Search results for: OFAC

On March 31, 2026, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an advisory on sham transactions, highlighting the compliance risks financial institutions must navigate when facilitating international property transactions.

What is a Sham Transaction?

OFAC defines a “Sham Transaction” as one in which a blocked person, typically operating through proxies or intermediaries, effectuates the transfer or concealment of a continuing interest in property, without genuinely extinguishing said interest, in an attempt to evade U.S. sanctions. In other words, sham transactions are those in which an individual appears to relinquish property on paper but remains effectively in control of it.

Who do Sham Transactions Apply To?

OFAC publishes a List of Specially Designated Nationals and Blocked Persons (“SDN List”) that is intended to restrict the access of the named individuals to the American financial system by preventing them from transferring, withdrawing, or otherwise dealing with any property and interests that are within the United States or within the possession or control of a U.S. person and prohibiting U.S. persons from transacting with them.

If an individual is blocked, their assets are frozen, and they are unable to exercise the powers and privileges of their property and interests without authorization from OFAC.

How Do Sham Transactions Operate?

OFAC identifies numerous methods by which blocked persons conceal their property interest, often by manipulating opaque legal structures and working with proxies. The following are some examples of sham transactions:

  • A blocked oligarch transferred ownership of his private jet to a trust, whose sole beneficiary was his unsanctioned wife, while the oligarch continued to use the jet for travel.
  • A blocked person transferred millions of dollars of funds into trusts held for his minor children and then attempted to move these funds through U.S. banks.
  • Following its designation, a company sanctioned for narcotics trafficking was reincorporated under a different name with new nominal owners while continuing the blocked company’s operations.

How Can Financial Institutions Recognize a Sham Transaction?

OFAC’s advisory highlights a non-exhaustive set of red flags that may indicate a sham transaction. The advisory stresses the importance of employing a functional approach, considering the totality of the circumstances, when evaluating a potential sham transaction.

For additional analysis on OFAC guidance, see our related posts here.

The following are some indications financial institutions should be aware of when evaluating a transaction:

  • Commercially Unreasonable Transactions: Transfers of property in which a blocked person once held an interest on terms that are commercially unreasonable or at odds with fair market value may indicate a sham transaction.
  • Transfer to Family Members or Close Associates: Transfers of property to an individual with close personal or professional ties may indicate that the receiving party is acting as a nominal owner and may be acting on behalf of the transferring party.
  • Unclear Purpose: Transfers to an individual with no clear business purpose or relevant expertise with respect to the property at issue may be evidence of a sham transaction.
  • Complex Corporate Structures and High-Risk Jurisdictions: The presence of unnecessarily complex corporate structures, particularly in jurisdictions that lack robust regulatory oversight, may suggest an effort to conceal true ownership interests.
  • Involvement of a Blocked Person: If the circumstances indicate that a blocked person remains involved in the operation of a property, they may hold a concealed interest. The use of evasive or vague responses regarding the extent of a blocked person’s involvement may present further indicia of a concealed interest.
  • Transfer At Time of Designation: If a property or interest is transferred immediately preceding or following a person’s designation by OFAC, the transaction may warrant additional scrutiny.

Guidance for Financial Institutions

If financial institutions become aware that a blocked person once held an interest in property, OFAC recommends reviewing the available information to see if any of the above-listed red flags are present. OFAC acknowledges in its advisory that institutions may encounter legitimate business transactions where this occurs and does not wish to interfere with parties and institutions who seek to comply with OFAC sanctions in good faith.

If institutions become aware that a blocked person retains an interest in property that is held within the United States or is in the possession or control of a U.S. person, the property must be blocked and reported to OFAC.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.  Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

On November 4, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated eight individuals and two entities for their involvement in laundering funds derived from illicit schemes originating in the Democratic People’s Republic of Korea (DPRK).  These activities included cybercrime operations and information technology (IT) worker fraud, both connected to revenue streams supporting North Korea’s nuclear weapons and ballistic missile programs.

North Korean Cybercrime, IT Worker Sanctions Evasion

The OFAC announcement identified cybercrime as a major mechanism for DPRK-affiliated actors to obtain funds outside legitimate financial channels.  Reports estimate that these actors have stolen over $3 billion—primarily in cryptocurrency—using, among other methods, advanced malware techniques and social engineering tactics.  OFAC’s November 4th announcement identified sanctioned individuals and financial entities pursuant to its authority under Executive Orders 13694 (as amended), 13810, as well as other relevant orders, for providing material assistance or support for illicit cyber activities, engaging in commercial conduct that generates revenue for the DPRK, and/or facilitating transactions involving the property or interests in property of designated entities.

