Archive for the ‘Foreign Countermeasures’ Category


Jan

9

Cyber Attacks on U.S. Banks May Be Iranian Retaliation for Sanctions


Posted by at 11:53 pm on January 9, 2013
Category: Foreign CountermeasuresIran Sanctions

Bank of AmericaAccording to this article in the New York Times, the recent DDOS attacks launched against U.S. financial institutions were likely the work of the Government of Iran and in retaliation for U.S. sanctions against Iran and its financial institutions. These attacks, which started in September, have targeted, and caused temporary disruptions to, sites of “Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC.” Because of the nature of DDOS attacks, these disruptions caused inconveniences to the banks and their customers who were unable to access the websites, but did not result in the theft or compromise of financial data.

The chief evidence for this is indirect: the scope and sophistication of the attacks. Apparently, the attacks infected large data centers with malware and then used those data centers to barrage U.S. institutions web sites with requests in an effort to overwhelm them and take them down. The use of the data centers resulted in attacks that, in some instances, peaked at 70 gigabits.

Although no data was compromised in this instance, the use of data centers in these attack raises yet again the issue of cloud computing and export law given that the malware that turns the data centers into attack bots could, in theory, access customer information, including export-controlled technical data, which might be stored in those data centers. The article does not identify the data centers involved, or whether they were located in the United States or abroad, but if any of these were located in the United States, where U.S companies would be permitted, at least in theory, to store controlled technical data without export licenses, the possibility that a deemed export of that data to Iran has occurred is quite real.

Traditional thinking in the murky area of export law and cloud computing has been that storage of export-controlled technical data on clouds physically located in the United States raised no export control issues. But if these clouds are increasingly targeted by non-U.S. hackers, this assumption may no longer be valid.

Permalink Comments Off on Cyber Attacks on U.S. Banks May Be Iranian Retaliation for Sanctions

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Aug

3

German Store Selling Cuban Rum Online Cut Off By PayPal


Posted by at 7:41 pm on August 3, 2011
Category: Cuba SanctionsForeign Countermeasures

Havana Club Rum PosterAccording to an article dated August 1 in the online edition of German newspaper Die Welt, the U.S. Internet payment company PayPal closed the account of a German website that had been selling Cuban rum among other alcohol and alcohol-related products. PayPal spokesman Christoph Hausel was quoted as saying the company, as a U.S. company, could not process payments for Cuban origin products.

Mr. Hausel is right. Section 515.204 of the Cuban Assets Control Regulations prohibit any person subject to U.S. jurisdiction from engaging in any transaction relating to any product outside the United States which is of Cuban origin.

But that’s not the end of the story here. E.U. Council Regulation No. 2271/96 makes it illegal for any company in the European Union to comply with the U.S. embargo on Cuba. PayPal operates in Europe through a Luxembourg-based banking entity. If that entity had any role in freezing the German company’s funds, it might be in violation of the E.U. Regulations, thereby putting PayPal, as it were, between a rock and a rum place. Not surprisingly, the German website owner is threatening a lawsuit against the Luxembourg entity.

Permalink Comments (1)

Bookmark and Share


Copyright © 2011 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Nov

9

U.K. Banks Backpedal On Domestic Enforcement of U.S. Cuba Sanctions


Posted by at 7:05 pm on November 9, 2010
Category: Cuba SanctionsEUForeign Countermeasures

Cuban Postage StampThis blog reported several weeks ago on a complaint brought by a small British company against Lloyds for refusing to cash a check in pounds sterling that the company had received from a Cuban customer. Lloyds had previously agreed to pay $217 million to the U.S. Office of Foreign Assets Control (“OFAC”) in connection with fraudulent activities by the bank in order to process payments from sanctioned countries, including Cuba, through U.S. correspondent banks. However, the check that was declined by Lloyds was not denominated in U.S. dollars, did not involve a U.S. customer, and was being cashed outside the United States, meaning that neither the Lloyd’s settlement agreement with OFAC nor OFAC’s own regulations would prohibit the U.K. bank from processing the payment. More significantly, its refusal to cash the check could be seen as a violation of E.U. Council Regulation No. 2271/96 , which forbids companies in the E.U. from complying with the U.S. sanctions on Cuba.

According to an article on the website of London broadsheet The Daily Telegraph, some U.K. banks may be walking back, at least slightly, from a hard and fast policy of not processing Cuban payments for fear of OFAC reprisal. Interestingly, the article notes that part of the banks’ hesitance arises from “US attempts to extradite British executives it claims have breached sanctions” and “the failure of the British Government to provide protection against extradition.” This is presumably a reference to the pending extradition request against Christopher Tappin for his involvement in an attempted export of batteries from the United States to Iran.

The Telegraph article suggests that British authorities have been in contact with Lloyds and other banks after receiving a number of complaints from customers that could not clear Cuba checks. One case involved a customer whose account was closed by Bank of Scotland when the customer would not provide assurances that it would not receive Cuban payments in its account.

