Archive for July, 2013


Jul

11

More Screening Nightmares


Posted by at 9:10 pm on July 11, 2013
Category: OFAC

The ScreamI think more needs to be said about OFAC’s greater than 50 percent rule which was covered in yesterday’s post. As you recall, the rule in question says that if a blocked party owns more than 50 percent of another entity that latter entity and all its assets are blocked as well, even if the latter entity is not listed on the SDN list. Since that rule appears to be recursive, it makes it difficult to screen parties because you need to know the owners of the company, and the owners of the owners, and the owners of the owners of the owners and so forth. The rule is also written in such a way as to impose undue hardships on the other owners of the blocked entity where the party owning more than 50 percent is blocked after the other parties invest in the enterprise.

But consider this scenario which brings out even more vividly the problems with OFAC’s rule. Suppose that Mr. A is an SDN and he owns 60 percent of Company B and 45 percent of Company C. Further suppose that Company B owns 40 percent of Company D, and Company C owns 60 percent of Company D. Now, pop quiz. Who and what is blocked under the OFAC rule?

Clearly Company B and its assets are blocked, whereas Company C and its assets are not. But what about Company D?  Mr. A owns 24 percent of Company D through his 60 percent ownership in Company B. He also owns 27 percent of Company D through his 45 percent interest in Company C. That’s a cumulative interest of 51 percent of Company D. So even though Mr. A cannot control Company D, since he doesn’t control Company C, the majority owner, Company D would be blocked as would all of its assets.

Surely the screening problems that this rule poses are manifest in a situation like this as is the unfairness of this rule to the other (and majority) owners of Company C if Mr. A is designated after his investment in Company C. The question then is how on earth can this happen? Can the agency be that deaf to the business realities of the parties it regulates? Does it even care?

Well, the answer to this question is hidden in the rulemaking itself. Near the end of the Federal Register notice there is this juicy little nugget:

Public Participation

Because these amendments to 31 CFR parts 594, 595, and 597 involve a foreign affairs function, Executive Order 12866 and the provisions of the Administrative Procedure Act (5 U.S.C. 553) requiring notice of proposed rulemaking, opportunity for public participation, and delay in effective date are inapplicable.

There you have it. The agency has no interest in public participation or input.

Now contrast this to the positions taken by the Bureau of Industry and Security (“BIS”) and the Directorate of Defense Trade Controls (“DDTC”). Both agencies could also argue that they are engaged in a foreign affairs function and yet both regularly put their rules out for public comment, a process which has led to valuable industry feedback and rules that address the real-world concerns of actual businesses.  OFAC should follow the example of its sister export agencies.

Permalink Comments (2)

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Jul

10

People Are from Earth; OFAC Is from Saturn


Posted by at 10:25 pm on July 10, 2013
Category: General

On Another PlanetThe latest technical amendments promulgated last Friday by the Office of Foreign Assets Control (“OFAC”) make me wonder where the people who write these rules come from. Mars, perhaps? No, further out. I’m guessing they come from Saturn because even someone from Mars might have a better idea about how things actually work here on planet Earth.

These technical amendments add to the Terrorism Sanctions Regulations and the Global Terrorism Sanctions Regulations a rule reflecting OFAC’s infamous guidance dealing with ownership interests by blocked parties. First, let’s quote the regulation in question and then, in case you don’t speak Saturnian, translate it into English as spoken here on Earth.

A person whose property and interests in property are blocked pursuant to § 594.201(a) has an interest in all property and interests in property of an entity in which it owns, directly or indirectly, a 50 percent or greater interest.

Translated from Saturnian into English this means, more or less:

Terrorists have an interest in things in which they have a 50 percent or greater interest.

Who says you can’t make a living printing tautologies in the Federal Register? People have an interest in things that they have an interest in. Who would have thought?

