Author: Syedur Rahman
1 November 2021
2 min read
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has published guidance to ensure that those who have involvement with virtual currency comply with sanctions. OFAC has made it clear that everyone in the crypto industry has to play their part in making sure that sanctioned individuals or organisations cannot use virtual currency to evade the measures that have been imposed on them.
OFAC has emphasised to everyone, from crypto users through to wallet providers, tech companies, exchanges, administrators and miners, that sanctions compliance obligations do not disappear simply because the currencies involved are virtual.
Any US individual or company holding virtual currency in high risk and / or sanctioned regions is required to be blocked to prevent access to it. There is a time limit of 10 working days for blocked virtual currency to be reported to OFAC. It should perhaps be emphasised that these are obligations that apply to both virtual and more traditional fiat (government-issued) currencies.
What should be stressed at this point is that nobody should be lulled into believing that virtual currency may offer a devious way around sanctions because it is less detectable than the conventional movement of money or goods. Putting it in the simplest terms, the technology exists to identify when transactions are carried out in particular areas in breach of sanctions.
At present, OFAC seems to be adopting an approach that involves more carrot than stick. Instead of delivering intense warnings and making threatening statements, it is encouraging those with crypto involvement to devise and introduce compliance programmes that accurately reflect the risks that exist. OFAC sees senior management’s full commitment to sanctions compliance as essential.
It is promoting the value of ongoing risk assessment – both in terms of a company’s own operations and the compliance approach taken by its trading partners. Such assessment has to be followed up with changes being made, if they are necessary to ensure that the risks continue to be managed as effectively as possible.
There is, therefore, little scope or excuse for those involved in virtual currencies not to conduct due diligence on customers, trading partners and anyone else they have dealings with in the course of their business. Training should be given to all relevant employees. As with risk assessment, the training should be ongoing and adjusted or revised whenever necessary to meet the risks that have developed.
Further proof of this can be seen with the US’s newly-created National Cryptocurrency Enforcement Team (NCET). Devised by the US Department of Justice, NCET is set to investigate and prosecute the use of cryptocurrency for criminal gain. Its remit includes ransomware use, money laundering, illegal or unregistered money services businesses, trading on ‘dark markets’ and the tracing and recovery of assets lost through crypto-related criminal activity.
As with OFAC, NCET’s creation is a clear indicator that anyone working with cryptocurrency can expect to come under scrutiny in future years. It would be a huge surprise if the US approach is not adopted in some shape or form by other nations where cryptocurrency is gathering momentum. For some, that may not be an issue. Their approach to meeting compliance obligations may be fit for purpose and beyond reproach.
For those whose procedures are not yet “up to scratch’’, however, recent developments (and, no doubt, others that will follow in the near future) have to be seen as a stark reminder that cryptocurrency compliance cannot be ignored any longer.
Syedur Rahman is known for his in-depth experience of serious fraud, white-collar crime and serious crime cases, as well as his expertise in worldwide asset tracing and recovery, international arbitration, civil recovery, cryptocurrency and high-stakes commercial disputes.