On March 7, 2022, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued guidance on heightened vigilance for potential attempts to evade Russian sanctions. The FinCEN alert follows the US government’s imposition of escalating sanctions against Russian interests in connection with the invasion of Ukraine. Among these recent efforts, the Office of Foreign Assets Control and the US State Department have sanctioned many Russian elites by identifying some of their assets as blocked. This initiative aims to prevent elites from supporting the Russian government with their wealth and other resources. The Treasury Department and State Department have also sanctioned disinformation outlets run by Russian intelligence and defense-related companies.
FinCEN warns that Russian and Belarusian actors may seek to evade these sanctions through various means, through unsanctioned financial institutions and various actors who retain some degree of access to the international financial system. The FinCEN Alert highlights “red flags” for financial institutions to consider, such as (i) the use of corporate vehicles such as shell companies to obscure ownership, source of funds or countries involved; (ii) the use of third parties to protect the identity of sanctioned persons who seek to disguise the origin or ownership of funds; and (iii) non-routine foreign exchange transactions which may indirectly involve sanctioned Russian institutions.
Financial institutions should also be vigilant about convertible virtual currency (CVC) and ransomware campaigns. Although FinCEN notes that large-scale sanctions-busting by the Russian government using CVC is less practical, smaller entities and individuals may attempt to use CVC and anonymization tools to evade penalties. FinCEN warns that transactions initiated or sent to IP addresses located in Russia or Belarus are red flags. Additionally, amid an “unprecedented” increase in cyberattacks due to the conflict in Ukraine, organizations must be increasingly vigilant against ransomware threats from Russian cyber operations.
The FinCEN Alert also reminds financial institutions of relevant obligations under the Bank Secrecy Act, such as reporting suspicious activity. A financial institution is required to file a report if it knows, suspects or has reason to suspect that a transaction in which it is involved uses funds obtained from illegal activities, attempts to conceal funds obtained from illegal activities, is designed to evade the regulations of the Bank Secrecy Act, does not have a commercial or legal purpose, or involves the use of the institution to facilitate criminal activity. Financial institutions additionally have due diligence obligations regarding politically exposed persons, private bank accounts held for non-U.S. persons, and accounts involving foreign agents or foreign counterparties.
FinCEN encourages financial institutions to make full use of the information-sharing powers provided by Section 314(b) of the USA PATRIOT Act, as such collaboration is “essential to identifying, reporting and preventing the development of evasion of sanctions, ransomware/cyberattacks, and laundering the proceeds of corruption”. Under the Section 314(b) safe harbor, financial institutions may share information about individuals, organizations and countries with each other for the purpose of identifying possible terrorist or money laundering activities. ‘money.
 FinCEN advises heightened vigilance for potential attempts to evade Russian sanctions (March 7, 2022) (FinCEN Alert), https://www.fincen.gov/sites/default/files/2022-03/FinCEN%20Alert%20Russian%20Sanctions%20Evasion%20FINAL%20508.pdf.  See Executive Order 14024 of April 15, 2021, Blocking of Assets with Respect to Specified Harmful Foreign Activities of the Government of the Russian Federation, https://home.treasury.gov/system/files/126/14024.pdf; Determination under Section 1(a)(i) of Executive Order 14024 (February 22, 2022), https://home.treasury.gov/system/files/126/russia_harmful_determination_20220222.pdf. See also Recent OFAC Actions | US Treasury Department, https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions.  See Treasury Press Release, Treasury Sanctions Russians Who Fund Putin and Russian-Backed Influencers (March 3, 2022), https://home.treasury.gov/news/press-releases/jy0628.  Virtual currency is a digital representation of value that functions as a medium of exchange, unit of account, and/or store of value. Convertible virtual currency is virtual currency that has an equivalent value in real money (i.e. coins and paper money). Bitcoin is an example. See Virtual Currencies, IRS, https://www.irs.gov/businesses/small-businesses-self-employed/virtual-currencies.  See Kate Conger and Adam Satariano, Volunteer Hackers Converge on Ukraine Conflict With No One in Charge, NY Times (March 4, 2022), https://www.nytimes.com/2022/03/04/technology/ukraine-russia-hackers.html.  See, for example, Shields Up, Cybersecurity & Infrastructure Security Agency, https://www.cisa.gov/shields-up (compiling best practices for organizations to adopt in light of heightened cybersecurity threats in the wake of Russia’s attack on Ukraine).  FinCEN alert at 9 a.m.  See Section 314(b) Fact Sheet, https://www.fincen.gov/section-314b. [View source.]