which constituted transacting and dealing in new debt of longer than 90 days maturity, and therefore, violated Executive Order 13662.

Takeaways: Companies should institute and provide training on compliance policies and procedures to ensure employees know that they cannot alter business records to evade sanctions issues, as was the case here.

  1. Toll Holdings Ltd.

On April 25, Toll Holdings Limited, an international freight forwarding and logistics company headquartered in Australia, agreed to pay USD 6,131,855 for apparent violations of multiple OFAC sanctions programs. The apparent violations occurred when Toll originated and received payments through the US financial system involving sanctioned persons and jurisdictions, including North Korea, Iran, and Syria. The payments were made in connection with the otherwise legal sea, air, and rail shipments. Toll was given substantial credit for its VSD, cooperation, and full remediation.

Takeaways: Companies conducting business with sanctioned persons or jurisdictions must (i) implement strong internal controls and procedures to govern payments involving affiliates, subsidiaries, agents, or other counterparties; and (ii) promptly address compliance weaknesses upon initial occurrence or discovery, identify root causes, and fully implement and test necessary changes to compliance practices.

  1. Export Denial Orders against Russian Airlines

Eight Russian airlines: BIS issued Temporary Denial Orders (TDOs) against Aeroflot, Azur Air, UTair, Aviastar, Rossiya Airlines, Nordwind Airlines, Pobeda Airlines, and S7 Airlines, so far this year, pursuant to comprehensive export controls on Russia. These TDOs terminate the right of the eight airlines to participate in transactions subject to the Export Administration Regulations (EAR), including exports and reexports from the United States.

Takeaway: BIS issued the above TDOs following the new stringent export controls against Russia and Belarus. Any companies dealing directly or indirectly with Russian airlines or aircraft need to be aware of the TDO restrictions to avoid violating their terms.

  1. Extradition of Individual and Designation of Tornado Cash

Alexander Vinnik: On August 4, Alexander Vinnik, a Russian citizen, was charged with criminal money laundering. DOJ accused Vinnik of operating BTC-e, a criminal cryptocurrency exchange, which conducted substantial money services business in the United States without a license. The indictment suggests that BTC-e allowed its users to trade in bitcoin with high levels of anonymity, and laundered more than USD 4 billion of criminal proceeds. BTC-e allegedly had no system for appropriate know-your-customer” (KYC) verification, and no anti-money laundering process or program as required by federal law.

Takeaway: Although BTC-e has no physical presence in the United States, it was charged with money laundering, because BTC-e assisted customers within the United States to conduct tens of thousands of transactions in bitcoin and other convertible virtual currencies processed through servers located in the United States. The case of BTC-e lays down an important marker, especially for non-US exchanges, that vigorous AML compliance measures are indispensable if the business involves US customers, US computer servers, or other US elements.

Tornado Cash: On August 8, OFAC added Tornado Cash, a virtual currency mixer to the SDN List. According to an OFAC news release, Tornado Cash was used to launder proceeds of cybercrimes, that is, more than USD 7 billion worth of virtual currency, by obfuscating their origin, destination, and counterparties. The laundered money includes over USD 455 million stolen by a North Korean state-sponsored cyber hacking actor, Lazarus Group, that was previously sanctioned by OFAC.

Takeaway: The action marks the first time OFAC has targeted an on-chain decentralized protocol. Developers of decentralized platforms should incorporate compliance controls into the software or code, as they are now clearly sanctionable. Moreover, before using or interacting with digital platforms, customers and counterparties should carefully consider the controls in place to protect against cybercrimes. For more information on the Tornado Cash case, see this Steptoe blog postOFAC’s guidance for the “virtual currency industry” provides some insights in this regard, but is not a complete guide.

  1. Designation of Individuals and Companies linked to Iran’s Petroleum and Petrochemical Sector

On June 16, July 6, and August 1, OFAC designated an international network of individuals, entities, and vessels that facilitated the delivery and sale of Iranian petroleum and petrochemical products from Iran to China and East Asia as SDNs. The three rounds of sanctions targeted Iranian petrochemical producers, exporters, vessels and vessel managers involved in relevant transactions, and front companies related to numerous sanctioned petrochemical brokers such as Persian Gulf Petrochemical Industry Commercial Company, Iran Petrochemical Commercial Company, and Triliance Petrochemical Co. Ltd. These sanctioned targets include Iranian and Chinese nationals as well as companies based in Iran, UAE, mainland China, Hong Kong SAR, Singapore, and Vietnam.

Takeaway: The three rounds of Iran-related designation happened within three consecutive months just when the United States and other parties’ attempts to revive the JCPOA had ground to a halt. The package of measures demonstrates that before the Joint Comprehensive Plan of Action (JCPOA) is resuscitated, the US government would continue to use sanctions to target exports of oil, petroleum products, and petrochemicals from Iran.

  1. Asset Forfeiture

Servers and Cryptocurrency Wallets

Hydra Market: DOJ seized the world’s largest and longest-running online darknet market on April 5. According to the indictment, Hydra, operated and administered by Russian resident Dmitry Olegovich Pavlov, enabled users in mainly Russian-speaking countries to buy and sell illicit goods and services in cryptocurrency, which violated US money laundering conspiracy and narcotics conspiracy laws. German police in cooperation with US law enforcement seized over USD 25 million worth of servers and cryptocurrency wallets which will be subject to civil and criminal forfeiture.

