Episode 101

25th March – 31st March 2024

Sanctions

The sanctions news this week starts with the European Union (‘EU’), where the Council of the EU has announced sanctions against 33 individuals and two entities following the death of Alexei Navalny. The sanctions, under its Global Human Rights Sanctions Regime, subject those individuals to an asset freeze, prohibit, directly or indirectly, the provision of funds or economic resources to the individuals, and impose a ban on travel to any EU member state.

The big sanctions news this week comes in the form of action taken both by the US and UK governments following the Chinese hacking stories which have been widely reported in the press this week. It was reported that hackers backed by the Chinese state have conducted a persistent campaign of cyber-attacks against the democratic institutions of the UK, including politicians and journalists, and accessing the electoral roll. On Monday, ‘a front company and two individuals who are members of APT31 [‘China state-affiliated Advanced Persistent Threat Group 31’]. The company, Wuhan Xiaoruizhi Science and Technology Company Limited, is associated with APT31, and operates on behalf of the Chinese Ministry of State Security (MSS) as part of China’s state-sponsored apparatus. The individuals are Zhao Guangzong and Ni Gaobin, both of whom are members of APT31.’ The US targeted the same entity and individuals ‘for their roles in malicious cyber operations targeting U.S. entities that operate within U.S. critical infrastructure sectors, directly endangering U.S. national security.’ Later in the week, New Zealand joined the condemnation of Chinese cyber-attacks on its parliament in 2021, but no sanctions have been issued yet. The reason for this was not immediately clear, but it seems to relate to the lack of autonomous legislation in New Zealand which would allow the imposition of sanctions, and that Parliament would need to pass legislation, as it did to impose sanctions on Russia when it invaded Ukraine. It doesn’t seem likely that it will happen if the mood music coming from New Zealand is anything to go by, but let’s watch this space.

In other sanctions news from the US, OFAC has also sanctioned financial facilitators and illicit drug traffickers who support the regime of Bashar Al-Assad in Syria. In all, 11 individuals and entities have been sanctioned. ‘Syria has become the leading producer and exporter of Captagon, a highly addictive amphetamine-type stimulant trafficked illegally throughout the Middle East and Europe…. The revenue from the illicit Captagon trade has become a major source of income for the Assad regime, the Syrian armed forces, and Syrian paramilitary forces. The Assad regime also derives significant profits from extractive industries with the help of foreign entities. Additionally, the Syrian regime continues to rely on Syrian money service businesses to circumvent sanctions and carry out financial transfers and currency exchange on its behalf.’

As an adjunct to this story, the National Cyber Security Centre (‘NCSC’) in the UK – which is part of GCHQ (the UK’s intelligence and security organisation) – has published updated guidance in its ‘Defending Democracy’ collection.

In other collaborative news from the US, it is understood that the US and Cyprus will sign an agreement relating to the enforcement of sanctions and money laundering, particularly in relation to Russia. It is believed it will be signed off before the end of Easter, but nothing on relevant agency websites yet.

And, finally, on sanctions news this week, some sanctions, a licence, and a survey from the UK, specifically from the Office of Financial Sanctions Implementation (‘OFSI’), and two more from OFAC. First, Svetlana Alexandrovna Krivonogikh’s designation has been amended. Krivonogikh, who is thought to be Putin’s daughter, remains subject to an asset freeze. Secondly, Aozma Sultana and Mustafa Ayash have been sanctioned in relation to the Counter-Terrorism (Domestic) regime. They are suspected of providing financial support for ‘Gaza Now’, which is a news agency which promotes the Hamas and Palestinian Islamic Jihad terror groups. Next, OFSI issued a new general licence which ‘permits insurance and other services to be paid for in respect of vessels currently at sea managed by Active Denizcilik to facilitate their entry to port, and to permit persons 75 days to wind down their relationships involving both Active Denizcilik and Beks Gemi.’ Finally, OFSI has published a short survey to garner industry perspectives and understanding the threat landscape to financial sanctions compliance in the UK. The survey closes at 17:00 on 12th April 2024. Now, to OFAC. First, OFAC has also announced sanctions on the same media organisations and individuals OFSI has sanctioned this week. Secondly, OFAC, working with the Republic of Korea, has also sanctioned ‘six individuals and two entities based in Russia, China, and the United Arab Emirates, that generate revenue and facilitate financial transactions for the Democratic People’s Republic of Korea (DPRK). Funds generated through these actors are ultimately funneled to support the DPRK’s weapons of mass destruction (WMD) programs. The ROK is jointly designating six of the same individuals and entities for their involvement in illicit financing and revenue generation through overseas DPRK information technology (IT) workers.’

