Implementation of Targeted Sanctions

Financial Prohibitions against Listed Parties under the United Nations (Financial Prohibitions, Arms Embargo and Travel Ban) Sanctions Act 2019

Background

The United Nations (Financial Prohibitions, Arms Embargo and Travel Ban) Sanctions Act 2019 (the ‘Act’) enables the Government of Mauritius to implement targeted sanctions, including financial sanctions, arms embargo and travel ban, and other measures imposed by the United Nations Security Council under Chapter VII of the Charter of the United Nations, with a view to addressing threats to international peace and security, including terrorism, the financing of terrorism and the proliferation of weapons of mass destruction.

Sanctions measures, under Article 41 of the United Nations Charter, encompass a broad range of enforcement options that do not involve the use of armed force.

There are currently 14 ongoing sanctions regimes which focus on supporting political settlement of conflicts, nuclear non-proliferation, and counter-terrorism.

Terrorist Financing

Terrorism is, in the broadest sense, the use of intentional violence for political or religious purposes. It is used in this regard primarily to refer to violence during peacetime or in the context of war against non-combatants (mostly civilians and neutral military personnel).

Terrorist financing provides funds for terrorist activity. It may involve funds raised from legitimate sources, such as personal donations and profits from businesses and charitable organizations, as well as from criminal sources, such as the drug trade, the smuggling of weapons and other goods, fraud, kidnapping and extortion.

Terrorists use techniques like those of money launderers to evade authorities' attention and to protect the identity of their sponsors and of the ultimate beneficiaries of the funds. However, financial transactions associated with terrorist financing can be in small amounts which makes the detection and tracking of these funds challenging.

Proliferation Financing

Proliferation refers to the development and use of nuclear, chemical, or biological weapons and their delivery systems (also referred to as weapons of mass destruction “WMD”), by state or non-state actors in violation of international agreements and export control regimes.

Proliferation can cover both the manufacture, acquisition, possession, development, export, transhipment, brokering, transport, transfer, stockpiling or use of WMD, all of which poses a significant threat to international peace and security.

Proliferation financing is therefore where state and non-state actors may access and use the formal financial system to raise funds, conduct payments to procure materials and goods needed for proliferation, and other illicit financial activities connected to proliferation efforts. Countering the financial flows related to proliferation plays an important role in global efforts to counter the proliferation of WMD.

Proliferation financing is more than simply the payment for goods or the financial services that directly support the procurement of goods and development of WMD. It can also include:

the raising of funds and revenue-generating activities that fund proliferation efforts. With regards to the DPRK (Democratic People’s Republic of Korea, or North Korea) in particular, the UNSC has assessed that funds generated from revenue-raising activities and illicit financial networks may be used for the WMD development by the DPRK.
the financial and corporate networks and services that sustain these activities. These financial networks and activities may not be directly connected to the physical flow of WMD-related goods but enable proliferators to access and use the global financial system.

The National Sanctions Secretariat (NSSEC) has issued in-depth guidance on the implementation of targeted financial sanctions to counter proliferation finance under the United Nations (Financial Prohibitions, Arms Embargo and Travel Bank) Sanctions Act 2019, which can be accessed here.

United Nations Regime

The United Nations Security Council Consolidated List (The Consolidated List) includes all individuals and entities who are subject to measures imposed by the UN Security Council. This list may be accessed here. This list is also available on the website of the Financial Intelligence Unit, and is disseminated to reporting persons, investigatory authorities, supervisory authorities and any other relevant public and private agencies, registered on the goAML platform.

A summary of the current UN sanctions regime may be accessed here.

Of particular relevance to FSC Licensees are those United National Security Council Resolutions (UNSCRs) that include targeted financial sanctions against designated persons to combat terrorist financing or proliferation financing. These include:

UNSCR 1267 (1999) and it successor resolutions including UNSCRs 1988 (2011) and 1989 (2011) concerning Al-Qaida, ISIL (Da'esh) and the Taliban;
UNSCR 1718 (2006) and its successor resolutions concerning the Democratic People’s Republic of Korea (DPRK); and
UNSCR 2231 (2015) concerning Iran.

Pursuant to Section 18 of the Act, the NSSEC gave public notice of the Consolidated List. Simultaneously, it has issued an Explanatory Note on the implementation of United Nations Sanctions Measures which have been published in the Government Gazette of 5 October 2019. Both documents can be consulted here.

The Domestic Designation Regime

The NSSEC is responsible for designating persons domestically under UNSCR 1373 to combat terrorist financing. It maintains a website with publicly available information. As with the Consolidated List, the FIU disseminates the updates to domestic list. FSC Licensees must also regularly consult the newspapers for any notice which may be issued by the NSSEC and immediately act upon it.

The role of the FSC and the obligations of its Licensees

Individual supervisory authorities are responsible for supervising and enforcing compliance with targeted financial sanctions and proliferation financing obligations with regards to the reporting persons over which they exercise supervisory control or oversight.

The FSC is therefore required, under section 40(2) of the Act, to supervise and enforce compliance by its Licensees with the requirements imposed under the Act. The core issues for the FSC, as for other supervisory authorities, are:

How well do Licensees apply the enhanced or specific measures for targeted financial sanctions relating to terrorist financing; and
To what extent do Licensees understand, and comply with their obligations regarding targeted financial sanctions relating to financing of proliferation.

To this end, the systems and controls of Licensees must be adequate to enable them to meet these obligations.

What should Licensees do?

FSC Licensees should familiarize themselves with their legal obligations as related to targeted financial sanctions found in the Act, as well as the NSSEC’s Proliferation Financing Guidance, Public Notice and Explanatory Note and any other guidance which may be issued from time to time.

The FSC has also set out interpretive guidance for its Licensees on how to apply preventive measures and internal controls in relation to Anti-Money Laundering and Countering the Financing of Terrorism (AML CFT) in its Handbook, which is available here.

In addition, Licensees must have particular regard for the following matters relating to their targeted financial sanctions obligations.

Screening of clients against sanctions lists

Licensees should have effective, up-to-date systems to screen clients and transactions against the Consolidated List and NSSEC list, appropriate to the nature, size and risk of the Licensee’s business.

A Licensee’s screening system should enable the Licensee to maintain an up to date understanding of its clients through the life cycle of the client relationship. At the very least, screening should take place when establishing a new relationship, and subsequently at regular, but sufficiently frequent, intervals and upon trigger events (such when there is a change in directors or ownership) or when a UN or domestic sanctions list changes. It is good practice to carry out screening whenever a client’s identification data changes.

The provisions are applicable to persons and entities specifically designated on the lists, as well as those who are acting on behalf of or at the direction of designated persons or entities and/or those who are owned or controlled by them, directly or indirectly.

As a result, Licensees should not only focus on the names of persons and entities listed on UN sanctions lists, but also identify the persons and entities linked to them.

Each incoming and outgoing transaction should similarly be screened for a potential match with sanctions lists. Screening should be focused at a point in the transaction where detection of sanctions risk is actionable – where a transaction can be stopped and funds frozen if required – and before a potential violation occurs.

There is no obligation to have automatic screening software to comply with targeted financial sanctions obligations. Using the publicly available lists, which can be downloaded from the UN, FIU or the NSSEC websites, Licensees can manually screen their clients against the designated persons lists.

If the Licensee is a large institution, it will likely not be appropriate to screen manually given the scale of its business. Adequate records should be kept regardless of whether manual or automatic screening is used. The FSC expects that Licensees be able to evidence that clients have been screened against the Consolidated List and NSSEC list.

Licensees should also be wary of an over reliance on automated screening. Automated (third party) systems may not necessarily capture the domestic NSSEC list. Licensees also need to ensure that automated systems are adequately tested for accuracy, properly calibrated and that the parameters that are set for screening within those systems are appropriate for the nature and size of their business. The legal obligations and liability of Licensees are not abrogated simply because they may rely on third party automated screening systems.

The frequency of periodic screening should be appropriate for the particular business model, clients, and transaction volume of the Licensee. Licensees should consider whether screening on a weekly or even on a daily basis is appropriate. Weekly screening is unlikely to be adequate for many business models and in such cases, more frequent screening will be required.

The FSC encourages Licensees to take a conservative approach and screen frequently, given that a failure to fulfil targeted financial sanctions obligations may give rise to a criminal offence under sections 23(5) and/or 24(2) of the Act.

Where Licensees utilise automated systems, it is good practice for these systems to be able to make ‘fuzzy matches’, namely those that are able to identify similar or variant spellings of names, name reversals, digit rotations, character manipulation, and so forth, to ensure all related, connected persons and entities are captured in the screening.

Matches and escalation

An alert that is generated by a potential match might not, on its own, be an indication of sanctions risk. It should act as a trigger which can be confirmed or discounted with additional information gained through further investigation. The Licensee should maintain adequate records of these investigations.

Determining a true match can often prove challenging due to a range of variables including language, cultural nuances, spelling, abbreviations, and aliases. UN sanctions lists, as do others, contain other identifying information to assist in the identification of a true match or false positive.

Licensees should have adequate procedures for identifying, quickly, whether name matches are a true match and for freezing assets where this is appropriate. This procedure should cover for example, immediate freezing, alerting senior management, reporting to the NSSEC and the FSC, and making a Suspicious Transaction Report (STR).

Licensees should consider taking a conservative approach in determining whether to freeze assets and should have a low tolerance when reconciling matches in such instances.

The FSC also encourages Licensees to take a prudent approach in considering whether to freeze assets while they are in the process of ascertaining a match. A Licensee may be criminally liable should a designated person’s funds be moved while a Licensee awaits confirmation of a match.

As set out above, the process for identifying matches should capture the directors, beneficial owners of corporate customers and any third-party payees.

Freezing and prohibition on dealing with funds and assets

Licensees are required to immediately and without delay freeze the assets of designated persons. In other words, this means ceasing any dealings and securing the funds and other assets, including financial assets and economic resources, that are owned or controlled, directly or indirectly, by the persons or entities designated by the UNSC or the NSSEC. This also encompasses the freezing of funds, other financial assets and economic resources of persons or entities acting on behalf of, or at the direction of, those designated by the UNSC or NSSEC.

Licensees must also ensure that any funds or other assets, including financial assets and economic resources, are not made available to or for the benefit of designated persons or entities, persons or entities owned or controlled by them, or persons or entities acting on their behalf or at their direction.

What this means in practice is that:

Licensees are required to act without delay. Licensees are therefore under an obligation to take appropriate steps even if there is a there is a time lag by domestic authorities in circulating a notification to freeze;
In particular, new freezes are required to be implemented immediately, and without prior notice to the person;
Licensees must not close the account of any designated person identified as an existing client, as this could result in funds or economic resources being made available to the designated person;
The obligation to report and freeze extends to attempted as well as future transactions. Where a transaction is attempted and monies or other assets have been passed to a Licensee with a view to completing the transaction, these monies or assets must not be handed back to the entity if the transaction is aborted following a match; and
The obligation to freeze covers funds and other assets e.g. non-cash assets such as wills, real estate deeds, boats, jewellery, corporate licenses etc. However, where assets are frozen, there is a requirement to maintain the value of such an asset.

Unfreezing

FSC Licensees will be informed of a designation removal or unfreezing order in the same manner that they are informed of a new designation.

Exceptions and authorizations

In limited circumstances, certain designated persons may be granted exemptions from targeted financial sanction freezing and prohibitions. The exemptions allow for designated persons to access funds to pay for basic living expenses or extraordinary expenses, and to protect the rights of bona fide third parties. UNSCRs 1718 and 2231 also include considerations with regard to contracts, agreements or obligations that arose prior to the date on which accounts became subject to targeted financial sanctions. Guidance on these issues can be provided on a case by case basis to FSC Licensees by the NSSEC – see contact details below.

Reporting

In the event that a true match with a listed/designated person is identified by an FSC Licensee, the match and any associated asset freezing should be reported immediately to the NSSEC and the FSC – see contact details below. The same report should be submitted to both competent authorities.

The reporting template can be accessed from the NSSEC website:

An STR should also be filed with the FIU.

Other key points to note are that:

Financial sanctions apply to all clients and all transactions, there is no minimum financial limit.
Politically Exposed Persons (PEPs) can be, but are not necessarily designated persons under targeted financial sanction regimes. The requirement to identify clients that are PEPs and the requirement to identify clients that are designated persons for targeted financial sanctions are separate obligations.
The targeted financial sanctions regime is not the same as the FSC’s enforcement regime, which sanctions Licensee’s for non-compliance with their AML/CFT and targeted financial sanctions obligations.

Case studies pertaining to terrorist and proliferation financing abuse in non-bank sectors

Insurance Case Study: Billions No. 18^{^[1]}

In October 2017, a tanker named Billions No. 18 (“Billions”) departed from Yeosu port in South Korea with a stated destination of Taichung in Taiwan. Shortly after departure, Billions turned off its Automatic Identification System (AIS)^{^[2]} tracking and conducted a ship-to-ship transfer of diesel to a North Korean-flagged vessel, Rye Song Gang 1, in violation of UN Security Council resolutions. On 28 December 2017, the UN designated Billions for its involvement in a violation of UN sanctions requirements.

At the time of the violation, Billions sailed under a Panamanian flag and was owned by Bunker’s Taiwan Group Corporation (“BTGC”), registered in the British Virgin Islands. It was reinsured through London-based reinsurers, including its Protection and Indemnity coverage, which was provided by the West of England P&I Club, located in London. This insurance coverage remained valid until it was terminated as a result of its designation.

An investigation by the UN Panel of Experts into the Billions and its ownership had found that:

Billions was part of a larger network of vessels involved in illicit North Korean shipping and trading;
The sole shareholder of BTGC, Billions’ owner, was Shih-Hsien Chen (“Chen”), a Taiwanese citizen;
Chen was the shareholder of another company, Billions Bunker Group Corporation (“BBGC”), registered in the Marshall Islands, which owns and operated Billions No. 88, another ship, which has also been suspected of engaging in illicit ship-to- ship transfer activities; and
Chen is the director of Oceanic Enterprise Limited (“OEL”), another Marshall Islands-registered company.While Lighthouse Winmore was chartered by OEL, the vessel had a complex operational structure according to which it received instructions from BBGC, was managed by a company named Lighthouse Ship Management/Development in Guangzhou, China, but was owned by Win More Shipping, registered in Hong Kong. As regards insurance cover for Lighthouse Winmore, while this vessel’s owner held insurance for the hull of the ship, the charterer usually takes out charterer’s liability insurance to cover itself against operational risks. Therefore, even if the owner was unaware of what the charterer was doing, insurance cover for the ship would still be in its name.
The UN thereafter discovered that Lighthouse Ship Management/Development was previously named Billions Great International Group Limited, suggesting a link to Chen’s other companies. Chen is therefore at the centre of a network involved with the operation of several vessels linked to North Korean sanctions evasion activities, and was able to operate these vessels due to the insurance coverage provided.
In September 2017, OEL chartered Lighthouse Winmore, a vessel sailing under a Hong Kong flag. This vessel violated UN Security Council sanctions in October 2017 by conducting a ship-to-ship transfer of oil to the North Korean-flagged vessel Sam Jong 2.

Insurance Case Study: M.V. Pompei^[3]

Somali pirates with links to terrorist group Al-Shabaab^[4] hijacked the Belgian vessel Pompei on 18 April 2009. The Belgian government reportedly participated in negotiations for the Pompei’s release from the outset, which entailed approximately 160 telephone calls during which ransom payments were discussed. According to Belgian authorities, the ship’s insurance company actually paid the ransom. The ransom was paid via a money drop near the vessel. Shortly thereafter, the Pompei and hostages were freed. Belgian authorities later uncovered evidence that the individual who negotiated on behalf of the pirates had connections to Dubai.

During their investigation, Belgian authorities found bank account numbers and identification information related to entities within the United Arab Emirates (UAE). They also identified satellite and cell phone numbers and a Hotmail account. Authorities believe that following the money drop at sea, the money was moved to a location in Somalia, transited through Djibouti and then transferred to the UAE via hawala transactions.