Additionally, OFAC noted ongoing fraudulent activities involving North Korean IT workers operating abroad.  Despite prohibitions outlined in Paragraph 17 of United Nations Security Council Resolution 2375 against granting work authorizations to DPRK nationals absent UN approval, these individuals reportedly continue to earn income globally by obfuscating their identities when engaging with freelance platforms and employers.  According to the Multilateral Sanctions Monitoring Team report titled, “The DPRK’s Violation and Evasion of UN Sanctions Through Cyber and Information Technology Worker Activities,” at least a portion of the earnings generated by the IT teams are used in support of  DPRK objectives, including weapons development and production, domestic infrastructure projects, and the procurement of consumer goods.

Blocking Requirements and Financial Networks Targeted by OFAC Sanctions

Under the new sanctions, all property or interests in property belonging to the designated parties that are within the United States or under possession or control of U.S. persons are blocked and must be reported to OFAC.  Entities directly or indirectly owned (individually or collectively at least fifty percent) by one or more blocked persons also become subject to blocking requirements.  Unless specifically authorized by an OFAC license or exempted by regulation, transactions involving sanctioned individuals or entities are generally prohibited if conducted by U.S. persons or occur within, or transit through, the United States.

Financial institutions and other organizations may face secondary sanctions risk if they engage in certain transactions with sanctioned parties, including providing funds, goods, services (or receiving such contributions from those individuals or entities) even if not intentionally facilitating sanctionable conduct.

Among those recently designated by OFAC are key North Korean financial institutions along with several senior representatives. These include:

  • Jang Kuk Chol and Ho Jong Son, bankers at U.S.-designated First Credit Bank, managed funds, including $5.3 million in cryptocurrency, on behalf of the designated institution;
  • Korea Mangyongdae Computer Technology Company along with its current president U Yong Su, organizing IT worker delegations to China and employing Chinese nationals as banking proxies;
  • Ho Yong Chol facilitated $2.5 million transfer in U.S. dollars (USD) and Chinese yuan (CNY) on behalf of the U.S.-designated Korea Daesong Bank;
  • Han Hong Gil, employee at U.S.-designated Koryo Commercial Bank, facilitated $630,000 in transactions on behalf of U.S.-designated Ryugyong Commercial Bank;
  • U.S.-designated Foreign Trade Bank (FTB) chief representative Jong Sung Hyok;
  • Ri Jin Hyok, also a representative of FTB, facilitated transactions worth over $350,000 in USD, CNY, and euros through a front company;
  • Choe Chun Pom, official at U.S.-designated Central Bank of DPRK, facilitated transactions worth over $200,000; and
  • Ryujong Credit Bank engaged in sanctions evasion activities, including remitting North Korea’s foreign currency earnings, money laundering, and conducting financial transactions for overseas North Korean workers.

These designations illustrate methods employed by DPRK-linked networks such as deploying front companies abroad, leveraging international proxies for banking activity intended to obscure transaction originators/beneficiaries, moving earnings from overseas IT workforces into state channels via complex cross-jurisdictional arrangements, as well as utilizing digital assets for sanctions evasion purposes.

Compliance Implications for Financial Institutions and AML Practices

For industry practitioners focused on anti-money laundering compliance, including banks and fintech providers, this regulatory action highlights continued expectations regarding enhanced due diligence practices around high-risk geographies and typologies associated with state-sponsored illicit finance activity.  Monitoring customer onboarding processes for indicators like frequent use of freelance hiring platforms under suspicious circumstances is among several areas cited by authorities where vigilance is warranted given current trends.

