May

31

Epsilon, the Unvanquished


Posted by at 7:02 pm on May 31, 2017
Category: Iran SanctionsOFAC

Soundstream Audio Car http://www.soundstream.com/images/intl-team/pic/england/england/images/new/UK%20(1).jpg [Fair Use - Soundstream is Epsilon sub]We have followed the saga of Epsilon Electronics extensively, beginning with the posts titled The Auto Sound and the OFAC Fury Part I and Part II followed by Epsilon, Epsilon and, then, As Epsilon Lay Dying, which discussed the federal district court’s decision reviewing OFAC’s $4.073 million fine imposed on Epsilon. Epsilon has persevered, and now the D.C. Circuit Court of Appeals has spoken in an opinion setting aside the fine and remanding the case back to OFAC for further proceedings.

I am going to break my thoughts on the D.C. Circuit’s opinion into several posts. This post will deal with an issue that Epsilon lost, namely its argument that it couldn’t be fined under section 560.204 of the Iranian Transactions and Sanctions Regulations (“ITSR”) without a showing that its products wound up in Iran. At issue were shipments Epsilon made to a distributor in Dubai that OFAC said only or mostly dealt with Iran. OFAC’s argument was that 560.204 was violated when Epsilon shipped the goods to Dubai when it knew, or should have known, that the goods would then be exported to Iran. According to OFAC, the shipment to Dubai was the violation of the ITSR whether or not the goods ultimately made it to Iran. (Significantly, OFAC did not charge Epsilon with attempt under section 560.203, where it would clearly not require a showing that the goods wound up in Iran.)

Section 560.204 prohibits exports to Iran “including the exportation … to … a third country undertaken with … reason to know that such goods … are intended specifically for … re-exportation, directly or indirectly, to Iran.” Using a somewhat bizarre analogy the Court reasoned that a shipment to Dubai with reason to know the goods were going to Iran was an “export to Iran” even if the goods never got to Iran.

Suppose you put a birthday card in the mail, addressed to your brother. While the card is still en route, your mother asks you, “Did you send a card to your brother?” In line with OFAC’s usage, you would respond, “I sent a card to him, but it hasn’t arrived yet,” because you put the card in transit, intending it to reach him. Following Epsilon’s usage, though, you would have to say, “I didn’t send a card to him,” because the card has not yet arrived.

This strange analogy fails because here the card is not put in the mail addressed to the brother. Instead, it was put in an envelope addressed to a third party with a note saying that if the third party saw the brother he should give this card to him. When Mom asked about the birthday card, only the most reprobate of siblings would respond that he sent the card to his brother. “No, Mom, but I did send it to Joe Schmo with a request that he give it to Bill if he sees him.”

The dissenting opinion by Judge Silberman notes that the majority opinion’s notion that a shipment to Dubai with reason to know it was going to Iran was an “export to Iran” is a notion that is inconsistent with OFAC’s decisions below. Judge Silberman points to a statement made by OFAC in the penalty proceeding that “multiple facts tend to show that the goods exported to Asra were sent to Iran,” which, “fudged the answer to the crucial question” whether a violation occurred without regard to whether goods ever wound up in Iran.

In my view there is another reason that section 560.204 can’t be read in the fashion suggested by the majority opinion. The statutory basis for the regulation is the International Emergency Economic Powers Act which, in section 1702, provides the power to the President to bar exports to a foreign country after declaring an emergency with respect to that country.  A declaration of national emergency has, in fact, been issued with respect to Iran. But, section 1701(b) of IEEPA provides:

The authorities granted to the President by section 1702 of this title may only be exercised to deal with an unusual and extraordinary threat with respect to which a national emergency has been declared for purposes of this chapter and may not be exercised for any other purpose.

Here Epsilon shipped product to Dubai. Its alleged “reason to know” that the goods might go to Iran was that the distributor had business in Iran. Even if the distributor was contractually obligated to sell the goods only in Dubai and that’s the only place they were sold, OFAC’s reasoning would be that this “reason to know” was enough for there to be a violation. That, I think, does not deal with an emergency declared with respect to Iran. This would not even qualify as an attempted export to Iran, which I think is the farthest limit that IEEPA permits sanctioning an activity without an actual export to Iran.

Permalink Comments Off on Epsilon, the Unvanquished



Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



May

19

Maria, Maria, I Just Met a Scam Named Maria


Posted by at 9:14 am on May 19, 2017
Category: OFAC

Maria Duval by Decce via Wikipedia https://en.wikipedia.org/wiki/Maria_Duval#/media/File:Psychic-Maria-Duval.jpg [Public Domain]

Last September, I wrote about the designation by the Office of Foreign Assets Control (“OFAC”), under the Transnational Criminal Organization (TCO) program, of Paul Davis, Pac-Net and related entities along with a number of officers, directors and employees of those companies.  Prior to these designations, only ten individuals and entities (comprising seven organizations) had ever been designated under the TCO program.  The original post focused on the nightmare that this would cause for the hundreds of thousands of people with the misfortune to be named Paul Davis.

