Author: Ana Pereu, Consultant Cyber Security
In 2014, international bodies such as the US Office of Foreign Assets Control (OFAC) and the European Union initiated a set of stringent sanctions against Russia in response to its military intervention in Ukraine. These sanctions have been regularly amended and reinforced as a means to pressure and punish its political adversary amid rising political animosity. However, continued economic isolation as a result of sanctions has prompted some Russian businesses to adapt their practices to circumvent these measures.
After a short period of economic slowdown post-2014, the intervening six years since the first Crimea-related sanctions have seen slow yet stable growth in Russia. This upward trend cannot be attributed solely to government-led fiscal policy – it is also the result of strategies employed by Russian businessmen and companies to defy the restrictions and conduct foreign business dealings without alerting partners to their sanctions exposure.
Such strategies mean that foreign companies conducting business in Russia or engaging Russian partners should adopt a fight-or-“fined” mindset – choose to investigate their sanctions exposure or risk financial, reputational and/or regulatory repercussions to their business should sanctions exposure be uncovered in the future. More so, proactive due diligence is reflective of a strong compliance program and a company model committed to transparency.
Observed Sanction-Circumventing Tactics
Over the past four months, Aon’s Cyber Solutions has been engaged in several sanctions-related investigations where clients were exposed to sanctioned entities that were not flagged during their routine customer due diligence (“CDD”) screenings. To ensure thorough due diligence and minimise risks for the company, it is crucial to follow all breadcrumbs to uncover not only ultimate ownership and management information, but any potential artefacts that might indicate a connection between a sanctioned entity and a client counterparty. Linkages can be uncovered by reviewing open source and social media information as well as conducting a deeper forensic review of a subject’s online activities.
Aon’s research suggest that sanction-circumventing strategies rely on two important factors: informal relationships and connections both within and outside Russia; as well as complex networks of legal business structures that are used to disguise beneficial ownership and management information. Recent investigations identified the following methods employed by some Russian companies to avoid restrictions posed by sanctions:
1) Using nominee directors, offshore companies and family offices:
These methods are widely used to hide ultimate ownership and remove liability while ensuring the ultimate owner maintains beneficial control. Although structuring the business in this way is not itself illegal, these structures are often subject to abuse. These techniques are not dissimilar to those used in money laundering strategies, although the goal is different.
2) Leveraging informal connections with influential Russian organisations or figures:
Families, politicians, government agencies, banks and international partners might leverage personal connections with influential Russian individuals to carry out various layered transactions. Conducting business transactions outside the formal system is particularly useful in avoiding traceable paper evidence.
3) Obfuscating ownership through layered company structures:
Blocked entities might seek to register different companies with the same name but using various company shareholding structures, from Open Joint Stock Companies (OJSCs) to Limited Liability Companies (LLCs), in order to create a long chain of ownership that would not necessarily be flagged by sanctions screening tools. Sanctioned entities and individuals might also look to register a web of companies using an abbreviation of their name to avoid being flagged in sanctions screenings.
4) Engaging lower-level employees:
The use of names and email addresses of lower-level employees allows blocked entities and individuals to navigate around OFAC’s 50 Percent Rule, whereby entities directly or indirectly owned 50% or more by blocked persons are themselves considered blocked.
5) Designing a Confusing Online Presence:
Sanctioned entities might create alternative websites and deliberately refer to subsidiaries and sister companies as “partners” in corporate materials, in order to obfuscate real connections.
What can be done?
Russian businesses and individuals have developed sophisticated response strategies to counter the international community’s sanctions. These methods are often difficult to spot and may only be uncovered through extensive investigative research. Bringing to light connections between companies in Russia typically requires a combination of local-language skills, knowledge of Russian databases and media sources, understanding of Soviet legacy businesses and business traditions, as well as technical and investigative expertise.
Aon has seen several examples of sanctioned entities setting up alias accounts to continue accessing foreign businesses’ online services. Understanding the true picture requires extensive analysis of corporate information, as well as a detailed forensic review of technical information not readily available to a general viewer.
In a world and time when countries and organisations might be distracted by other events, it is important that CDD and KYC screening remain high priorities for companies operating in all sectors. Moreover, companies need to expand their compliance practices to adopt investigative approaches to sanctions research that involve OSINT, forensic review of documents and, where needed, digital forensics analysis, to ensure no stone is left unturned. Exploiting all information trails to exhaustion will not only signal a commitment to compliance and transparency but can also help businesses avoid financial, reputational and regulatory repercussions in the future.
This is for information purposes only. Professional advice should always be sought regarding specific risk issues.