In summary: The November 2025 designations reflect evolving approaches used in DPRK-related money laundering schemes across digital asset ecosystems and traditional financial systems alike.  Regulatory compliance teams should evaluate existing frameworks governing exposure risk assessment relative to updated guidance while ensuring processes align with current reporting/blocking obligations where applicable under U.S., UN-sanctioned measures, or similar regimes implemented elsewhere internationally.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.  Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

In a significant move to curb illegal activities at the U.S. Southwest border, the Financial Crimes Enforcement Network (FinCEN) issued an alert, on May 1, 2025, concerning oil smuggling from Mexico into the United States, orchestrated by notorious cartels such as the Cartel Jalisco Nueva Generacion (CJNG). This alert highlights the crucial role of financial institutions in identifying and reporting suspicious activities linked to this illicit trade. It forms part of a broader initiative involving U.S. law enforcement agencies, including the Treasury’s Office of Foreign Assets Control (OFAC), the DEA, FBI, and Homeland Security Investigations (HSI), all working in concert to dismantle the financial networks underpinning these transnational criminal operations. (See related blog posts here and here.) Simultaneously, OFAC announced sanctions against key individuals and entities connected to CJNG, which are involved in drug trafficking, fuel theft, and oil smuggling, generating extensive illicit revenues. Together, FinCEN and OFAC aim to outline specific financial typologies and red flags to effectively combat these smuggling schemes.

The Cartel’s Revenue Streams: Beyond Drugs

Crude oil smuggling has emerged as a significant revenue source for cartels like CJNG, Sinaloa, and Gulf Cartel, who have been implicated in stealing oil from Petróleos Mexicanos (Pemex). This stolen oil crosses the U.S. southwest border, finding its way into the hands of small U.S.-based oil companies. The ramifications are significant: exacerbating violence and corruption in Mexico while disrupting legitimate business operations in the U.S. oil market. Recognized as a Foreign Terrorist Organization (FTO) and Specially Designated Global Terrorist (SDGT), CJNG is involved in trafficking fentanyl and other narcotics into the U.S., contributing to economic instability. Recently, these groups have broadened their criminal portfolios to include fuel theft and crude oil smuggling, resulting in notable financial losses for the Mexican government and facilitating violence along the border.

Huachicol: The Mechanics of Smuggling

Cartels exploit existing trade flows to smuggle crude oil into the United States, taking advantage of Mexico’s export of unrefined and partially refined crude oil. They employ various illicit methods such as bribing employees, tapping pipelines, and hijacking tanker trucks to steal oil from Pemex. The stolen oil is often mislabeled as “waste oil” to avoid scrutiny and is sold at discounted rates by complicit importers in U.S. energy markets. This practice, known as huachicol, represents a substantial revenue source for cartels, with profits funneled back to sustain their operations.

Financial Institutions’ Role in Reporting

FinCEN has requested financial institutions to include the term “FIN-2025-OILSMUGGLING” in Suspicious Activity Reports (SARs) to enhance tracking of these activities. This initiative leverages financial oversight to combat transnational criminal organizations (TCOs), aiding law enforcement agencies in gathering data for targeted investigations.

Financial Typologies and Red Flags

Oil smuggling operations are characterized by complex financial maneuvers designed to disguise the origin and movement of funds. Cartels employ brokers to transport stolen oil, collaborating with U.S. importers who sell it in domestic and international markets. The proceeds are routed through multiple accounts, often via wire transfers that obscure transactions. Front and shell companies further mask operations, making it difficult for authorities to trace funds. FinCEN’s alert advises financial institutions to monitor for indicators such as below-market pricing, unusual profit margins, lack of appropriate registrations, and complex wire transfers across jurisdictions. To assist financial institutions in identifying suspicious activities related to oil smuggling, FinCEN has outlined several red flag indicators:

  1. Transactional Activity and Profit Margins: Companies exhibiting transactional activity or profit margins significantly above industry norms may warrant further scrutiny.
  2. Pricing of Crude Oil: Selling crude oil at prices well below market rates could indicate illicit sourcing.
  3. Online Presence: Companies with minimal online presence or websites that mimic major industry players may be attempting to legitimize illicit operations.
  4. Inconsistencies in Business Operations: Discrepancies between claimed business activities and transactional behavior, such as purchasing waste oil despite a focus on crude oil sales, are potential indicators.
  5. EPA Registrations: Companies dealing with waste oil or hazardous materials without appropriate registrations from the U.S. Environmental Protection Agency (EPA) should be examined.
  6. Shell Company Activity: Sudden, significant transactional activity with companies lacking online presence and exhibiting other characteristics of shell companies.
  7. Wire Transfer Patterns: Complex wire transfer patterns involving multiple jurisdictions and accounts may be designed to obscure the origins and destinations of funds.