It further emerged that VicAm (Auckland) – in which one Geoffrey Taylor was the controlling shareholder until September 2009 – was also the sole nominal shareholder for more than 1,000 other companies formed in New Zealand.

Company Service Provider Case Study: Arms shipment seized by Thailand^[5]^[6]

On December 11, 2009, a former Soviet Air Force aircraft flying from North Korea to Iran stopped to refuel in Bangkok. The flight listed its cargo as spare parts for oil-drilling equipment. Instead police found 30 tonnes of explosives, rocket-propelled grenades and components for surface-to-air missiles, all being transported in breach of United Nations sanctions.

The issues giving rise to suspicions included the following:

The aircraft had a long record of being used for illicit arms transfers. The aircraft had been operated since 2007 by various companies designated for sanctions by the Liberia Committee. In 2003, it was transferred to GST Aero, renamed East Wing around 2006 after being banned from flying into the EU (March 2006).
A few weeks before the flight was impounded in Bangkok, its ownership was transferred to Overseas Cargo FZE, an entity based in the UAE. Overseas Cargo, in turn, leased the aircraft to Air West, an entity based in Georgia. Air West was used by its owner as a ghost operator to circumvent the EU ban on East Wing (April 2009) and the subsequent EU ban on all air carriers registered in Kazakhstan (July 2009). Air West had leased the aircraft to a New Zealand firm called SP Trading through a series of bank accounts in Estonia and New York.
SP Trading had been incorporated only months earlier, on July 22, 2009, and appeared to have no other purpose. Its only shareholder was VicAm (Auckland), which shared an address with SP Trading at a rented Salvation Army-owned building in Auckland.
SP Trading chartered the aircraft to Union Top Management (UTM), another shell entity based in Hong Kong created days prior to the flight whose purpose was to hide the identity of the parties involved. Incorporation documents indicate that the director of UTM was a male Spanish citizen who is also supposed to have signed the Charter Agreement with SP Trading on 4 December 2009. The Spanish citizen was untraceable.
SP Trading for its part was registered by Geoffrey Taylor’s son, Michael Taylor, in the names of nominee directors at the request of a UK agent. The London-based company formation agent was acting on behalf of Iurii Lunov and Igor Karev-Popov^[7]. SP Trading’s sole director was an employee of a Burger King fast-food restaurant, a Chinese national called Lu Zhang. Lu was the wife of an accountant who worked for Geoffrey Taylor. She later told New Zealand media she had accepted about NZ$20 (AU$14.80) for each of her many directorships.
Among the VicAm (Auckland) stable of more than 1,000 other companies was Sumato Energy Group which had, with no prior history of such business, in late 2008 won a contract to ship 1 million barrels of Azerbaijani crude oil, worth $75 million. Another New Zealand firm, also with no history of doing such business, won a lucrative public service contract in Romania.
In a press release issued in New Zealand by Ian Taylor – one of Geoffrey’s sons – explained that Geoffrey Taylor Group’s role was simply to incorporate and to act as a registered agent for SP Trading “at the request of one of our professional clients based in the United Kingdom.” It claimed that it was not responsible for and had no knowledge of what the company got up to.

Examples of enforcement actions and penalties for targeted financial sanctions breaches globally

Breaches of sanctions carry high reputational risks for jurisdictions. As a result, greater scrutiny has been placed on compliance with sanctions legislation in recent years. Below are brief case studies of some of the international sanctions breaches and the penalties imposed for non-compliance.

Example 1: Standard Chartered Bank – 2019

In April 2019, the London-based Standard Chartered Bank (SCB) was ordered to pay $1.1bn by the US and UK authorities to settle allegations of poor money-laundering controls and for significant violations of US sanctions laws and regulations.

FCA decision notice

OFAC settlement agreement

Department of Justice statement

Example 2: British Arab Commercial Bank Plc – 2019

In September 2019, a London-based British Arab Commercial Bank plc (BACB), a commercial bank with no offices, business or presence under U.S jurisdiction, entered into $4,000,000 settlement agreement with OFAC for processing 72 apparent violations of the US Sudanese Sanctions Regulations totalling $190,700,000.