Bribery and Corruption

This week’s bribery and corruption news starts in China, where the former president of the Chinese Football Association has been sentenced to life imprisonment for bribery. Chen Xuyuan pleaded guilty to receiving 81m yuan ($11.2m) over a 13 year period up to 2023, which included time while he was president and chairman of Shanghai International Port Group. Xuyuan is the latest in the list of high profile individuals who have either been charged with, or convicted of, bribery in a society-wide crackdown on bribery and corruption in the state.

To South African now, where the home of the Speaker of the parliament has been raided in connection with allegations of bribery. Nosiviwe Mapisa-Nqakula, is accused of soliciting bribes while a defence minister, with the promise that contracts would be awarded in return.

Now, a direction to a couple of stories from Transparency International which has used the opportunity presented by the 25th anniversary of the coming into force of the ‘OECD’s Anti-Bribery Convention’ to call on members to use the OECD's Global Anti-Corruption and Integrity Forum ‘to renew and reinforce their collective commitment to tackling foreign bribery and the money laundering that goes with it’ by amplifying enforcement efforts, not only against payers, but also against enablers, that is, financial institutions and service providers. Additionally, ‘regulatory, oversight and enforcement agencies should be endowed with sufficient independence, resources, capacity and powers’ to facilitate this renewed approach to enforcement. It remains to be seen what will come out of the OECD’s Forum.

Staying with the OECD, it has published its Anti-Corruption and Integrity Outlook 2024. The Outlook ‘outlines the current performance of countries' anti-corruption and integrity policies and practices and identifies avenues for enhancement, concluding that while anti-corruption and integrity frameworks are improving,… there is a need for renewed efforts to strengthen them globally by prioritising implementation, enhancing data collection, and taking account of emerging risks….’

And finally, on bribery and corruption news this week, The Guardian in the UK reports that the Serious Fraud Office (‘SFO’) is looking to appeal a decision from December 2023 brought by Eurasian Natural Resources Corporation Limited (‘ENRC’), the UK subsidiary of the global mining conglomerate, which is looking to recover losses from the decade-long investigation by the SFO into allegations of fraud and bribery. Losses, if recoverable, might amount to $1bn, a figure aggressively disputed by the SFO in court filings seen by journalists. Certainly worth following this one.

Money Laundering

The limited money laundering news this week comes, first, from the UK, where the National Crime Agency (‘NCA’) has updated a series of resources relating to the Suspicious Activity Reports (SARs) Portal.

In other money laundering news this week, the Financial Action Task Force (‘FATF’) has been updating us on the progress made on money laundering since their respective MERs of Australia and the US. On Australia, the FATF issued its fourth Follow-up report analysing its progress made in addressing some of the technical compliance deficiencies identified in its Mutual Evaluation. ‘Overall, Australia has made progress in addressing some deficiencies and the following Recommendations have been re-rated:

- Recommendation 10 is re-rated from Partially Compliant to Largely Compliant

- Recommendation 13 is re-rated from Non Compliant to Compliant

- Recommendation 15 has been re-rated Compliant to Partially Compliant

- Recommendation 17 is re-rated from Partially Compliant to Compliant

- Recommendation 18 is re-rated from Partially Compliant to Largely Compliant

- Recommendation 26 is re-rated from Partially Compliant to Largely Compliant

Australia has 18 Recommendations rated Compliant, 12 Largely Compliant, 6 Partially Compliant and 4 Recommendations rated Non-Compliant.’ On the US, the FATF issued its seventh Enhanced Follow-up Report which analyses its progress in addressing some of the technical compliance deficiencies identified in its MER. ‘The United States has made progress to address the technical compliance deficiencies identified in relation to Recommendation 24 - Transparency and beneficial ownership of legal persons. Because of this progress, the United States has been re-rated on Recommendation 24.