These indicators are not individually determinative of illicit activity, but when combined, they can provide a comprehensive profile of potentially suspicious operations.

Strategic Sanctions: Targeting Key Players

The FinCEN alert aligns with OFAC sanctions targeting individuals and entities involved in oil smuggling, aiming to dismantle networks facilitating illegal activities. Key figures sanctioned under Executive Orders 14059 and 13224 include CJNG leader Cesar Morfin Morfin, linked to both drug trafficking and oil theft. Associates and transportation companies involved in these operations have also been sanctioned, reinforcing efforts to dismantle the operational infrastructure of CJNG.

Collaborative Efforts and Compliance

FinCEN emphasizes the importance of information sharing under section 314(b) of the USA PATRIOT Act. Collaboration among financial institutions is crucial for tracing and preventing the movement of illicit funds. Sharing account or transaction information does not violate SAR confidentiality unless it reveals a SAR, allowing institutions to support investigations without legal complications. This complements the Treasury Department’s strategy of using sanctions to counter TCOs, reinforcing efforts to address narcotics trafficking and related crimes.

Conclusion: A Unified Approach

The FinCEN alert and OFAC sanctions represent a coordinated strategy to address cartel operations like those of CJNG. These measures provide insights into oil smuggling methodologies and aim to impact illicit revenue streams. Financial institutions play a key role in this process by adhering to outlined measures, supporting the integrity of the financial system and enhancing regional security. By targeting key figures and networks, U.S. authorities aim to contribute to a safer and more stable international environment, with financial entities playing an essential role in these efforts.

In this multifaceted approach, the collaboration between law enforcement and financial institutions is important to dismantling the intricate networks that support these criminal enterprises, paving the way for more effective interventions and a reduction in cartel-driven violence and instability.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

In a closely watched and complicated case, Van Loon et al. v. Dep’t of the Treasury et al., the U.S. Court of Appeals for the Fifth Circuit ruled that the Office of Foreign Assets Control (“OFAC”) cannot sanction Tornado Cash, “an open-source, crypto-transactions software protocol that facilitates anonymous transactions by obfuscating the origins and destinations of digital asset transfers.” The opinion, which reversed the ruling of the District Court, is here.  A recording of the oral argument is here. The opinion is complex but written in a very clear style.

We previously blogged on OFAC’s designation of Tornado Cash (here) and the resulting civil suit (here). We also covered the indictment returned against the alleged developers of Tornado Cash, Roman Storm and Roman Semenov, who were charged with conspiring to commit money laundering, operating an unlicensed money transmitting business, and violating sanctions under the International Emergency Economic Powers Act, or IEEPA (here). The DOJ subsequently obtained a superseding indictment against Storm only (here); Storm’s trial currently is scheduled for April 2025). When the initial indictment was unsealed, Treasury simultaneously sanctioned Semenov, who remains outside the U.S., by adding him to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List. 

These actions are a reminder that, putting aside the complex issues presented by the Fifth Circuit decision regarding OFAC’s (in)ability to sanction a technology, law enforcement and regulators still can pursue people for related alleged conduct. And, invariably, people are involved in a technology.

Continue Reading Fifth Circuit Rejects OFAC Designation of Tornado Cash Immutable Smart Contracts

Complex Civil and Criminal Cases Converge

On August 17, 2023, Judge Robert Pitman of the federal district court for the Western District of Texas issued an Order granting summary judgment for the U.S. Treasury Department (“Treasury”) in a lawsuit brought by six individuals, and denying the cross-motion for summary judgment filed by the individuals. The lawsuit alleged that Treasury overstepped its authority by imposing sanctions on the coin mixing service Tornado Cash.  Deciding for the government, Judge Pitman determined that Tornado Cash is a “person” that may be designated by OFAC sanctions.  Specifically, the regulatory definition of “person” includes an “association,” and Tornado Cash is an “association” within its ordinary meaning.

Shortly thereafter, on August 23, 2023, the U.S. Department of Justice (“DOJ”) unsealed an indictment returned in the Southern District of New York against the alleged developers of Tornado Cash, Roman Storm (“Storm”), a naturalized citizen residing in the U.S., and Roman Semenov (“Semenov”), a Russian citizen.  The indictment charges them with conspiring to commit money laundering, operate an unlicensed money transmitting business, and commit sanctions violations involving the International Emergency Economic Powers Act, or IEEPA.  When the indictment was unsealed, Storm was arrested and then released pending trial.  Treasury simultaneously sanctioned Semenov, who remains outside of the U.S., adding him to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List.

