EU Enacts New Directive Establishing Criminal Offenses for the Violation of Restrictive Measures

By: Daniela Melendez, Associate at The Volkov Law Group, and Alex Cotoia, Regulatory Compliance Manager. Daniela can be reached at [email protected] and Alex can be reached out at [email protected].

On April 24, 2024, the European Union (“EU”) officially adopted Directive (EU) 2024/1226 on the definition of criminal offenses and penalties for the violation of Union restrictive measures and amending Directive (EU) 2018/1673 (the “Directive”). A copy of the Directive was subsequently published in the EU’s Official Journal on April 29, 2024, and EU Member States are now obliged to transpose the Directive’s requirements into national law no later than May 20, 2025. Among other things, the Directive portends to ensure the effective application of Union “restrictive measures” (sanctions regulations), preserve the integrity of the internal market, and achieve a greater level of security by establishing minimum rules providing for the criminalization of conduct deemed incompatible with the effective administration of sanctions regimes. In this vein, the Directive establishes a number of new criminal offenses in relation to the violation of restrictive measures as defined by Article 29 TEU (Article 215 TFEU). 

As set forth in Article 3, criminal conduct now includes the following offenses when the object of the conduct is to overcome the applicability of previously adopted restrictive measures: (1) making funds or economic resources available directly or indirectly to, or for the benefit of, a designated person, entity or body; (2) entering into or continuing transactions with a third State, bodies of a third State or entities or bodies directly or indirectly owned or controlled by a third State or by bodies of a third State; (3) trading, importing, exporting, selling, purchasing, transferring, transiting or transporting goods, as well as providing brokering services, technical assistance or other services relating to those goods; (4) providing certain financial services or performing financial activities to prohibited parties; and (5) furnishing certain other services of a non-financial nature to prohibited parties. 

In addition to criminalizing specific conduct in relation to individual sanctions programs, the Directive also broadly proscribes any attempt to “circumvent” a restrictive measure by using, transferring, or otherwise disposing of, funds or economic resources owned, held or controlled by a designated person, entity or body; providing false or misleading information to conceal the identity of the ultimate owner or beneficiary of such funds or economic resources; failing to report funds or economic resources belonging to, owned, held or controlled by a designated person; and failing to furnish competent administrative authorities with information concerning frozen fund or economic resources held within the territory of individual Member States. Moreover, the Directive also prohibits any breach or failure to fulfill conditions of authorizations granted by competent authorities to engage in activities where the absence of the authorization would amount to a violation of an existing prohibition or restriction. Finally, Article 4 of the Directive plainly establishes criminal liability for the accessory offenses of inciting, aiding and abetting the commission of any offense provided for in Article 3, as well as attempted violations of restrictions embodied in certain provisions of the same article that require some showing of willfulness. 

Articles 5 and 7 of the Directive fix the maximum criminal sanctions that may be imposed on natural persons and legal entities, respectively. Pursuant to the former, an individual convicted of an offense referenced in Articles 3 and 4 faces the potential for incarceration and ancillary criminal or non-criminal penalties that include, but are not limited to, fines “proportionate to the gravity of the [underlying] conduct,” the withdrawal of permits and authorizations to pursue activities that resulted in the offense at issue, and the imposition of a temporary ban on running for public office. Notably, the most serious penalties contained in Article 5 are tied to offenses where the value of the funds or economic resources is at least EUR 100,000. Under Article 7, criminal sanctions for legal entities include a variety of fines predicated on total worldwide turnover or fixed amounts that vary depending on the specific offense involved. In addition to monetary penalties, legal entities may also face exclusion from entitlement to public funding, disqualification from the practice of business activities, withdrawal of permits and authorizations, judicial supervision, and even the prospect of court-administered “winding up.” Pursuant to Article 11, the default limitations period for most offenses is five (5) years, although Article 11(4) authorizes individual Member States to deviate from the five (5) year protocol and adopt limitations periods of not less than three (3) years, with the proviso that the shortened periods may be temporarily interrupted or suspended altogether based on the occurrence of certain events.

In the end, the enactment of the Directive underscores the importance of complying with all emerging global sanctions regulations, including EU restrictive measures, which have proven to be a crucial weapon in the EU’s foreign policy arsenal, particularly in relation to the ongoing Russian Federation invasion of Ukraine. While the sanctions landscape may have been dominated in the past by U.S. regulations, the Directive’s enactment makes it clear that the EU expects organizations to be cognizant of its own sanctions regimes as well. Organizations operating in the EU would do well to benchmark their current sanctions compliance programs against the minimum requirements of the Directive now, and to fashion additional controls later, as implementation of the Directive’s provisions by individual Member States progresses.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *