330 Search Results

December 13, 2019 |
DOJ National Security Division Releases Updated Guidance on Voluntary Self-Disclosures

Click for PDF Today, the U.S. Department of Justice (“DOJ” or the “Department”) announced changes to its policy governing the treatment of voluntary self-disclosures (or “VSDs”) in criminal sanctions and export control investigations. Critically, DOJ will now offer VSD benefits to financial institutions in such matters, generally aligning the Department’s guidance to financial institutions in this area with other enforcement policies meant to encourage corporate disclosures. As we discussed at length last year, deciding whether to voluntarily self-disclose corporate wrongdoing to DOJ is a complex exercise, marked by potential benefits that are difficult to anticipate and quantify. DOJ’s efforts to incentivize corporate disclosures of U.S. Foreign Corrupt Practices Act (“FCPA”) violations—and thus provide more certainty for companies facing criminal prosecution—have served as a model for corporate criminal investigations in other areas. In early 2018, Acting Assistant Attorney General John Cronan announced that DOJ’s 2017 FCPA Corporate Enforcement Policy (“CEP”) would serve as non-binding guidance for corporate investigations beyond the FCPA context. Many aspects of the CEP (and its predecessor, the 2016 FCPA Pilot Program) were incorporated into the Justice Manual (“JM”) (previously known as the United States Attorneys’ Manual), which outlines the Department’s high-level approach to voluntary self-disclosures. In a similar vein, the changes announced today by DOJ’s National Security Division (“NSD”) with respect to criminal sanctions and export control violations include the following key features:

  • Applies to Financial Institutions: Financial institutions are now subject to NSD’s newly issued policy (the “2019 NSD Guidance”). Accordingly, rather than relying on general DOJ guidance applicable to all business organizations—like the high-level guidance provided in the JM—financial institutions may instead rely on the requirements and assurances set forth in the 2019 NSD Guidance when evaluating the potential costs and benefits of self-disclosing export control and sanctions violations to DOJ.
  • Presumption of Non-Prosecution Agreement: Companies that discover a criminal export control or sanctions violation, voluntarily self-disclose the violation to DOJ, and satisfy the requirements set forth in the 2019 NSD Guidance will now benefit from a presumption that they will receive a non-prosecution agreement (“NPA”) and will not be assessed a fine, provided no aggravating factors are present.
  • Reduced Penalties: Where aggravating circumstances warrant an enforcement action other than an NPA, companies that otherwise satisfy all the requirements of a VSD will be eligible for at least a 50 percent reduction off the statutory base penalty—effectively capping the penalty for such companies at the dollar value of the violative transactions—and the Department will not require a monitor, provided the company has implemented an effective compliance program.
  • Successor Liability: In mergers and acquisitions, successor companies that uncover a criminal export control or sanctions violation by the merged or acquired entity through timely due diligence and voluntarily self-disclose the violation to DOJ also will benefit from a presumption in favor of an NPA.
To help make sense of this latest development, we provide below an overview of NSD’s prior policy regarding VSDs in the export control and sanctions area, a comparison with the Department’s guidelines in FCPA investigations, and conclude with an analysis of the changes announced today and what they mean for businesses considering whether to self-disclose. Background U.S. sanctions and export controls are primarily administered and enforced by U.S. regulatory agencies, including the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”), and the U.S. Department of State’s Directorate of Defense Trade Controls (“DDTC”). NSD—the DOJ office with primary responsibility for overseeing and coordinating criminal investigations related to violations of U.S. export controls and sanctions—has historically played a secondary role to civil enforcement agencies, becoming involved in enforcement matters referred to them by OFAC, BIS, or DDTC. NSD became more forward leaning during the waning days of the Obama administration, and in 2016 published the first iteration of its “Guidance Regarding Voluntary Self-Disclosures, Cooperation, and Remediation in Export Control and Sanctions Investigations Involving Business Organizations” (the “2016 NSD Guidance”). The 2016 NSD Guidance articulated the Department’s policy of encouraging business organizations to voluntarily self-disclose criminal violations of sanctions and export controls and for the first time set forth the criteria that NSD would use in determining the potential benefits that may be offered to an organization for its self-disclosure, cooperation, and remediation efforts. Notably, the 2016 NSD Guidance specifically exempted financial institutions from receiving the VSD benefits offered to other corporate actors in the export control and sanctions context, citing the “unique reporting obligations” imposed on financial institutions under their applicable statutory and regulatory regimes. Indeed, most U.S. financial institutions are required to file Suspicious Activity Reports (“SARs”) to the U.S. Department of the Treasury when the institution knows, suspects or has reason to suspect that a transaction by, through or to it involves illegal activity. Moreover, financial institutions must report blocked property to OFAC within ten business days from the date that the property becomes blocked or else risk violating their own sanctions compliance obligations. In recent years, DOJ has accused numerous banks of engaging in practices that involved omitting, removing, or masking references to sanctioned parties and jurisdictions so as to allow transactions to be processed through the U.S. financial system. Given the potentially enormous fines for sanctions violations—which, for large banks, can easily rise to hundreds of millions of dollars—financial institutions have strong incentives to over-comply with U.S. sanctions. As a result of their visibility into a huge volume of daily transactions and their deep aversion to sanctions-related risk, financial institutions have in effect been pressed into service as the leading edge of DOJ’s and OFAC’s sanctions enforcement efforts. NSD has also become more heavily involved in the criminal enforcement of U.S. export controls—measures that are increasingly relied upon to combat the unauthorized transfer of sensitive, U.S.-origin technologies to adversaries such as China. From a policy perspective, these efforts appear to be driven by an interest in both denying China the technological means to engage in activities that threaten U.S. national security (such as spying on U.S. telecommunications networks), as well as blunting China’s ability to dominate the technologies of the future (such as artificial intelligence). In the face of such risks, NSD officials have also sought to incentivize disclosures from U.S. companies targeted by Chinese economic espionage. Key Considerations Timing The 2019 NSD Guidance makes explicit the stringent timing requirement applicable to VSDs for a company to qualify for full mitigation credit. DOJ requires companies to submit a VSD to the relevant office of the Counterintelligence and Export Control Section (“CES”) of the NSD at substantially the same time that it submits a VSD related to the matter to the appropriate regulatory agency, whether that is DDTC, BIS, OFAC, or a combination thereof. While this timing requirement was included in the 2016 NSD Guidance, the revised policy emphasizes the point with more blunt language. The 2016 NSD Guidance indicated that a VSD must be submitted to DOJ “within a reasonably prompt time after becoming aware of the offense,” with the burden on the company to demonstrate timeliness. In export control and sanctions cases, it is now clear that the VSD must be submitted to DOJ at substantially the same time that it is submitted to DDTC, BIS, or OFAC, as the case may be. Timely and Appropriate Remediation The 2019 NSD Guidance generally harmonizes the requirements for companies disclosing export control and sanctions-related violations with those applicable to FCPA-related matters. The 2016 NSD Guidance was already substantially similar to the CEP, but with several subtle divergences. For example, the 2016 NSD Guidance lacked the CEP’s root cause analysis requirement; the 2016 NSD Guidance did not require companies to conduct a “root cause” analysis to determine the causes of the underlying misconduct in the export control and sanctions context. The 2019 NSD Guidance adds the root cause analysis requirement for companies disclosing to NSD. Another point of harmonization relates to the treatment of personal communications and ephemeral messaging systems. Under the CEP, companies are required to implement appropriate guidance and controls on the use of personal communications and ephemeral messaging platforms that undermine a company’s ability to retain relevant business records. The 2019 NSD Guidance incorporates this requirement into the export control and sanctions context. With respect to possible sanctions violations, the 2019 NSD Guidance is also broadly consistent with OFAC’s recent guidance, titled “A Framework for OFAC Compliance Commitments.” That policy, which we described here, sets forth OFAC’s views regarding what constitutes an effective sanctions compliance program and, when violations do occur, provides transparency into how OFAC will assess the adequacy of a company’s compliance program in determining what penalty to impose. The 2019 NSD Guidance similarly includes the implementation of an effective compliance program—which NSD will now evaluate using criteria substantially similar to those described by OFAC—as one of the requirements for a company to remediate a criminal export control or sanctions violation. Aggravating Factors The 2019 NSD Guidance retains and lightly updates the list of aggravating factors specific to violations of export control and sanctions rules. These factors are in addition to others generally applicable to business organizations, which are mirrored in the CEP. The 2016 NSD Guidance also listed examples of aggravating factors specific to the export control and sanctions area, the presence of which in substantial degree would result in a more stringent resolution for the company. The updated list of aggravating factors includes:
  • Exports of items controlled for nuclear nonproliferation or missile technology reasons to a proliferator country;
  • Exports of items known to be used in the construction of weapons of mass destruction;
  • Exports to a Foreign Terrorist Organization or Specially Designated Global Terrorist;
  • Exports of military items to a hostile foreign power;
  • Repeated violations, including similar administrative or criminal violations in the past; and
  • Knowing involvement of upper management in the criminal conduct.
Benefits The 2019 NSD Guidance provides that when a company voluntarily self-discloses export control or sanctions violations to CES, fully cooperates, and timely and appropriately remediates, there is now a presumption that the company will receive an NPA and will not pay a fine, absent aggravating factors like those described above. In cases where a different resolution—such as a DPA or a guilty plea—is warranted due to the presence of aggravating factors, but the company has otherwise satisfied all the requirements set forth in the 2019 NSD Guidance, the company can expect a reduced fine and, provided the company has implemented an effective compliance program, DOJ will not require a monitor. Under the 2016 NSD Guidance, when a company voluntarily self-disclosed criminal violations of export controls and sanctions, fully cooperated, and provided timely and appropriate remediation, the company may have been eligible for a significantly reduced penalty, to include the possibility of (under the best case scenario) an NPA, a reduced period of supervised compliance, a reduced fine and forfeiture, and no requirement for a monitor. Under the CEP, when a company has voluntarily self-disclosed misconduct in an FCPA matter, fully cooperated, and provided timely and appropriate remediation, there is a presumption that the company will receive a declination absent aggravating circumstances involving the seriousness of the offense or the nature of the offender. However, unlike in the FCPA context, DOJ stated today that a declination would generally not be appropriate with respect to export control and sanctions violations because of the likely harm to U.S. national security interests. Voluntary Disclosure Considerations DOJ’s publication of the 2019 NSD Guidance provides additional clarity for businesses confronting the challenging decision of whether to self-report. NSD should be applauded for its efforts to sync its guidance with the CEP. Companies—including now financial institutions—can potentially enjoy the benefit of a presumption in favor of an NPA and no fine in the export control and sanctions space if they meet the requirements set out by NSD with respect to voluntary self-disclosure, cooperation, and remediation. Moreover, by bringing NSD’s guidance more closely into line with the CEP, companies and their counsel can perhaps develop a more consistent, predictable set of expectations about how DOJ’s various components will treat their VSD. The 2019 NSD Guidance creates a more elaborate set of options for corporations, particularly financial institutions. If the disclosure path is pursued, disclosure would possibly be made to NSD, OFAC, and, for financial institutions, prudential regulators as well as potentially to the Money Laundering and Asset Recovery Section of DOJ’s Criminal Division (“MLARS”). As before, when considering whether to self-disclose to DOJ, companies should be mindful of a number of other considerations. Today’s announcement notwithstanding, a company that discovers a potential willful export control or sanctions violation must carefully consider, among other things, the likelihood that DOJ will discover the misconduct (such as through a tip from a whistleblower or another regulator); at what stage in an investigation the misconduct should be disclosed to the government; and to what agencies the disclosure should be made and in what sequence. By taking these and other factors into account, companies that uncover export control and sanctions violations can enhance their prospects of both avoiding a full-blown criminal investigation and minimizing institutional liability to the extent possible.
Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any of the leaders and members of the firm's International Trade, Financial Institutions or White Collar Defense and Investigations practice groups, or the following authors in the firm's Washington, D.C. office: M. Kendall Day (+1 202-955-8220, kday@gibsondunn.com) Adam M. Smith (+1 202-887-3547, asmith@gibsondunn.com) F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com) Stephanie L. Connor (+1 202-955-8586, sconnor@gibsondunn.com) Samantha Sewall (+1 202-887-3509, ssewall@gibsondunn.com) Scott R. Toussaint (+1 202-887-3588, stoussaint@gibsondunn.com) Please also feel free to contact any of the following practice group leaders: International Trade Group: Ronald Kirk - Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Judith Alison Lee - Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Financial Institutions Group: Matthew L. Biben - New York (+1 212-351-6300, mbiben@gibsondunn.com) Stephanie Brooker - Washington, D.C. (+1 202-887-3502, sbrooker@gibsondunn.com) Arthur S. Long - New York (+1 212-351-2426, along@gibsondunn.com) White Collar Defense and Investigations Group: Joel M. Cohen - New York (+1 212-351-2664, jcohen@gibsondunn.com) Charles J. Stevens - San Francisco (+1 415-393-8391, cstevens@gibsondunn.com) F. Joseph Warin - Washington, D.C. (+1 202-887-3609, fwarin@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

December 5, 2019 |
New Guidance on Internal Compliance Programs (“ICPs”) – What Regulators on Both Sides of the Atlantic Expect from International Business

Click for PDF The European Union has become more active in addressing EU common foreign and security policy (“CFSP”) objectives with the help of what it calls “restrictive measures,” i.e., EU Financial and Economic sanctions. As indicated in our recent client alert, The EU Introduces a New Sanctions Framework in Response to Cyber-Attack Threats and even more recent by introducing a framework for EU Financial Sanctions against Turkey,[1] it has also specifically started to unilaterally implement sanctions addressing EU security concerns, including issues beyond traditional areas addressed by sanctions such as “traditional” sanctions imposed due to terrorism and international relations-based grounds. We have discussed this development and respective challenges in our recent publication U.S., EU, and UN Sanctions: Navigating the Divide for International Business.[2] Furthermore, the EU Commission started to become more vocal on how it expects individuals and companies under its jurisdiction to implement those restrictive measures. A good example is the detailed guidance provided with regard to the EU Blocking Statute. As shown below, the EU Commission has moved forward now and published the EU Guidance on Internal Compliance Programmes (“ICPs”) for dual-use trade controls.[3] In the following, we shall highlight key recommendations of the EU guidance and some additional points we consider helpful. Please note that the competent authorities of EU member states might have additional requirements and expectations.[4] In some respects, these developments in the EU mirror recent developments in the United States. The U.S. Department of Commerce Bureau of Industry and Security (“BIS”) has previously published compliance guidance for the export of dual-use items that closely tracks the EU Commission’s guidance on ICPs.[5] The EU guidance also references similar advice on internal compliance programs published by the U.S. Department of State.[6] Most recently, the Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), which administers U.S. sanctions, has published guidance on sanctions compliance best practices, advising companies to implement compliance programs with similar central features. For companies with an U.S. nexus, we suggest additionally reviewing these resources, as well as our recent client alert OFAC Releases Detailed Guidance on Sanctions Compliance Best Practices.

1.   EU Commission recommendations on internal compliance programs

The guidance issued by the EU Commission is intended to support companies with applying a framework to identify, manage and mitigate risks associated with dual-use trade controls and to ensure compliance with the relevant EU and national law and regulations[7]. The guidance consists of seven core elements representing what the EU Commission believes should be the “cornerstones”[8] of a company’s individual ICP.[9] While it notes that there is no one-size-fits-all approach, it also notes that “A company’s approach to compliance that includes policies and internal procedures for, at least, all the core elements could be expected to be in line with the EU ICP guidance for dual-use trade controls.[10] While the focus of the guidance is on managing dual-use trade[11] control impact and mitigating associated risks[12], we believe it also sheds a light on general expectations the EU Commission has with respect to internal compliance programs regarding sanctions and export controls.

1.1   Risk assessment

Prerequisite for the installation of an ICP is an assessment of the company’s business activities and their related risk of violating EU export controls, specifically the dual-use regulations. Rather than identifying every single exposure to EU regulation, this risk assessment serves as a basis to design an ICP tailor-made for the company.[13] Furthermore, we suggest that in case the risk profile changes, such risk assessment should be rerun and—if deemed necessary—the ICP should be revised to fit the changed risk profile.

1.2   Top-level management commitment to compliance

The top-level management should continuously and distinctly express their commitment to a culture of compliance in order to lead by example. Regularly communicating corporate commitment to compliance to all employees and defining expectations, both orally and in writing, is considered vital in order to encourage such a culture of compliance.[14] We further suggest such making sure this commitment—including the way it was expressed—is well-documented. Furthermore, any expressed commitment to compliance should be reviewed by counsel to ensure the statement itself does not cause regulatory concerns in light of applicable anti-boycott law. For example, a statement made by a German resident noting, “Our company fully complies with all U.S. sanctions,” is itself a breach of applicable law in Germany, specifically section 7 of the German Trade Ordinance.

1.3   Organization structure, responsibilities and resources

According to the EU guidelines, companies should create an internal organizational chart in order to define responsibilities and assign functions to various employees. It is also suggested that companies designate at least one person in control of the overall compliance commitment (in some EU Member States this person must be part of the top-level management)and at least one employee in charge of the dual-use trade control function.[15] The personnel overseeing compliance with dual-use regulations needs to be authorized to stop transactions and has to be guarded from potential conflicts of interest. Additionally, companies are advised to give these personnel access to relevant legislation, especially the latest lists of controlled goods and embargoed or sanctioned destinations and entities, and to gather all relevant compliance-related documents (policies and procedures) and assemble them in a “compliance manual.”

1.4   Training and awareness raising

Companies should also require periodic training (in the form of external seminars or in-house training events, etc.) to keep the control staff up-to-date with the dual-use regulations and the company’s ICP.[16] Training sessions may also include lessons learned from performance reviews. Moreover, as potential compliance issues are a concern at all relevant levels of a company, measures to raise awareness for such issues should be taken accordingly.

1.5   Transaction screening process and procedures

Establishing standardized transaction processes and procedures can help ensure compliance with relevant export law. This is best achieved by collecting and analysing all relevant information concerning item classification, transaction risk assessment, license determination and post-licensing controls.[17] Even if all necessary information is readily available, it remains challenging to verify a certain item classification from a legal perspective as the performance characteristics of an item need to be checked against the EU and national dual-use control lists. This classification regularly demands cooperation between different departments of a company, such as a cooperation between the competent technical department and the legal team.[18] Companies may also directly contact the competent authority and ask for assistance with the classification after providing a detailed technical description of the respective item. At the competent authorities, such mix of personnel is mirrored, e.g. the competent German authority, the Federal Office for Economic Affairs and Export Control (BAFA), employs both (legally trained) engineers / technicians and lawyers.