Takeaway: On March 7, FinCEN issued an alert to encourage all financial institutions to be vigilant against efforts to evade the sanctions and other US-imposed restrictions against Russia. The alert provides selected red flag indicators of sanctions evasion attempts using the US financial system and convertible virtual currency, as well as possible ransomware attacks and other cybercrimes. For more information on the alert, see this Steptoe blog post.

Yachts and Aircrafts

Amadea: Fijian law enforcement seized a luxury vessel owned by OFAC-designated Russian oligarch Suleiman Kerimov on May 5, pursuant to a Mutual Legal Assistance Treaty request from DOJ, following the issuance of a seizure warrant from the US District Court for the District of Columbia. According to court documents, Kerimov and those acting on his behalf and for his benefit caused USD transactions to be routed through US financial institutions for the support and maintenance of the Amadea.

Two aircraft: US law enforcement agencies seized a Boeing 787-8 and a Gulfstream G650ER, owned and controlled by Russian oligarch Roman Abramovich, on June 6. The aircraft were reexported to Russia and subsequently forfeited based on violations of the Export Control Reform Act and the Russia sanctions.

  1. Individual Enforcement Actions

In relation to North Korea

Virgil Griffith, a US citizen who conspired to provide services to North Korea, including technical advice on how to use cryptocurrency and blockchain technology to evade sanctions, was sentenced to 63 months in prison after pleading guilty to conspiracy to violate the IEEPA on April 12.

In relation to Iran

Kambiz Attar Kashani, a dual citizen of the United States and Iran, pleaded guilty on June 28, to conspiring to illegally procure electronic goods, technology, and services from US technology companies for end users in Iran, including the Government of Iran, without obtaining required licenses or other authorization from OFAC.

In relation to Russia

Konstantin Malofeyev, a Russian oligarch and SDN, was charged with conspiracy to violate US sanctions on April 6. OFAC designated Malofeyev in 2014 for financing Russians promoting separatism in Crimea. To evade sanctions, Malofeyev employed and conspired with Jack Hanick, a US citizen, to transfer a USD 10 million investment he made in a US bank to a business associate in Greece, in violation of the blocking sanctions.

Roman Abramovich, a Russian oligarch, was charged by BIS on June 6, with EAR violations involving flights of two US-origin aircraft to Russia without the required BIS export licenses.

In relation to China

Jonathan Yet Wing Soong, a US employee of a nonprofit contractor for NASA, was charged on May 26, with violating export control laws by allegedly secretly selling sensitive NASA aeronautics software to an entity on the Entity List—Beijing University of Aeronautics and Astronautics (BUAA). Soong allegedly arranged to sell the Army flight-control software packages to an intermediary, as Soong knew that BUAA could not receive this technology without a license from BIS.

  1. New Enforcement Advisory and Policy Change

On June 28, FinCEN and BIS issued their first joint alert, urging increased vigilance for potential Russian and Belarusian export control evasion attempts. The joint alert lists several items deemed to be “commodities of concern” and also provides a list of 22 specific red flags for export control evasion. For more information on the joint alert, see this Steptoe blog post.

On June 30, BIS announced policy changes designed to strengthen its administrative enforcement of US export controls, which include: (i) imposition of significantly higher penalties; (ii) offering expedited non-monetary settlement agreements for less serious violations and dual tracking of Voluntary Self Disclosures; (iii) elimination of no admit/no deny settlements and (iv) issuing pre-resolution charging letters. For more information on BIS’s enforcement policy change, see this Steptoe blog post.

  1. Additional Sources Devoted to the Enforcement

Task Force KleptoCapture

On March 2, the US Attorney General announced the launch of Task Force KleptoCapture, which aims to target the crimes of Russian officials, government-aligned elites, and those who aid or conceal their unlawful conduct, and use cryptocurrency to evade US sanctions. For more information on Task Force KleptoCapture and US civil forfeiture, see this post by Steptoe’s Senior Counsel Steven Welk.

Russian Elites, Proxies and Oligarchs (REPO) Task Force

On March 17, the G7 countries and Australia founded the REPO multilateral task force , through which each of the member jurisdictions would collect and share information to target Russia. Since its creation, the REPO task force has blocked or frozen over USD 30 billion worth of sanctioned Russians’ assets, seized numerous yachts, ships, and real estate, and restricted sanctioned Russians’ ability to use the global financial system.


These enforcement actions reflect that sanctions and export controls are increasingly relevant to an expanding number of industries and involve multinational enforcement agencies, with asset forfeiture and seizures as sanctions enforcement tools.

We expect an even more challenging and complex geopolitical landscape for the rest of 2022. Additional comprehensive sanctions against Russia by G7 countries are in the pipeline, and the United States, European Union, and the United Kingdom will no doubt enforce sanctions against third-country companies that violate their sanctions programs.

We expect that the intensified US-China relationship will lead to further expansion of sanctions imposed on Chinese individuals or entities as well as restrictions on imports from or exports to China, in cases where companies or groups are accused of threatening US national security or violating human rights. Also, it is unclear if sanctions on Iran will be lifted, as talks with Iran are still at a standstill.

As pointedly stated by Deputy Attorney General Lisa Monaco on April 27, 2022, “sanctions are the new FCPA” and accordingly, we should expect substantial enforcement activities to continue throughout the rest of 2022.