- Recommendation 24 is upgraded from Non Compliant to Largely Compliant.

The United States has 9 Recommendations rated Compliant, 23 Largely Compliant, 5 Partially Compliant and three Recommendations Non-Compliant.’

And finally, on money laundering news this week, the Wolfsberg Group has issued an update to its Principles for Auditing a Financial Crime Risk Management Programme for Effectiveness under the Wolfsberg Factors.

Fraud

In fraud news this week, the National Crime Agency in the UK has issued an update on Operation Henhouse, which is a national anti-fraud operation. This is the third iteration of the multi-agency operation, which ran over February and March 2024, and resulted in 438 arrests, 211 voluntary interviews, 283 cease and desist notices, a series of account freezing orders in the amount of £5.1m, and seizure of cash and assets valued at £13.9m.

Market Abuse

This week’s principal market abuse news relates to something which we have covered in previous issues of the podcast, namely actions by ‘finfluencers’ – financial influencers – in using social media channels to promote financial and investment activity. While social media has become central to firms’ marketing strategies, firms must be sure that their actions, and those influencers with whom they work, stay within the regulatory framework. Particularly, ‘influencers are reminded that promoting a financial product without approval from an FCA-authorised person with the right permission could be a criminal offence. Consumers need to be alert to dubious adverts and scams online, but it is important that influencers ensure they’re on the right side of the rules and consider what would happen to their own reputations if they’re found to promote products illegally.’

In other market abuse news this week, Joe Lewis, who pleaded guilty in the US to insider trading, has said in a court filing that his age should mean he avoids a prison sentence. His cooperation and guilty plea should favour supervisory probation as well as a fine. We’ll see what happens with that one. Also, the Securities and Exchange Commission in the US has charged the former Chairman of Arista Networks, Andreas ‘Andy’ Bechtolsheim, with insider trading. From the SEC press release: ‘Bechtolsheim misappropriated material nonpublic information regarding the impending acquisition of Acacia Communications, Inc., a manufacturer of highspeed optical interconnect products. The SEC alleges that Bechtolsheim, who was Arista Networks’s chair at the time, learned of Acacia’s impending acquisition on July 8, 2019, through his and Arista Networks’s longstanding relationship with another multinational technology company that was also considering acquiring Acacia and consulted with Bechtolsheim concerning the potential acquisition. Immediately after learning this information, Bechtolsheim allegedly traded Acacia options in the accounts of a close relative and an associate. The next day, July 9, 2019, before the market opened, Acacia and Cisco announced that Cisco had agreed to acquire Acacia for $70 per share. That day, Acacia’s stock price increased by 35.1 percent. According to the SEC’s complaint, Bechtolsheim’s trading generated combined illegal profits of $415,726 in the accounts of his relative and associate.’ To settle the charge, Bechtolsheim has agreed to pay a civil penalty of almost $1m. I don’t want to end this story without drawing attention to comment from FT Alphaville about Bechtolsheim: ‘Bechtolsheim is a billionaire many times over, having been one of the founders of Sun Microsystems and the first outside investor in Google , his $100k cheque allowing Larry Page and Sergey Brin to move from their dorm room to a garage. Forbes pins his wealth at $8.6bn. His reputation is sterling. And yet, he seems to have risked jail-time for a paltry $415,726. Even the US watchdog seems to have reacted like this . . . . . . Because the penalty seems pretty mild given what the SEC implies was a clear case of insider trading, albeit for only modest profit? Without admitting or denying the allegations in the SEC’s complaint, which was filed in the U.S. District Court for the Northern District of California, Bechtolsheim settled the SEC’s charges by agreeing to be barred from serving as an officer or director of a public company for five years and to pay a civil monetary penalty of $923,740. The settlement is subject to court approval. Joseph Sansone, head of the SEC’s Market Abuse Unit, said in the watchdog’s statement that “we will continue to pursue and prosecute misconduct by trusted insiders at all levels of the corporate hierarchy.” And then give them a friendly tickle, presumably.’ Typical bit of banter from Alphaville there, but it does raise the interesting issue of how to get thrills when you’re a billionaire. How excited can you get by the purchase of another house, another car, another luxury yacht? Maybe these billionaires need to think of other activities to attract a thrill? Bungee jumping? Free climbing? Cage fighting?