Next we have this:

The property and interests in property of such an entity, therefore, are blocked, and such an entity is a person whose property and interests in property are blocked pursuant to § 594.201(a), regardless of whether the entity itself is listed in the Annex to Executive Order 13224, as amended, or designated pursuant to § 594.201(a)

Again, for those of you who haven’t made it through the Rosetta Stone DVDs on Saturnian, this says in English:

You have to block the assets of companies who aren’t on the SDN list if they are owned 50 percent or more by someone who is on the list

Now this may make sense on Saturn, at least if you’re a business on Saturn and are deciding whether to sell a light phaser or flying saucer fuel to a three-legged, four-eyed alien who has just walked into your shop. But, here on Earth, not so much.

To begin with, how does anyone screen for blocked parties who aren’t on the list of blocked parties? Simple, you say, just ask every company you’re screening for the name of all its 50 percent or greater owners. Okay, so I do that and I find out that the majority owner isn’t on the list. Home free! Not so fast. Who owns the majority owner? Because if he is owned by a blocked party, then his property is blocked, meaning the company you are screening is blocked and its assets must also be blocked. Okay, so you ask for the names of owners greater than 50 percent and owners of owners with more than a 50 percent interest. But wait, even if the owner of the owner isn’t on the list, the owner of the owner of the owner might be and so forth.

And, of course, there’s another problem with this rule as some innocent investors in Illinois learned. These blocking rules apply not just to the interest of the blocked party but to the interest of the minority investors as well. And they apply even if the majority investor (or the majority investor in the majority investor) is designated after the investment. So, let’s say that Mr. A owns 51 percent of Company B which owns 51 percent of company C and that, several years after his investment, he’s designated by OFAC as an SDN. The 49 percent investors in both Company B and C now have their investments blocked. How can anyone protect themselves against that? What crystal ball are people supposed to use to predict whether a person they are doing business with won’t become an SDN in the future?

Permalink Comments (1)

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)

Jul

2

Just What We Need: More Export Controls


Posted by at 6:42 pm on July 2, 2013
Category: Arms ExportCyber WeaponsExport Control Proposals

Hacking in Progress, image by Cristiano Betta (Flickr: Barcamp London 3 @ Google Offices UK) [CC-BY-2.0 (http://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons http://commons.wikimedia.org/wiki/File%3AHacking_in_progress_at_BarCampLondon_3.jpgThe Senate Armed Services Committee has favorably reported S. 1197, the National Defense Authorization Act for Fiscal Year 2014. And, you will be pleased to know (or maybe not), they have slipped into the bill a proposal for new export controls, this time on software that could be characterized as “cyber weapons.”

What got the immensely tech savvy aging Senators all whirled up on cyber weapons was, apparently, testimony they received in hearings on the bill about the Shamoon virus. Shamoon, in addition to being an excellent name for a dog, is also the name of a computer virus that struck Aramco in Saudi Arabia and rewrote or destroyed data on hard drives. No doubt the Senators were particularly vexed that one of the payloads carried by Shamoon was a picture of a burning U.S. flag which was used to overwrite some of the data.

So now section 946 of the proposed Defense Authorization Act requires the President to convene an “interagency process … to control the proliferation of cyber weapons through unilateral and cooperative export controls.” The Senate Report on the proposed legislation acknowledged that there might be some difficulty distinguishing between “cyber weapons” (bad) and “dual-use, lawful intercept, and penetration testing” technologies” (good). But, hey, that’s what an interagency process is for!

Now, the million dollar question, of course, is whether new export controls on cyber weapons would have had any impact on Shamoon. The answer, not surprisingly, is probably not. Kapersky Labs, which dissected the virus, concluded that the virus was riddled with a number of “silly errors” which limited its effectiveness and likely was the work not of sophisticated cyber criminals but was a “quick and dirty” job by “skillful amateurs.” Significantly, it was not something that the hackers acquired in the United States (or anywhere else) and exported but home-grown, error-ridden code. The only people who are going to be bothered by section 946 and its proposed export controls will be legitimate manufacturers of network intercept, analysis and testing software.

Permalink Comments Off on Just What We Need: More Export Controls

Bookmark and Share


Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)