1.6   Transaction risk assessment

Companies also need to ascertain whether their counterparties (intermediaries, purchasers, consignees or end users) are subject to any embargoes or sanctions. The guidance of the EU Commission proposes acquiring end-use statements from customers, checking the reliability of end users with the national competent authority and to giving attention to diversion risk indicators. If information learned or acquired from the competent authority gives cause for concern, procedures must be in place to avert any export without the authority’s explicit permit.[19]

1.7   Licensing

The company should ensure that it has all relevant contact details of the competent control authority. Moreover, the exporter should be aware that exports via cloud services or personal baggage and other activities such as providing technical assistance and brokering are subject to dual-use control measures.[20]

1.8   Post-licensing controls

A final check should be conducted to make sure that all steps ensuring compliance were duly taken and that licenses have not been invalidated since their issuance due to changes of the details of the exporter, the intermediaries or the end users.[21] A procedure to stop or suspend the export—if necessary—should be implemented. Note that companies are still obligated to independently investigate the lawfulness of the transaction.[22]

1.9   Performance review, audits, reporting and corrective actions

According to the guidelines, it is essential to implement procedures that regularly analyse, test, evaluate, and revise the company’s ICP (e.g., in the form of targeted and documented audits).[23] Furthermore, specific reporting procedures should be in place in order to enable the company to take the required action when a case of noncompliance is suspected or has occurred. Employees must also feel secure to express concerns about noncompliance or the operational reliability of the ICP. Any suspected noncompliance should be documented. After taking effective corrective actions, the relevant personnel should be informed of those measures.

1.10   Record-keeping and documentation

The company should establish policies for legal document storage, record management and traceability of trade control-related activities.[24] This may be legally required in some cases, but it also generally renders the search for legal documents more effective. The relevant EU and national legal provisions for record-keeping (period of safekeeping, scope of documents, etc.) should be reviewed before establishing such a filing system. Additionally, it is suggested that the company keep track of past contacts with responsible authorities.

1.11   Physical and information security

Due to the generally high sensitivity of dual-use items, companies are requested to introduce procedures to prevent the unapproved access to and removal of controlled items. With regard to physical items, the establishment of restricted access areas, personnel access or exit controls or physically safeguarding the respective item should be considered. To assure the security of physically intangible technology, the guideline recommends, among other steps, that the company install antivirus programs, file encryption and firewalls[25].

2.   Outlook

Taking into account both the new EU guidance and the Framework for OFAC Compliance Commitments,[26] there is a clear trend visible from authorities to voice and detail their expectations on how companies should address sanctions and export control compliance. In turn, it can be expected that noncompliance with such expectations will increasingly be under enhanced regulatory scrutiny. ___________________    [1]   See: Press release of the Council of the EU: Turkey's illegal drilling activities in the Eastern Mediterranean: Council adopts framework for sanctions, available online at: https://www.consilium.europa.eu/en/press/press-releases/2019/11/11/turkey-s-illegal-drilling-activities-in-the-eastern-mediterranean-council-adopts-framework-for-sanctions/.    [2]   A. Smith, S. Connor and R. Roeder, U.S., EU, and UN Sanctions: Navigating the Divide for International Business, Bloomberg, 2019, ISBN 978-1-68267-281-5. The first chapter can be found online at: https://www.gibsondunn.com/wp-content/uploads/2019/11/Smith-Connor-Roeder-US-EU-and-UN-Sanctions-Navigating-the-Divide-for-International-Businesses-Bloomberg-Law-2019.pdf.    [3]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 3/18.    [4]   E.g. for Germany, please see: Internal Compliance Programmes – ICP - Company-internal export control systems, available online at: www.bafa.de › Downloads › afk_merkblatt_icp_en.    [5]   https://www.bis.doc.gov/index.php/documents/pdfs/1641-ecp/file.    [6]   https://icp.acis.state.gov/.    [7]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 1/18.    [8]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 3/18.    [9]   Please note that the EU ICP guidance makes reference to the 2011 Wassenaar Arrangement Best Practice Guidelines on Internal Compliance Programmes for Dual-Use Goods and Technologies (available online at https://www.wassenaar.org/app/uploads/2015/06/2-Internal-Compliance-Programmes.pdf); the “Best Practice Guide for Industry” from the Nuclear Suppliers Group (NSG), click here; the ICP elements in the Commission Recommendation 2011/24/EU; the results from the fourth Wiesbaden Conference (2015) on “Private Sector Engagement in Strategic Trade Controls: Recommendations for Effective Approaches on United Nations Security Council Resolution 1540 (2004) Implementation”; and the 2017 United States Export Control and Related Border Security Program ICP Guide website (available online at http://icpguidelines.com/). [10]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 3/18. [11]  Council Regulation (EC) 428/2009, regularly referred to as the EU Dual-Use Regulation, has set up an EU regime for the control of export, transit and brokering of dual-use items in order to contribute to international peace and security by precluding the proliferation of nuclear, chemical, or biological weapons and their means of delivery. To adapt to the rapidly changing technological, economic and political circumstances, the EU Commission presented a proposal in September 2016 to update and expand the existing rules that was supported by the European Parliament in its first report on the matter.  On June 5, 2019, the Council issued its own parameters for negotiations with the European Parliament seeking a more limited recast of the dual-use regulation.  Thereby the discussion mainly focuses on the classification of cyber surveillance technologies as dual-use goods and the possibility of a resulting discrimination of EU companies.  Considering the ongoing discussions, we do not expect the implementation to take place in the coming weeks.  The progress of the respective discussion can be viewed at : http://www.europarl.europa.eu/legislative-train/theme-europe-as-a-stronger-global-actor/file-review-of-dual-use-export-controls. [12]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 3/18. [13]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 4/18. [14]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – pages 5/18 and 6/18. [15]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 6/18. [16]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 7/18. [17]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 7/18. [18]   For best practices from a company perspective please see: Müller, Alexandra / Groba, Alexander in AW-Prax 2019 – page 300. [19]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 9/18. [20]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 10/18. [21]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 10/18. [22]   Müller, Alexandra / Groba, Alexander in AW-Prax 2019 – page 303. [23]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 10/18. [24]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 11/18. [25]   https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019H1318&from=EN – page 12/18. [26]   https://www.treasury.gov/resource-center/sanctions/Documents/framework_ofac_cc.pdf.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Patrick Doris, Michael Walther, R.L. Pratt and Richard Roeder. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Samantha Sewall - Washington, D.C. (+1 202-887-3509, ssewall@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Nicolas Autet - Paris (+33 1 56 43 13 00, nautet@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

November 26, 2019 |
U.S. Congress Passes The Hong Kong Human Rights and Democracy Act of 2019; Awaiting Presidential Signature

Click for PDF On November 21, 2019, amid mounting tensions between China and Hong Kong, the U.S. Congress passed the Hong Kong Human Rights and Democracy Act of 2019 (the “Bill”)[1] and sent it to the President for his signature.  The Bill, which aims to protect civil rights in Hong Kong and to deter human rights violations in the territory (including by punishing those who commit them), was passed by supermajorities in both houses of Congress—the House of Representatives approved the Bill by a 417-1 margin, while the Bill received unanimous support in the Senate.[2]  As of this writing, the President has not signed the legislation. On November 22, 2019, President Trump suggested that he might veto the Bill in order to prioritize a trade deal with China, despite the fact that the President’s ability to exercise such authority will be limited because the Bill passed both houses of Congress with rare veto-proof majorities.  Although the U.S. Congress has the power to create the law, the U.S. President has sole enforcement authority, and President Trump may still be able to express his displeasure with the Bill by narrowly interpreting the law’s provisions.  We would expect that the President could announce his desire to narrowly interpret the law in a signing statement made simultaneous with his signing of the Bill. The Bill has received widespread support from the Hong Kong protestors, whose activities over the past several months have often included calls on Washington to show its support for their movement. On the other hand, the Bill has been met with strong opposition in Hong Kong and China due to concerns that the legislation could disrupt economic stability in Hong Kong, as well as worsen the existing trade relationship between Hong Kong and the United States.[3] In Hong Kong, Chief Executive Carrie Lam has said that foreign interference in Hong Kong’s internal affairs is “totally unacceptable” and that any sanctions imposed by Washington would only serve to complicate matters further.[4] Beijing has also characterized the Bill as an interference in China’s domestic affairs and has threatened to take “strong countermeasures” against the United States if the Bill is implemented.[5] Overview of the Hong Kong Human Rights and Democracy Act 2019 If enacted, the Bill would amend the United States-Hong Kong Policy Act of 1992 (the “1992 HK Act”), the primary legislation that governs the United States’ relationship with Hong Kong. The 1992 HK Act statute allows Hong Kong to be treated separately from mainland China on various economic matters such as trade. An earlier version of the Bill had been introduced in 2014 in response to the “Umbrella Revolution” that took place in Hong Kong that year;[6] and an updated version was again introduced in 2017. However, the Bill only gained legislative traction this year as violence in Hong Kong escalated. The protests, which have spanned more than 22 weeks, originally began in June. They were spurred by a now-withdrawn bill that would have allowed extraditions from Hong Kong to mainland China, among other jurisdictions, a move that many Hong Kongers viewed as an attempt to circumvent the “one country, two systems” rule and erode human rights in the territory.[7] The protests have since grown into a bigger movement, including broader demands for democracy, such as universal suffrage and the ability for Hong Kongers to elect its own leaders, as set out under the Basic Law of the Hong Kong Special Administrative Region (the “Basic Law”).[8] Other demands that the protestors have made also include calls to establish an independent commission of inquiry to look into alleged police brutality against protestors. The Bill, if signed into law, will increase the United States’ scrutiny over the situation in Hong Kong. According to the Bill, the objective of the legislation is to “reaffirm the principles and objectives set forth in the [1992 HK Act]”.[9] The Bill also calls for Hong Kong to remain “sufficiently autonomous from the People’s Republic of China to ‘justify treatment under a particular law of the United States, or any provision thereof, different from that accorded to the People’s Republic of China.’”[10] Similar to the 1992 HK Act, the Bill requires an annual assessment of Hong Kong’s autonomy to determine whether it should continue to be treated differently from mainland China. Additionally, the Bill introduces the potential imposition of U.S. sanctions in response to human rights violations in Hong Kong. The following is a summary of the key provisions of the Bill: Annual Certification of Hong Kong Under the provisions of the Bill, on an annual basis the U.S. Secretary of State will be required to report to the Congress the U.S. Government’s view as to whether Hong Kong retains sufficient autonomy to merit its continued enjoyment of economic treatment by the United States distinct from (and in almost all cases more favorable than) the treatment provided to the mainland.[11] Furthermore, the report must include “an assessment of the degree of any erosions to Hong Kong’s autonomy” that have an impact on a number of matters such as commercial agreements, sanctions enforcement, export controls, and any other agreements and forms of exchange involving dual-use, critical, or other sensitive technologies as a result of any action taken by the Chinese government that is inconsistent with its commitments under the Basic Law or the Sino-British Joint Declaration of 1984.[12] Importantly, under the Bill a positive assessment that allows the continued differentiated treatment between Hong Kong and mainland China does not require that Beijing allow for further democratization in Hong Kong. Annual Report on Violations of U.S. Export Control Laws and UN Sanctions in Hong Kong The Bill also requires the U.S. Secretaries of the Treasury and State to submit a separate joint report to Congress that includes:

  1. an assessment of the nature and extent of violations of U.S. export control and sanctions laws occurring in Hong Kong;
  2. an identification of items reexported from Hong Kong in violation of U.S. export control and sanctions laws, including the countries and persons to which the items were reexported to, and how such items were used;
  3. an assessment of whether sensitive dual-use items subject to U.S. export control laws are being transhipped through Hong Kong and used to develop mass surveillance programs in China;
  4. an assessment of whether China has been using Hong Kong’s status as a separate customs territory to import goods into China from Hong Kong in contravention of U.S. export control laws through certain schemes or programs that may exploit Hong Kong as a conduit for controlled sensitive technology;
  5. an assessment of whether Hong Kong has adequately enforced sanctions imposed by the United Nations (“UN”);
  6. a description of the types of goods and services transhipped or reexported through Hong Kong in violation of UN sanctions to North Korea, Iran, or other high risk jurisdictions or entities; and
  7. an assessment of whether any shortcomings in Hong Kong’s enforcement of sanctions and export controls necessitates the assignment of additional personnel to the U.S. Consulate of Hong Kong.[13]
Promulgation of U.S. Sanctions in Response to Human Rights Violations in Hong Kong The Bill empowers the President to impose sanctions on individuals deemed responsible for “the extrajudicial rendition, arbitrary detention, or torture of any person in Hong Kong” or “other gross violations of internationally recognized human rights in Hong Kong.”[14] The potential sanctions that could be imposed are varied, and could include asset blocking which would effectively blacklist any identified party from participating in transactions with U.S. persons. This would be akin to adding such a party to the U.S. Specially Designated Persons and Blocked Persons List (the “SDN List”), freezing any property owned by such a party in the United States, and prohibiting any transactions involving such a party that has a U.S. nexus.[15] This would also greatly limit the designated party’s ability to engage in U.S. Dollar trade (which almost always requires clearing through a bank under U.S. jurisdiction). Other types of sanctions that could be imposed include the revocation or denial of U.S. visas currently issued or to be issued to identified individuals.[16] On the other hand, the Bill provides that visa applications from Hong Kong applicants will not be denied on the basis of “politically motivated arrest, detention, or other adverse government action.”[17] Implications of the Hong Kong Human Rights and Democracy Act 2019 Potential Impact on Hong Kong Companies Under the 1992 HK Act, Hong Kong’s distinct trading status from China has meant that it enjoys protection from punitive tariffs that the United States has imposed on China, including the tariffs that are currently in force as a result of continuing U.S.-China trade disagreements. If the Bill becomes law and Hong Kong’s protected status is eroded or removed, the impact could be significant for both Hong Kong and U.S. companies. As discussed, the Bill requires the U.S. Secretary of State to assess and certify on an annual basis, whether Hong Kong should continue to enjoy its special trade benefits vis-à-vis the United States. An adverse assessment could potentially threaten this status. Hong Kong is currently the United States’ 21st largest trading partner, with goods and services trade with Hong Kong amounting to nearly $70 billion in 2018.[18] Any limitations on trade imposed on Hong Kong could also threaten its reputation as a global financial hub – which has relied, at least in part, on its preferential trading relationship with counterparties including the United States. More than 1,300 U.S. firms currently operate in Hong Kong, and nearly every major U.S. financial firm maintains a presence in the territory, with billions of dollars of assets under management.[19] Hong Kong also risks losing ready access to U.S. technologies that are more tightly controlled when exported to China as the Bill could result in the United States imposing the same export controls on Hong Kong as it places on China. Potential Impact on U.S. Companies The impact of the Bill on the United States could be broader than trade-related losses with respect to Hong Kong. The Bill could stall trade talks between the United States and China and derail plans between the two nations to complete a “phase one” trade deal that had been announced earlier in November.[20] Even more significantly, the Bill may invite China to impose its long-threatened countersanctions against U.S. companies. Following its recent favourable World Trade Organization decision against the United States, China may find justification to impose $3.6 billion in tariffs against the United States.[21] The Bill could spur China to place additional sanctions on key U.S. imports such as aircraft, services, and wider manufacturing. Earlier in June 2019, aerospace manufacturer Boeing was reportedly in talks with Chinese air carriers for a potential $30 billion deal for the sale of wide-body aircraft, which would be one of the largest orders ever placed.[22] The deal has been threatened by the ongoing trade war, and may be subject to further delay or even cancellation if the Bill becomes law and dealings with U.S. firms become more sensitive for major Chinese entities.[23] Perhaps most aggressively, China could go as far as to proscribe some U.S. companies from doing business in China – effectively placing U.S. firms on a Chinese blacklist. Beijing has threatened such a response in the past but has yet to fully enact such a consequence. China announced the beginnings of such a list earlier in 2019 in response to the U.S. restrictions placed on Huawei Technologies Co.[24] At that time, China announced plans to establish an “unreliable entity” list that targets foreign companies or persons who China deems as severely damaging the legitimate interests of Chinese companies by, amongst others, blocking or cutting off supply chains for “non-commercial reasons.”[25] _________________________ [1]   Summary of 116thCongress (2019-2020) (Nov. 21, 2019), https://www.congress.gov/bill/116th-congress/senate-bill/1838/summary/55 [2]   See Jacob Pramuk, Congress passes Hong Kong rights bill as Trump tries to strike China trade deal, CNBC (Nov. 20, 2019), https://www.cnbc.com/2019/11/20/house-passes-hong-kong-rights-bill-amid-trump-china-trade-talks.html [3]   See Tobias Hoonhout, China Calls Senate’s Passing of Hong Kong Human Rights and Democracy Act ‘Very Disappointing’, National Review (Nov. 20, 2019), https://www.nationalreview.com/news/china-calls-senates-passing-of-hong-kong-human-rights-and-democracy-act-very-disappointing/ [4]   See Iain Marlow and Daniel Flatley, What the U.S. Congress Is and Isn’t Doing About Hong Kong, Washington Post (Nov. 18, 2019), https://www.washingtonpost.com/business/what-the-us-congress-is-and-isnt-doing-about-hong-kong/2019/11/18/d51ab226-0a19-11ea-8054-289aef6e38a3_story.html [5]   See China warns U.S. of “strong countermeasures” to looming legislation on Hong Kong, CBS News (Nov. 21, 2019), https://www.cbsnews.com/news/china-hong-kong-human-rights-and-democracy-act-2019-strong-countermeasures-beijing-today-2019-11-21/ [6]   Hong Kong Human Rights and Democracy Act, S. 2922 [7]   See Senate Passes Bill Supporting Human Rights in Hong Kong as Protests Show No Sign of Abating, Associated Press (Nov. 20, 2019), https://time.com/5733673/senate-human-rights-democracy-act-hong-kong/ [8]   See Hong Kong’s Protests Explained, Amnesty International (undated), https://www.amnesty.org/en/latest/news/2019/09/hong-kong-protests-explained/ [9]   Section 3 of the Hong Kong Human Rights and Democracy Act of 2019, S. 1838 [10]   Id. [11]   Id at Section 4 [12]   Id. [13]   Id at Section 5. [14]   Id at Section 7. [15]   Id. [16]   Id. [17]   Id at Section 4. [18]   Office of the United States Trade Representative Hong Kong Report. [19]   United States Department of State 2019 Hong Kong Policy Act Report. [20]   See US and China ‘getting close’ to trade deal, White House economic advisor Kudlow says, CNBC (Nov. 15, 2019), https://www.cnbc.com/2019/11/15/us-china-getting-close-to-trade-deal-white-house-advisor-kudlow.html [21]   See Robert Delaney, China wins WTO case to sanction US$3.6 billion in US products following anti-dumping dispute, South China Morning Post (Nov. 2, 2019), https://www.scmp.com/news/china/article/3036010/china-wins-wto-case-sanction-us36-billion-us-trade [22]   See Boeing and Chinese airlines in talks for US$30 billion mega-deal that trade war could derail, South China Morning Post (Jun. 6, 2019), https://www.scmp.com/news/china/article/3013289/boeing-and-chinese-airlines-talks-us30-billion-mega-deal-trade-war-could [23]   See Explainer: U.S.-China trade war – the levers they can pull, Reuters (Jun. 6, 2019), https://www.reuters.com/article/us-usa-trade-china-levers-explainer/explainer-u-s-china-trade-war-the-levers-they-can-pull-idUSKCN1T62KY [24]   Gibson Dunn Client Alert (May 20, 2019), Citing a National Emergency, the Trump Administration Moves to Secure U.S. Information and Communications Technology and Service Infrastructurehttps://www.gibsondunn.com/?search=news&article-type=publications&s=huawei&year=&practice%5B%5D=1680 [25]   See What We Know About China’s ‘Unreliable Entities’ Blacklist, Bloomberg News (Jun. 4, 2019), https://www.bloomberg.com/news/articles/2019-06-04/understanding-china-s-unreliable-entities-blacklist-quicktake
The following Gibson Dunn lawyers assisted in preparing this client update: Adam Smith, Grace Chow, Stephanie Connor, Chris Timura, Judith Alison Lee, David Lee, Brian Schwarzwalder, Scott Jalowayski, Kelly Austin, John Fadely, Fang Xue, Paul Boltz, and Yi Zhang. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm's International Trade practice group, or the authors: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) David C. Lee - Orange County, CA (+1 949-451-3842, dlee@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Asia: Kelly Austin - Hong Kong (+852 2214 3788, kaustin@gibsondunn.com) Paul Boltz - Hong Kong (+852 2214 3723, pboltz@gibsondunn.com) Grace Chow - Singapore (+65 6507 3632, gchow@gibsondunn.com) John Fadely - Hong Kong (+852 2214 3810, jfadely@gibsondunn.com) Scott Jalowayski - Hong Kong (+852 2214 3727, sjalowayski@gibsondunn.com) Brian Schwarzwalder - Hong Kong (+852 2214 3712, bschwarzwalder@gibsondunn.com) Fang Xue - Beijing (+86 10 6502 8687, fxue@gibsondunn.com) Yi Zhang - Hong Kong (+852 2214 3988, yzhang@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

November 15, 2019 |
U.S., EU, and UN Sanctions: Navigating the Divide for International Business

Washington, D.C. partner Adam Smith and of counsel Stephanie Connor and Munich associate Richard Roeder are the authors of U.S., EU, and UN Sanctions: Navigating the Divide for International Business, published by Bloomberg Law in 2019. The first chapter “Introduction – The Golden Age of Sanctions” can be viewed here.

November 4, 2019 |
Adam Smith Named Among Global Investigation Review’s 25 Most Respected Sanctions Lawyers in Washington, D.C.

Global Investigations Review named Washington, D.C. partner Adam Smith among its 25 Most Respected Sanctions Lawyers in Washington, D.C., which features individuals who are most trusted with sanctions cases and “are working on the most significant cases.” The list was published November 1, 2019. Adam Smith is an experienced international lawyer with a focus on international trade compliance and white collar investigations, including with respect to federal and state economic sanctions enforcement, CFIUS, the Foreign Corrupt Practices Act, embargoes, and export controls.

October 18, 2019 |
New U.S. Sanctions Targeting Turkish Government in Response to Military Operations in Syria

Click for PDF On October 14, 2019, the Trump administration authorized new sanctions against the Government of Turkey in response to that country’s recent military incursion into northern Syria, an action the U.S. government condemned as “endangering innocent civilians, and destabilizing the region, including undermining the campaign to defeat ISIS.”[1],[2] Based on that authority, the Treasury Department immediately issued sanctions against Turkey’s Ministry of Energy and Natural Resources and Ministry of National Defense, as well as three senior officials. The Trump administration announced that these sanctions would be accompanied by an increase in steel tariffs and the halt to negotiations over a $100-billion trade deal with Turkey.[3] At the same time, the U.S. Department of Justice indicted Halk Bank, a Turkish financial institution, for evading separate sanctions regarding Iran, among other charges.[4] Three days later on October 17, after Vice President Pence and other senior U.S. officials traveled to Ankara, the Turkish government agreed to a limited five-day ceasefire to allow the withdrawal of Kurds outside a designated “safe-zone.”[5] The resulting joint U.S.-Turkish statement on the ceasefire noted that, once Turkish military operations are paused, “the U.S. agrees not to pursue further imposition of sanctions under the Executive Order of October 14.”[6] However, the military situation in northern Syria remains fluid, as does U.S.-Turkish diplomatic engagement, leaving uncertain the status of this new sanctions regime in the near term. The new sanctions are only the second time[7] that the U.S. Government has sanctioned governmental entities of a G20 country, and the first sanctions that the U.S. Government has issued against the government ministries of a NATO member.[8] The new sanctions are therefore likely to have significant impacts for U.S. and multinational companies doing business in Turkey, particularly those with counterparties in the defense and energy sectors. The Executive Order also authorizes the application of secondary sanctions against foreign financial institutions that continue to do business with listed entities and provides additional authority against individuals who interfere with a potential future peace process in Syria.[9] While the Treasury Department issued a general license allowing U.S. Government employees, grantees, and contractors to conduct the official business of the U.S. government with the listed Turkish entities, this license is unlikely to authorize U.S. company engagement in direct commercial sales of defense articles and services, and other goods and services, to the Ministries of National Defense and Energy and Natural Resources.[10] U.S. companies have until November 13, 2019 to wind down their operations and pre-existing contracts with those Turkish ministries.[11] The Executive Order’s primary authorities, delineated in Section 1, enable the U.S. government to freeze property and assets of current and former Turkish officials, as well as subsets of the Turkish government, that the U.S. Treasury Secretary, in consultation with the State Department, determines are contributing to ongoing instability in the Syrian conflict or committing serious human rights abuses.[12] The scope of the order also extends to those who “materially assist” Turkish entities designated under the sanctions regime and is not limited to material assistance with any specific conduct that prompted the entities’ designation.[13] Pursuant to Section 1, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) immediately designated Turkey’s Ministry of Energy and Natural Resources and Ministry of National Defense to the Specially Designated and Blocked Persons (“SDN”) list.[14] OFAC also designated three senior Turkish officials—Minister of National Defense, Hulusi Akar; Minister of Interior, Suleyman Soylu; and Minister of Energy, Fatih Donmez—to the SDN list.[15] As a result of these designations, U.S. persons are generally prohibited from dealing with the listed Turkish agencies and individuals, and all assets under U.S. jurisdiction owned or controlled by the sanctioned entities will be frozen. However, the scope of this new sanctions regime extends beyond those entities immediately listed. Section 1 of the Executive Order lays the groundwork for persons and entities operating in additional sectors of the Turkish economy to be designated, and Section 2 allows the U.S. Secretary of State to authorize sanctions against anyone responsible for or complicit in disrupting or preventing a potential ceasefire or political solution to the Syrian conflict, including those brokered by the United Nations.[16] Separately, Section 3 of the order allows the U.S. Treasury Secretary to impose sanctions on any foreign financial institution that knowingly facilitates a financial transaction for or on behalf of an entity designated as an SDN pursuant to Section 1.[17] Specifically, the Executive Order authorizes the Secretary of Treasury to prohibit or restrict the opening or maintenance of correspondent or payable-through accounts in the United States.[18] OFAC issued three general licenses providing limited exemptions to compliance with the Executive Order. The first license exempts from the scope of the sanctions regime any interaction with the listed Turkish entities as a result of official business by the U.S. government, its employees, grantees, or contractors.[19] The second license provides for a period of time—from October 14, the date of the sanction’s implementation, to 12:01 a.m. on November 13—for companies to wind down their contracts, operations, and other agreements involving the Ministries of National Defense and Energy and Natural Resources.[20] The third license exempts from compliance certain international organizations affiliated with the United Nations, such as the World Bank and World Health Organization.[21] Given the significant ties between the defense sectors of the U.S. and Turkish governments in particular, we expect that the October 14 sanctions are likely to have significant impacts, both intended and unintended, on the companies involved in these sectors as well as the U.S. and foreign financial institutions that support those relationships. Notably, General License 1 applies only to official U.S. Government engagement with the Turkish ministries and does not cover U.S. entities with direct commercial relationships with the Ministries of National Defense and Energy and Natural Resources, or any entities owned 50% or more by these ministries that are now blocked as a result of their designation. OFAC has not yet issued guidance on the scope of the official business concept, which will be of keen interest to many companies that have invested significantly over decades in Turkey’s defense industrial base in part to support U.S. government foreign military sales. While foreign military sales may be covered by the official business concept, direct commercial sales of defense articles and services may not be. Foreign joint ventures with a U.S. partner and foreign subsidiaries of U.S. companies are not directly subject to the new sanctions regime. However, depending on the specific joint venture arrangements and the business of the foreign subsidiaries, the U.S. joint venture partner or parent company may need to cease supporting any work by November 13, 2019, absent a specific license. ____________________    [1]   Executive Order, Blocking Property and Suspending Entry of Certain Persons Contributing to the Situation in Syria (Oct. 14, 2019), available at https://www.treasury.gov/resource-center/sanctions/Programs/Documents/syria_eo_10142019.pdf.    [2]   Press Release, U.S. Department of the Treasury, Treasury Designates Turkish Ministries and Senior Officials in Response to Military Action in Syria (Oct. 14, 2019), available at https://home.treasury.gov/news/press-releases/sm792.    [3]   Press Release, White House, Statement from President Donald J. Trump Regarding Turkey’s Actions in Northeast Syria (Oct. 14, 2019), available at https://www.whitehouse.gov/briefings-statements/statement-president-donald-j-trump-regarding-turkeys-actions-northeast-syria/.    [4]   Press Release, U.S. Department of Justice, Turkish Bank Charged in Manhattan Federal Court for its Participation in a Multibillion-Dollar Iranian Sanctions Evasion Scheme (Oct. 15, 2019) available at https://www.justice.gov/usao-sdny/pr/turkish-bank-charged-manhattan-federal-court-its-participation-multibillion-dollar.    [5]   Press Release, White House, The United States and Turkey Agree to Ceasefire in Northeast Syria (Oct. 17, 2019), available at https://www.whitehouse.gov/briefings-statements/united-states-turkey-agree-ceasefire-northeast-syria/.    [6]   Id.    [7]   On December 29, 2016, the Obama administration designated as Specially Designated Nationals (“SDNs”) Russia’s Federal Security Services, or Federalnaya Sluzhba Bezopasnosti (FSB) and the Main Intelligence Directorate of the Russian Ministry of Defense, or Glavenoe Razvedyvatel'noe Uprvalenie (GRU), among other associated entities, for their involvement in cyber operations aimed at the 2016 U.S. presidential election, available at https://www.treasury.gov/resource-center/sanctions/ofac-enforcement/pages/20161229.aspx.    [8]   Last year, the Trump administration levied separate sanctions on the Turkish Interior and Justice Ministers over the detention of an American pastor. Press Release, U.S. Department of the Treasury, Treasury Sanctions Turkish Officials with Leading Roles in Unjust Detention of U.S. Pastor Andrew Brunson (Aug. 1, 2018), available at https://home.treasury.gov/news/press-releases/sm453.    [9]   Executive Order at Section 3, Section 2. [10]   General License 1 to Executive Order of October 14, 2019. [11]   General License 2 to Executive Order of October 14, 2019. [12]   Executive Order at Section 1(a). [13]   Id. at Section 1(a)(E). [14]   U.S. Department of the Treasury, Executive Order on Syria-Related Sanctions; Syria-Related Designations; Issuance of Syria-Related General Licenses (Oct. 14, 2019) available at https://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Pages/20191014.aspx. [15]   Id. [16]   Executive Order at Section 2(a-c). [17]   Id. at Section 3(a-b). [18]   Id. [19]   General License 1 to Executive Order of October 14, 2019. [20]   General License 2 to Executive Order of October 14, 2019. [21]   General License 3 to Executive Order of October 14, 2019.


The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Chris Timura, Stephanie Connor and Brian Williamson. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Nicolas Autet - Paris (+33 1 56 43 13 00, nautet@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

September 20, 2019 |
Proposed CFIUS Regulations: The U.S. Remains Open for Business … but Read the Fine Print

Click for PDF On September 17, 2019, the U.S. Department of the Treasury issued over 300 pages of proposed regulations to implement the Foreign Investment Risk Review Modernization Act of 2018 (“FIRRMA”), legislation that expanded the scope of inbound foreign investment subject to review by the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”). FIRRMA expanded—subject to the promulgation of these implementing regulations—the Committee’s jurisdiction beyond transactions that could result in foreign control of a U.S. business. The Committee's jurisdiction will now include non-passive but non-controlling investments, direct or indirect, in U.S. businesses involved in specified ways with critical technologies, critical infrastructure, or sensitive personal data (referred to as “TID U.S. businesses” for technology, infrastructure, and data) and certain real estate transactions. The comment period will conclude on October 17, 2019, and as required by FIRRMA, the final regulations will become effective no later than February 13, 2020. To date, only certain provisions of FIRRMA have been fully implemented. In late 2018, CFIUS launched a pilot program to require mandatory filings in higher risk “critical technology” investments. For the past year, the pilot program has served as a regulatory laboratory for the Committee—allowing it to experiment with the use of a short-form “declaration” and better assess the issues that arise in non-controlling but non-passive investments. Notably, the pilot program will remain in place for the foreseeable future, and the new proposed regulations will implement the remainder of the Committee’s expanded authority under FIRRMA. Other developments are still to come—including the publication of a list of excepted foreign countries from which certain investors will receive less scrutiny. Key developments are described below.

Covered Investments

  1. No Changes to the Critical Technologies Pilot Program. The proposed regulations leave the existing pilot program for critical technologies untouched. Notably, “critical technologies” is defined to include certain items subject to export controls and other existing regulatory schemes, as well as emerging and foundational technologies controlled pursuant to the Export Control Reform Act of 2018 (“ECRA”). Throughout the summer, several political and non-political leads at the Department of Commerce reported that we can expect new emerging technologies to be identified under specific Export Administration Regulations export control classification numbers (“ECCNs”) within weeks. However, no new emerging technologies ECCNs have been identified since Commerce issued its advanced notice of proposed rule-making (“ANPRM”) on the subject last fall. Commerce has also noted that it plans to release an additional ANPRM focused on foundational technologies in the coming weeks.
  2. Identification of Critical Infrastructure Sectors. CFIUS may review transactions related to U.S. businesses that perform specified functions—owning, operating, manufacturing, supplying, or servicing—with respect to critical infrastructure across subsectors such as telecommunications, utilities, energy, and transportation. Relying in part on the definition provided in the USA Patriot Act of 2001, the new regulations define “critical infrastructure” to include physical or virtual systems or assets the destruction or incapacitation of which would have a debilitating impact on U.S. national security. Previously, President Obama used this definition to identify 16 critical infrastructure sectors meriting special protection and assistance. CFIUS is more specific in its new regulations, listing 28 particular types of “covered investment critical infrastructure” that require additional investment protection. This list, provided in an Appendix to the new regulations, includes a range of technology and assets—from producers of certain steel alloys to industrial control systems used by interstate oil pipelines with specified diameters. However, only U.S. businesses that perform the specific functions matched to each particular type of infrastructure are TID U.S. businesses. For example, companies providing physical or cyber security to a crude oil storage facility would be TID U.S. businesses, but those that provide fencing around the facility or commercially available off-the-shelf cyber security software to the facility are not. The new proposed regulations also provide specific definitions for the listed “covered investment critical infrastructure” functions.
  3. Definition of “Sensitive Personal Data.” CFIUS may review transactions related to U.S. businesses that maintain or collect sensitive personal data of U.S. citizens that may be exploited in a manner that threatens national security. “Sensitive personal data” is defined to include ten categories of data maintained or collected by U.S. businesses that (i) target or tailor products or services to sensitive populations, including U.S. military members and employees of federal agencies involved in national security, (ii) collect or maintain such data on at least one million individuals, or (iii) have a demonstrated business objective to maintain or collect such data on greater than one million individuals and such data is an integrated part of the U.S. business’s primary products or services. The categories of data include types of financial, geolocation, and health data, among others. Genetic information is also included in the definition regardless of whether it meets (i), (ii), or (iii).
  4. Excepted Investors from Excepted Foreign States. Under the new regulations, certain foreign investors with ties to “excepted foreign states” will receive preferential treatment with respect to the review of covered investments. The proposed regulations create an exception from covered investments (but not transactions that could result in control) for investors based on their ties to certain countries identified as “excepted foreign states,” and their compliance with certain laws, orders, and regulations (including U.S. sanctions and export controls). An investor’s nationality is not dispositive—the proposed regulations identify criteria that a foreign person must meet in order to qualify for excepted investor status. Among these, investors cannot qualify for and may lose their excepted status if they are parties to settlement agreements with OFAC or BIS, or are debarred by the Department of State, for sanctions or export control violations. This will have a significant impact on foreign companies who run afoul of U.S. sanctions and export control regulations—the potential loss of this status for respondents might have the unintended effect of deterring disclosures to OFAC and BIS by those concerned about the loss of excepted investor status.

A list of factors will be posted on the Department of the Treasury’s website outlining what the Committee will consider when making a determination on whether certain investors from a foreign state will be excepted from CFIUS scrutiny. Such factors will include whether the state has established and is effectively utilizing a robust process to assess foreign investments for national security risks and to facilitate coordination with the United States on matters relating to investment security. The proposed regulations indicate that excepted states will be identified by the CFIUS Chairperson with the agreement of two-thirds of the voting members of the Committee, beginning two years after the effective date of the final rule (most likely February 2022). At the outset, the foreign state exception will likely apply to allies with whom the United States shares intelligence data under the multilateral UKUSA Agreement—Australia, Canada, New Zealand and the United Kingdom.

  1. Mandatory Filing Requirement. The proposed regulations implement FIRRMA’s requirement for mandatory declarations for certain transactions where a foreign government has a substantial interest, in addition to the mandatory filing requirement for certain investments in U.S. critical technology companies under the pilot program. The submission of a declaration is not required with respect to investments by qualified investment funds.Notably, a majority of the declarations filed under the pilot program have been pushed into the standard review process, meaning that the streamlined “light” filing actually resulted in a longer review process for the parties involved. Anecdotal evidence suggests that fewer than 10 percent of cases filed under the pilot program have been decided on the basis of the short-form declaration alone, despite a relatively low volume of filings. Numerous transactions have required the submission of the full notice, and it has been difficult for the intelligence community to complete their full assessment within the allocated 30 days.

Real Estate Transactions

FIRRMA expanded the scope of transactions subject to CFIUS review to include the purchase or lease by a foreign person of real estate that “is, located within, or will function as part of, an air or maritime port…”; “is in close proximity to a United States military installation or another facility or property of the United States Government that is sensitive for reasons relating to national security;” “could reasonably provide the foreign person the ability to collect intelligence on activities being conducted at such an installation, facility, or property; or;” “could otherwise expose national security activities at such an installation, facility, or property to the risk of foreign surveillance.” Although FIRRMA sought to codify the Committee’s standard practice of examining such risks, it punted on the task of defining such terms. As a result, the proposed regulations resolve a number of uncertainties in FIRRMA with respect to how national security risks associated with real estate transactions will be ascertained.
  1. Property Rights that Trigger CFIUS Review. The proposed regulations clarify that—subject to certain exceptions for single housing units and real estate in urbanized areas—real estate transactions subject to the Committee’s review include the purchase or lease by, or a concession to, a foreign person of certain real estate in the United States that affords the foreign person three or more of the following property rights: to physically access; to exclude; to improve or develop; or to affix structures or objects.
  2. Covered Real Estate. Coverage is focused on transactions in and/or around specific airports, maritime ports, and military installations. The relevant military installations are listed by name and location in an appendix to the proposed regulations. The relevant airports and maritime ports are on lists published by the Department of Transportation. Notably, such real estate will include properties located within “close proximity” of any military installation identified in Appendix A, parts 1 and 2, “extended range” of any military installation identified in part 2, and any county or geographic area identified in connection with a military installation set forth in part 3 of Appendix A.
  3. Definition of “Close Proximity” and “Extended Range.” The proposed rule defines close proximity as “the area measured outward from the boundary of the relevant installation or other facility or property.” The close proximity definition applies with respect to most of the military installations described in the proposed rule and in particular, those identified in the list in parts 1 and 2 of Appendix A. “Extended range” is defined as “the area that extends 99 miles outward from the outer boundary of close proximity” but, where applicable, “no more than 12 nautical miles seaward from the coastline of the United States.” The extended range definition applies with respect to military installations described in part 2 of Appendix A.
  4. Exceptions for Certain Investors and Foreign States. The proposed rule sets forth a narrow definition of excepted real estate investor in the interest of protecting national security, in light of increasingly complex ownership structures, and to prevent foreign persons from circumventing CFIUS’s jurisdiction. Thus, the criteria specified in § 802.216 require that a foreign person have a substantial connection (e.g., nationality of ultimate beneficial owners and place of incorporation) to one or more particular foreign states in order to be deemed an excepted real estate investor. Note that foreign persons who have violated, or whose parents or subsidiaries have violated, certain U.S. laws will lose their excepted investor status under these provisions.
  5. Urban Cluster Exception. FIRRMA requires that real estate in “urbanized areas,” as defined by the Census Bureau in the most recent U.S. census, be excluded from CFIUS’s real estate jurisdiction except as otherwise prescribed by the Committee in regulations in consultation with the Secretary of Defense. The urbanized area exclusion applies to covered real estate everywhere except where it is in “close proximity” to a military installation or another sensitive facility or property of the U.S. Government as listed in appendix A, or is, is within, or will function as part of, an airport or maritime port.
  6. Intersection of Real Estate and Other Covered Transactions or Investments. The proposed regulations clarify that real estate transactions that are also subject to CFIUS’s existing and proposed regulations regarding control transactions and non-controlling investments involving U.S. businesses should be analyzed under those regulations.
  7. No Mandatory Filing Requirement. The transactions described in the proposed rule on real estate are not subject to a mandatory declaration requirement. As a general matter, parties to a covered real estate transaction will decide whether to file a notice voluntarily or submit a declaration to CFIUS.

CFIUS Filings

  1. Voluntary Short Form Declarations as Alternative to Notice. The proposed regulations provide a short-form declaration as an alternative to the Committee’s traditional voluntary notice. To date, declarations have only been available under the pilot program. Declarations will allow parties to submit basic information regarding a transaction that should generally not exceed five pages in length. The Department of the Treasury will accept declarations submitted by parties using a standard template form which will be available on the Department of the Treasury’s website by the time the final regulations become effective. The Committee will have 30 days to assess a covered transaction that is the subject of a declaration (as opposed to the 45-day initial review period available for notices).
  2. No Fees to Date. The Department of the Treasury will publish separate proposed regulations regarding fees at a later date.
  3. 5 p.m. Eastern Deadline.  The new regulations impose a 5 p.m. EST filing deadline—a seemingly small point that could have a substantial impact in a cross-border deal involving players in multiple time zones.

Regulatory Framework

The proposed regulations would replace the current regulations found at part 800 of title 31 of the Code of Federal Regulations (31 C.F.R. part 800) and implement the changes that FIRRMA made to CFIUS’s jurisdiction and process with respect to transactions that could result in foreign control of any U.S. business, as well as certain non-controlling “other investments” that afford a foreign person certain access, rights, or involvement in certain types of U.S. businesses. These proposed regulations would establish a new part 802 of title 31 of the C.F.R. and implement the authority FIRRMA provided to CFIUS to review the purchase or lease by, or concession to, a foreign person of certain real estate in the United States. The proposed regulations do not at this time modify the regulations currently at 31 C.F.R. part 801, which set forth the scope of, and procedures for, a pilot program to review certain transactions involving foreign persons and critical technologies. CFIUS continues to evaluate the pilot program.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Jose Fernandez, Adam M. Smith, Stephanie Connor, Chris Timura and R.L. Pratt. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Nicolas Autet - Paris (+33 1 56 43 13 00, nautet@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

August 15, 2019 |
Gibson Dunn Lawyers Recognized in the Best Lawyers in America® 2020

The Best Lawyers in America® 2020 has recognized 158 Gibson Dunn attorneys in 54 practice areas. Additionally, 48 lawyers were recognized in Best Lawyers International in Belgium, Brazil, France, Germany, Singapore, United Arab Emirates and United Kingdom.

August 7, 2019 |
New U.S. Sanctions Targeting Venezuelan Government

Click for PDF On August 5, 2019, the Trump administration imposed new sanctions on the Government of Venezuela by freezing the property and assets of the regime of Venezuelan President Nicolás Maduro as well as those who provide it with “material support.” Issued on the eve of a major international conference on the Venezuelan political crisis in Lima, Peru, the August 5 Executive Order was at first mistakenly characterized in some news reports as a complete “embargo” on Venezuela. In reality, this latest measure is more limited in scope, consisting of a set of sanctions against the Government of Venezuela—and not the country of Venezuela as a whole. Individuals and entities unaffiliated with the Government of Venezuela generally remain unsanctioned and transactions that have no nexus to the Venezuelan government generally remain unrestricted. In terms of its direct impact, the Executive Order’s reach is also blunted somewhat by the fact that Venezuela’s most economically significant actor, the state-owned oil company Petróleos de Venezuela, S.A. (“PdVSA”), was already sanctioned earlier this year, as were Venezuela’s central bank and several of the country’s larger state-affiliated financial institutions. What this latest measure does is fill in the gaps to cover all remaining elements of the Government of Venezuela. As with the previously-imposed sanctions, however, exceptions abound. On August 6, 2019, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued 13 new general licenses and amended 12 previous general licenses to authorize U.S. persons to continue engaging in a range of narrowly defined transactions involving Venezuela’s government. These exceptions are designed to mitigate the impact of U.S. sanctions on the Venezuelan opposition, civil society and multinational companies. In our assessment, the principal significance of the Government of Venezuela being designated lies in the fact that many companies, and financial institutions in particular, are now likely to become even more reluctant to engage in transactions with any nexus at all to the country. While U.S. sanctions against Caracas are still not nearly as broad as those targeting several other countries, we expect that—at least over the near term—many parties will apply to Venezuela-related transactions the same level of scrutiny and concern typically reserved for dealings with Cuba and other comprehensively sanctioned jurisdictions. In fact, the designation of the Government of Venezuela may turn out to be of limited practical significance since so many companies and financial institutions have already made the decision to withdraw from the country. Some companies that have previously received specific licenses from OFAC to undertake certain transactions involving Venezuela have decided not to request an extension when those specific licenses expired. Background As we previously reported, OFAC formally designated Venezuela’s state-owned oil company, PdVSA, to the Specially Designated Nationals and Blocked Persons (“SDN”) List on January 28, 2019, sending shockwaves through global markets. On April 17, 2019, OFAC designated Venezuela’s Central Bank, effectively cutting it off from the U.S. financial system. These designations represented a dramatic escalation of U.S. sanctions targeting Venezuela, which include restrictions on certain debt and equity of the Government of Venezuela; the country’s gold, oil and financial sectors; and those who engage in corrupt conduct involving the Venezuelan government. Key Points

  • Not an Embargo. Although some initial media reports (incorrectly) characterized the new sanctions as a total “embargo” or “blockade” on Venezuela, the action was in reality more circumspect—amounting to an extension of existing U.S. sanctions to the remainder of Venezuela’s embattled government. OFAC quickly confirmed that U.S. persons may continue to transact with Venezuelan persons that are not affiliated with the Government of Venezuela and that are not otherwise subject to U.S. sanctions. See OFAC, Frequently Asked Question (“FAQ”) No. 680 (Aug. 6, 2019). That said, as a practical matter, the designation of the Government of Venezuela will likely cause risk-averse financial institutions and other key counterparties to become even more reluctant to engage in otherwise lawful transactions involving Venezuela.
  • Sanctions for “Material Support.” The new Executive Order also explicitly provides for the possibility that non-U.S. persons may themselves be sanctioned if they are found to have “materially assisted, sponsored, or provided financial, material, or technological support for, or services to or in support of” the Government of Venezuela. Critically, Executive Order 13850—the authority pursuant to which PdVSA and its subsidiaries were sanctioned on January 28, 2019—already provided for the possibility that individuals and entities may be designated for providing material support to PdVSA and its subsidiaries, a reality which OFAC had underlined in a recent Frequently Asked Question. See Exec. Order 13850, 83 Fed. Reg. 55243 (Nov. 1, 2018); OFAC, FAQ No. 672 (June 6, 2019). In that sense, the new Executive Order simply extends the possibility of an individual or entity being designated for providing “material support” to transactions and activities involving all arms of the Venezuelan state. By suggesting that non-U.S. persons can be subject to sanctions, the United States is seeking to discourage companies from other countries—principally Russia and China—from propping up the Maduro regime. Indeed, the day after the Executive Order was issued, White House National Adviser John Bolton in a speech in Lima, Peru raised the possibility of sanctioning Russian and Chinese individuals and entities that help the Maduro regime maintain its grip on power.
  • Secondary Sanctions. Also, despite what some of the media reported, this new Executive Order does not provide for “secondary sanctions” (of the type seen in Iran, North Korea and Russia). Rather, the Executive Order merely underlines that parties can be designated on a material support basis if they provide support to any person or entity on the SDN List. As noted, that was already the case. Moreover, even though the entire Government of Venezuela is now blocked under the Executive Order, not all components of the Venezuelan government appear by name on the SDN List.
  • Wind-down Period Until September 4, 2019. A new General License 28 provides a wind-down period before elements of these new sanctions take effect. The authorization provided in this license permits U.S. persons to continue engaging, until September 4, 2019, in activities that are “ordinarily incident and necessary to the wind down of operations, contracts, or other agreements involving the Government of Venezuela,” provided that those agreements were in effect before August 5, 2019. As in other recent instances in which OFAC has provided a wind-down period along with new designations, the precise scope of activities permitted by this license is uncertain. However, it likely does not authorize U.S. persons to increase their engagement with the Government of Venezuela. Instead, this general license effectively establishes a grace period within which U.S. persons may conclude, terminate or withdraw from current arrangements with the Venezuelan government before facing sanctions exposure.
  • Exemptions for Venezuelan Opposition. A new General License 31 permits U.S. persons to transact with (i) the opposition-controlled Venezuelan National Assembly and its members, staff, and appointees or designees; (ii) Venezuela’s Interim President, Juan Guaidó, and his appointees, designees, ambassadors and staff; and (iii) persons that Guaidó has appointed to the board of directors or as executive officers of a Venezuelan government entity.
  • Standard Exemptions. Most of the newly-issued general licenses permit U.S. persons to engage in the same type of activities that are commonly allowed even with respect to jurisdictions that are subject to comprehensive sanctions (e.g., Cuba, Iran, North Korea, Syria and the Crimea region). On August 6, 2019, OFAC issued numerous general licenses that make certain transactions a bit easier to undertake (or at least provide a greater degree of regulatory certainty with respect to those transactions). OFAC issued general licenses covering, among other things, transactions that involve the Venezuelan government and that are associated with telecommunications/mail; technology allowing internet communication; medical services; registration and defense of intellectual property; support for non-governmental organizations; transactions related to port and airport operations; overflight payments; and personal maintenance of U.S. persons inside Venezuela. Each of these licenses—although limited by their own terms—provides clear avenues to engage in specific transactions associated with that particular issue. For example, U.S. persons are permitted to continue engaging in activities ordinarily incident and necessary to the operation or use of ports or airports in Venezuela under new General License 30.
General Licenses The various OFAC general licenses implicating Venezuela that were in effect before the latest Executive Order was issued on August 5 generally still remain in effect today. See OFAC, FAQ No. 681 (Aug. 6, 2019). The amended licenses extend existing authorizations to cover transactions that would otherwise have been restricted by the new Executive Order. These amended authorizations include the following:
  • General License 2A authorizes transactions involving new debt or new equity issued by, or securities sold by, CITGO Holding, Inc. or its subsidiaries, provided that no other Government of Venezuela entity is involved in the transaction. The license was expanded to cover transactions involving PDV Holding, Inc., as well.
  • General License 3F exempts certain bonds, listed in an annex, from the prohibition on transactions involving Venezuelan bonds or the new, broader restrictions on dealing with the Government of Venezuela.
  • General License 4C authorizes certain transactions involving the export or reexport to Venezuela of agricultural commodities (including food), medicine or medical devices.
  • General License 7C permits U.S. persons to engage in certain transactions with PDV Holding, Inc., CITGO Holding, Inc., or their subsidiaries.
  • General License 8C authorizes certain named energy and oilfield services companies to engage in certain transactions with or involving the Government of Venezuela until October 25, 2019.
  • General License 9E authorizes U.S. persons to continue engaging in any dealings in debt (including certain listed bonds, promissory notes and other receivables) in which PdVSA owns a 50 percent or greater interest, provided that the debt was issued prior to August 25, 2017 and that any divestment or transfer of any U.S. person holdings are to a non-U.S. person.
  • General License 10A permits U.S. persons in Venezuela to purchase refined petroleum products for personal, commercial or humanitarian uses from PdVSA or from any entity in which PdVSA owns a 50 percent or greater interest and now to engage with the Government of Venezuela in transactions necessary for the purchase of such refined petroleum products.
  • General License 13C continues to authorize U.S. persons to engage in transactions involving Nynas AB or its subsidiaries that would otherwise be prohibited (except payments to or for the benefit of a blocked person, which must be placed into a blocked account).
  • General License 15B continues to authorize certain listed banks or payment service providers to engage in transactions involving listed Venezuelan banks until March 22, 2020.
  • General License 16B continues to authorize transactions ordinarily incident and necessary to maintaining, operating or closing accounts of U.S. persons in certain Venezuelan banks.
  • General License 18A continues to authorize certain transactions involving Integración Administradora de Fondos de Ahorro Previsional, S.A.
  • General License 20A authorizes transactions and activities involving the Government of Venezuela that are for the official business of an expanded list of international organizations.
Taken together, these new and amended licenses provide several clear avenues for continued engagement in specific transactions with the Government of Venezuela, further contradicting early reports of the comprehensiveness of these new sanctions. However, relying on these authorizations requires careful consideration of their many limitations and conditions, some of which remain open to interpretation. As a result, these authorizations may ultimately do little to persuade companies that are already reluctant to engage in any business with Venezuela to take the risk of engaging even in these authorized transactions.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Jose Fernandez, Chris Timura, Stephanie Connor, R.L. Pratt and Scott Toussaint. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Nicolas Autet - Paris (+33 1 56 43 13 00, nautet@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

June 19, 2019 |
The EU Introduces a New Sanctions Framework in Response to Cyber-Attack Threats

