The Financial Crimes Enforcement Network (“FinCEN”) and the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) recently issued Joint Notice FIN-2023-NTC2, “Announnc[ing] New Reporting Key Term and Highlight[ing] Red Flags Relating to Global Evasion of U.S. Export Controls” (the “Joint Notice”). As we have blogged (here and here), these agencies issued two prior joint alerts warning financial institutions (“FIs”) about efforts by individuals or entities to evade Russia-related export controls administered by BIS.

The practical import of the Joint Notice – which re-emphasizes the focus of the U.S. government on fighting sanctions evasion – is that many customers involved in international trade should be subject to some degree of enhanced due diligence by FIs, simply because they participate in international trade.  FIs should review and adjust their risk assessments accordingly.


As the Joint Notice explains, BIS administers and enforces export controls on dual-use and less sensitive munitions items through the Export Administration Regulations (“EAR”).  Dual-use items are commodities, software, or technologies that have both a commercial use and a use for military applications or biological, nuclear, or chemical weapons of mass destruction.  BIS therefore controls the export, re-export, and transfer of items, including items produced abroad, based on their technical specifications and their intended end-use or end-user.  BIS also controls items based on their technical performance parameters in the Commerce Control List, which specifies the reason for control (such as national security) and links to the Commerce Country Chart specifying the countries to which such exports require a license.

More Red Flags

The Joint Notice lists 13 new “red flags” for FIs “to consider when attempting to identify transactions potentially tied to the illicit acquisition of items subject to the EAR.  Such transactions include, for example, advanced technologies that can be used in new or novel ways to enhance adversaries’ military capabilities or support mass surveillance programs that enable human rights abuses.”  According to the Joint Notice, FIs – “particularly banks, credit card operators, and foreign exchange dealers” should rely on their “internal risk assessments to employ appropriate risk-mitigation measures consistent with their underlying BSA obligations” when servicing customers involved in international trade, including the maritime industry.

Some of the red flags are relatively straight-forward and involve customer information to which a FI typically will have direct access, such as “[a] customer lacks or refuses to provide details to banks, shippers, or third parties, including details about end-users, intended end-use(s), or company ownership.” 

However, many other listed red flags involve information that would require a FI to perform a high degree of due diligence into the specifics of particular transactions between the FI’s customer and the customer’s customer, particularly given the EAR’s complexity.  For example:

  • Purchases under a letter of credit that are consigned to the issuing bank, not to the actual enduser. In addition, supporting documents, such as a commercial invoice, do not list the actual end-user.
  • Parties to transactions listed as ultimate consignees or listed in the “consign to” field appear to be mail centers, trading companies, or logistics companies.
  • The item (commodity, software or technology) does not fit the purchaser’s line of business.
  • The customer is significantly overpaying for an item based on known market prices.
  • Transactions involve a purported civil end-user, but basic research indicates the address is a military facility or co-located with military facilities in a country of concern.

Many of the listed red flags appear to be predicated upon the following comment/assumption in the Joint Notice:  “Financial institutions directly involved in providing trade financing for exporters also may have access to information relevant to identifying potentially suspicious activity. This may include the financial institutions’ customers’ end-use certificates, export documents, contracts, or other documentation, such as those associated with letters of credit-based trade financing.”  Arguably, some of the listed red flags are better suited for consideration by the import/export or maritime company itself, to determine whether its own purported customer is a shell, front or nominee acting on behalf of a bad actor.

New Key SAR Term

The Joint Notice announces a new “key term” for Suspicious Activity Report (“SAR”) filings regarding “efforts to evade U.S. export controls beyond the Russia-related circumstances” upon which the two prior alerts focused.  Specifically, FIs should reference the Joint Notice by including the key term “FIN-2023-GLOBALEXPORT” in SAR field 2.  The narrative section of the SAR should provide as much detail as possible and should describe the connection between the suspicious activity being reported and the activities highlighted in the Joint Alert, and should highlight any additional applicable advisory or alert keywords.  Accordingly, FIs also should continue to use the existing key term “FIN-2022-RUSSIABIS” when filing SARs related to potential Russian export control evasion, “and should consider using both codes if they believe, but are unsure, of whether certain export control evasion activity is related to Russia.”

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.