The United States has announced fresh sanctions on Russia, in retaliation to Moscow’s alleged interference in elections and cyber-attacks including the SolarWinds hack.
President Joe Biden has signed an executive order detailing new sanctions on 32 individuals and entities deemed to have been involved in efforts to influence last year’s presidential election as well as six Russian cybersecurity companies believed to have played a role in the SolarWinds attack. The US also expelled diplomats and the Treasury Department announced that from June 14 US banks will be restricted from participating in bond sales by Russia’s central bank.
Charles Delingpole, Founder and Chief Executive Officer of Comply Advantage said compliance teams in banks will need to be vigilant to ensure they are up to speed with the changes in the face of extra scrutiny.
“With the Biden administration issuing new sanctions against Russia in response to election interference and cyber hacks, there will be more scrutiny than ever applied to financial services supporting monetary transactions connected to Russia,” said Delingpole.
“Due to this new level of scrutiny, financial institutions will need to step up their compliance efforts to prevent putting their businesses in regulatory peril.
“We can also assume that sanctions will be just the tip of the spear for how the Biden administration will manage its relationship with Russia over the next three and a half years.”
The move comes weeks after two former regulators warned companies to prepare for increased US sanctions on Russia and China under Biden’s administration.
Brandon Van Grack, former Chief of the Foreign Registration Acts Unit at the Department of Justice told a Compliance Week conference that companies should prepare by ensuring their programmes are up to date, with clear policies and procedures and regular training for staff.
Van Grack, now a partner at law firm Morrison & Foerster, added that compliance programmes need to be constantly monitoring and evaluating financial activity, exports, imports, supply and where firms have investments to understand where the business may be affected by sanctions, Compliance Week reported.
He said: “The expectations are greater than ever before. It is not just where are your items going but who is providing those items to you or what you are relying on in a way that is requiring a diligence unlike anything that has existed before.”
Charlie Steele, former chief counsel for the Office of Foreign Assets Control and now partner at consultancy Forensic Risk Alliance, speaking at the same event, said: “I think we can expect to see a broad use of government tools on cyber issues- not just sanctions but AML and others.”
The SolarWinds attack was believed to have begun last March, when malicious code was put into updates to a popular software called Orion, made by network-monitoring services provider Solar Winds.
At least six US government departments, including energy, commerce, treasury and state were reportedly breached, along with thousands of businesses and individuals around the world.
Brad Smith, Microsoft’s chief legal counsel, said in December it had uncovered 40 customers, including government agencies, thinktanks, NGOs and IT companies, who were targeted. He said companies and agencies were also targeted in Canada, Mexico, Belgium, Spain, Israel, United Arab Emirates and the United Kingdom.
Russia has denied involvement in the attack.
Register for the latest financial crime news and analysis straight to your inbox