Click for PDF In a previous client alert, we highlighted a recent U.S. sanctions regime aimed at deterring threats of election interference[1], which further expanded the U.S. menu of cyber-related sanctions.[2]  Across the Atlantic, as a step forward that demonstrates its voiced determination to enhance the EU’s cyber defense capabilities[3], on May 17, 2019, the EU established a sanctions framework for targeted restrictive measures to deter and respond to cyber-attacks that constitute an external threat to the EU or its Member States.[4]  The new framework is expounded in two documents, Council Decision (CFSP) 2019/797 and Council Regulation 2019/796. The newly-introduced framework is significant for two reasons.  First, the framework enables the EU to implement unilateral cyber sanctions, a move that expands the EU’s sanctions toolkit beyond traditional areas of sanctions, such as sanctions imposed due to terrorism and international relations-based grounds.[5]  Second, it represents a major, concrete measure that arose out of the EU’s continued interest in developing an open and secured cyberspace and amid concerns for malicious use of information and communications technologies by both State and non-State actors.  From the alleged plot by Russia to hack the Organization for the Prevention of Chemical Weapons in the Hague in April last year[6] to the cyber-attack on the German Parliament early this year[7], European leaders have been very concerned about future cyber-attacks on EU Member States.  In particular, in light of the European Parliament election that took place on May 23-26, 2019, the framework equips the EU with a potent economic instrument to punish cyber-attacks more ably and directly on a unified front.[8] Modality for Establishing the List of Sanctioned Parties Under the new framework, persons, entities and bodies subject to sanctions will be listed in the Annex to the Council Decision (CFSP) 2019/797 (“Annex I”).  With a view to ensure greater consistency in the listing of sanctioned parties, the European Council has the sole authority to establish and amend Annex I as needed, and is to review Annex I “at regular intervals and at least every 12 months.”[9]  The Council will review its decision in light of observations or substantial new evidence presented to it. External Threats with a “Significant Effect” The framework applies to “cyber-attacks with significant effect, including attempted cyber-attacks with a potentially significant effect, which constitutes an external threat to the Union or its Member States.”[10]  To be external, it suffices, among other ways, that the attack originates from outside the Union, uses infrastructure outside the Union, or is with the support, at the direction of or under the control of a person outside the Union.[11]  The kinds of conduct considered as cyber-attacks include unauthorized access to and interference with IT systems, as well as data interference and interception.  The Council’s approach to assessing the “significant effect” is by and large result-oriented, focusing, inter alia, pursuant to Article 3 of the Council Regulation, on “(a) the scope, scale, impact or severity of disruption caused . . . (d) the amount of economic loss caused . . . (e) the economic benefit gained by the perpetrator [or]. . . (f) the amount or nature of data stolen or the scale of data breaches. . . .[12] Expansive Reach of the Framework Under the framework, sanctioned persons and entities are those who are responsible for the cyber-attack, and those who attempted, or provided “financial, technical or material support” to, or otherwise involved in the cyber-attack (e.g. directing, encouraging, planning, and facilitating the attack).[13] It is also noteworthy that although the framework primarily targets attacks against Member States and the Union itself, sanctions measures under the framework can also be applied to cyber-attacks with a significant effect against “third States or international organisations,” if sanctions measures are deemed “necessary to achieve common foreign and security policy (CFSP) objectives.[14]  As an initiative to deter cyber-attacks in general, the subjects of cyber-attacks covered under this framework are also expansive, ranging from critical infrastructure to the storage of classified information, as well as essential services necessary for the maintenance and operation of essential social and economic activities, and government functions, including elections.[15] Sanctions Measures under the Framework The primary restrictive measures under the framework are asset freeze and travel ban.  Generally, all funds and economic resources “belonging to, owned, held or controlled by” the sanctioned person or entity will be frozen.[16]  Furthermore, “no funds or economic resources shall be made available directly or indirectly to or for the benefit of” the sanctioned party.[17] In broad terms, these EU financial sanctions are similar to a sanctions attendant to designation  on the U.S. Specially Designated Nationals And Blocked Persons List. Comparison with the U.S. Sanctions Regime for Cyber Attacks In the U.S., besides the country-specific programs, the major source of authority for cyber-related sanctions is Executive Order 13694, titled “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities” (“E.O. 13694”) signed into effect by President Barack Obama on April 1, 2015.[18]  The recently promulgated Executive Order 13848 on “Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election” (“E.O. 13848”) by President Donald Trump adds a further emphasis on threats of election interference via cyber means.[19] In comparison, the latecomer EU sanctions framework is by and large similar both in terms of the conduct it seeks to deter and parties potentially subject to sanctions.  Like the U.S. sanctions program, the EU framework covers a wide range of significant interferences and expressly highlights interference with “public elections or the voting process” as one of the enumerated predicate cyber-attacks.[20]  Much like the U.S. program’s focus on “significant” “malicious cyber-enabled activities,” the focus of the EU framework on “willfully carried out” cyber-attacks “with significant effect” gives the European Council substantial flexibility and discretion in its determination of what arises to the level of a sanctionable conduct.[21]  In terms of parties covered, both E.O. 13694 (and subsequent E.O. 13848) and the EU framework sanction persons and entities who are responsible for the attack as well as those who are agents, or complicit by providing material assistance, in the commission of the cyber-attack. It is important to note that the EU framework expressly permits imposition of sanctions on parties whose conduct is against a “third [non-Member] States or international organizations”, insofar the EU satisfies itself that the sanctions are necessary to achieve CFSP objectives, namely the EU’s Union-level foreign policy objectives.[22]  In comparison, in the U.S. E.O. 13694, the possibility of imposing sanctions for cyber-attacks against a third party seems to be alluded to by the language “threat to the . . . foreign policy . . . of the United States.”[23]  Given the recentness of the framework, it is unclear as to the extent to which the EU would exercise its right under this provision, and no other countries have yet commented on this.  Nonetheless, it is encouraging that both regimes leave open the possibility of sanctions based on cyber-attacks targeting third states. Conclusion & Implications The new framework established by the European Council represents a significant  effort by  the EU to stiffen its response to cyber-attacks.  The framework has broadened EU sanctions both in substance and in scope.  To the extent that the EU framework is comparable to the current U.S. cyber-related sanctions program, the EU framework reflects greater synchronization between the EU and the U.S. on the sanctions front.  For the time being, no name has been added to Annex I yet.  However, as the list grows in the future, businesses should closely assess their existing business relationships with other companies and pay greater attention in their onboarding compliance due diligence efforts.  On the other hand, as the decision to list and delist a sanctioned party is reserved for the European Council, there is likely to be greater transparency and legal predictability for compliance purposes. ______________________ [1] See our client alert dated Sep. 25, 2018 entitled U.S. Authorizes Sanctions for Election Interference,  https://www.gibsondunn.com/us-authorizes-sanctions-for-election-interference/, for an analysis of E.O. 13848. [2] See Judith Lee, Cybersecurity Sanctions: A Powerful New Tool, LAW 360 (Apr. 02, 2015), https://www.gibsondunn.com/wp-content/uploads/documents/publications/Lee-Cybersecurity-Sanctions-A-Powerful-New-Tool-Law360.pdf, for an analysis by our Washington D.C. partner Judith Lee on the Obama-era executive order that forms the bulk of the current U.S. cyber-related sanctions program. [3] See Council Press Release 301/19, Declaration by the High Representative on behalf of the EU on respect for the rules-based order in cyberspace (Apr. 12, 2019), https://www.consilium.europa.eu/en/press/press-releases/2019/04/12/declaration-by-the-high-representative-on-behalf-of-the-eu-on-respect-for-the-rules-based-order-in-cyberspace/. [4] Council Press Release 367/19, Cyber-attacks: Council is now able to impose sanctions (May 17, 2019), https://www.consilium.europa.eu/en/press/press-releases/2019/05/17/cyber-attacks-council-is-now-able-to-impose-sanctions/. [5] See Erica Moret and Patryk Pawlak, European Union Institute for Security Studies, Brief, The EU Cyber Diplomacy Toolbox: towards a cyber sanctions regime?, p. 2 (Jul. 12, 2017), https://www.iss.europa.eu/content/eu-cyber-diplomacy-toolbox-towards-cyber-sanctions-regime. [6] Joe Barnes, UK Plays Pivotal Role In EU’s New Cyber-Attack Sections Regime – 'This Is Decisive Action', Express (May 17, 2019), https://www.express.co.uk/news/uk/1128512/UK-news-EU-cyber-attack-section-regime-European-Council-latest-update. [7] Thorsten Severin, Andrea Shalal, German Government under Cyber Attack, Shores Up Defenses, Reuters (Mar. 1, 2018), https://www.reuters.com/article/us-germany-cyber/german-government-under-cyber-attack-shores-up-defenses-idUSKCN1GD4C8. [8] See Natalia Drozdiak, EU Agrees Powers to Sanction, Freeze Assets Over Cyber-Attacks, Bloomberg (May 17, 2019), https://www.bloomberg.com/news/articles/2019-05-17/eu-agrees-powers-to-sanction-freeze-assets-over-cyber-attacks. [9] Council Regulation 2019/796 of May 17, 2019, concerning restrictive measures against cyber-attacks threatening the Union or its Member States, preamble, art. 13, O.J. L 129I , 17.5.2019, p. 1–12, http://data.europa.eu/eli/reg/2019/796/oj (hereinafter “Council Regulation 2019/796”). [10] Council Decision (CFSP) 2019/797 of 17 May 2019, concerning restrictive measures against cyber-attacks threatening the Union or its Member States, art. 1(1), O.J. L 129I , 17.5.2019, p. 13–19, http://data.europa.eu/eli/dec/2019/797/oj (hereinafter “Council Decision 2019/797”). [11] Id. art. 1(2). [12] Id. art. 3.  The same language is also reflected in Council Regulation 2019/796, art. 2. [13] Council Decision 2019/797, supra note 10, art. 4. [14] Council Regulation 2019/796, supra note 9, art. 1(6). [15] Council Decision 2019/797, supra note 10, art. 1(4). [16] Id. art. 5(1). [17] Id. art. 5(2). [18] See supra note 2 for an analysis of the Executive Order.  See also Exec. Order No. 13694, 80 Fed. Reg. 18,077 (Apr. 2, 2015), https://www.treasury.gov/resource-center/sanctions/Programs/Documents/cyber_eo.pdf, subsequently amended by Executive Order 13757 of December 28, 2016. [19] See supra note 1.  See also Exec. Order No. 13848, 83 Fed. Reg. 46,843 (Sep. 12, 2018), https://www.federalregister.gov/documents/2018/09/14/2018-20203/imposing-certain-sanctions-in-the-event-of-foreign-interference-in-a-united-states-election. [20] Council Decision 2019/797, supra note 10, art. 1(4)(c). [21] See Judith Lee, supra note 2. [22] CFSP objectives, as the Council Decision notes, can be found in relevant provisions of Article 21 of the Treaty on European Union.  A relevant excerpt of article 21 of the Treaty on European Union:

  1. The Union shall define and pursue common policies and actions, and shall work for a high degree of cooperation in all fields of international relations, in order to:

(a) safeguard its values, fundamental interests, security, independence and integrity;

(b) consolidate and support democracy, the rule of law, human rights and the principles of international law;

(c) preserve peace, prevent conflicts and strengthen international security, in accordance with the purposes and principles of the United Nations Charter, with the principles of the Helsinki Final Act and with the aims of the Charter of Paris, including those relating to external borders;

(d) foster the sustainable economic, social and environmental development of developing countries, with the primary aim of eradicating poverty;

(e) encourage the integration of all countries into the world economy, including through the progressive abolition of restrictions on international trade;

(f) help develop international measures to preserve and improve the quality of the environment and the sustainable management of global natural resources, in order to ensure sustainable development;

(g) assist populations, countries and regions confronting natural or man-made disasters; and

(h) promote an international system based on stronger multilateral cooperation and good global governance.

Consolidated Version Of The Treaty On European Union, art. 21, O.J. C 326, 26.10.2012, p. 13–390, available online at http://data.europa.eu/eli/treaty/teu_2012/oj. [23] Compare Exec. Order No. 13694, supra note 18, sec. 1(a)(ii)(A), with Council Decision 2019/797, supra note 10, art. 1(6).
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam Smith, Patrick Doris, Michael Walther, Nicolas Autet and Richard Roeder. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade or Privacy, Cybersecurity and Consumer Protection practice groups: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Alexander H. Southwell - Co-Chair, Privacy, Cybersecurity & Consumer Protection Practice, New York (+1 212-351-3981, asouthwell@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com) Europe: Ahmed Baladi - Co-Chair, Privacy, Cybersecurity & Consumer Protection Practice, Paris (+33 (0)1 56 43 13 00, abaladi@gibsondunn.com) Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Nicolas Autet - Paris (+33 1 56 43 13 00, nautet@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 20, 2019 |
Citing a National Emergency, the Trump Administration Moves to Secure U.S. Information and Communications Technology and Service Infrastructure

Click for PDF On Wednesday, May 15, 2019, the Trump Administration took two separate, but related moves toward securing the information and communications technology and services (ICT) infrastructure of the United States.[1]  The first was the issuance of an executive order (“ICT EO”), declaring a national emergency with respect to the ICT supply chain.  The second was the imposition by the Secretary of Commerce’s Bureau of Industry and Security (“BIS”) of new restrictions on the exports of technology, software, and hardware to Chinese multinational telecommunications equipment and consumer electronics manufacturer Huawei Technologies Co., Ltd. (“Huawei”) and its affiliates worldwide.  While the first action establishes only a general framework for implementing regulations designed to end what the EO calls “foreign adversary” involvement in ICT networks in and linked to the United States, the second action has known, immediate, and significant impacts on those doing business with Huawei and any of its 68 named affiliates in 26 countries.  And while only the second move explicitly impacts a Chinese company, both moves are significant escalations in the current U.S.-China trade war. Less than two business days after the effective date of its export ban on Huawei, the Trump Administration took an action that illustrates just how far reaching its export ban will be. BIS issued a Temporary General License, issued on May 20, 2019, to allow exports to continue that support Huawei and its listed affiliates in four categories of transactions.

ICT EO - Securing the ICT Supply Chain

The ICT EO gives the Secretary of Commerce the power to prohibit U.S. persons from acquiring, importing, transferring, installing, dealing in, or using any ICT when the transaction involves any foreign person property or interest in property, and the Secretary of Commerce determines that
(1)     the ICT is designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary, and (2)     the transaction
(a)   poses an undue threat of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of ICT in the United States, (b)   poses an undue risk of catastrophic effects on the security or resiliency of the U.S. critical infrastructure or digital economy, or (c)   otherwise poses a risk to the national security of the United States or the security and safety of U.S. persons.
These broad criteria lay the groundwork for U.S. agencies to regulate transactions both inside and outside of the United States, especially considering the cybersecurity threats involving ICT infrastructure outside of the United States.  The ICT EO defines “foreign adversary” as “any foreign government or foreign non-government person engaged in a long‑term pattern or serious instances of conduct significantly adverse to the national security of the United States or security and safety of United States persons.”[2] The ICT EO diverges from past practice involving trade in two significant ways.  First, rather than imposing sanctions on U.S. persons conducting business in particular countries or with particular persons, the ICT EO focuses on a wide range of transaction types, regardless of location, that could impact the ICT infrastructure of the U.S. whenever U.S. persons and foreign person property or property interests are involved.  Second, and in contrast with typical U.S. sanctions executive orders, the long list of agencies referenced in the ICT EO suggests that whatever regulatory framework is developed to implement the order will involve significant interagency collaboration and cross-agency functions.  The ICT EO specifically foresees the involvement of nine named agencies and offices including the Treasury, State, Defense, Justice, and Homeland Security Departments, the United States Trade Representative, the Director of National Intelligence, the General Services Administration (GSA), and the Federal Communications Commission.[3] Many of these departments and agencies already exercise authorities that safeguard aspects of the U.S. ICT infrastructure.  For example, Treasury’s Committee on Foreign Investment in the United States already has authority to block controlling and certain non-controlling investments by foreign persons in the U.S. companies that supply, build, service and manage the ICT infrastructure.[4]  Similarly, the GSA and DoD already have authority under the National Defense Authorization Act for FY 2019 to prohibit procurement from a list of ICT companies Congress has deemed threats to U.S. national security and from contractors that rely on them for their ICT infrastructure.[5]  Notwithstanding this, the EO’s language gives broad authority to the Secretary of Commerce to create an entirely new regulatory framework that could impose new import, export, use, and other transaction-based licensing requirements. Under the ICT EO, potential prohibitions can be imposed on transactions involving “any acquisition, importation, transfer, installation, dealing in, or use of any [ICT] . . . by any person, or with respect to any property, . . . in which any foreign country or a national thereof has any interest” that is initiated, pending or will be completed as of and after May 15, 2019.[6]  Given this broad remit, the new transaction-based licensing requirements may take many forms, including the blocking and forced unwinding of ongoing transactions, bans on the import of ICT items from particular countries and persons, and controls on U.S. person involvement (including both natural and legal persons) in ICT transactions abroad that involve foreign adversary ICT and that could impact U.S. ICT infrastructure, U.S. critical technology or digital economy, or U.S. national security.