The SEC has also announced that it has brought insider trading charges ‘against one current and three former minor league baseball players who made about $189,000 in profits from trading in advance of the December 6, 2021 announcement that Jack in the Box Inc. would acquire Del Taco Restaurants, Inc.’

Other Financial Crime News

In other financial crime news this week, I thought I might bring attention to a blog post from the international law firm, Norton Rose Fulbright, on the subject of Horizon Scanning: Investigations and Enforcement. The post covers a range of topics, including the Economic Crime and Corporate Transparency Act 2023, SFO, PRA and FCA Enforcement Priorities, Authorised Push Payments, Sanctions, and Environmental, Social and Governance (‘ESG’), as well as Business and Human Rights (‘BHR’) issues. Worth a read, and it should not unduly detain.

Cyber Crime

The cyber-attack news this week starts and ends in the US, where the government, specifically the Cybersecurity and Infrastructure Security Agency (‘CISA’), the Federal Bureau of Investigation (‘FBI’), and the Multi-State Information Sharing and Analysis Center (‘MS-ISAC’), have issued an updated joint advisory on understanding and responding to a Distributed Denial of Service Attack (‘DDoS’). ‘The guidance now includes detailed insight into three different types of DDoS techniques:

- Volumetric, attacks aiming to consume available bandwidth.

- Protocol, attacks which exploit vulnerabilities in network protocols.

- Application, attacks targeting vulnerabilities in specific applications or running services.’

I will add, as I always tend to say in such instances, while the guidance has a US-perspective, there are generic elements in these reports and guidance which are issued which can be of value to anyone who works in cyber, wherever in the world.

The other piece of news out of the US on cyber this week is from the US Department of the Treasury which has released a report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector. In the report, Treasury identifies significant opportunities and challenges that AI presents to the security and resilience of the financial services sector. The report outlines a series of next steps to address immediate AI-related operational risk, cybersecurity, and fraud challenges, including addressing the growing capability gap, narrowing the fraud data divide, and regulatory coordination. That’s my Easter reading sorted.

References

Council of the European Union, Death of Alexei Navalny: EU sanctions 33 individuals and two entities under its Global Human Rights Sanctions Regime.

Cybersecurity and Infrastructure Security Agency, CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques.

Cybersecurity and Infrastructure Security Agency, Understanding and Responding to Distributed Denial-Of-Service Attacks.

Department of the Treasury, U.S. Department of the Treasury Releases Report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Sector (press release).

Department of the Treasury, Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector.

Financial Action Task Force, Australia's progress in strengthening measures to tackle money laundering and terrorist financing.

Financial Action Task Force, United States' progress in strengthening measures to tackle money laundering and terrorist financing.

Financial Conduct Authority, FCA warns firms and finfluencers to keep their social media ads lawful.

Financial Conduct Authority, Finalised Guidance FG24/1: Finalised guidance on financial promotions on social media.

Foreign, Commonwealth & Development Office, UK holds China state-affiliated organisations and individuals responsible for malicious cyber activity.

National Crime Agency, The SAR Portal FAQs.