Civil penalties statement

Example 3: Telia Carrier UK Limited - 2019

In September 2019, OFSI issued a penalty notice of £146,341 to Telia Carrier UK Limited (Telia) for breaches of EU Syria sanctions regime, implemented in UK by the Syria (European Union Financial Sanctions) Regulations 2012. Telia had indirectly facilitated international telephone calls to SyriaTel, an entity designated under the above regime. This resulted in the company repeatedly making funds and economic resources indirectly available to the designated entity over an extended period of time.

OFSI report

Example 4: Travelex (UK) Ltd - 2019

In March 2019, the OFSI issued a monetary penalty against Travelex (UK) for a contravention of the EU Egypt financial sanctions regime.

OFSI report

Example 5: UniCredit Bank AG -2019

UniCredit Bank AG, a financial institution headquartered in München, Germany and a subsidiary of the UniCredit Group, agreed with OFAC to a settlement amount of $553,380,759 to settle its potential civil liability for 2,158 apparent violations of primarily the US Weapons of Mass Destruction Proliferators Sanctions Regulations.

Civil penalties statement

Example 6: Zhongxing Telecommunications Equipment Corporation -2019

Zhongxing Telecommunications Equipment Corporation, a telecommunications corporation established in the People’s Republic of China, and its subsidiaries and affiliates, as well as ZTE Kangxun Telecommunications Ltd. and its subsidiaries and affiliates (ZTE) agreed to settle their potential civil liability for 251 apparent violations of the Iranian sanctions regime in the amount of $100,871,266.

Civil penalties statement

Example 7: Royal Bank of Scotland Group -2016

In August 2010, the Financial Services Authority (FSA) fined members of the Royal Bank of Scotland Group (RBSG) £5.6m for failing to have adequate systems and controls in place to prevent breaches of UK financial sanctions. RBSG failed to adequately screen their customers and payments against the Consolidated List.

FSA decision notice

Example 8: Barclays Plc -2016

In 2016, Barclays Bank Plc (Barclays), a financial institution headquartered in London, agreed to remit $2,485,890 to settle with OFAC regarding its potential civil liability for 159 apparent violations of the US Zimbabwe sanctions regime, failing to identify beneficial owners of their customers.

Civil penalties statement

Example 9: HSBC 2012

In 2012, HSBC had to pay a $1.9bn (£1.4bn) fine for helping drug cartels launder money in Mexico and for contravening sanctions to do business with Iran. Alongside the payout, HSBC agreed a five-year deferred prosecution agreement (DPA) with the US Department of Justice under which it promised to clean up its act. This DPA was allowed to expire in 2017.

Contact

FSC Licensees should contact the NSSEC for all enquiries relating to asset freezing or other financial sanctions, including guidance on exemptions or authorization requests, or to report a true match.

The NSSEC website: nssec.govmu.org;
Email - nssec@govmu.org; or
Telephone: +230 201 1264 or 201 1366.

For reports to be made to the FSC, Financial Institutions may send these to the FSC at TFsanctions@fscmauritius.org .

The FSC is the integrated regulator in Mauritius for the financial services sector other than banking, and global business.

Disclaimer

[1] Source: https://rusi.org/sites/default/files/20180710_underwriting_proliferation_web.pdf

[2] An AIS system transmits the position of a vessel, and any vessel engaged in international voyages must have its AIS activated for the duration of its voyage.

[3] Source: https://www.fatf-gafi.org/media/fatf/documents/reports/organised%20maritime%20piracy%20and%20related%20kidnapping%20for%20ransom.pdf

[4] https://www.treasury.gov/resource-center/terrorist-illicit-finance/Terrorist-Finance-Tracking/Documents/Final%20Updated%20TFTP%20Brochure%20%288-5-11%29.pdf

[5] https://undocs.org/S/2013/337

[6] https://www.icij.org/investigations/offshore/geoffrey-taylor/

[7] Iurii Lunov and Igor Karev-Popov, both Ukranian nationals are reported as being involved in North Korea-related arms deals.