These are very complicated cases raising complicated issues.  They are separate but obviously related.  As we will discuss, the factual and legal issues tend to blend together, and how a party characterizes an issue says a lot about their desired outcome:  has the government taken incoherent action against a technology, or has it pursued a group of people attempting to hide behind tech?

Continue Reading All Roads Lead to Roman: Alleged Tornado Cash Co-Founders Roman Storm Arrested and Roman Semenov Sanctioned, Days After Treasury Defeats Lawsuit Challenging OFAC

Yesterday, the Department of the Treasury announced that Andrea Gacki, who had been serving as the Director of the Office of Foreign Assets Control (OFAC), has been appointed as the Director of the Financial Crimes Enforcement Network (FinCEN).

FinCEN, which faces a daunting agenda and associated timelines courtesy of the Anti-Money Laundering Act and the Corporate Transparency Act, has been without a Director for some time.  The fact that the (now former) Director of OFAC was appointed to head FinCEN says a lot about the critical importance of sanctions — particularly the unfolding sanctions relating to Russia — to the Treasury Department and the Biden Administration in general.

The Treasury Department’s press release sums everything up. It is set forth below.

Ms. Gacki presently serves as the Director of [OFAC] at the Treasury Department, where she has played a leading role in the United States Government’s implementation and enforcement of economic sanctions during critical national security challenges facing the United States. She also performed the functions of the Treasury Department’s Under Secretary for Terrorism and Financial Intelligence (TFI), giving her deep experience and expertise on the unique role that TFI, including FinCEN, plays in combatting illicit finance threats.

“I am honored and excited to serve as the Director of FinCEN. FinCEN plays a vital role in safeguarding the U.S. financial system, and I look forward to leading the FinCEN team in these important efforts,” said Director Gacki. “I also look forward to continuing FinCEN’s critical efforts to implement the Anti-Money Laundering Act of 2020, including the Corporate Transparency Act.”

“Andrea is an outstanding and widely respected leader, and I am confident that she will excel as the Director of FinCEN during this critical time in FinCEN’s history,” said TFI Under Secretary Brian Nelson. “Her deep experience leading significant national security initiatives on behalf of the Treasury Department and the broader U.S. Government will be key assets to FinCEN and TFI in her new role.”

Acting FinCEN Director Himamauli “Him” Das will continue in his role during the transition period and assist Ms. Gacki in her onboarding process. “Treasury is deeply appreciative of Him for his dedication, professionalism, and leadership these past two years. He steered the Bureau through unprecedented times where the demands increased exponentially, and he achieved remarkable accomplishments during his tenure, including overseeing the Bureau’s implementation of the Corporate Transparency Act,” said Under Secretary Nelson.

Prior to her service as Director of OFAC, Ms. Gacki served in multiple senior leadership roles at OFAC, including Deputy Director, Associate Director for Compliance and Enforcement, and Assistant Director for Licensing. Prior to OFAC, Ms. Gacki served as a trial attorney in the Federal Programs Branch of the Civil Division of the U.S. Department of Justice (DOJ), where she litigated a range of matters implicating key TFI legal authorities. Ms. Gacki began her career as an associate at a large international law firm following a clerkship for the Honorable Avern Cohn on the U.S. District Court for the Eastern District of Michigan. She earned her undergraduate and law degrees at the University of Michigan.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

The Office of Foreign Asset Control (“OFAC”) announced on June 20 that Swedbank Latvia AS (“Swedbank Latvia”), a subsidiary of Swedbank AB (“Swedbank AB”) headquartered in Riga, Latvia, agreed to pay $3,430,900 to settle its potential civil liability for 386 “apparent” violations of OFAC sanctions involving Crimea.  Specifically, Swedbank Latvia allegedly allowed a client to initiate payments from Crimea through an e-banking platform that ultimately were processed by a U.S. correspondent bank. The settlement amount reflects OFAC’s determination that Swedbank Latvia’s conduct was “non-egregious” – but not voluntarily self-disclosed.