Entity List Designation

Alongside the ICT EO, the Secretary of Commerce announced a more specific action targeting Huawei and 68 non-U.S. affiliates.  Specifically, the Secretary announced the decision of the End-User Review Committee (“ERC”)[7], which is chaired by BIS, to add Huawei and its named affiliates to the Entity List.[8]  Entities are added to the Entity List if and when the ERC deems them to pose a significant risk of involvement in activities contrary to the national security or foreign policy interests of the United States.  The principal consequence of being added to the Entity List is the imposition of export licensing requirements for shipments to that foreign company. The impact of this new end-user licensing requirement can vary depending on the more specific lines BIS draws around the items to which the licensing requirement will apply.  For example, some Entity List entries only prohibit the unlicensed export of items described on the Commerce Control List or under specific Export Control Classification Numbers to those identified.  In the Huawei case, however, BIS took the most extreme position.  Under the terms of an official draft of the Federal Register Notice for the EL listing made public on May 16, 2019, BIS announced its plan to require a license for all items subject to the Export Administration Regulations (EAR), even “EAR 99” commodities, software and technology, to Huawei and that it would review license applications for all such exports with a policy presumption of denial.[9] The ERC’s cited basis for its finding that Huawei and its affiliates have been or could be involved in activities that are contrary to the national security or foreign policy interests of the U.S. is a Superseding Indictment in the U.S. District Court for the Eastern District of New York of Huawei which includes among its 13 counts two charges that Huawei knowingly and willfully conspired and caused the export, reexport, sale and supply, directly and indirectly, of goods, technology and services from the United States to Iran and the government of Iran without authorization from the Office of Foreign Assets Control (OFAC).[10]  BIS also noted that Huawei’s Iran-based affiliate is alleged to have conspired with others “to impair, impede, obstruct, and defeat, through deceitful and dishonest means, the lawful government operations of OFAC.”[11] The issuance of the ICT EO and Huawei’s EL listing coincide with a stall in the U.S.-China trade talks, and some may view these actions as creating leverage for the conclusion of a trade agreement between the countries.  Regardless, the EL listing, in particular, will have immediate and significantly disruptive effects on Huawei’s supply chain.  Any Huawei supplier or vendor, including several major U.S. companies, is now required to apply for BIS licenses to transfer any item subject to the EAR to Huawei and its affiliates, and many of Huawei’s customers are likely to experience associated repair and support disruption in their ICT infrastructure and services. Just how disruptive these new export licensing requirements will be became immediately clear in a subsequent action by BIS on May 20, 2019.[12]  Less two full business days after the effective date of its EL listing, BIS granted a 90-day temporary license (through August 19, 2019) that partially suspends the effects of the EL listing.  The general license will allow Huawei and its listed affiliated to continue receiving exports—subject  to any prior applicable licensing requirements—associated with four categories of transactions.  These include:
(1)     exports necessary to maintain and support existing and fully operational networks and equipment, including software updates and patches, provided they are made pursuant to legally-binding contracts and agreements entered into on or before May 16, 2019; (2)     exports necessary to provide service and support, including software updates or patches, to existing Huawei handsets that were available to the public on or before May 16, 2019; (3)     disclosure to Huawei and the listed affiliates, of information regarding security vulnerabilities in items owned, possessed, or controlled by them when related to the process of providing ongoing security research critical to maintaining the integrity and reliability of existing and currently fully operational networks and equipment, as well as handsets; and (4)     exports incident to the engagement with Huawei and the listed affiliates necessary for the development of 5G standards by duly recognized standards bodies.
Exporters that make use of the general license to export, reexport, or transfer items to Huawei must prepare a certification statement explaining how the export, reexport, or transfer fits within the scope of the general license and maintain that certification as a record for five years.
[1]   President Donald J. Trump, Executive Order on Securing the Information and Communications Technology and Services Supply Chain, May 15, 2019 (available at https://www.whitehouse.gov/presidential-actions/executive-order-securing-information-communications-technology-services-supply-chain/). [2]   ICT EO, § 3(b). [3]   ICT EO, § 1(a). [4]   31 C.F.R. Parts 800 and 801. [5]   John S. McCain National Defense Authorization Act for Fiscal Year 2019, Public Law No. 115-232, § 889 (2018). [6]   ICT EO, § 1(a). [7]   The ERC is composed of representatives from the Departments of Commerce, State, Defense, Energy, and Treasury. [8]   15 C.F.R. § 744.16. [9]   Department of Commerce, BIS, Addition of Entities to the Entity List, May 16, 2019, (available at https://s3.amazonaws.com/public-inspection.federalregister.gov/2019-10616.pdf).  Note that this is an unpublished version that is not scheduled to be published in the Federal Register until May 21, 2019. [10]   Id. at 3–4. [11]   Id. at 4. [12]   Department of Commerce, BIS, Temporary General License, May 20, 2019, (available at https://s3.amazonaws.com/public-inspection.federalregister.gov/2019-10829.pdf).  Note that this is an unpublished version that is not scheduled to be published in the Federal Register until May 22, 2019.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Christopher Timura, and Laura Cole. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) M. Kendall Day - Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 17, 2019 |
In the Wake of International Protectionism, France Strengthens Its Enforcement Scheme Applicable to Foreign Investments

Click for PDF On May 16, 2019, the French Constitutional Court (Conseil constitutionnel) cleared most of the provisions of the ambitious so-called “Pacte” Statute on the development and transformation of businesses. Pacte addresses a number of significant legal issues. Among them, in the wake of international protectionism and EU regulation on establishing a framework for the screening of foreign direct investments (see Gibson Dunn’s alert of March 5, 2019), Pacte significantly strengthens the French enforcement scheme applicable to foreign investments. Government Approval Required for Foreign Investments in Strategic Business Sectors Existing French regulation requires foreign investors, prior to making an investment in one of 14 specified sectors[1], irrespective of its size, to obtain an authorization from the French Minister of the Economy. The affected business sectors comprise those impacting France’s public order, public safety or national defense interests. Since November 29, 2018, are also covered certain R&D activities regarding cybersecurity and artificial intelligence as well as the hosting of data pertaining to sensitive businesses. During the discussions in Parliament on Pacte, the French Government indicated it would further broaden the scope of the business sectors affected to better protect “industries of the future” and innovation. The authorization process applies to EU and non-EU investors who acquire:

  • directly or indirectly a controlling stake in a company whose registered office is located in France; or
  • all or part of a line of business of a company whose registered office is located in France.
It applies also to non-EU investors who acquire more than 33.33% of the stock or voting rights of a company whose registered office is located in France. The Minister of the Economy may order an investor in breach of this process to withdraw from the investment, to modify the scope of its investment or to revert it. Failure to abide by the Minister’s order exposes the investor to a fine in a maximum amount equal to two times the investment amount (in addition to the potential cancellation of the investment). Pacte Strengthens the Sanctioning Power of the French Minister of the Economy Under Pacte, the French Minister of the Economy is entrusted with a new power of injunction against an investor in breach of either the authorization process or the terms of the authorization[2]. The Minister may, thus, without delay and without any requirement for a prior Court approval, force the investor, under a daily penalty[3], to abide by the process (or by the conditions imposed as part of the authorization), to revert the investment at its cost or to modify its terms. The Minister may also now withdraw its authorization. If an investment has been made without authorization, the Minister may appoint a representative in charge of ensuring that -within the conduct of the acquired business- France’s interests will be protected; to this effect, the representative will be empowered to block any management decision likely to undermine these interests. In situations where France’s interests are or may be compromised, the Minister of the Economy may take new additional interim protective measures and:
  • suspend voting rights attached to the fraction of the share capital held in violation of the authorization process;
  • freeze or restrict distributions and remunerations pertaining to the share capital held in violation of the authorization process; and
  • suspend, restrict or temporary prohibit the disposal of all or part of the assets falling within the ambit of the strategic business sectors.
While none of these measures is subject to a prior Court approval, the investor must be given a formal notice and a 15-day delay to present its arguments, except in case of an emergency, exceptional circumstances or imminent breach of public order, public security or national defense. Effective implementation of the Minister’s extended powers will be outlined in decrees to be released later this year by the French government which will be important to monitor. Pacte Increases Fines Against Non-Complying Investors In addition, Pacte increases the amount of the fines that may be imposed by the Minister on an investor in breach of either the process or the terms of the authorization. The maximum fine that can be inflicted may amount to the higher of the following: two times the amount of the investment, 10 percent of the annual turnover (excluding taxes) of the company engaged in the strategic business sector, or 5 million euros for legal entities and 1 million euros for individuals.
Pacte Improves the French Parliament’s Information on Foreign Investments Eventually, in line with the EU Regulation, Pacte aims at improving transparency regarding foreign investments and compels:
  • the Minister of the Economy to disclose annually to the Parliament statistical no-names data regarding the screening of foreign investments in France; and
  • the French government to provide annually to certain members of the Parliament (e.g., the chairmen of the Commissions in charge of economic matters and the secretary (rapporteurs) of the finance Commissions) a report containing qualitative and statistical information on measures taken to protect and promote national interests and strategic business sectors as well as on the screening of foreign investments and the outcomes achieved thanks to the new legislation.

   [1]   The list of the 14 covered business sectors is as follows: 1°) gambling industry (except casinos); 2°) private security services; 3°) research and development or manufacture of means of fighting the illegal use of toxics; 4°) wiretapping and mail interception equipment; 5)° security of information technology systems and products; 6°) security of the information systems of companies managing critical infrastructure; 7°) dual-use items and technology; 8°) cryptology goods and services; 9°) companies dealing with classified information; 10°) research, development and sale of weapons; 11°) companies that have entered into supply contract with the French Ministry of Defense regarding goods or services involving dual-use items and technology, cryptology goods and services, classified information or research, development and sale of weapons; 12°) activities related to goods, products or services, essential to preserve French interests in relation to public order, public security and national defense (such as energy supply water supply, electronic communication networks and services); 13°) R&D in relation to business sectors 4°), 8°), 9°) or 12°) regarding cybersecurity, artificial intelligence, robotics; 14)° data hosting with respect to data pertaining to business sectors 11°) to 13°).    [2]   The Minister may in particular order the investor to dispose of all or part of the concerned business.    [3]   The amount of which will be defined by a decree to be released later by the French government.
Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. For further information, please contact the Gibson Dunn lawyer with whom you usually work or any of the following members of the Paris office by phone (+33 1 56 43 13 00) or by email (see below): Nicolas Baverez -nbaverez@gibsondunn.com Benoît Fleury - bfleury@gibsondunn.com Jean-Philippe Robé - jrobe@gibsondunn.com Nicolas Autet - nautet@gibsondunn.com © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 10, 2019 |
Iran Steps Back from Nuclear Deal as Trump Administration Increases Sanctions Pressure

Click for PDF May 8, 2019, was the one-year anniversary of the U.S. decision to withdraw from the 2015 Iran nuclear deal, formally known as the Joint Comprehensive Plan of Action (“JCPOA”), and it was eventful.  The day began with Iranian President Hassan Rouhani announcing that Iran would immediately suspend compliance with JCPOA limits on enriched uranium and heavy water, with further suspensions to occur in 60 days unless assurances are made that Iran will receive promised economic benefits in the oil and banking sectors.  Later that day, the Trump administration imposed new sanctions relating to the iron, steel, aluminum, and copper sectors of the Iranian economy.  These new sanctions are the latest in what the White House is calling the “most powerful maximum pressure campaign ever witnessed.”[1] The pressure campaign has indeed ramped up in the past month.  First, on April 8, the U.S. State Department designated the Islamic Revolutionary Guard Corps as a foreign terrorist organization—marking the first time an arm of a foreign government has received such a designation.  Next, on April 22, the Trump administration declined to renew sanctions waivers that allowed certain countries to import Iranian oil.  Then, on May 3, the administration declined to renew two sanctions waivers—one allowing Iran to store excess heavy water produced in the uranium enrichment process, and another allowing Iran to trade away its enriched uranium. The ramifications of these recent events are global in scale.  Iran will likely see its recession deepen, as new U.S. restrictions threaten two pillars of its export economy:  crude oil and industrial metals.  Given that Iran has been increasingly pushed into a corner, it is no surprise that the country has threatened to violate its JCPOA commitments in hopes of relief.  So far, the signatories still in the deal—China, France, Germany, Russia, and the United Kingdom—have not taken concrete action in response, but that may change if Iran follows through with its threats.  In the meantime, Iran’s main customers, which include China and India, will need to find alternative trade partners or else face consequences under U.S. sanctions laws.  These recent developments also complicate bilateral trade talks between the United States and China, which have stalled this week.  Finally, given that the Trump administration has not shied away from using economic sanctions as a political tool, we could see waivers of sanctions liability under Iran sanctions used as a bargaining chip. We discuss below these recent developments, in the order in which they occurred.  To understand the lead-up to these events, please see the many client alerts we have published on the constantly evolving state of Iran sanctions—the most recent being our 2018 Year-End Sanctions Update.

Designation of the IRGC as an FTO 

On April 8, the Treasury Department designated the Islamic Revolutionary Guard Corps (“IRGC”), an official part of Iran’s government, as a foreign terrorist organization (“FTO”).[2]  The IRGC has already been designated and blocked under various sanctions programs—including those relating to counterterrorism.  What is surprising here is that the FTO label has, until now, been exclusively used on non-state actors such as Al-Qaeda or the Islamic State of Iraq and Syria (“ISIS”). While the new legal ramifications are two-fold, we do not expect these changes to have a significant impact on U.S. and non-U.S. person decisionmaking as to whether to engage the IRGC and its many associated entities in business transactions.  First, due to the FTO designation, IRGC members can be excluded from entering the United States by virtue of their affiliation.[3]  Second, any person who knowingly provides material support or resources to the IRGC can be criminally prosecuted or subject to civil enforcement for doing so under separate FTO authorities.[4]  Prior to this new designation however and subject to both criminal and civil enforcement, no U.S. person or non-U.S. person whose transactions had a nexus to the United States could do business with the IRGC without OFAC authorization.  Moreover, non-U.S. persons were also already potential targets for designation themselves or of secondary sanctions for doing business with the IRGC and its associated entities.  Given these already existing sanctions, it is unclear whether the largely duplicative enforcement powers the administration has gained through the designation outweigh the concern expressed by some that the IRGC’s FTO designation will increase the risk to U.S. servicepersons by, among other things, shutting down communication channels that might be helpful in the United States’ fight against ISIS.[5]  It remains to be seen whether the EU decides to expand the reach of the EU Blocking Statute to counter the FTO designation.

Non-Renewal of Iran Oil Waivers

As part of its withdrawal from the JCPOA, the Trump administration re-imposed the possibility of secondary sanctions on importers of Iranian oil last November.  To cushion the blow, temporary waivers[6] of those sanctions were granted to eight jurisdictions:  China, India, South Korea, Japan, Italy, Greece, Taiwan, and Turkey.[7]  Our contemporary analyses of the temporary waivers, also known as Significant Reduction Exceptions (“SREs”), can be found here and here.  Those waivers expired on May 2, 2019. Ahead of the expiration date, on April 22, 2019, Secretary of State Michael Pompeo announced that no further SREs would be issued,[8] a surprising move in light of reports that some State officials had promised additional waivers.[9]   In his statement, Pompeo assured the public that global oil markets would continue to be well supplied in the absence of waivers, citing productive discussions with Saudi Arabia, the United Arab Emirates, and other major oil producers.[10] The expiration of the SREs has little effect on Taiwan, Italy, and Greece, which reportedly ceased importing oil from Iran long before Pompeo’s announcement.[11]  The other SRE recipients, on the other hand, continued to purchase Iranian oil in early 2019; in fact, China increased its purchases, cementing its status as Iran’s biggest customer.[12]  China’s foreign ministry representative spoke out against the non-renewal decision, expressing opposition to the Trump administration’s “unilateral sanctions” and urging it to avoid “wrong moves” relating to Iran oil controls.[13]  Turkey’s foreign minister made a similar statement, also characterizing the Iran oil sanctions as “unilateral.”[14] At this early stage, it is unclear what practical effects the expiration of the SREs will have.  For example, can the countries with expired SREs continue to take delivery of already-purchased Iranian oil, or use money already set aside to make additional purchases?  These questions were apparently posed to two senior Department of State officials, but the officials characterized them as “hypothetical” and thus refused to comment.[15]  Another question is whether drawing on Iranian oil from storage will trigger sanctions.  Indeed, China reportedly has 20 million barrels of oil (worth over $1 billion) currently in storage in the northeast port of Dalian.[16] As we have previously outlined, there are still narrow categories of authorized activities, such as those supported by:  (1) General License J-1, allowing non-U.S. persons to fly U.S.-origin civil aircraft into Iran; (2) General License D-1, authorizing U.S. persons to export certain hardware, software, and services incident to personal communications over the Internet; and (3) various humanitarian exceptions allowing the export of agricultural commodities, food, medicine, and medical devices to Iran.  The current SREs support and promote transactions in the third category because, under this regime, payments to Iran for its oil are held in escrow accounts that Iran can only use for the purchase of humanitarian (or otherwise non-sanctioned) goods.[17]  If the expiration of the SREs has the intended effect of depriving Iran of oil revenue, then the country may not have the funds to purchase non-sanctioned goods to the same extent that it has in the past.

Non-Renewal of Two Waivers and Shortened Renewals of Five Waivers for Civilian Nuclear Activities

On May 3, the State Department announced that five sanctions waivers relating to civilian nuclear projects in Iran would be renewed, but for 90 days rather than the usual 180 days and with an added caveat that any effort starting May 4 to expand the Bushehr nuclear power plant would be subject to sanctions.[18]  Two waivers, however, were not be renewed.  The first waiver allowed Iran to store excess heavy water outside of the country; its expiration will pressure Oman, where Iran’s heavy water is currently stored, to dispose of it.  The second waiver allowed Iran to trade its enriched uranium for natural uranium, which is explicitly authorized by the JCPOA; the end of this waiver will most impact Russia, who has been a key player in these trades. This mixture of renewals and non-renewals reflects the Trump administration’s attempt to apply pressure on Iran without upending the nuclear status quo.  U.S. National Security Adviser John Bolton has reportedly pushed to end the civilian-nuclear-activity waivers completely, while others in the State and Treasury Departments have apparently expressed concern that doing so would threaten non-proliferation efforts.[19]  In any event, the Trump administration’s decision here represents a continued chipping away at Iran’s benefits under the JCPOA.

Iran’s Announced Partial Withdrawal from the JCPOA

On May 8, while still expressing a commitment to the JCPOA, Iranian President Rouhani announced that Iran would immediately stop complying with the JCPOA’s limits placed on the domestic build-up of enriched uranium and heavy water.[20]  (Indeed, those limits became harder to adhere to once the Trump administration revoked waivers allowing Iran to store or sell off these materials.)  Further, he declared that Iran would suspend compliance with other parts of the JCPOA if its signatories—the United Kingdom, France, Germany, China, and Russia—do not deliver on the economic benefits promised under the JCPOA.  In particular, Rouhani stated he expected the sanctions relief for the oil and banking sectors agreed under the JCPOA to materialize, the two areas hit hardest by U.S. sanctions. For their part, the JCPOA signatories appear to be taking a wait-and-see approach.  In a joint statement, the United Kingdom, France, Germany, and the European Union strongly urged Iran to continue to fully comply with the JCPOA and assured them that legitimate trade with Iran remains a priority, citing the operationalization of “INSTEX”—the special purpose vehicle created in January 2019 to facilitate barter-based trade with Iran.[21]  In the same statement, the European nations also expressed “regret” that the United States had re-imposed sanctions following their withdrawal from the deal, and called for non-signatories to refrain from taking actions that undercut the JCPOA.[22] It would seem that the JCPOA signatories have treated Iran’s May 8 announcement as a statement of intent—as opposed to an immediate violation of the deal—and thus have refrained from retaliatory action.  We will, of course, monitor this situation closely as we approach the 60-day deadline imposed by Rouhani.

New Sanctions on Iron, Steel, Aluminum, and Copper

On May 8, hours after Iran’s announcement, President Trump signed an executive order authorizing new sanctions relating to the iron, steel, aluminum, and copper sectors of the Iranian economy.[23]  To summarize broadly, blocking sanctions can now be placed on any person who has (1) operated in those sectors; (2) knowingly engaged in a “significant” transaction in those sectors (covered transactions include, among other things, sales, transportation, and marketing); (3) materially supported a person blocked under these sanctions; or (4) been owned or controlled by, or has acted on behalf of, a person blocked under these sanctions.  The new industrial-metals sanctions build upon existing sanctions on “raw and semi-finished metals,” which include aluminum and steel.[24]  Per the May 8 executive order, there will be a wind-down period of 90 days for existing transactions that would violate the industrial-metals sanctions.  Any new business activity in the relevant sectors, however, is immediately sanctionable. Industrial metals account for approximately 10% of Iran’s export economy.  These sanctions will likely help deepen Iran’s economic recession; the country is currently struggling with skyrocketing inflation, rising unemployment, and a currency plummeting in value.  Given that the United States shows no signs of letting up its “maximum pressure campaign,” we are likely to see more sanctions on Iran and, at the same time, more pushback from Iran on its obligations under the JCPOA.

