On March 7, 2022 , the Financial Crimes Enforcement Network (FinCEN) issued a warning around potential sanctions evasion attempts by Russia and Belarus, once again highlighting the need for institutions to enhance their due diligence checks and take a holistic risk-based approach when dealing with customers.
Following extensive updates to key sanctions regimes in the US, UK and Europe, the FinCEN have issued an alert advising institutions to increase their vigilance for potential sanctions evasion attempts by Russia and Belarus.
Sanctioned individuals and entities within Russia will likely attempt to evade sanctions by using non-sanctioned financial institutions, financial institutions in third countries, and virtual currencies.
Financial institutions (FIs) should increase awareness around their due diligence obligations and be mindful not to necessarily place total reliance on sanction screening as an indicator of illicit or sanctions related activity - especially around senior political figures with links to Russia and Belarus.
The alert restates previous red flags linked to Russian cybercrime and ransomware activity as it is considered likely that the threat from these will increase significantly on the back of geopolitical events.
🔴 Red Flags
The alert highlights some select red flag indicators to be mindful of, including:
- Use of legal persons to obscure ownership, source of funds, or countries involved, particularly in sanctioned jurisdictions.
- Use of third parties to shield the identity of sanctioned persons and/or Politically Exposed Persons (PEPs) seeking to hide the origin or ownership of funds, for example, to hide the purchase or sale of real estate.
- Accounts in jurisdictions that are experiencing a sudden rise in value being transferred to their respective areas or institutions.
- Newly established accounts that attempt to send or receive funds to/from an institution removed from SWIFT
- Non-routine foreign exchange transactions that are inconsistent with activity over the prior 12 months that may indirectly involve sanctioned Russian financial institutions.
- A customer’s transactions initiated from or sent to potentially suspicious Internet Protocol (IP) addresses: non-trusted sources; locations in Russia, Belarus, FATF-identified jurisdictions with deficiencies, comprehensively sanctioned jurisdictions
- A customer initiates a transfer of funds involving a Crypto mixing service.
📄 Are you Suspicious? Make a report
- Log a Suspicious Report with the FIC as soon as possible and within the mandated timelines
- Provide as many relevant (but succinct) details around the activity as possible and why it gives rise to suspicion
- Consider referencing the FIN-2022-RUSSIASANCTIONS alert in the SAR/STR/CTR report and correlate the connection between the suspicious activity being reported on and the activities addressed in the alert
💭 Be proactive
- Ensure appropriate staff are frequently trained on the evolving sanctions compliance landscape and potential red flags to be mindful of
- Update any adjustments to compliance internal policies, procedures, or processes
- Consider implementing a risk-based rapid response training plan to ensure staff are kept informed of sudden changes to the regulatory environment
- Make use of DocFox to identify any potential adverse media or links to the conflict surrounding clients you may have concerns around
Need more guidance on how to effectively manage your FICA related processes ?