Although unrelated to this OFAC action, Swedbank Latvia was the topic of a 2019 internal investigation report commissioned by Swedbank AB revealing that from before 2007 through 2016, Swedbank Latvia (and Swedbank Estonia) actively pursued certain high-risk customers as a business strategy.  This conduct, related to the Danske Bank scandal and its now-notorious Estonian Branch, resulted in Swedish and Estonian authorities ordering Swedbank AB in 2020 to pay a record 4 billion Swedish Krona (then, approximately $38 million) in anti-money laundering related penalties.

This OFAC enforcement action involves alleged conduct which occurred even before Russia’s 2022 unprovoked invasion of Ukraine, the ensuing host of expanded U.S. sanctions, and the recent drive by U.S. regulators and prosecutors to combat the attempted evasion of Russia sanctions and export controls.  The enforcement action reflects how OFAC can learn of potential sanctions violations through other financial institutions.  It also emphasizes, once again, some of the risks inherent in providing correspondent bank services to foreign banks, and the need for good communication between U.S. and foreign banks.  It further reflects the need for a financial institution (or any company) to integrate customer data into a sanctions compliance program, keep up to date on evolving sanctions, and pursue potential red flags of non-compliance – including in the face of customer representations of compliance.

Continue Reading Swedbank Latvia Settles with OFAC for Apparent Crimea Sanctions Violations

On April 13, the State of Wyoming took the extraordinary step of filing a request for permission to intervene in the ongoing dispute between Custodia Bank, Inc. (“Custodia”) and the Board of Governors of the Federal Reserve System (“the Fed”) and the Federal Reserve Bank of Kansas City.  This dispute involves a complaint (now amended) filed by Custodia – a state-chartered special purpose depository institution (“SPDI”) based in Cheyenne, Wyoming – against the Fed and the Federal Reserve Bank of Kansas City, alleging that the defendants improperly denied Custodia’s application for a “master account” with the Fed. Generalizing greatly, having a master account allows financial institutions to operate in the normal course as a custodial bank in the U.S.  Having a Fed master account is therefore critical to any institution looking to operate in the U.S. financial system.

In a nutshell, Wyoming’s request to intervene critiques the defendants because of their “view of perceived inadequacies in Wyoming’s laws and regulations for SPDIs, [which are] partially responsible” for the denial of Custodia’s master account application.  More specifically, Wyoming accuses the defendants of seeking to treat Wyoming SPDIs in an inequitable manner, thereby “treating state-chartered non-federally regulated banks as second-class banks ineligible to compete with federally-regulated ones.”

This blog post focuses on an important issue referenced seemingly in passing in Wyoming’s request for permission to intervene, which is clearly motivating in part the filing by Wyoming:  on March 24, 2023, the Fed made public its January 27, 2023  Order Denying Application for Membership (the “Order”) by Custodia, which had requested the Fed’s approval under Section 9 of the Federal Reserve Act to become a member of the Federal Reserve System.  According to Wyoming, the Fed’s decision to deny Custodia’s application has the effect of preventing Custodia and other Wyoming SPDIs from ever being able to attain the status of federal regulation.  We focus here on the Order because of its much broader anti-money laundering (“AML”) and sanctions implications for any banks which are contemplating targeted services for the digital asset industry.  The 86-page Order is very detailed, and often also discusses safety and soundness concerns, as well as other issues.

As we discuss, the Order suggests that any bank will have a hard time convincing the Fed that crypto-heavy banking services can comply with the requirements of the Bank Secrecy Act (“BSA”) and U.S. sanctions law.  Likewise, the Fed has expressed its skepticism in the Order that blockchain analytics services, even when applied skillfully and with the best of intentions, actually can satisfy the BSA and U.S. sanctions law due to limitations inherent in crypto transactions relating to knowing with confidence who is actually conducting the transactions.  This same issue was also noted by the recent report by the U.S. Treasury regarding perceived AML and sanctions vulnerabilities in decentralized finance providers.

Continue Reading State of Wyoming Wades Into Custodia Bank Dispute with Federal Reserve — In Wake of Fed’s Rejection of Bank Due to Crypto-Related AML and OFAC Concerns

Actions Highlight Risky Mix of Sanctions Law, Inadequate Transaction Monitoring and Dealing with Anonymity-Enhanced Cryptocurrencies

The Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network (“FinCEN”) announced on October 11 simultaneous settlements with Bittrex, Inc. (“Bittrex”), a virtual currency exchange and hosted wallet provider. Under the OFAC settlement, Bittrex has agreed to pay $24,280,829.20 to settle its potential civil liability for 116,421 alleged violations of multiple sanctions programs. Under the FinCEN consent order, Bittrex agreed to pay a civil penalty of $29,280,829.20 for alleged anti-money laundering (“AML”) violations under the Bank Secrecy Act (“BSA”). FinCEN has agreed to credit Bittrex’s payment to OFAC against its penalty because it found that the alleged BSA violations “stem from some of the same underlying conduct”; thus, Bittrex’s total payments to the two regulators come to $29,280,829.20. 

