Archive for May, 2013


May

29

The Curious Case of Elaf Islamic Bank and the Part 561 List


Posted by at 5:08 pm on May 29, 2013
Category: Economic SanctionsIran SanctionsOFACSanctions

Elaf Islamic Bank via http://www.al-sharq.com/ArticleDetails.aspx?AID=269169&CatID=108&Title=%D8%A3%D9%85%D8%B1%D9%8A%D9%83%D8%A7%20%D8%AA%D8%B1%D9%81%D8%B9%20%D8%A7%D9%84%D8%AD%D8%B8%D8%B1%20%D8%B9%D9%86%20%D8%A8%D9%86%D9%83 [Fair Use]

The Office of Foreign Assets Control (“OFAC”) recently announced that it removed Iraq’s Elaf Islamic Bank from its Part 561 List. Elaf became noteworthy last July when it and China’s Bank of Kunlun became the first two foreign financial institutions named to the 561 List.  U.S. financial institutions are prohibited from opening or maintaining a correspondent account or a payable-through account for banks on the 561 List.

As we reported at that time, OFAC provided no details for the reasons of either bank’s designation. In the case of Elaf, however, we have referred to a 2012 New York Times article reporting that the Obama Administration has said that Elaf facilitated transactions worth millions of dollars with sanctioned Iranian banks and has objected to the Central Bank of Iraq’s allowing Elaf to continue to attend its U.S. dollar currency auctions.

OFAC now says that Elaf has offered its mea culpa, frozen the accounts it holds for the Export Development Bank of Iran (“EDBI”) and begun “reducing its overall exposure to the Iranian financial sector.” Quite an about-face from a foreign entity that reportedly had denied any wrongdoing and seemed not to be concerned with U.S. sanctions against it.

One might ask how this development squares with Congress continuing to legislate further sanctions against foreign banks for dealings with Iran, as we reported last week. One answer may be that Congress continues its chest thumping and OFAC does its best to show that these sanctions have some bite behind the bark.  This is a hard case to make when the Part 561 List was only two and is now one.

If the goal, however, is to deter non-U.S. banks from financing the Iranian government and its apparatus, Kunlun and Elaf seem to be examples of the low-hanging fruit of the global financial community. If the United States goes after bigger banks alone, it would, of course, run the risk of jeopardizing cooperation with others, most notably the European Union, on how to advance international sanctions against Iran. OFAC appears cognizant to that point when referring to EDBI as “U.S. and EU-designated.” If sanctions are extraterritorial in nature, it helps to have friends outside the territory to support you.

In any event, it is hard to assess whether the settlement with Elaf or the Part 561 sanctions in general will be effective as part of future sanctions enforcement. The Elaf development appears to be a victory on paper as a non-U.S. person agreed to terms with the U.S. government over its dealings with Iran apparently occurring exclusively outside the United States. One can only wonder about how the United States will monitor Elaf’s frozen accounts or any of its future dealings with Iranian banks.

For now, at least, the Part 561 List just became a lot a lonelier for Kunlun, and it is a bit easier for everyone to comply with a List of one.

Permalink Comments Off on The Curious Case of Elaf Islamic Bank and the Part 561 List

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

May

28

Hackers Are Exporters Too


Posted by at 5:50 pm on May 28, 2013
Category: DDTCDeemed Exports

By Poa Mosyuen (Own work) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons http://commons.wikimedia.org/wiki/File:HK_%E7%9F%B3%E5%A1%98%E5%92%80%E5%B8%82%E6%94%BF%E5%A4%A7%E5%BB%88_Shek_Tong_Tsui_Municipal_Services_Building_%E9%9B%BB%E8%85%A6%E9%8D%B5%E7%9B%A4_Chinese_input_keyboard_Jan-2012.jpgThe Washington Post reported today that a confidential report from a Pentagon advisory group indicated that Chinese hackers had obtained sensitive military plans for a number of defense systems, including the Patriot Missile PAC-3, the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the Navy’s new Littoral Combat Ship. The report did not specify whether these plans had been obtained by hackers from computers operated by the U.S. government or by the defense contractors involved.

So with this blockbuster revelation in hand, think for a moment about the ITAR-controlled technical data sitting on your computer system. You’ve gone to all the trouble to secure these files and prevent access by persons in your company who aren’t U.S. nationals. Then you’re hacked and this data is exfiltrated to China. What now?

Well, for starters, consider this: the definition of “export” in section 120.17 of the International Traffic in Arms regulations does not have a carve out for data hacked out of your system by foreign nationals. In fact, it covers “transferring technical data to a foreign person, whether in the United States or abroad,” without specifying how that transfer occurs. And make no mistake about it: when your system has been hacked by the People’s Liberation Army, it has transferred technical data to foreign nationals.

“But I didn’t mean for that data to be shipped to China!” you protest. Well, that may mean you lack the necessary scienter for a criminal prosecution, but civil penalties do not require intent. That also means it is probably time to think about a voluntary disclosure. And of course, one of the mitigating factors will be that you did not intentionally transfer the data to the PRC.

But here is the rub. Maybe you did not send the PLA an engraved invitation asking them to come hack your system, but maybe you also did not really have robust systems in place to prevent hacking. Often hackers get control of systems by sending infected links to employees. What protections do you have in place to prevent employees from clicking links in emails from outside the system? What systems do you have in place to monitor outbound traffic from your computers? And if you say, well, we have X or Y antivirus installed, you are going to hear the sad trombone because hackers can get around commercial antivirus software faster than Lindsey Lohan can sneak out of rehab.

Consider the Washington Post story a warning. It’s time to take a hard look at your security systems so that you either do not have to file a voluntary disclosure that you’ve been hacked or,  if you do have to make such a disclosure, you can honestly say you took every reasonable precaution.

