Archive for the ‘Foreign Countermeasures’ Category



2 Bad Ideas ≠ 1 Good Idea: EU Considers Blocking Rules If US Exits Iran Deal

Posted by at 4:15 pm on February 9, 2018
Category: Foreign CountermeasuresIran SanctionsOFAC

Denis Chaibi via[Fair Use]
ABOVE: Denis Chaibi

In response to the current administration’s hourly threats to pull out of the nuclear deal with Iran, it appears that the EU might not only remain in the deal but also adopt blocking regulations prohibiting E.U. firms from complying with any resurrected U.S. sanctions on Iran.  This idea was floated by Denis Chaibi, head of the Iranian task force of the EU’s external action service, at a Euromoney conference in Paris.

Chaibi cited the Cuban embargo blocking regulations as an example of what they were thinking about. The problem, of course, is that the folks at OFAC do not care about silly E.U. laws. If a European subsidiary of a U.S. company tells OFAC that it was required by European law to ignore U.S. sanctions, the response from OFAC has always been terse and brutal: do we look like we care? The U.S. rules the world, our laws apply everywhere and to everyone, and instead of obeying European laws that conflict with U.S. laws you have two choices: break the law in Europe or get the heck out of Europe.

Don’t believe me? Ask American Express. Ask Carlson Wagonlit. Or American Honda Finance Corporation.

Permalink Comments (0)

Bookmark and Share

Copyright © 2018 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



OFAC Fines Foreign Company for Following Applicable Foreign Law

Posted by at 8:41 am on December 1, 2017
Category: Cuba SanctionsForeign CountermeasuresGeneralOFAC

American Express Office in Rome, image by User Mattes [CC-BY-3.0] (], via Wikimedia Commons Office of Foreign Assets Control (“OFAC”) recently announced that it has extracted $204,277 from American Express as a result of 1,818 credit card transactions in the amount of $583,649.43 for purchases made in Cuba. At issue were Mastercard and Visa corporate credit cards issued by BCC Corporate SA to corporations for use by the employees of those corporations, which cards were then used by those employees to make the Cuban purchases that were at issue.. BCC is a wholly-owned Belgian subsidiary of Alpha Card Group, another Belgian company  and a 50/50 joint venture of BNP Paribas Fortis and American Express.

The immediate question here, which OFAC can’t be bothered to answer, is how OFAC has the authority to fine a Belgian company for its dealings with Cuba. The Cuban Assets Control Regulations prohibit Cuba transactions by persons “subject to the jurisdiction of the United States.” Section 515.329 of the CACR define persons subject to the jurisdiction of the United States to include companies “owned or controlled” by a corporation organized under the laws of the United States

The CACR does not define “owned or controlled.”  That’s probably because everyone — except apparently OFAC — understands what that means, namely that the U.S. company owns 100 percent of the company or some lesser amount coupled with de jure or de facto control. In the case of a 50/50 joint venture neither party owns or controls the venture.  (Owned in this context cannot mean any interest, no matter the size, since that would render the addition of “or controlled” unnecessary).

To make matters worse, OFAC is — yet again — punishing a company for complying with applicable foreign law.   Anyone who reads this blog knows that I have pointed out time and time again that it is illegal for companies doing business in the European Union. Council Regulation (EC) No 2271/96 of 22 November 1996 prohibits companies incorporated in the E.U., such as BCC Corporate SA, from complying with the U.S. embargo on Cuba. OFAC does not, of course, mention BCC’s obligation to comply with local law or even cite it as a mitigating factor here. This is particularly egregious where the company at issue is not even subject to U.S. jurisdiction.

Permalink Comments (1)

Bookmark and Share

Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



OFAC Fines Canadian Bank for Complying with Canadian Law

Posted by at 6:29 pm on January 31, 2017
Category: Cuba SanctionsEconomic SanctionsForeign CountermeasuresOFAC

Caught in the Act by Exile on Ontario Street [CC-BY-SA-2.0 (], via Flickr [cropped and processed]The Office of Foreign Assets Control (“OFAC”) recently whacked “Toronto-Dominion Bank … a financial institution headquartered in Toronto, Canada,” with a $516,105 fine for various sanctions violations including — get this — maintaining bank accounts for 62 Cubans in Canada.  Yes, OFAC is now going after Canadian banks for holding accounts for Cubans in Canada, apparently under the common delusion that Canada is the 51st state.

