As Russia formally invades Ukraine, sanctions, AML, cyber risks soar in cascade of global condemnation, uproar

Mushrooming sanctions require fincrime fighters to be nimble, creative, expansive

The actions included the imposition of full blocking and correspondent and payable-through account sanctions, and debt and equity restrictions, on institutions “holding nearly 80% of Russian banking sector assets,” Biden said in a statement.

The stated goal is to put the “squeeze” on Russia and make it harder for the country, its military and politically powerful and corrupt elites to access financial markets.

“I just spoke with the G7 leaders this morning, and we are in full and total agreement,” President Biden said. “We will limit Russia’s ability to do business in Dollars, Euros, Pounds, and Yen to be part of the global economy.”

The rapidly-expanding sanctions will require compliance teams to be creative and thorough, said Crystal Noe, head of Noe Compliance, who has more than two decades of experience in AML, sanctions and risk management roles, most recently holding top sanctions compliance posts at FaceBook and Citi.

“Keep in mind, as noted with recent OFAC settlements, you are also expected to search for and detect similar name variations, places of interest (ports, airports, etc), and apply technique/rules to enable geo-fencing (e.g. IP Blocking, rules for any data currently collected containing details that could point to this location like dialing prefix, address, passport, shipping address, etc).”

That a full-scale ground assault had begun was confirmed by reporters in the Ukrainian cities of Kyiv, Kharkiv and Odessa.

They noted explosions rocking the roiling region just moments after Putin’s announcement and other attacks by helicopters and military aircraft, with some pictures of unexploded rockets and shells sticking out of homes and buildings.

In a televised address as the attack started, Putin warned other countries that any attempt to interfere would “lead to consequences you have never seen in history.”

He makes such statements with the force of a stark reality behind him: even after reducing stockpiles in recent decades, Russia still has the largest stockpile of nuclear warheads in the world.

Even with the Russian bear bearing down on their country, Ukraine leaders were defiant, noting that the attack is an assault on freedom itself.

Ukrainian President Volodymyr Zelenskyy severed diplomatic ties with Moscow and declared martial law, even stating citizens had the right to bear arms and defend themselves.

“As of today, our countries are on different sides of world history,” Zelenskyy tweeted. “Russia has embarked on a path of evil, but Ukraine is defending itself and won’t give up its freedom.”

“A full-scale war in Europe has begun. … Russia is not only attacking Ukraine, but the rules of normal life in the modern world,” Adviser Mykhailo Podolyak said.

More than just sanctions risks – AML, cyber-attack threats ripple in wake of invasion

The widely-watched game of brinkmanship and now actual military invasion has broad implications for financial crime compliance departments, from the perspective of sanctions compliance, anti-money laundering (AML) review and reporting duties, cybersecurity defense and resilience and cyber-enabled fraud threat vectors.

Here are some snapshots:

Global, regional, FI sanctions risks:

On Monday, U.S. sanctions took aim at Russia’s sovereign debt, two massive Russian financial institutions, and Russian elites.

The U.S. issued full blocking sanctions on two large state-owned Russian financial institutions that provide key services crucial to financing the Kremlin and the Russian military: Vnesheconombank (VEB) and Promsvyazbank and their subsidiaries.

On Thursday, after the invasion was underway, further U.S. and allied sanctions targeted the country’s largest banks: Public Joint Stock Company Sberbank of Russia (Sberbank) and VTB Bank Public Joint Stock Company (VTB Bank).

Imposing correspondent and payable-through account sanctions on Sberbank – Russia’s largest bank – is “uniquely important to the Russian economy, holding about a third of all bank assets in Russia,” according to U.S. authorities.

As a result of the sanctions, within 30 days, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) is requiring all U.S. financial institutions to close any Sberbank correspondent or payable-through accounts and to reject any future transactions involving Sberbank or its foreign financial institution subsidiaries.

Payments that Sberbank attempts to process in U.S. dollars for its clients — with examples ranging from technology to transportation — will be disrupted and rejected once the payment hits a U.S. financial institution.

In tandem, OFAC has imposed full blocking sanctions on VTB Bank, Russia’s second-largest financial institution, which holds nearly 20 percent of banking assets in Russia.

OFAC has also imposed blocking sanctions on three additional major Russian financial institutions: Otkritie, Novikom, and Sovcom.

“By imposing these sanctions, assets held in U.S. financial institutions will be instantly frozen and inaccessible to the Kremlin,” according to U.S. Treasury statements.

Belarus sanctions angle:

The U.S. also sanctioned 24 Belarusian individuals and entities, including targeting Belarus’ military and financial capabilities by sanctioning two significant Belarusian state-owned banks, nine defense firms, and seven regime-connected official and elites.

The designated state-owned banks are: the Belarussian Bank of Development and Reconstruction Belinvestbank Joint Stock Company (Belinvestbank), the fourth largest financial institution in Belarus, and Bank Dabrabyt Joint-Stock Company (Bank Dabrabyt), the eleventh largest financial institution in the jurisdiction.

“Restrictions against Sberbank, VTB, and VEB, combined with the measures against Belarusian banks, target nearly one-fifth of the country’s entire financial sector,” U.S. Treasury Secretary Janet Yellen said in a statement.

AML and money laundering risks:

U.S. banks connected to large foreign correspondent networks, and rotund foreign banking groups with direct and correspondent connections to Russia and its proxies, also face more pressure to unravel connections to current and future Putin Cronies and oily oligarchs.

