Trade Compliance Flash: United States Adds New CAATSA Sanctions and Promises More

International Alert
On March 15, 2018, the Department of the Treasury's Office of Foreign Assets Control (OFAC) moved to impose widely anticipated additional sanctions against the Russian Federation by designating five entities and 19 individuals as blocked persons (i.e., subject to asset freezing) and denying entry of the designated individuals to the United States under Executive Order 13694, as amended in December 2016, and Section 224 of the Countering America's Adversaries Through Sanctions Act (CAATSA) in connection with "ongoing nefarious attacks emanating from Russia." These designations prohibit any U.S. person from engaging in transactions with these entities and individuals, including transactions involving access to the U.S. financial system. All but one of the entities and five of the individuals had previously been designated under sanctions authorities issued by the previous administration, and the net effect of the new CAATSA designations was to add two individuals to the Specially Designated Nationals (SDN) list. However, in a statement accompanying the designations, Treasury promised additional CAATSA sanctions, thereby keeping alive the atmosphere of uncertainty surrounding those doing business with Russia.

The Executive Order 13694 Designations

Three entities and 13 individuals were designated as SDNs under Executive Order 13694, as amended. Executive Order 13694 authorizes sanctions on persons involved in cyber-enabled activities that harm, significantly compromise, or disrupt computer networks or critical infrastructure, or cause a significant misappropriation of funds, economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain. This is only the second time that Executive Order 13694 has been used to sanction individuals and entities associated with the Russian government's malicious cyber activities, and the first under the current administration. 
OFAC cited the role that the designated entities and individuals played in interfering with and undermining the 2016 U.S. presidential election as the reason for their designation. Two of the entities had been designated previously under another Russia/Ukraine related authority, and all of these entities and individuals had been named in an indictment issued by Special Counsel Robert Mueller III on February 16, 2018, related to interference in the 2016 U.S. presidential election. 

The CAATSA Section 224 Designations

OFAC designated two Russian intelligence organizations – the Federal Security Service (FSB) and the Main Intelligence Directorate (GRU) – along with six senior GRU officials, under Section 224 of CAATSA for engaging in cyber-attacks. Section 224 requires the imposition of sanctions on, among others, any person who knowingly engages in, or acts on behalf of a person who knowingly engages in "significant activities undermining cybersecurity against any person, including a democratic institution, or government on behalf of the Government of the Russian Federation," as well as persons owned or controlled by, or who act on behalf of such persons directly or indirectly. 

Both the FSB and the GRU, as well as four of the sanctioned GRU officials, were already sanctioned under Executive Order 13694, as amended, and one of the GRU officials had been listed as a senior political leader in a report by Treasury required under Section 241 of CAATSA, commonly referred to as the "Oligarch Report." (Analysis of this report and other Russia-related CAATSA provisions can be found here and here.) In explaining the new designations, OFAC cited Russian interference in the 2016 U.S. elections, Russian cyber-attacks including the NotPetya attack, the Russian occupation of Crimea, and Russia's "reckless and irresponsible conduct" related to a recent attempted assassination in the United Kingdom using a military-grade nerve agent.

General License 1A

In conjunction with the new designations, OFAC issued Cyber General License No. 1A, which supersedes Cyber General License No. 1, and updated several related FAQs. The new general license and FAQs, like the predecessor general license, are designed to authorize transactions with the FSB that are necessarily related to the importation, distribution, or use of information technology products in the Russian Federation, or compliance with rules and regulations administered by the FSB, including border control requirements. The designation of the FSB under CAATSA necessitated the amendment of General License No. 1 in order to clarify that it authorizes activities otherwise prohibited by the CAATSA designation, as well as activities prohibited by designations under Executive Order 13694, as amended. 

More CAATSA Sanctions on the Horizon

The limited short-term impact of the new designations, which resulted in the addition of only one entity and 14 individuals to the SDN list, likely will do little to satisfy those who have been critical of the administration's CAATSA enforcement efforts, including members of Congress. However, in a statement accompanying the March 15 designations, Treasury promised additional CAATSA sanctions that would "hold Russian government officials and oligarchs accountable for their destabilizing activities by severing their access to the U.S. financial system." 

The mention of government officials and oligarchs is noteworthy. Treasury has maintained that the Oligarch Report is not a sanctions list, and that inclusion in the report or its classified annex does not prohibit or restrict dealings with such persons, or indicate that the U.S. government has information about any individual's involvement in malign activities. However, the new designation of one of the listed government officials under CAATSA, together with Treasury's expressed intention to sanction officials and oligarchs who are involved in destabilizing activities, does suggest that those listed in the Oligarch Report are not immune from sanctions if their activities constitute sanctionable activities under CAATSA or other sanctions authorities. 

Another harbinger of sanctions to come is OFAC's updating of a previously issued FAQ on the scope of sanctions mandated by Section 228 of CAATSA. Section 228 of CAATSA mandates the imposition of sanctions against foreign persons who violate or cause violations of CAATSA or specified executive orders, or facilitate significant transactions on behalf of persons subject to U.S. sanctions with respect to the Russian Federation. The updated FAQ clarifies that for the purposes of Section 228, "U.S. sanctions with respect to the Russian Federation" encompass any sanctions imposed by the United States with respect to the Russian Federation under CAATSA and certain other legislation amended by CAATSA, including executive orders specified therein, anyone designated on the SDN or Sectoral Sanctions Identifications (SSI) lists thereunder, and persons owned 50 percent or more in the aggregate by such persons (i.e., persons subject to sanctions under OFAC's "50% rule"). With additional sanctions on the horizon, foreign persons doing business with Russia should take extra care to assess whether their activities could trigger the imposition of mandatory asset blocking secondary sanctions provided for in Section 228 of CAATSA.

For more information, please contact:

Brian J. Fleming,, 202.626.5871

Barbara D. Linney*

Patrick M. Stewart*

*Former Miller & Chevalier attorney

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.