Episode 109

20th May – 26th May 2024

Sanctions

This week’s sanctions news starts in the UK, where the government has announced sanctions aligning with those awarded by others in relation to the Russia-DPRK ‘arms-for-oil’ trade. The sanctions impact three companies and one individual. First, ‘DPRK company Paekyangsan Shipping Co Ltd, which operates DPRK-flagged vessel Paek Yang San 1, involved in the facilitation of DPRK military programmes by transferring petroleum products between Russia and DPRK’, and which is subject to an asset freeze; secondly, ‘Toplivo Bunkering Company (TBK) and company director Aleksey Mikhailovich Vorotnikov, for allowing vessels involved in the transfer of petroleum to DPRK to bunker in the Russian port of Vostochny’ and which is subject to an asset freeze; and, thirdly, in relation to the corporations designated, ‘Vostochnaya Stevedoring Co LLC, operating from the port of Vostochny, which is a prominent Russian provider of cargo services within the Russian transport industry’ and which is now subject to an asset freeze and trust service sanction. Aleksey Mikhailovich Vorotnikov will also be subject to an asset freeze and travel ban. In relation to the Somalia financial sanctions regime, there have been three additions. And, finally, from the UK on sanctions this week, the Department for Business and Trade in conjunction with the Export Control Joint Unit have issued new guidance on the sale and brokering of second-hand vessels to third countries. ‘The guidance identifies relevant provisions of UK sanctions prohibitions which capture brokering and other ancillary services related to the sale of oil tankers and other vessels to Russia. It also aims to consolidate industry awareness of potential risks and common deceptive practices which may undermine the objectives of these sanctions.’

In the European Union, as trailed in the podcast for a couple of weeks, the Commission has confirmed sanctions against what it regards as Russian propagandists. The broadcasting activities of Voice of Europe, RIA Novosti, Izvestia, and Rossiyskaya Gazeta are suspended in the EU or where they are directed at the EU.

In other news related to Russia, the Centre for Research on Energy and Clean Air has published its monthly analysis for April 2024 in relation to Russian fossil fuel exports and sanctions. In terms of the key findings of the report, the following is provided. The monthly export revenues from seaborne crude oil rose 7% to €268m per day, with that increase mostly attributable to a 2 per cent rise in the price of Russian crude oil. It reports that export revenues from seaborne oil products decreased by 16 per cent month-on-month (€196m per day) in April, and that there was a 19 per cent month-on-month drop in exported volumes, which can be partly attributed to Russia’s reduction in refining capacity following Ukrainian drone strikes. Russia’s refinery runs dropped by 2% in April compared to the prior month. In April, 38 per cent of Russian seaborne crude oil and its products were transported by tankers subject to the oil price cap, at levels lower than observed in March. Allied to this 240 ‘shadow’ tankers, with an average age of 17 years, exported Russian oil and oil products globally. Of these, 64 tankers were 20 years or older, and that the oldest tanker shipping Russian products was 36-years-old. Use of these old tankers raises a question in the report relating to whether they have appropriate spill insurance coverage. If they do not, then they represent a significant environmental risk, especially when passing through ecologically sensitive waters where significant damage could be caused by an oil spill. The report also indicates that a lower price cap of $30 per barrel would have reduced Russian revenues by €51bn (24 per cent) since the imposition of sanctions in December 2022 until the end of April 2024. A $30 per barrel price cap would have reduced Russian revenues by €3.05bn (22 per cent) in April alone. And, finally, since the introduction of sanctions, until the end of April 2024, thorough enforcement of the price cap would have reduced Russia’s revenues by 8 per cent (€17bn). In April alone, full enforcement of the price cap would have reduced revenues by 9 per cent (approximately €1.24bn).