In that same vein, banks may be forced into a gauntlet of mini-lookbacks as sanctions rise to peer into the recent past.

The goal: To uncover prior money movements by graft-gilt, wealthy Russians who have likely been moving funds and assets out of Russia and potentially into historic stores of stolen wealth, like real estate, art or virtual value, in a preemptive move to evade expected future sanctions – that materialized this week.

Cybersecurity, cyber-enabled fraud risks:

Several Ukrainian government websites were offline following a cyberattack on Wednesday, a Ukrainian official confirmed on Telegram, with banks’ websites also being affected, according to the Hill.

Ukraine’s minister of digital transformation, Mykhailo Fedorov, said the disruptions, which began around 4 p.m. local time, were “another mass [distributed denial-of-service] DDoS attack” that targeted several state websites including the parliament, the foreign affairs and defense ministries, according to the publication.

This is the just the latest in a coordinated wave of cyberattacks going after Ukrainian government websites.

Last week, a top White House official said that Russian government hackers were allegedly behind cyberattacks targeting Ukraine’s Ministry of Defense and local banks, according to media reports.

Doubling down on debt, equity restrictions in financial, energy, telecoms, trade

Also on Thursday, the U.S. Treasury expanded Russia-related debt and equity restrictions to additional key aspects of Russia’s economy in a “move to limit Russia’s ability to finance its invasion against Ukraine or other priorities of President Putin.”

• Sberbank is Russia’s largest financial institution. Today, Sberbank was also identified as subject to the Russia-related CAPTA Directive.
• Gazprombank Joint Stock Company is Russia’s third-largest financial institution and is closely affiliated with the energy sector.
• Joint Stock Company Russian Agricultural Bank is Russia’s fifth-largest financial institution and closely affiliated with the agricultural sector.
• Public Joint Stock Company Gazprom is the world’s largest natural gas company.
• Public Joint Stock Company Gazprom Neft is one of Russia’s largest oil producers and refiners.
• Public Joint Stock Company Transneft (Transneft) manages Russia’s network of petroleum-related pipelines.
• Public Joint Stock Company Rostelecom is Russia’s largest telecommunications company.
• Public Joint Stock Company RusHydro is a hydroelectricity company and one of Russia’s largest power companies.
• Public Joint Stock Company Alrosa is the world’s largest diamond mining company, responsible for 90 percent of Russia’s diamond mining capacity, which accounts for 28 percent globally.
• Joint Stock Company Sovcomflot is Russia’s largest maritime and freight shipping company.
• Open Joint Stock Company Russian Railways is one of the world’s largest railroad companies.

OFAC as well identified the following three Russian entities for operating or having operated in the Russian financial services sector:

• Joint Stock Company Alfa-Bank is Russia’s largest privately owned financial institution, and Russia’s fourth-largest financial institution overall.
• Credit Bank of Moscow Public Joint Stock Company is Russia’s largest non-state public bank and Russia’s sixth-largest financial institution.
• Sberbank, which is described above.

The administration also worked with Germany to ensure the Nord Stream 2 pipeline would not move forward.

As bombs drop, world leaders wail, gnash teeth, world wonders: Why?

As sanctions bite, fincrime compliance professionals should also take a closer look at Russia’s top trading partners, with China at the top of the list, outpacing every other country by far, with nearly $50 billion in Russian exports to the region, according to industry estimates.

Russia’s other top export partners include the Netherlands, the United Kingdom, Germany, Belarus and, at No. 10, the U.S.

While large, international banks fret over sanctions compliance challenges, and work to anticipate how Russia will try to evade sanctions with the help of longtime allies and trading partners, many in the world simply want to know, why?

Why did Russia invade Ukraine?

The reasons are manifold, but chiefly boil down to Putin himself not wanting a neighbor and former part of the crumbled Soviet Union to become an ally – of many of his sworn foes, according to analysis by U.S. News and World Report.

“Ukraine’s ambitions to align itself more with Western countries – including its publicly stated interest in joining NATO, which itself was founded at least in part to deter Soviet expansion – has been met with aggression from Russia,” the council notes, as reported by the publication.

Tensions boiled over in 2014 after Ukrainians ousted a Russia-aligned president.

“Russia – under the dubious claim of protecting ethnic Russians and Russian-speakers from Ukrainian persecution – annexed the Crimea region of Ukraine in a move widely condemned by the international community,” a harbinger of things to come.

One of Russia’s top demands has been to prevent Ukraine from joining NATO, a military alliance between 28 European countries and two North American countries dedicated to preserving peace and security in the North Atlantic area, according to the report.

“The former Soviet state is one of just a few countries in Eastern Europe that aren’t members of the alliance,” putting a critical pressure point right on Russia’s doorstep and would be an affront to Putin’s own perceptions of projecting authority and influence on the international geo-political stage.

“The Kremlin in general views NATO expansion as a “’fundamental concern,’” according to a translated readout of a Jan. 28 call between Putin and French President Emmanuel Macron, according to the report.

While many fincrime compliance teams are still fretting about how to properly digest and implement so many sanctions updates so quickly, one longtime designation denizen is calling on public and private sector entities to pull back, if just for a moment, and see the historic repercussions of the day.

“Today was an amazing day if you were a sanctions person,” said Eric Sohn, publisher of MrWatchlist.com, in a social media post. “Just amazing in the scope and breadth of what they did, and the level of cooperation and coordination was stunning.”