[1]    The White House, Statement from President Donald J. Trump Regarding Imposing Sanctions with Respect to the Iron, Steel, Aluminum, and Copper Sectors of Iran (May 8, 2019), available at https://www.whitehouse.gov/briefings-statements/statement-president-donald-j-trump-regarding-imposing-sanctions-respect-iron-steel-aluminum-copper-sectors-iran/.
[2]   Bill Chappell, U.S. Labels Iran’s Revolutionary Guard As A Foreign Terrorist Organization, NPR (Apr. 8, 2019), available at https://www.npr.org/2019/04/08/710987393/u-s-labels-irans-revolutionary-guard-as-a-foreign-terrorist-organization.
[3]    See U.S. Dep’t of State, Fact Sheet, Terrorism Designation FAQs (Feb. 27, 2019), available at https://www.state.gov/r/pa/prs/ps/2018/02/278882.htm.
[4]    See 18 U.S.C. §§  2339A, 2339B.
[5]    Karen DeYoung, Defense, intelligence officials caution White House on terrorist designation for Iran’s Revolutionary Guard, The Washington Post (Feb. 8, 2017), available at https://www.washingtonpost.com/world/national-security/defense-intelligence-officials-caution-white-house-on-terrorist-designation-for-irans-revolutionary-guards/2017/02/08/228a6e4a-ee28-11e6-b4ff-ac2cf509efe5_story.html.
[6]    For the statutory basis for those waivers, please see Section 1245(d)(4)(D) of the National Defense Authorization Act for Fiscal Year 2012 (NDAA, P.L. 112-81, signed on Dec. 31, 2011) (22 U.S.C. 8513a).
[7]    Ian Talley & Courtney McBride, U.S. to Issue Eight Waivers for Oil Countries Under Iran Sanctions, Wall Street Journal (Nov. 2, 2018), available at https://www.wsj.com/articles/u-s-to-issue-eight-waivers-for-oil-countries-under-iran-sanctions-1541172994.
[8]    Press Release, U.S. Dep’t of State, Decision on Imports of Iranian Oil (Apr. 22, 2019), available at https://www.state.gov/secretary/remarks/2019/04/291272.htm.
[9]    Jessica Donati, U.S. to End Iran Oil Waivers to Drive Tehran’s Exports to Zero, Wall Street Journal (Apr. 22, 2019), available at https://www.wsj.com/articles/u-s-to-end-iran-oil-waivers-to-drive-tehrans-exports-to-zero-11555898664.
[10]    Press Release, U.S. Dep’t of State, Decision on Imports of Iranian Oil (Apr. 22, 2019).  Given the likely effect that this recent announcement will have on oil prices, analysts predict that secondary sanctions relating to the import of Venezuelan oil will likely be delayed.  See, e.g., S&P Global Platts, End of Iran waivers likely to postpone Venezuela secondary oil sanctions: analysts (Apr. 22, 2019), available at https://www.spglobal.com/platts/en/market-insights/latest-news/oil/042219-end-of-iran-waivers-likely-to-postpone-venezuela-secondary-oil-sanctions-analysts.
[11]    Edward Wong & Clifford Krauss, U.S. to Clamp Down on Iranian Oil Sales, Risking Rise in Gasoline Prices, N.Y. Times (Apr. 21, 2019), available at https://www.nytimes.com/2019/04/21/us/politics/us-iran-oil-sanctions.html.
[12]    Id.; Jessica Donati, U.S. to End Iran Oil Waivers to Drive Tehran’s Exports to Zero, Wall Street Journal (Apr. 22, 2019).
[13]    Associated Press, China tells US to avoid ‘wrong moves’ over Iran oil controls (Apr. 24, 2019), available at https://www.seattletimes.com/business/china-tells-us-to-avoid-wrong-moves-over-iran-oil-controls/.
[14]    Rishi Iyengar, China buys a lot of Iranian oil, and it’s not happy at all with US sanctions, CNN (Apr. 23, 2019), available at https://www.cnn.com/2019/04/22/energy/china-iran-oil-us-sanctions/index.html.
[15]    Matthew Lee, U.S. Says No More Sanctions Waivers for Importing Iranian Oil, Real Clear Politics (Apr. 23, 2019), available here.
[16]    Chen Aizhu & Florence Tan, Boxed in: $1 billion of Iranian crude sits at China’s Dalian port, Reuters (Apr. 30, 2019), available at https://www.reuters.com/article/us-china-iran-oil-sanctions/boxed-in-1-billion-of-iranian-crude-sits-at-chinas-dalian-port-idUSKCN1S60HS.
[17]    Humeyra Pamuk & Timothy Gardner, U.S. renews Iran sanctions, grants oil waivers to China, seven others, Reuters (Nov. 5, 2018), available here.
[18]    U.S. Dep’t of State, Fact Sheet, Advancing the Maximum Pressure Campaign by Restricting Iran’s Nuclear Activities (May 3, 2019), available at https://www.state.gov/r/pa/prs/ps/2019/05/291483.htm.
[19]    Nicole Gaouette & Jennifer Hansler, US extends nuclear waivers for Iran, but with limits (May 3, 2019), available at https://www.cnn.com/2019/05/03/politics/us-iran-nuclear-waivers/index.html.
[20]    BBC News, Iran nuclear deal: Trump raises pressure with sanctions on metals (May 8, 2019), available at https://www.bbc.com/news/world-middle-east-48204646; EU urges Iran to back down from nuclear escalation (May 8, 2019), available at https://euobserver.com/foreign/144864
[21]    European Union, Joint statement by High Representative of the European Union and the Foreign Ministers of France, Germany and the United Kingdom on the JCPoA (May 9, 2019), available at https://eeas.europa.eu/headquarters/headquarters-homepage/62093/joint-statement-high-representative-european-union-and-foreign-ministers-france-germany-and_en.
[22]    Id.
[23]    Executive Order Imposing Sanctions with Respect to the Iron, Steel, Aluminum, and Copper Sectors of Iran of May 8, 2019, available at https://www.treasury.gov/resource-center/sanctions/Programs/Documents/iran_eo_metals.pdf.
[24]    U.S. Dep’t of Treasury, Frequently Asked Questions Regarding Executive Order (E.O.) Imposing Sanctions with Respect to the Iron, Steel, Aluminum, and Copper Sectors of Iran of May 8, 2019, available at https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_iran.aspx#eo_metals.

The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Christopher Timura, Stephanie Connor, Richard Roeder and Audi Syarief. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) M. Kendall Day - Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 6, 2019 |
OFAC Releases Detailed Guidance on Sanctions Compliance Best Practices

Click for PDF On May 2, 2019, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) released extensive new guidance regarding what constitutes an effective sanctions compliance program. The document, titled “A Framework for OFAC Compliance Commitments,” is significant in that it represents the most detailed statement to date of OFAC’s views on the best practices that companies should follow to ensure compliance with U.S. sanctions laws and regulations. As described by OFAC, the document is meant to serve as a roadmap for how to prevent sanctions violations from occurring in the first place and, when violations do occur, to provide greater transparency with respect to how OFAC will assess the adequacy of a company’s existing compliance program in determining what penalty to impose. As we described in our 2018 Year-End Sanctions Update, this guidance reflects OFAC’s increasingly aggressive approach to enforcement.  In December 2018, Treasury Under Secretary Sigal Mandelker announced that OFAC intended to outline the hallmarks of an effective sanctions compliance program and described those elements in broad strokes.  The May 2 guidance expands upon those elements and will serve as a key benchmark for the evaluation of sanctions compliance programs going forward. Notably, the OFAC compliance guidance was published on the heels of another compliance-related pronouncement from the U.S. Department of Justice (“DOJ”), as described here.  Taken together, the DOJ and OFAC guidance supports our oft-given warnings against a siloed approach to compliance for multinational companies.  To date, many organizations that developed anti-corruption compliance programs in line with the extensive criteria set forth by the DOJ and the Securities and Exchange Commission (“SEC”) have not benefitted from the same kind of prescriptive guidance with respect to sanctions risks.

Five Components of an Effective Sanctions Compliance Program

Consistent with longstanding policy, OFAC in its newly published compliance framework continues to take the view that there is no such thing as a “one-size-fits-all” sanctions compliance program, and that a company should generally take a risk-based approach tailored to that company’s particular profile.  Where OFAC breaks new ground is in publishing a detailed framework that—while recognizing that there will be some variability from one organization to the next in terms of the particulars—sets out what OFAC views as the five essential components of any strong sanctions compliance program.  In order, those components are:
  1. Management commitment;
  2. Risk assessment;
  3. Internal controls;
  4. Testing and auditing; and
  5. Training.
In addition to the similarities to the DOJ compliance focus areas, the five OFAC elements loosely correspond to the elements of compliance as articulated by the Financial Crimes Enforcement Network (“FinCEN”) with respect to financial institutions.  Broadly speaking, the new OFAC framework corresponds with the lifecycle of a compliance program—starting with a deep commitment on the part of senior management to creating a culture of compliance backed by sufficient resources.  OFAC then advises that companies conduct a thorough assessment of, among other things, their customers, supply chain, intermediaries, counterparties, products, services and geographic locations to identify potential sources of sanctions-related risk.  To prevent those risks from materializing, OFAC makes clear that it expects companies to develop appropriate internal controls, including policies and procedures designed to detect and report upward potential sanctions violations.  Such policies and procedures should also be regularly tested and updated to address any weaknesses that may be identified.  At the same time, to ensure the program is properly implemented, relevant employees should receive training on the company’s sanctions compliance policies and procedures at regular intervals of no more than a year. Within each of the five components of an effective sanctions compliance program, OFAC also provides concrete examples of best practices that companies are expected to follow.  For example, when conducting a risk assessment, companies are advised to develop an onboarding process for new customers and accounts that includes a sanctions risk rating based on both know-your-customer information provided by the potential counterparty and independent research conducted by the company. Consistent with OFAC’s existing Economic Sanctions and Enforcement Guidelines, when apparent violations do occur, the nature and extent of a company’s compliance program will continue to be a potential aggravating or mitigating factor for purposes of determining what penalty to impose.  With the publication of the new OFAC compliance framework, companies subject to U.S. jurisdiction now have the benefit of a more granular understanding of what policies and procedures will lead OFAC to conclude that their sanctions compliance program is adequate or deficient. Moreover, in recent settlement agreements OFAC has often required companies to certify on an annual basis that they have implemented and maintained an extensive set of sanctions compliance commitments.  Now that OFAC has clearly staked out what it views as the essential components of an effective sanctions compliance program, we assess that such periodic certifications are likely to become a regular feature of OFAC settlements going forward.

Ten Common Pitfalls of Sanctions Compliance Programs

In addition to spotlighting what it views as the components of an effective sanctions compliance program, OFAC also identifies in an appendix to its new framework common areas where sanctions compliance programs fall short.  Derived from recent OFAC enforcement actions, this section of the framework is designed to alert U.S. and non-U.S. companies to common pitfalls that could cause a company to incur U.S. sanctions liability. OFAC identifies a total of ten common causes of U.S. sanctions violations, including:
  1. Lack of a formal OFAC sanctions compliance program;
  2. Misinterpreting, or failing to understand the applicability of, OFAC’s regulations;
  3. Facilitating transactions by non-U.S. persons;
  4. Exporting or re-exporting U.S.-origin goods, technology or services to OFAC-sanctioned persons or countries;
  5. Utilizing the U.S. financial system, or processing payments to or through U.S. financial institutions, for commercial transactions involving OFAC-sanctioned persons or countries;
  6. Sanctions screening software or filter faults;
  7. Improper due diligence on customers and clients;
  8. De-centralized compliance functions and inconsistent application of a sanctions compliance program;
  9. Utilizing non-standard payment or commercial practices; and
  10. Individual liability.
These root causes of sanctions violations are best viewed as traps for the unwary.  While many of the above potential causes of U.S. sanctions violations—each discussed at greater length in the framework—will be familiar to sophisticated parties and their counsel, the document nevertheless serves as a useful refresher of the various ways in which companies commonly run afoul of OFAC regulations and may be especially useful for employee training purposes.

Recommendations

Now that OFAC has finally provided a detailed statement of what it views as sanctions compliance best practices, companies engaging in activities with a U.S. nexus should take this opportunity to carefully review the strengths and weaknesses of their existing sanctions compliance programs.  In particular, companies should use the OFAC framework as a baseline, carefully assess whether their own compliance program contains all of the basic components that OFAC has indicated that it expects to be present, and update their compliance program accordingly.  By taking these simple steps, compliance-minded companies may reduce their risk of incurring U.S. sanctions liability and may also reduce their potential exposure if, despite their best efforts, a violation somehow occurs.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, M. Kendall Day, Stephanie L. Connor and Scott R. Toussaint. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade and Anti-Money Laundering Practice Groups: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) M. Kendall Day - Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

May 1, 2019 |
President Trump Ramps Up Cuba Sanctions Changes — Allows Litigation Against Non-U.S. Companies Conducting Business in Cuba

Click for PDF Frustrated by Cuba’s continued support of the Maduro regime in Venezuela, the Trump administration announced on April 17, 2019 that it will permit U.S. individuals and companies to initiate litigation against foreign individuals and companies that have past or present business in Cuba involving property that the Cuban government confiscated in 1959.  The administration made its announcement in a speech delivered by the president’s national security advisor John R. Bolton, who framed the administration’s decision in characteristically colorful rhetoric:  “The ‘troika of tyranny’—Cuba, Venezuela, and Nicaragua —is beginning to crumble…The United States looks forward to watching each corner of this sordid triangle of terror fall.”[1]  The same day, the Trump administration also announced several other significant changes to U.S. policy toward Cuba, including blocking “U-turn” financial transactions to cut off Cuba’s access to dollar-denominated transactions, limiting nonfamily travel to the island, imposing caps on the value of personal remittances, and enforcing visa restrictions regarding alien traffickers of property confiscated by Cuba.

I.   Title III of LIBERTAD to Become Effective on May 2, 2019     

On April 17, 2019, President Trump lifted long-standing limitations on American citizens seeking to sue over property confiscated by the Cuban regime after the revolution led by Fidel Castro six decades ago. Title III of the Cuban Liberty and Democratic Solidarity (LIBERTAD) Act of 1996,[2] commonly known as the Helms-Burton Act, authorizes current U.S. citizens and companies whose property was confiscated by the Cuban government on or after January 1, 1959 to bring suit for monetary damages against individuals or entities that “traffic” in that property.  The policy rationale for this private right of action was to provide recourse for individuals whose property was seized by the Castro regime.  As part of the statutory scheme, Congress provided that the President may suspend this private right of action for up to six months at a time, renewable indefinitely.  In the past, Presidents of both parties have consistently suspended that statutory provision in full every six months.  That will change tomorrow, May 2, 2019, when the suspension will be effectively lifted.

A.   Background

The Trump administration has been moving towards this development for some time.  In November 2018, Bolton stated that the suspension of Title III’s private cause of action would be given a “very serious review.”  The administration’s subsequent renewals of the suspension were increasingly limited in scope and duration.  When the suspension expired in early January 2019, it was renewed for 45 days (far short of the usual six months).[3]  In March 2019, the U.S. State Department announced that it intended to allow U.S. citizens and companies to bring suit in U.S. federal court against entities and sub-entities on the Cuba Restricted List,[4] a U.S. State Department compilation of Cuban entities that the U.S. Government considers to be “under the control of, or act for or on behalf of, the Cuban military, intelligence, or security services personnel.”  The remainder of the suspension was extended another 30 days on March 4, 2019, and then another two weeks on April 3, 2019.[5]  Finally, on April 17, 2019, Secretary of State Michael Pompeo announced that the Title III suspension would not extend past today’s expiration date.[6]

B.   Analysis

What the suspension of Title III means in practice depends upon the interpretation of a number of key terms.  The term “property” under LIBERTAD is all-encompassing:  it applies to any present, future, or contingent interest in real, personal, or mixed property.  Any “person” that “traffics” in such property is liable to the U.S. citizen whose property was confiscated. LIBERTAD defines “person” as a natural person or entity, including an agency or instrumentality of a foreign state.  The term “traffics” is defined as any person who knowingly and intentionally:
(1) sells, transfers, distributes, dispenses, brokers, manages, or otherwise disposes of confiscated property, or purchases, leases, receives, possesses, obtains control of, manages, uses, or otherwise acquires or holds an interest in confiscated property, (2) engages in a commercial activity using or otherwise benefiting from confiscated property, or (3) causes, directs, participates in, or profits from, trafficking [] by another person, or otherwise engages in trafficking [] through another person . . . .[7]
On its face, the covered activity here is exceptionally broad.  It is broad enough to capture both direct commercial transactions involving confiscated property and also companies doing business with other companies engaged in such transactions.  Indeed, the “trafficking” definition theoretically captures actors only tangentially tied to the confiscated property.  For example, if the seller of confiscated property uses the proceeds from the sale to then purchase goods unrelated to that property, it would appear that the provider of those goods could be considered a “trafficker.” LIBERTAD exempts certain activities from its trafficking definition.  Specifically, trafficking does not include the delivery of international telecommunications services to Cuba, transactions incident to lawful travel to Cuba, or transactions by a person who is a citizen or resident of Cuba and who is not an official of the Cuban Government or the ruling political party in Cuba. However, these exemptions may only apply to a limited number of the many Title III claims that can reasonably be expected to be filed.  The U.S. Foreign Claims Settlement Commission (“FCSC”) has certified more than 6,000 claims relating to property confiscated by the Cuban government.[8]  Taking into account both certified and uncertified claims, one senior official at the State Department recently estimated that the total potential Title III claims could number as high as 200,000.[9] Companies found liable under Title III may face significant financial consequences.  The statutory scheme allows plaintiffs to choose from multiple methods of calculating damages, including by calculating the current value of the confiscated property or its value when confiscated plus interest.[10]  Plaintiffs can also recover interest, court costs, and attorney fees.  In addition, plaintiffs may recover treble damages for claims certified by the FCSC.  Treble damages are also available if plaintiffs provide advance notice of their claims to prospective defendants and such defendants engage in “trafficking” more than 30 days after such notice has been provided. There are a number of obstacles that Title III plaintiffs face regarding both a finding of liability and recovery on a judgment.  On liability, plaintiffs may file suit at any time during the trafficking of their confiscated property and up to two years after the trafficking has ceased to occur.  This two-year statute of limitations puts pressure on plaintiffs to identify and act on their potential claims quickly.  Moreover, obtaining personal jurisdiction, serving process, and conducting discovery are much more difficult when foreign defendants are involved.  Finally, there are aspects of Title III that may be challenged on colorable constitutional grounds, including the vagueness of the definition of “trafficking,” the extraterritorial and retroactive aspects of the remedy, and the potentially arbitrary and punitive nature of the measure of damages.  The prospects for such challenges will vary depending on the particular facts and circumstances of each case. On recovery, plaintiffs may face a situation where the non-U.S. defendant does not have any property in the United States.  Enforcing a Title III judgment in a foreign jurisdiction may be difficult, particularly where the jurisdiction has a blocking or anti-enforcement statute.  For example, in the European Union, Council Regulation (EC) No. 2271/96 (the “EU Blocking Statute”) provides that any “judgment of a court or tribunal . . . [or] of an administrative authority . . . giving effect, directly or indirectly, to the [Helms-Burton Act] or to actions based thereon or resulting there from, shall [not] be recognized or be enforceable in any manner.”  Indeed, this particular regulation also provides for the “clawback” of any damages that were awarded in a Title III action.