This next story is an interesting one. You will undoubtedly have heard that the International Criminal Court (‘ICC’) has announced that its prosecutor will seek arrest warrants for senior Israelis for their actions taken in relation to Palestinians and their territory. Well, the US administration has announced that it may seek to impose sanctions on ICC officials. Its objection would seem to be that the ICC should not have jurisdiction where countries have an independent, legitimate, and democratic judicial system. I don’t think this is a good optic. We support the action against Putin, but as soon as it is someone we don’t like, we start rattling the sanctions sabre. Frankly, if this is something which is likely to become part of the strategic arsenal of the US, then to me it would not provide a strong sense of confidence to any international organisation, and must cast doubt on the viability of an International Anti-Corruption Court if objections to its actions are raised. This gives me a genuinely bad feeling, but we’ll see how it turns out. Anyway, in response to this story, 121 human rights and civil society groups have published a letter to the US President urging his opposition to the threat suggesting that acting ‘on these calls would do grave harm to the interests of all victims globally and to the U.S. government’s ability to champion human rights and the cause of justice, which are stated priorities of your administration.’

And, finally, this week, two bits of light reading. First, Stanford Law School’s Law and Policy Lab has analysed the problems of legal professionals as enablers of sanctions evasion and how it might be addressed, while, secondly, Rabihah Butler, Manager for Enterprise content for Risk, Fraud & Government at Thomson Reuters as the question of whether government sanctions are successful.

Bribery and Corruption

As with last week, so with this week, the bribery and corruption news starts in Ukraine. You can’t fail to have noticed in the mainstream media news of the Russian advance on Kharkiv. In fact, such was the ease of the advance, many locals are now understood to be questioning whether corruption may have played a part. The Kharkiv Anti-Corruption Center has raised this concern over tendering and the businesses which have been awarded the contracts to fortify the region. This news comes off the back of a swathe of operations against government ministers and officials across Ukraine made as the EU and other prepare to provide billions in aid and other supplies to support the Ukrainian defence against Russia. Allied to this news is news from Russia of the arrests of Major General Ivan Popov and Lieutenant General Vadim Shamarinon, both on charges of bribery. Popov had recently criticised problems facing troops on the frontline. Their arrests are the latest in a range of actions taken against senior military officials in Russia as attempts to root out corruption in defence maintenance and procurement contracts gather pace.

And, finally, on bribery and corruption this week, Peter Virdee, who is also known as Hardip Singh, has been charged with bribing a foreign public official contrary to section six, Bribery Act 2010. The National Crime Agency (‘NCA’) press release provides: ‘It is alleged that between January 2015 and July 2017 he bribed Asot Michael, a Member of Parliament and Government Minister of Tourism, Economic Development Investment and Energy for Antigua and Barbuda, to benefit PV Energy Ltd, the company [of which] he is a director…. PV Energy ltd was simultaneously charged with failing to prevent bribery in relation to the same offences.’ The failure to prevent bribery is the strict liability corporate offence under section seven of the Bribery Act 2010 which is allied to the active bribery offences. This offence links to the section six offence with which Virdee is charged under the 2010 Act. Link to the NCA press release is in the podcast description.

Fraud

The fraud news this week starts in the US where, the secret service has seized a web domain which was used in furtherance of a cryptocurrency ‘pig butchering’ scheme. ‘In pig butchering schemes, scammers encounter victims through a variety of ways, including on dating applications and social media websites, and even random text messages masquerading as a wrong number. Scammers initiate relationships with victims and slowly gain their trust, eventually introducing the idea of making a business investment using cryptocurrency. Victims are then directed to other members of the scheme running fraudulent cryptocurrency investment platforms, where victims are persuaded to invest money. Once the money is sent to the fake investment application, the scammer vanishes, taking all the money with them, often resulting in significant losses for the victim. According to court records, between about August 2022 and July 2023, scammers induced a [one] victim to wire monies to the now-seized domain…. The scammers — using the confidence-building techniques described above — convinced the victim that he/she was investing in a legitimate cryptocurrency opportunity. After the victim transferred investments into the deposit addresses that the scammers provided in connection with the seized domain name, the victim’s funds were immediately transferred through numerous bank accounts in an effort to conceal the source of the funds. In total, the victim lost over $341,000.’

We have seen previously that these pig butchering schemes can evolve through abuse of dating and other similar apps. Well, I’m sure it is genuinely coincidental, but the BBC has published an in-depth piece on romance scams and the recovery of funds. The piece seems to be timed, albeit well in advance, to coincide with the new repayment scheme under the auspices of the Payment Systems Regulator (‘PSR’) due to commence on 7th October 2024.