But there was another fascinating aspect to this story.   The reason for the designations involved, at least in part, Pac-Net’s processing of payments by U.S. citizens, principally uneducated, elderly or otherwise vulnerable, in the Maria Duval psychic scam. Although the $180 million dollars this scam obtained from its victims pales in comparison with Bernie Madoff’s $20 billion Ponzi scheme, it still ranks as one history’s biggest swindles.  Victims, found on so-called “sucker lists” compiled by other direct mailers who have sold over-priced junk to people, received letters signed by Maria Duval claiming that she had a personal vision involving the recipient and that she would be glad to share that — for a fee, of course.  The real Maria Duval, a small-time French psychic fraudster, claims that she sold her name some years ago to a mysterious Swiss consortium which was responsible for the larger scam. (Read the fascinating details here.)

Earlier this week OFAC de-listed Raffaella Ferrari, who was the director, administrator, or shareholder for several PacNet-linked companies in Italy and the United Kingdom.  Last month, OFAC removed  two other individuals associated with Pac-Net from the SDN List.  No reason is given for these removals, but the relative rapidity with which they occurred, at least when compared with the normally glacial speed required to be removed from the SDN List, suggests that these individuals were probably victims of a “block-first-ask-questions-later” approach used by OFAC for the original designations.  The large number of individuals designated  certainly suggested the possibility that OFAC targeted anyone that the agency could identify as having any connection to Pac-Net.

In connection with the designations, OFAC put on its website a frankly rather silly, and not very useful, organizational chart complete with pictures of some of the individuals involved with Pac-Net.  Interestingly, not one of the three now-unblocked individuals was important enough to appear in the chart’s photographic rogues gallery.  This may explain the reason for their rapid unblocking better than anything else.

 

Permalink Comments Off on Maria, Maria, I Just Met a Scam Named Maria



Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



May

16

Send 3 Bitcoins to the Norks or You’ll Never See Your Files Again!


Posted by at 9:42 pm on May 16, 2017
Category: North Korea SanctionsOFAC

Kim Jong Un Wonders What To Do With Tennis Shoes via DPRK Twitter Feed[Fair Use]Security researchers have indicated that they have found Kim Jong Un’s pawprints all over the code used for the WannaCry ransomware, stolen from the CIA vaults by Vladimi Putin’s BFFs at WikiLeaks.  This, of course, raises the question as to whether companies that got locked out of their files by the ransomware violated the U.S. sanctions on North Korea if they paid the Bitcoin ransom to free their files.

The first part of that question that needs to be answered is whether U.S. sanctions are violated just by sending money to someone in North Korea.  You can’t answer that question by looking at OFAC’s Nork sanctions regulations, because they are woefully out of date.  The provisions in the regulations prohibit dealings with blocked parties in North Korea. But Executive Order 13722, issued on March 18, 2016, prohibits the unlicensed export of services by a United States person or from the United States to North Korea.  In OFAC’s view, sending money to North Korea is an export of financial services to that country.

So obviously a Bitcoin ransom payment, if it winds up in Kim Jong Un’s hands, is a problem for U.S. persons.   It looks like most of the ransom payments made so far came from outside the United States.   What about them?  All my readers should know that OFAC takes the position that if payments are made to sanctioned countries in U.S. Dollars, that is an export of financial services from the clearing bank in the United States to the sanctioned country.  But Bitcoin payments  don’t involve any banks.  That’s the whole point.  So no problem, right?

Not so fast.   Think about how Bitcoin and the blockchain works.  Any time a payment is made it will be reflected on the blockchain of all Bitcoin transactions and will be propagated to all computers running Bitcoin software — including a massive number of computers in the United States.

All that being said, there are a few practical roadblocks between a Bitcoin ransom payment to the Norks and an OFAC investigation.  First, the Chiquita case aside, there has been a general hesitance to go after people who pay these ransoms.   To begin with, it looks bad.   What government agency wants to go after a shipping company that pays off Somali pirates to protect their crew and property even if one or more of the pirates turns out to be an SDN?  (The most OFAC has done here has been to say that payments should not be made to SDN pirates but never explained how to figure out whether the pirate is an SDN.   Do you ask him to fax you his passport before the helicopter drops the ransom money on the deck?)

Second, there are difficulties in proving the identity of persons to whom Bitcoin payments are made.  Presumably the Norks would not have been stupid enough to establish the Bitcoin wallet or wallets using traceable IP addresses and were using clean addresses for each ransom transaction.  So the de-anonmyzing of the people receiving the Bitcoin payments would rely on vulnerabilities in TOR and methods to link multiple transactions by analyzing the blockchain itself. The various techniques do not always work but they can in certain circumstances. However, how likely is it that OFAC will engage in these analyses to track down the ultimate recipient of the ransom payments?