Of course, part of the problem here may be the endemic sloppiness in OFAC reports of its penalty actions. It’s not at all clear exactly what corporate entity is involved, as Toronto-Dominion Bank is not the name of any corporate entity that I could locate. It appears to be a reference to TD Bank Group, a Canadian corporation headquartered in Toronto, and not a reference to its U.S. banking subsidiary TD Bank, N.A., if for no other reason than that the U.S. banking operation does not have branches in Canada.

The jurisdictional hook alleged by OFAC to cause Cuban accounts in a Canadian bank to be illegal under U.S. law is, apparently, this:

Between August 7, 2007 and January 24, 2011, TD Bank processed 99 transactions totaling $459,341.62 to or through the United States on behalf of these customers in apparent violation of the CACR

OFAC can’t be bothered to explain what provision or how this violates the CACR, probably because it is just an “apparent” violation.  However, in all instances, violations must either be “by a person subject to the jurisdiction of the United States,” which TD Bank Group in Canada is not, or must involve “property subject to the jurisdiction of the United States.” The definition of “property subject to the United States” is set forth in 515.313 which only talks about securities and doesn’t mention currency. Apparently then OFAC’s theory here is part of its overreaching belief that dollars anywhere located and by whomever owned are, nonetheless, property subject to the jurisdiction of the United States. If you touch a U.S. Dollar, you can be sent to a U.S. jail.

Leaving aside the agency’s unconscionably expansive view of its own extraterritorial jurisdiction, OFAC, yet again, pretends that this tenuous extraterritorial connection over Canada trumps (so to speak) Canada’s own laws. The Canadian Foreign Extraterritorial Measures Act forbids TD Group from complying with the U.S. boycott of Cuba. It is one thing (though not much better) to tell a U.S. company, such as Carlson Wagonlit, choosing to do business in a country with an embargo blocking statute that it must violate that foreign statute; it is quite another thing to say that to a foreign company that is incorporated in that jurisdiction.

Moreover, sections 3 and 5 of the Canadian Human Rights Act also likely would make it illegal for TD Group to deny services based on national origin to the Cuban account holders. During the time period involved in the violations at hand, section 515.505 provided that Cuban nationals who had taken up permanent residence in Canada were still blocked unless they obtained a specific license from OFAC. So, in effect, OFAC is fining TD Bank for refusing to violate the human rights of Cubans, including Cubans who were permanent residents of Canada.

An odd footnote to the OFAC announcement of the TD Bank Group fine notes the change in 515.505 which would unblock Cuban’s who became permanent residents of Canada without need for a specific license. Presumably this offers the cold comfort that, in the future, Canadian companies will only have to violate the human rights of a smaller group of people to avoid an OFAC fine.

Photo Credit: Caught in the Act by Exile on Ontario Street [CC-BY-SA-2.0 (], via Flickr [cropped and processed]. Copyright 2009 Exile on Ontario Street

Permalink Comments Off on OFAC Fines Canadian Bank for Complying with Canadian Law

Bookmark and Share

Copyright © 2017 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



OFAC Fines American Express $5 Million for Doing Business in Europe

Posted by at 9:27 pm on July 23, 2013
Category: Cuba SanctionsForeign CountermeasuresOFAC

American Express Office in Rome, image by User Mattes [CC-BY-3.0] (], via Wikimedia Commons to an announcement released yesterday by the Office of Foreign Assets Control (“OFAC”), the agency fined American Express $5,226,120 because Amex’s overseas offices booked travel to and from Cuba. OFAC justified the size of the fine with a litany of aggravating factors such as (1) reckless disregard for the Cuba sanctions regulations, (2) knowledge by the company that the Cuba transactions “would or might take place,” and (3) OFAC’s provision of a notice in 1995 to Amex that the bookings were a violation of the Cuba sanctions.