And, finally, on fraud news this week, UK Finance, the trade body, has released its 2024 fraud report. While the headline is that fraud remains a problem, as might be expected, the key takeaways provide some interesting thoughts. First, some £1.17bn was stolen by fraudsters by unauthorised and authorised fraud in 2023, which is a four per cent reduction on the figures for 2022. Secondly, and this is an indication of the value of security and cyber systems, banks prevented £1.25bn of unauthorised fraud. Without such systems in place, the level of fraud would have been roughly double the actual figure. Thirdly, 76 per cent of APP fraud started online, while only 16 per cent started through telecommunications networks. This is, perhaps, a sign of the times.

Money Laundering

The money laundering news this week starts in the US, and in news unrelated to the earlier story about ‘pig butchering’, the Department of Justice has announced Daren Li a dual citizen of China and St. Kitts and Nevis, and a resident of China, Cambodia, and the United Arab Emirates, together with Yicheng Zhang, a Chinese national, and resident in California, are alleged to have conspired in the management of ‘an international syndicate that laundered proceeds of cryptocurrency investment scams, which are also known as “pig butchering.” Victims of the schemes under investigation were fraudulently induced into transferring millions of dollars to U.S. bank accounts opened in the names of dozens of shell companies whose sole apparent purpose was to facilitate the laundering of fraud proceeds. A network of money launderers then facilitated the transfer of those funds to other domestic and international bank accounts and cryptocurrency platforms in a manner designed to conceal the source, nature, ownership, and control of the funds. The fraud scheme involved more than $73 million laundered through U.S. financial institutions to bank accounts in The Bahamas, and converted to the virtual asset USDT, or Tether. A cryptocurrency wallet involved in the scheme received more than $341 million in virtual assets.’

In the UK, the Financial Intelligence Unit has produced a document aimed at those who make reports using the Suspicious Activity Reports (‘SARs’). The document is concerned with seeking a defence, also known as consent, from the National Crime Agency to the money laundering offences under sections 335 and 336, Proceeds of Crime Act 2002 and/or the terrorist financing offence under section 21ZA, Terrorism Act 2000.

In other money laundering news, this time we are back in Turkey, which we have reported over recent weeks has been undertaking significant acts with a view to being removed from the Jurisdictions Under Increased Monitoring – the so-called ‘grey list’. Well, this week, Minister of Treasury and Finance, Mehmet Simsek, has been reasserting the stance of the Turkish government on the matter. He reaffirmed its focus on combating money laundering and terrorist financing, pointing to work done to enhance the Financial Crimes Investigation Board, as well as the provision of enhanced technology and personnel. Frankly, if Turkey isn’t removed, there are going to be some pretty upset folk in the Turkish government. Keep a close eye on this one. Staying in Europe, and the German financial regulator has fined N26 Bank AG €9.2m because of delays in the submission of its reports on suspicions of money laundering identified in its systems in 2022.

And, finally, on money laundering news this week, the European Union has published the text of the Anti-money laundering Regulation, Anti-money laundering authority Regulation and the Sixth Money laundering Directive. The European Parliament adopted the legislation in April 2024, and the Council and Parliament reached provisional agreement on the AML Regulation and MLD6 in December 2023, and on the AMLA Regulation in January 2024, all of which was tracked on previous episodes of the podcast. When the Council of the EU adopts the legislation formally, it will be published in the Official Journal of the European Union.

Market Abuse

On market abuse news this week, coordinated action by the Financial Conduct Authority (‘FCA’) and the Prudential Regulation Authority (‘PRA’) in the United Kingdom to fine Citigroup Global Markets Limited (‘CGML’) for failures in its trading systems and controls. The combined value of the fines is £61,600,000. As the FCA press release provides: ‘Failures in the firm’s systems and controls led to US$1.4bn of equities being sold in European markets when they should not have been. On 2 May 2022, a CGML trader had intended to sell a basket of equities to the value of US$58m. The trader made an inputting error while entering the basket in an order management system. This resulted in a basket to the value of US$444bn being created. CGML controls blocked US$255bn of the basket progressing, but not the remaining US$189bn which was sent to a trading algorithm. The algorithm selected was designed to place portions of this total order to be sold in the market over the rest of the day. In total US$1.4bn of equities were sold across European exchanges, before the trader cancelled the order. This coincided with a material short-term drop in some European indices which lasted a few minutes.’