Bonus round:  In case you haven’t been reading the Twitter feed of the Nork news service, you will have missed this

Permalink Comments (2)



Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



May

3

Maybe BIS Should Read This Blog More Often


Posted by at 6:21 pm on May 3, 2017
Category: BISEntity ListOFACRussia Sanctions

Vladimir Putin via http://en.kremlin.ru/events/president/news/27394 [Fair Use]Way back in January of this year, I pointed out a problem that the Bureau of Industry and Security (“BIS”) and the Office of Foreign Assets Control  (“OFAC”) may have unwittingly created for U.S. manufacturers of encryption-enabled products, i.e., virtually anything that touches the Internet or a private network.  Both agencies had imposed sanctions on the FSB, the Kremlin spy agency formerly known as the KGB.  The problem with this otherwise laudable move is that the FSB regulates import of encryption products into Putinstan, er, Russia, and these restrictions could effectively prevent exports of U.S. encryption items into Russia.  This would happen because U.S. exporters were forbidden from filing the necessary paperwork with the FSB by virtue of its addition to OFAC’s SDN List and BIS’s Entity List.

Well, OFAC heard the howls of industry and in just after a little more than a week after the issue had come to light issued General License 1 to permit the filing with the FSB of the necessary paperwork for imports of these products.  BIS, however, slept through those howls and did nothing.   The original post on this problem had noted the difficulties posed by BIS having put FSB on the Entity List.   It was at least possible that the FSB notification and application forms could contain unpublished EAR99 technology regarding the device to be exported to Russia, in which case a BIS license would be necessary before the notification or application could be sent to the FSB.   That would be the case even after the OFAC General License authorized the notification and application forms to be sent

Rip van BIS-winkle has finally roused itself from its slumber on this issue.  On April 17, 2017, BIS amended the Entity List designation for FSB to remove the license requirement for transactions for “items subject to the EAR” that are “related to transactions that are authorized by the Department of the Treasury’s Office of Foreign Assets Control pursuant to General License No. 1 of February 2, 2017.” What do you want to bet that a number of FSB applications were filed with technology “subject to the EAR” without the required license before this amendment to the Entity List? Technology, even technology relating to an EAR99 item, is subject to the EAR unless it has already been published or has arisen during “fundamental research.” Few people would think that unpublished information about a commercial EAR99 item would require a license. Most people probably felt that the OFAC General License got them to the finish line when dealing with the FSB. It now does, but it did not before April 17.

Permalink Comments Off on Maybe BIS Should Read This Blog More Often



Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



May

2

Cuban Rum, Pennsylvania, OFAC and a Recipe


Posted by at 6:16 pm on May 2, 2017
Category: Cuba SanctionsOFAC

Havana Club on the Road to Havana by Richard Smallbone [CC-BY-SA-2.0 (http://creativecommons.org/licenses/by-sa/2.0)], via Flickr https://flic.kr/p/nxC2Pr [cropped and processed]In an earlier post, I expressed some incredulity with respect to an dubious scheme cooked up by some Pennsylvania legislators to import Cuban rum without an OFAC license.  The scheme was based on a questionable reading of Clause 2 of the Twenty-First Amendment. There’s no way to tell whether my derision directed at the legal case for Cuban rum-running by the Pennsylvania legislators was responsible, but it appears that someone in Pennsylvania has thought better of the idea.

According to this article, the Pennsylvania Liquor Control Board which runs the Fine Wine and Good Spirits stores, Pennsylvania’s state-owned monopoly on the sales of wines and hard liquor, is preparing a license to file with OFAC to permit the PLCB to purchase Cuban rum for sales in those stores. The application apparently argues that the “mystique” of Cuban rum would create a boon to the Pennsylvania economy by enticing shoppers into the state-run liquor stores. After all, who needs to fly down to Havana when you can buy Cuban rum in a state store in Erie or drink authentic daiquiris made with Havana Club in Wilkes-Barre?

A Pennsylvania state senator instrumental in the state’s efforts to bring Cuban rum to his state dismissed the notion that this plan posed a threat to national security, telling ABC News “We’re talking about buying a rum.” Good point.

But, of course, with all things Cuba not everyone agrees — here’s an irate letter to the editor of the Express Times in Lehigh Valley criticizing the proposed rum deal.

For those of you now planning a road trip to Pennsylvania to stock up on Cuban rum when (and if) it becomes available there, I commend to you this recipe for the El Presidente Cocktail. This cocktail was named after Cuban president Gerardo Machado (who served between 1925 and 1933) and was a favorite among Americans who sought respite from Prohibition in the night clubs of Havana. And, as the recipe makes clear, use real grenadine that you make yourself, not that pink-colored sugar water that you find on grocery shelves or in the wells of your less estimable drinking establishments. Cheers!

Photo Credit: Havana Club on the Road to Havana by Richard Smallbone [CC-BY-SA-2.0 (http://creativecommons.org/licenses/by-sa/2.0)], via Flickr https://flic.kr/p/nxC2Pr [cropped and processed]. Copyright 2013 Richard Smallbone

Permalink Comments (3)



Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)


« Previous posts | Next posts »