Now, presumably as a result of these official contacts, even Lloyds may be softening its hard line on Cuba transactions. The Telegraph reporter Roland Gribben signals this change in the following fractured sentence that suggests he may not have a very clear grasp of export law himself.

If the Cuban bank does not infringe OFAC regulations or has dealings with Specially Designated Individuals who can be either individuals, entities or banks, then Lloyds may be willing to process a payment from Cuba provided it was in sterling.

Probably what Lloyds was saying before Mr. Gribben garbled their statement was that Lloyds would process checks in pounds provided that parties on OFAC’s List of Specially Designated Nationals and Blocked Persons were not involved in the transaction.

Permalink Comments Off on U.K. Banks Backpedal On Domestic Enforcement of U.S. Cuba Sanctions

Bookmark and Share


Copyright © 2010 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Oct

25

Small British Company Takes On Lloyds for Not Cashing Cuban Check


Posted by at 8:26 pm on October 25, 2010
Category: Cuba SanctionsEUForeign Countermeasures

Cuban Postage StampIt started simply enough. A small, U.K.-based agricultural consultant, Fertecon, took a check for £7,156 to its banker, Lloyds, and asked them to cash it. Lloyds refused. The reason? The check came from Cuba.

Once bitten, twice shy, it would seem. Last year, Lloyds agreed to pay $217 million in penalties and to adopt certain compliance procedures arising from allegations by the U.S. Treasury Department’s allegations that Lloyd deleted information about Libya, Sudan and Iran in wire transfer instructions in order to clear dollar transactions through its correspondent banks in the U.S. Specifically, Lloyds agreed to third party audits “to determine whether any payments subject to OFAC regulations were processed through, or on behalf of, any U.S. individual or entity.”

Twice shy here means that Lloyds is backing away from transactions that it would appear aren’t even subject to OFAC’s regulatory jurisdiction and which don’t involve transactions to be processed through a U.S. bank or on behalf of any U.S. entity. It was a check payable to a U.K. company in pounds sterling. So maybe its thrice shy or twenty times shy.

The problem here, of course, is E.U. Council Regulation No. 2271/96 which makes it illegal for Lloyds to cooperate with the U.S. sanctions on Cuba. This point was not lost on Fertecon, or its lawyers, who have traipsed off to U.K. and E.U. authorities to complain. Lloyds case with the E.U. is not terribly enhanced by the fact that U.S. law wouldn’t appear to prohibit Lloyds from negotiating a Cuban check in pounds sterling for a U.K. customer. Lloyds must have made a careful calculation, given the lack of any significant enforcement of Regulation 2271/96, that it would be happy to be bitten by a toothless, mangy dog in its own backyard if it would curry favor with a neighbor’s angry pit bull that thinks it owns the entire neighborhood.

Permalink Comments Off on Small British Company Takes On Lloyds for Not Cashing Cuban Check

Bookmark and Share


Copyright © 2010 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Oct

29

We Read People’s Daily Online So You Don’t Have To


Posted by at 5:09 pm on October 29, 2007
Category: BISForeign Countermeasures

Autumn View of Great Wall of ChinaThe Bureau of Industry and Security (“BIS”) recently designated five Chinese companies under BIS’s Validated End User Program. Because of that designation, certain dual-use items can be exported to those companies in China without an export license.

The first reviews from China are now in. And they aren’t good:

The government yesterday criticized the United States over a new system that’s likely to reduce China’s imports of hi-tech products. Wang Xinpei, spokesman for the Ministry of Commerce, expressed “strong dissatisfaction” over the US move, as the “US side did not have enough consultation with China to reach a consensus on implementing the new VEU system”. The United States should not visit any companies registered in China for VEU screening without permission from the Ministry of Commerce, Wang said.

We have previously criticized the VEU program because it was unlikely that China would permit on-site inspections as part of that process. The statement by the Chinese spokesman confirms that, although it is not entirely clear that BIS actually visited the Chinese sites of the companies granted VEU status. It does seem likely, however, that the companies at least agreed to future on-site visits — one of the factors set forth as a consideration for granting VEU status under section 748.15 of the Export Administration Regulations

More significantly, one has to wonder if there is a veiled threat behind the puzzling statement that the VEU program “will reduce China’s imports of high-tech products.” If the VEU program operates as anticipated by BIS, it would increase such imports. Perhaps this statement is a harbinger that China may take internal measure to block the program. After all, from the Chinese perspective at least, the VEU program would give advantages to the VEU companies but not to their Chinese competitors. That might serve as a motive for China to block imports to the VEU companies unless they withdrew from the program.

Of course, this is just speculation based on a somewhat puzzling statement in a Chinese state-owned news outlet. But it will be interesting to see if China does adopt countermeasures.

Permalink Comments Off on We Read People’s Daily Online So You Don’t Have To

Bookmark and Share


Copyright © 2007 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)