US Department of the Treasury Under Secretary, Sigal Mandelker, told attendees of the Financial Crimes Enforcement Conference this week that she expects to cooperate with financial institutions to enhance their illicit finance countermeasures:
“We encourage the private sector…to stay proactive and to innovate with new technologies…”designed to counter illegal transactions.
“We are keenly aware that emerging technologies, such as virtual or digital currencies, can be used for nefarious purposes…(and are) laser-focused on mitigating the vulnerabilities associated with (them)…”
Mandelkar also spent a good portion of the speech focussing on the importance of restricting transactions to-and-from Iran, against which sanctions allowed to lapse during the JCPOA (Joint Comprehensive Plan of Action/”Iran Nuclear Deal”) have now been restored.
He described a “busy year” at the Treasury and “…the single largest action we have ever taken in one day,” following the restoration of sanctions against Iran:
“In one day—November 5th—we put over 700 individuals, entities, vessels, and aircraft onto our sanctions list, including major Iranian banks, an airline, oil exporters, and shipping companies. Our designations included over 70 Iranian banks and subsidiaries.”
Despite the “the toughest sanctions (imposed by the US) on the Iranian regime ever,” Mandelkar says, “nefarious” conduct by Iran has only escalated:
“Since the JCPOA was concluded, the Iranian regime has only accelerated its nefarious activities…supporting terrorism, fueling foreign conflicts, and… advancing its ballistic missile capabilities.”
The Treasury nonetheless continues efforts to choke financial channels to the sanctioned regime:
“Treasury is at the forefront of countering Iran’s malign behavior. The (re-imposed) sanctions…target critical sectors of Iran’s economy…energy, shipping…shipbuilding sectors…insurance and transactions involving the Central Bank of Iran and designated Iranian financial institutions.”
Mandelkar said he is just back from London, Berlin, Paris, and Rome, “…where I met with government counterparts and the private sector… (and) focused on the importance of taking disruptive action to cut these entities off from the international financial system.”
Efforts are paying off, according to Mandelkar:
“The pressure is working…last week, a major German telecommunications company in reported to have cut phone and internet service for Bank Melli due to our sanctions pressure.”
FinCEN recently released a “comprehensive advisory…to alert financial institutions to the risks that Iran poses to the international financial system…(and) provid(e) red flag indicators related to Iran’s malign activity…”
The Treasury is also examining,”…illicit finance risks associated with North Korea, Venezuela, Nicaragua, political corruption in South Sudan, and real estate transactions.”
Mandelkar said cooperating private institutions, “experimenting with artificial intelligence and digital identity technologies…have helped us identify potential front companies acting for North Korea and Iran, for example.”
Though virtual currency exchanges are already regulated by FinCEN as money transmitters, the Treasury says these businesses “must also guard against” the malicious use of cryptocurrencies by bad actors.
The regulator outlined recent extraordinary measures sanctioning two Bitcoin addresses belonging to two Iranians the Treasury says processed Bitcoins for SamSam ransomware hackers from Iran:
“(T)hose two financial facilitators found themselves on OFAC’s Specially Designated Nationals and Blocked Person’s (SDN) list,” remarked Mandelkar.
The sanction of two bitcoin addresses was a first for FinCEN, and the decision was somewhat ridiculed by crypto aficionados who know it is never necessary to use the same address twice when sending cryptocurrencies.
Mohammad Ghorbaniyan was named by the treasury as one of the individuals conducting transactions with one of the sanctioned addresses.
Ghorbaniyan told Coindesk this week that he had no idea the Bitcoins he processed were criminal proceeds.
Ghorbaniyan has nonetheless been caught in the FinCEN dragnet unfurled in response to prolific SamSam ransomware attacks.
The SamSam attackers allegedly collected $6 million in cryptocurrency ransoms after targeting the computer systems of over 200 institutions and private businesses in Canada and the US.
Targeted computers were infected with malware that forcibly locked up their data, and the hackers would not release the data until a cryptocurrency ransom was paid.
High profile targets included the City of Atlanta, City of Newark, Port of San Diego, Colorado Department of Transportation, University of Calgary, LabCorp of America, MedStar Health, and OrthoNebraska Hospital in Omaha.
To help the digital currency industry… “harden its networks …to prevent illicit actors from exploiting its services,” the Mandelkar says the Treasury will be, “…outlining the hallmarks of an effective sanctions compliance program…” and advises institutions to:
- Ensure senior management commitment to compliance…
- Conduct frequent risk assessments…(of) institution and its products, services, and customers…
- Develop and deploy internal controls…policies and procedures…to identify, interdict, escalate, report, and maintain records…(of) activity prohibited by OFAC’s regulations…
- Engage in testing and auditing…sanctions compliance program…to identify and correct weaknesses and deficiencies…
- Ensure all relevant personnel, particularly those in high-risk areas or business units, are… trained on OFAC obligation and authorities in general and the compliance program in particular.
Degrees of implementation, “…will likely vary by institution,” says Mandelkar, who concluded by thanking attendees, “…for all you do to protect our financial system and make our country safer. “