Permalink Comments (6)

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

May

23

Honey Dumping Case Dumped After ICE Flunks Test


Posted by at 11:51 pm on May 23, 2013
Category: Criminal PenaltiesCustomsICE

Med u saću by akarlovic http://commons.wikimedia.org/wiki/File:Med_u_sacu_karlovic1.jpg [CC-BY-SA 3.0]In November 2011, Immigration and Customs Enforcement breathlessly announced that it had broken a honey dumping scheme and had indicted three Chinese nationals for trying to avoid dumping duties on Chinese honey by importing mislabeled Chinese honey as rice fructose. In its press release, ICE patted itself on the back for its good work in protecting domestic honey producers and expressed outrage that these miscreant importers had deprived the United States of more than $1,150,000 in anti-dumping duties.

“HSI agents and CBP officers working together at our nation’s ports of entry provide an important safeguard against those seeking to break the law for their own enrichment,” said Susan McCormick, ICE HSI special agent in charge in Tampa. “This type of criminal behavior poses serious dumping risks to domestic U.S. honey producers who are in danger of being run out of the market because of this fraud.”

And then last month, the Assistant U.S. Attorney filed a motion with the court requesting leave to dismiss its case against the defendants, cryptically stating that “newly discovered evidence makes it unlikely that the government will be able to prove” its case, a motion that the judge promptly granted. And today we learned what that newly discovered evidence was and why ICE was hiding in the corner hoping that no one would notice.

According to a press release issued today by the attorney for one of the defendants, the government had sent a sample for testing to an independent laboratory in Germany after the court had ruled that the test results from the Customs lab in Savannah allegedly proving that the imports were honey were unreliable and inadmissible. Those independent test results proved what the defendants had been claiming all along: they were importing rice fructose, not honey.

Oddly, there has been no press release from ICE on this development in the case.

Permalink Comments (1)

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

May

22

Do Newly Proposed Iran Sanctions Target Iraq?


Posted by at 8:53 pm on May 22, 2013
Category: Economic SanctionsIran SanctionsOFAC

Central Bank of Iraq [Public domain], via Wikimedia Commons http://commons.wikimedia.org/wiki/File:Baghdad-bank-hires.jpg
ABOVE: Central Bank of Iraq


Another day on the Hill, another round of sanctions against Iran. As if there were nothing else for these politicians to do. Academic question: how many could actually point out Iran on an unlabeled map? Just a thought.

The newly proposed sanctions are in H.R. 850, imaginatively titled the Nuclear Iran Prevention Act of 2013 which today was voted out of the House Foreign Affairs Committee. The bill, with the euphonic acronym NIPA, is likely to pass both the House and the Senate, there being nothing else, apparently, on the legislative agenda.

One of the major features of the proposed legislation is to extend the secondary sanctions on foreigners who deal with Iran. Currently those secondary sanctions basically cover petrochemical transactions. NIPA would give the President the authority to impose sanctions on foreign individuals who engage in a “significant” transaction with the Central Bank of Iran or other designated Iranian financial institutions for the purchase of goods or services by or from a person in Iran.

But the most interesting provision was one that was slipped into today during the committee markup. In an Amendment in the Form of a Substitution a new section 205 was added That section prohibits a foreign financial institution from opening a correspondent account at a U.S. financial institution if the foreign bank facilitated a “significant” transaction with the Central Bank of Iran or any other designated Iranian bank in a currency other than that of the country in which the foreign bank is operating.

The target of these sanctions is unstated but seems clear. The United States has objected to the Central Bank of Iraq permitting Elaf Islamic Bank to participate in its weekly hard currency dollar auctions even though Elaf had been designated under CISADA for supplying U.S. dollars to Iran. Perhaps implicitly acknowledging the political and diplomatic repercussions of sanctioning the Central Bank of Iraq, the proposed bill permits the President to grant waivers.  This gives Congress a version of plausible deniability and the ability to blame the Executive Branch if these new sanctions go awry.

Permalink Comments (1)

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

May

20

UMass Lowell Fined For Entity List Violations


Posted by at 4:54 pm on May 20, 2013
Category: BISEntity List

SUPARCO HQ http://www.suparco.gov.pk/assets/images/hq.jpg [Fair Use]Back in April the University of Massachusetts at Lowell (the “University”) agreed to pay to the Bureau of Industry and Security (“BIS”) a suspended penalty of $100,000 in connection with its unlicensed export of an atmospheric sensing device, antennae and cables valued at slightly more than $200,000 to Pakistan’s Space and Upper Atmosphere Research Commission (“SUPARCO”). The fine will be waived if the university does not commit any more export violations during a probationary period of two years.

The items at issue were all classified as EAR99. The violation occurred because SUPARCO is on BIS’s Entity List. The licensing policy for SUPARCO has a presumption of approval for EAR99 items, so had the university applied for a license for these exports, it almost certainly would have been granted.

The atmospheric sensing device is likely the basis for this research paper titled “Study of maximum electron density NmF2 at Karachi and Islamabad during solar minimum (1996) and solar maximum (2000) and its comparison with IRI” and co-authored by employees of SUPARCO and a professor at the University. This paper raises an interesting deemed export issue since transfer of technology, even EAR99 technology, would be a violation of the EAR unless the transferred technology was “publicly available” or if it qualifies as “fundamental research.” It is not always easy to determine whether discussions with foreign persons on the Entity List fall within these exceptions, so cooperative projects with such persons by a university will always entail more than a modicum of risk.

 

Permalink Comments Off on UMass Lowell Fined For Entity List Violations

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)