What is most interesting is OFAC’s reference to, and treatment of, legislation passed by the European Union to prohibit companies doing business in Europe from complying with the U.S. sanctions on Cuba, legislation which OFAC oddly and uniquely calls “antidote” legislation. (Everyone else in the world calls it “blocking” legislation.) OFAC notes that “many” of the offending bookings occurred in countries with “antidote” legislation, presumably a reference to Council Regulation (EC) No 2271/96 of 22 November 1996 which prohibits companies in the E.U. from complying with the Cuba sanctions.

Now, in that light, consider aggravating factor 6 cited by OFAC:

[A]t the time of the apparent violations, TRS’ [American Express’s] compliance program was inadequate, given the nature of TRS’ [sic] operations, to detect and prevent Cuba travel bookings, particularly from countries that had adopted antidote measures …

Well, duh, if you’ll forgive my lapse into the vernacular. Of course, it was going to be difficult to comply with the Cuba sanctions where doing so would be illegal. There really is no way to interpret this other than as a statement by OFAC that having offices in Europe is inconsistent with complying with OFAC sanctions and that the only way to have an adequate compliance program is simply to stop doing business in Europe.

But the humdinger of regulatory cluelessness has to be factor number 12.

OFAC also considered as a relevant factor the legal obligations placed on TRS by U.S. law and antidote measures adopted by many of the jurisdictions in which TRS’ foreign branch offices and subsidiaries operate, but, given the facts and circumstances of this case, did not assign any mitigating or aggravating weight to this factor under the Guidelines

Say what? Leaving aside the utter inanity of suggesting for even a moment that E.U. blocking legislation might be an “aggravating” factor in this world or any conceivable alternate universe, it is inconceivable that OFAC can blithely say that blocking legislation was completely irrelevant in its consideration of the case, unless of course you assume that the United States rules the world and the laws of other countries are immaterial and ineffective urgings of foreign vassal states. Or the factor might be irrelevant if OFAC’s real position is that the United States must stop doing business in Europe, Canada and other countries with blocking legislation.

Permalink Comments (6)

Bookmark and Share

Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)



Cyber Attacks on U.S. Banks May Be Iranian Retaliation for Sanctions

Posted by at 11:53 pm on January 9, 2013
Category: Foreign CountermeasuresIran Sanctions

Bank of AmericaAccording to this article in the New York Times, the recent DDOS attacks launched against U.S. financial institutions were likely the work of the Government of Iran and in retaliation for U.S. sanctions against Iran and its financial institutions. These attacks, which started in September, have targeted, and caused temporary disruptions to, sites of “Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC.” Because of the nature of DDOS attacks, these disruptions caused inconveniences to the banks and their customers who were unable to access the websites, but did not result in the theft or compromise of financial data.

The chief evidence for this is indirect: the scope and sophistication of the attacks. Apparently, the attacks infected large data centers with malware and then used those data centers to barrage U.S. institutions web sites with requests in an effort to overwhelm them and take them down. The use of the data centers resulted in attacks that, in some instances, peaked at 70 gigabits.

Although no data was compromised in this instance, the use of data centers in these attack raises yet again the issue of cloud computing and export law given that the malware that turns the data centers into attack bots could, in theory, access customer information, including export-controlled technical data, which might be stored in those data centers. The article does not identify the data centers involved, or whether they were located in the United States or abroad, but if any of these were located in the United States, where U.S companies would be permitted, at least in theory, to store controlled technical data without export licenses, the possibility that a deemed export of that data to Iran has occurred is quite real.

Traditional thinking in the murky area of export law and cloud computing has been that storage of export-controlled technical data on clouds physically located in the United States raised no export control issues. But if these clouds are increasingly targeted by non-U.S. hackers, this assumption may no longer be valid.

Permalink Comments Off on Cyber Attacks on U.S. Banks May Be Iranian Retaliation for Sanctions

Bookmark and Share

Copyright © 2013 Clif Burns. All Rights Reserved.
(No republication, syndication or use permitted without my consent.)