Other Financial Crime News

In other news, in the Director of the Serious Fraud Office in the UK has been interviewed by the FT and the interview appears in the FT Adviser. One other bit of reading I’d like to direct you towards is a short lesson to learn from the Binance regulatory failings which have been well-documented in the mainstream media and on this podcast over the last few months. The document is by Blanche Balian from the law firm Stephenson Harwood.

Cyber Crime

We end this week’s financial crime news with a round-up of cyber-attack news. In the UK, the National Cyber Security Centre (‘NCSC’) has published a blog to highlight its new guidance on business email compromise. We flagged the guidance in episode 106 of the podcast. Now, in a moment of beautiful coincidence, in the US, a man has been sentenced to 10 years’ imprisonment for laundering the proceeds of a business email compromise scheme. It’s a real threat.

Now, anyone who has listened to this podcast over the last weeks, months, and years, will be aware of the significant threat posed to critical infrastructure from cyber-attacks. As I have said before, the persistent cyber-attacks on Ukraine which take out electricity supply is an indication of how easily significant disruption can be achieved. Well, this week news comes to us from Australia where Ausgrid, the electricity supplier to the east coast, has indicated the likely cost of a cyber-attack from disruption to its systems could be AUD$2.9bn for each day of disruption. Ausgrid made the submission to the Cyber Security Expert Advisory Board’s 2023–30 Australian Cyber Security Strategy: Legislative Reforms Consultation Paper. The size of the estimate is easy to understand from the context provided in one paragraph from the submission, which reads: ‘As the most populous network area and financial capital of Australia, over 20 per cent of Australia’s GDP is generated within our network area. We supply energy to 105 hospitals, Australia’s only radiopharmaceuticals production facility, 4 of the world‘s top 200 ranking universities, 3 major ports and 37% of Australia’s financial services industry. This means that a cyber-attack on our network, even for a few hours, would severely disrupt lives and livelihoods. In the worst possible case, the economic impact from a complete shutdown of our infrastructure may be as high as $120 million per hour or over $2.9 billion per day.’ I would say that for the determined cyber-criminal, Ausgrid would be an attractive target, so we should hope that its cyber defences are as rigorous as we would hope them to be.

Now, in a reminder of the threat to critical infrastructure, and from a country which has been ramping up the narrative around threats to water supply, etc, the Environmental Protection Agency (‘EPA‘) in the US has warned of the ‘urgent cybersecurity threats and vulnerabilities to community drinking water systems…. Recent EPA inspections have revealed that the majority of water systems inspected – over 70 percent – do not fully comply with requirements in the Safe Drinking Water Act and that some of those systems have critical cybersecurity vulnerabilities, such as default passwords that have not been updated and single logins that can easily be compromised….’ I mean, not linked just to this notice, but more generally, some of the cybersecurity compliance measures leave a lot to be desired.

References

Cyber Security Expert Advisory Board, Ausgrid response to the 2023-30 Australian Cyber Security Strategy: Legislative Reform Consultation Paper.

BBC, Can romance scam victims get their money back?

Centre for Research on Energy and Clear Air, April 2024 — Monthly analysis of Russian fossil fuel exports and sanctions.

Coalition for the ICC, Letter to US President: Threats to the International Criminal Court.

Council of the European Union, Text (PE-CONS 36/24) of the Regulation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (2021/0239(COD)) (AML Regulation).

Council of the European Union, Text (PE-CONS 35/24) of the Regulation establishing the Anti-Money Laundering Authority (AMLA) (2021/0240(COD)) (AMLA Regulation).

Council of the European Union, Text (PE-CONS 37/24) of the Sixth Money Laundering Directive (2021/0250(COD)) (MLD6).

Department for Business and Trade, Notice: NTE 2024/11: Russia sanctions – Sales of oil tankers to third countries.

European Commission, Commission welcomes new sanctions against disinformation and war propaganda.

Financial Conduct Authority, FCA fines CGML £27,766,200 for failures in its trading systems and controls.

Financial Conduct Authority, Final Notice: Citigroup Global Markets Limited.