As we have noted on numerous occasions, the U.S. Russia Sanctions and Export Control Program is unprecedented and a compliance challenge for all organizations.   In another unprecedented action, the Justice Department and the Departments of Commerce and Treasury issued a Joint Compliance Note (“JCN”)on the importance of compliance with the Russia Sanctions and Export Control requirement, which provides important descriptions of red flags and tactics used by organizations and individuals to evade applicable sanctions and export controls.  In doing, DOJ, the Office of Foreign Asset Control (“OFAC”) and the Bureau of Industry and Security (“BIS”) have provided important guidance on government expectations and alerts to common scenarios that pose high-risk activities.

All compliance and trade compliance professionals should review the JCN since it sets out important and instructive information needed to ensure compliance.  The key focal point, according to the JCN, is the use of third-party intermediaries and transshipment points that can be used to evade Russian and Belurusian sanctions and export controls.  This is the first collective compliance guidance issued by the Justice Department and the Departments of Treasury and Commerce.

The JCN underscores the importance that DOJ, OFAC and BIS place on organizations to implement and maintain, risk-based compliance programs.  The JCN notes that third-party intermediaries and transshipment points are being used to disguise the involvement of Specially Designated Nationals (“SDNs”) or parties on the BIS Entity List in transactions, and to obscure the actual identities of end users.  The JCN provides an important list of red flags to look for if a company suspects that a customer is using a third-party to evade sanctions or export controls, and describes recent examples of behaviors and strategies used to evade detection while violating export controls.

The JCN cited manufacturers, distributors, resellers and freight forwarders, which are often in the best position to identify whether a transaction or a customer’s activity is consistent with industry norms and practices.  As a result, these businesses :should exercise heightened caution and conduct additional due diligence if they detect warning signs of potential sanctions or export controls violations.”

The JCN includes an instructive list of common red flags, including:

• Use of corporate vehicles (i.e., legal entities, such as shell companies, and legal arrangements) to obscure (i) ownership, (ii) source of funds, or (iii) countries involved, particularly sanctioned jurisdictions;
• A customer’s reluctance to share information about the end use of a product, including reluctance to complete an end-user form;
• Use of shell companies to conduct international wire transfers, often involving financial institutions in jurisdictions distinct from company registration;
• Declining customary installation, training, or maintenance of the purchased item(s);
• IP addresses that do not correspond to a customer’s reported location data;
• Last-minute changes to shipping instructions that appear contrary to customer history or business practices;
• Payment coming from a third-party country or business not listed on the End-User Statement or other applicable end-user form;
• Use of personal email accounts instead of company email addresses;
• Operation of complex and/or international businesses using residential addresses or addresses common to multiple closely-held corporate entities;
• Changes to standard letters of engagement that obscure the ultimate customer;
• Transactions involving a change in shipments or payments that were previously scheduled for Russia or Belarus;
• Transactions involving entities with little or no web presence; or
• Routing purchases through certain transshipment points commonly used to illegally redirect restricted items to Russia or Belarus. Such locations may include China (including Hong Kong and Macau) and jurisdictions close to Russia, including Armenia, Turkey, and Uzbekistan.

In the presence of any or multiple red flags, organizations are expected to screen the entities and persons involved, and conduct additional risk-based due diligence on customers, intermediaries and counterparties.

The JCN also highlighted various tactics used by entities and individuals that were identified in representative enforcement actions by DOJ, OFAC and BIS.

For example, in November 2022, OFAC  designated individuals and entities involved in a global procurement network linked to a Russian microelectronics company, AO PKK Milandr, which used a front company to transfer funds from Milandr to another front in a third country, which purchased microchips to divert to Russia.  OFAC noted in the JCN that its enforcement actions illustrate a range of sanctions evasion techniques including falsifying transactional documents, omitting information from internal correspondence, and shipping goods through third countries. BIS noted, as an example, its enforcement action against Vorago Technologies, a Texas company, for shipping integrated circuit components to Russia through a Bulgarian front company.

DOJ cited criminal cases it has initiated against those who use front companies and intermediate transshipment points to evade Russia sanctions and export controls. The JCN listed a number of tactics used by individuals and entities to circumvent Russia sanctions and export controls, including:

• Claims that shell companies located in third countries were intermediaries or end users; in one case, DOJ alleges that only one of the five intermediary parties had any visible signage and consisted of an empty room in a strip mall;
• Claims that certain items would be used by entities engaged in activities subject to less stringent oversight; on at least one occasion, a defendant allegedly claimed that an item would be used by Russian space program entities, when in fact the item was suitable for military aircraft or missile systems only;
• Dividing shipments of controlled items into multiple, smaller shipments to try to avoid law enforcement detection;
• Using aliases for the identities of the intermediaries and end users;
• Transferring funds from shell companies in foreign jurisdictions into U.S. bank accounts and quickly forwarding or distributing funds to obfuscate the audit trail or the foreign source of the money;
• Making false or misleading statements on shipping forms, including underestimating the purchase price of merchandise by more than five times the actual amount;
• Claiming to do business not on behalf of a restricted end user but rather on behalf of a U.$.-based shell company.

The JCN concluded that companies that detect a violation should take advantage of voluntary disclosure programs maintained by DOJ, OFAC and BIS.