According to the Department of the Treasury dual press release, the two settlements represent the first parallel enforcement actions by FinCEN and OFAC in the virtual currency and sanctions space. Also, it is OFAC’s largest virtual currency enforcement action to date. To further highlight the importance of the settlements, the press release quotes the OFAC Director Andrea Gacki and FinCEN Acting Director Himamauli Das, both sternly warning operators in the same environment as Bittrex to implement effective AML compliance and sanction screening programs.

It is conceivable that Bittrex, for years now, has been on notice that federal and state regulators are closely watching and expecting more comprehensive risk assessment programs and procedures from businesses transacting with virtual currency. As we previously blogged here, in 2019 the New York Department of Financial Services (“NYDFS”) denied Bittrex’s application for a Bitlicense, citing: “deficiencies in Bittrex’s BSA/AML/OFAC compliance program; a deficiency in meeting the Department’s capital requirement; and deficient due diligence and control over Bittrex’s token and product launches.”  In its letter denying Bittrex’s application, NYDFS set forth in detail the deficiencies it found in Bittrex’s BSA/AML/OFAC compliance program, noting that Bittrex’s compliance policies and procedures “are either non-existent or inadequate.”

As we will discuss, the FinCEN consent order highlights Bittrex’s alleged failure to address adequately the overall risk environment in which it operated, including transactions involving anonymity-enhanced cryptocurrencies, or AECs.  The consent order also highlights two repeated themes in enforcement actions: lack of adequate compliance staff, and a seemingly robust written compliance policy that was not matched by an effective day-to-day transaction monitoring system.

Continue Reading OFAC and FinCEN Settle with Bittrex in Parallel Virtual Currency Enforcements

Complaint Illustrates Existential Fight Over OFAC’s Ability to Sanction Open-Source Code – and OFAC Responds (?) By Issuing FAQs on Tornado Cash Use

Last month, the Office of Foreign Assets Control (“OFAC”) sanctioned Tornado Cash, a virtual currency “mixer” operating on the Ethereum blockchain which allegedly has been used to launder the virtual currency equivalent of more than $7 billion since its creation in 2019, by adding it to the Specially Designated Nationals and Blocked Persons List (the “SDN List”). The initial response from certain elements of the crypto community was, not surprisingly, negative: for example, an 8/15 Coin Center whitepaper and an 8/23 letter from Congressman Tom Emmer to Treasury Secretary Janet Yellen argued that OFAC lacked the legal authority.

In the intervening month, things have heated up considerably. Last week, six plaintiffs filed a complaint against OFAC and the Treasury Department, as well as Secretary Yellen and OFAC Director Andrea Gacki in their respective official capacities, in the Western District of Texas (Waco Division), seeking declaratory and injunctive relief – specifically, that the court declare OFAC’s addition of Tornado Cash to the SDN List as unlawful, and permanently enjoin the enforcement of the designation and any sanctions stemming therefrom.  Plaintiffs allege that venue is proper due to Plaintiff Joseph Van Loon’s residence in Cedar Park, TX, within the Western District.  Plaintiffs’ decision to opt for the Waco Division, rather than the Austin Division, may be intentional, because the Waco Division has only one judge, who until recently has been the go-to choice for patent litigation plaintiffs.

The complaint has and will continue to draw considerable attention.  It lays out the framework for a fascinating question:  under existing law, can OFAC act directly against a piece of technology such as open-source code?  Or, must OFAC pursue enforcement, through a more difficult, piece meal and time-consuming process, only against specific individuals and specific legal entities? Presumably, both sides will invoke broad policy-related and equity-related arguments regarding “privacy,” “transparency,” and the need to fight crime.  However, the key issue may come down to a more traditional and rather dry legal issue of parsing the meaning of statutory language.

Continue Reading Civil Complaint Challenges OFAC’s Tornado Cash Sanctions