II.   Other Announced Changes to Cuba Policy

Alongside its decision to allow Title III claims to proceed, Bolton and Secretary of State Mike Pompeo made a number of other announcements that will have a significant impact on those engaged in Cuba-related business and travel.  These include Bolton’s announcement that the United States would once again prohibit U.S. banks from processing so-called “U-Turn” financial transactions.  President Obama had issued a general license permitting these transactions—which involve Cuban interests and originate from, and terminate, outside of the United States—as part of a broader set of sanctions relief issued in advance of his historic visit to Cuba in 2016.  These “U-Turn” transactions enabled Cuban entities doing business with non-U.S. firms to access U.S. correspondent and intermediate banks and therefore to participate in U.S. dollar-denominated global trade.  Upon the revocation of this license, U.S. banks will again be prohibited from facilitating Cuba-related transactions in this regard, and Cuban entities and companies engaged in business there will again be effectively cut off from the U.S. financial system. As previously noted, the administration announced that it planned to impose new restrictions on nonfamily travel to Cuba.  The administration has not yet detailed restrictions on this type of travel, which Bolton described as “veiled tourism.”  However, there are up to a dozen categories of travel that could soon be prohibited without a specific license.  Bolton also announced the U.S. government would reimpose a cap on the amount of remittances that can be sent to Cuba at $1,000 per person per quarter. Finally, Pompeo announced that the administration would begin to enforce restrictions on the issuance of U.S. visas to aliens involved in trafficked property.[11]  Specifically, Title IV of LIBERTAD requires the Secretary of State to deny visas to, and the Attorney General to exclude from the United States, any alien who (1) has confiscated, or has directors or overseen the confiscation of, property a claim to which is owned by a U.S. national, (2) traffics in such property, (3) is a corporate officer, principal, or shareholder with a controlling interest in an entity that has been involved in the confiscation or trafficking of such property, or (4) is a spouse, minor child, or agent of any of the above.[12]

III.   Counter-Suits in EU and Canadian Courts

The Trump administration’s decision to end the litigation limitations under the Helms-Burton Act may cause a large number of cases to be filed in other jurisdictions and the World Trade Organization to counteract the administration’s move.  On the same day that the Trump administration announced its decision to allow Title III of LIBERTAD to go into effect, Federica Mogerhini, the High Representative of the EU for Foreign Affairs and Security Policy European Union, and Cecilia Malmström, the EU Trade Commission Representative, issued a joint statement that “[t]he EU will consider all options at its disposal to protect its legitimate interests, including in relation to WTO rights and through the use of the EU Blocking Statute.”[13]   As previously mentioned, the EU Blocking Statute prohibits the enforcement of U.S. courts’ judgements relating to LIBERTAD within the EU, and allows EU companies sued in the U.S. to recover any damages through legal proceedings against U.S. claimants in EU courts.  The two EU representatives also joined a statement with Canada’s Minister of Foreign Affairs Chrystia Freeland noting that EU and Canadian law are aligned on these points.[14]  In both statements, the EU and Canadian representatives also threatened to sue the United States at the World Trade Organization in response.

IV.   Preparing for the Flood

Any company that is now trading or has traded with Cuba during the last two years, or which benefits from trade with other parties who trade with Cuba, is now a potential target for Title III claims.  Given the breadth of covered activity under Title III and the theoretical prospect of steep payouts, companies should take an expansive approach in assessing their own liability risk.  To better understand this risk, companies should inventory the types of direct and indirect commercial activities they engage in which involve Cuba, and ascertain the ownership histories of any property at issue to determine if it was confiscated by the Cuban government.  Companies should also scrutinize the origins of their proceeds, to determine if they stem from confiscated property or traffickers of such property.  Self-assessment will also serve to mitigate reputational risk:  a company sued under Title III may risk relationships with banks, customers, and other business partners who do not want to inadvertently “benefit” from proceeds of confiscated property. We recommend that companies seek advice of counsel to assess the degree of exposure under Title III, identify available legal defenses, and develop strategies for minimizing risk.  To the extent such potential claims are identified, counsel can assist in mapping out potential litigation strategies and monitoring the filing of legal actions in jurisdictions where a court is more likely to find personal jurisdiction over a foreign company defendant in a Title III action.

[1]   NPR, Bolton Announces New Crackdown on Cuba, Nicaragua, and Venezuela, Apr. 17, 2019, available at https://www.pbs.org/newshour/politics/watch-live-bolton-to-address-trump-administrations-cuba-policy-shift.  Mr. Bolton’s speech marked the 58th anniversary of the Bay of Pigs invasion, the failed 1961 attempt to overthrow Fidel Castro, Cuba’s then communist leader.
[2]   Cuban Liberty and Democratic Solidarity (LIBERTAD) Act of 1996, P.L. 104-114, 110 Stat. 785 (1996) (codified at 22 U.S.C. §§ 6021–91) (hereinafter “LIBERTAD”).
[3]   U.S. Dep’t of State, Media Note, Secretary’s Determination of 45-Day-Suspension Under Title III of LIBERTAD Act (Jan. 16, 2019), available at https://www.state.gov/r/pa/prs/ps/2019/01/288482.htm.
[4]   Most transactions between the United States, or persons subject to U.S. jurisdiction, and Cuba are prohibited.  Under the Obama administration, OFAC relaxed many of its sanctions on Cuba, including certain restrictions on travel and related services.  Soon after assuming office, President Trump reimposed several of the Obama administration’s changes to United States sanctions policy.  Most notably, the Trump administration’s new Cuba policy aimed to keep the Grupo de Administración Empresarial (“GAESA”), a conglomerate run by the Cuban military, from benefiting from the opening in U.S.-Cuba relations.  On November 9, 2017, the U.S. Department of State published the “Cuba Restricted List,” consisting of Cuban entities that the U.S. Government considers to be “under the control of, or act for or on behalf of, the Cuban military, intelligence, or security services personnel.”  The U.S. sanctions on Cuba were also revised to prohibit U.S. persons and entities from engaging in direct financial transactions with entities listed on the Cuba Restricted List.  Since its publication, the State Department has issued periodic updates to the list, including three updates on November 15, 2018, March 9, 2019, and on April 24, 2019.  See 83 FR 57523 (Nov. 15, 2018); 84 FR 8939 (Mar. 9, 2019); 84 FR 17228 (Apr. 24, 2019).
[5]   U.S. Dep’t of State, Media Note, Secretary Enacts 30-Day Suspension of Title III (LIBERTAD Act) With an Exception (Mar. 4, 2019), available at https://www.state.gov/r/pa/prs/ps/2019/03/289864.htm;  U.S. Dep’t of State, Media Note, Secretary Pompeo Extends For Two Weeks Title III Suspension with an Exception (LIBERTAD Act) (Apr. 3, 2019), available at https://www.state.gov/r/pa/prs/ps/2019/04/290882.htm.
[6]   The White House, Fact Sheets, President Donald J. Trump is Taking a Stand For Democracy and Human Rights in the Western Hemisphere (Apr. 17, 2019), available at https://www.whitehouse.gov/briefings-statements/president-donald-j-trump-taking-stand-democracy-human-rights-western-hemisphere/.
[7]   See LIBERTAD, § 4(13).
[8]   A database containing decisions rendered by the FCSC on these claims is available at https://www.justice.gov/fcsc/claims-against-cuba.
[9]   U.S. Dep’t of State, Special Briefing, Senior State Department Official on Title III of the LIBERTAD Act (Mar. 4, 2019), available at https://www.state.gov/r/pa/prs/ps/2019/03/289871.htm; Reuters, U.S. considering allowing lawsuits over Cuba-confiscated properties (Jan. 16, 2019), available at https://uk.reuters.com/article/uk-usa-cuba/us-considering-allowing-lawsuits-over-cuba-confiscated-properties-idUKKCN1PA308.
[10]   See LIBERTAD, § 302(a).
[11]   A similar pledge was made in a press document issued by the White House.  See The White House, Fact Sheets, President Donald J. Trump is Taking a Stand For Democracy and Human Rights in the Western Hemisphere (Apr. 17, 2019), available at https://www.whitehouse.gov/briefings-statements/president-donald-j-trump-taking-stand-democracy-human-rights-western-hemisphere/.
[12]   See LIBERTAD, § 401(a).
[13]   Joint Statement by Federica Mogherini and Cecilia Malmström on the decision of the United States to further activate Title III of the Helms Burton (Libertad) Act (Apr. 17, 2019), available at https://eeas.europa.eu/headquarters/headquarters-homepage/61183/joint-statement-federica-mogherini-and-cecilia-malmstr%C3%B6m-decision-united-states-further_en.
[14]   Joint Statement by Federica Mogherini, Chrystia Freeland and Cecilia Malmström on the decision of the United States to further activate Title III of the Helms Burton (Libertad) Act (Apr. 17, 2019), available at https://eeas.europa.eu/headquarters/headquarters-homepage/61181/joint-statement-federica-mogherini-chrystia-freeland-and-cecilia-malmstr%C3%B6m-decision-united_en.

The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Thomas G. Hungar, Christopher T. Timura, Stephanie L. Connor, R.L. Pratt and Audi K. Syarief. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade and Appellate and Constitutional Law Practice Groups: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Thomas G. Hungar - Washington, D.C. (+1 202-887-3784, thungar@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Audi K. Syarief - Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

April 24, 2019 |
CFIUS Developments: Notable Cases and Key Trends

Click for PDF The Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) kicked into high gear this spring with a number of notable cases and developments.  Six key trends have emerged:

(1)  CFIUS has forced several companies to divest from U.S. businesses involved in the collection of sensitive personal data or cybersecurity; (2)  The pilot program for mandatory filings of certain critical technology investments has yet to streamline the CFIUS review process, as only a small percentage of pilot program cases have been decided on the basis of the “short-form” declaration (a 5-page alternative to the lengthier 45-page voluntary notice); (3)  CFIUS and its member agencies are increasing staff and resources (including a new office dedicated to detecting transactions that have not been notified); (4)  Mitigation strategies are of critical importance, and CFIUS is encouraging parties to think through such terms when negotiating a deal and to initiate a dialogue with CFIUS regarding proposed mitigation prior to the submission of a notice; (5)  Additional regulations to be published later this year will offer further guidance for investment funds with minority foreign investors (possibly including a “black” and “white” list of countries whose investors may be subject to different levels of scrutiny); and (6)  Large investors may tread carefully with respect to the new rules for non-controlling investments, refraining from appointing board members or exercising the types of governance rights which could trigger CFIUS scrutiny.

Background

CFIUS is an inter-agency group authorized to review the national security implications associated with foreign acquisitions of or investments in U.S. businesses (“covered transactions”), and to block transactions or impose measures to mitigate any threats to U.S. national security.  Historically, the Committee’s jurisdiction has been limited to transactions that could result in control of a U.S. business by a foreign person.  Recent legislation, the Foreign Investment Risk Review and Modernization Act (“FIRRMA”), expanded the scope of transactions subject to the Committee’s review by granting CFIUS the authority to examine the national security implications of a foreign acquirer’s non-controlling investments in U.S. businesses that deal with critical infrastructure, critical technology, or the personal data of U.S. citizens.  FIRRMA also provided CFIUS with authority to review real estate transactions—including leases, sales, and concessions—involving air or maritime ports or in close proximity to sensitive U.S. government facilities.

Emerging Trends

(1) Increasing Number of Forced Divestitures
The Committee forced divestitures of several investments due to concerns regarding cybersecurity or access to sensitive personal data, suggesting that CFIUS will continue to scrutinize investments in higher risk sectors under the authority granted to it by FIRRMA. Two matters bear note:
  • Kunlun/Grindr.  In late March 2019, the Committee ordered Beijing Kunlun Tech Co. Ltd. (“Kunlun”) to sell its interest in Grindr LLC, a popular dating application focused on the LGBTQ community.  Kunlun, a Chinese technology firm, acquired an approximately 60 percent interest in Grindr in January 2016, and subsequently completed a full buyout of the company in January 2018.  Although CFIUS has not commented publicly, observers have speculated that the action was prompted by concerns over Kunlun’s access to sensitive personal data from Grindr users—such as location, sexual preferences, HIV status and messages exchanged via the Grindr app.
  • iCarbonX/PatientsLikeMe.  CFIUS is forcing the Shenzhen-based iCarbonX to divest its majority stake in PatientsLikeMe, an online service that helps patients find people with similar health conditions.  In 2017, PatientsLikeMe raised $100 million and sold a majority stake to iCarbonX, which was started by genomic scientist Jun Wang.  About 700,000 people use the PatientsLikeMe website to report their experiences with medical conditions.  The company claims to have tens of millions of “data points about disease,” and its partners range from large pharmaceutical companies like Biogen to non-profit health organizations like the International Bipolar Foundation, which uses the site to find patients for clinical studies and research.  The 2017 iCarbonX deal was designed to marry the Chinese company’s artificial intelligence technology for improving health care with PatientsLikeMe’s customers and data sets.
(2) Not-So “Expedited” Critical Technology Pilot Program Reviews
In late 2018, CFIUS launched a pilot program under which mandatory filings are required for certain types of investments in U.S. critical technology companies.  As of November 10, 2018, non-U.S. companies seeking to acquire control (or, in certain circumstances, a non-controlling stake) in U.S. companies involved in making or designing certain critical technologies related to 27 specific industries must file a mandatory declaration with CFIUS.  In lieu of the lengthy notice that is currently used in voluntary CFIUS filings, the pilot program provides for the submission of “light” or short-form declarations (not to exceed 5 pages).  This filing must be submitted at least 45 days before the expected completion date of the transaction.  The pilot program aimed to provide a streamlined review process, as FIRRMA requires the Committee to respond to a declaration within 30 days by approving the transaction, requesting that the parties file a full written notice, or initiating a further review. Notably, however, a majority of the declarations filed under the pilot program have been pushed into the standard review process, meaning that the streamlined “light” filing actually resulted in a longer review process for the parties involved.  Anecdotal evidence suggests that fewer than 10 percent of cases filed under the pilot program have been decided on the basis of the short-form declaration alone, despite a relatively low volume of filings.  Numerous transactions have required the submission of the full notice, and it has been difficult for the intelligence community to complete their full assessment within the allocated 30 days.  In light of these risks, we continue to advise clients who may qualify for the pilot program to consider submitting the full notice at the outset of the process. The Committee is contemplating the imposition of filing fees for expedited reviews, and expects to publish proposed regulations later this year.
(3) Increasing Staff and Resources
In late March 2019, the Department of Justice requested a significant budget increase for its national security division to review foreign investments, an effort to increase the resources available to the Committee.  In its proposal for the fiscal year 2020 budget, DOJ requested an increase of $5 million and 21 positions (including 16 attorneys) for its national security division to assist with reviewing CFIUS cases.  At the current budget level, the DOJ employs 13 individuals (including 9 attorneys), which means the national security division is asking to significantly increase its current staff working on CFIUS matters.  Additionally, DOJ requested an increase of $18.3 million—part of which will cover 6 new positions—for the Federal Bureau of Investigation to spend on counterintelligence matters, including work on CFIUS-related cases.  The existing budget and number of positions allocated towards this goal is classified, according to the DOJ.  Last November, the DOJ unveiled its so-called “China Initiative,” which was created to reflect the DOJ’s efforts to counter Chinese national security threats.  The initiative seeks to enforce a full range of laws against espionage, foreign agents and threats to supply chains, as well as to identify U.S. Foreign Corrupt Practices Act cases that involve Chinese companies that compete with American businesses. Furthermore, CFIUS has hired staff to head an office responsible for monitoring the market for covered transactions that had not been notified.  The office is not yet up and running.
(4) The Importance of Mitigation
It remains critical to think about CFIUS mitigation strategies at the outset of any deal, and to reach out to the Committee before filing the notice to begin a dialogue.  Despite the growing concerns regarding Chinese investments (as demonstrated by the divestitures discussed above), the Committee has approved Chinese deals with appropriate mitigation.  (Notably, Gibson Dunn secured clearance for a Chinese investment in a U.S. semiconductor company in January 2018—the only Chinese-controlled acquisition to be cleared by CFIUS within the statutory period and without mitigation under the Trump administration.) More independent monitors are likely in longer term mitigation agreements, and Treasury is working to build consistency between other U.S. government agencies responsible for the oversight of CFIUS national security agreements. Last year CFIUS imposed a $1 million penalty related to repeated breaches of a 2016 mitigation agreement, including failure to establish requisite security policies and failure to provide adequate reports to CFIUS. Although the penalty was imposed in 2018, it was posted on the Committee’s website in mid-April 2019.
(5) More Regulations Are Coming
Proposed regulations will be published later this year.  The Committee is taking lessons learned from the pilot program and incorporating them into the new rules. The Committee expects to provide more guidance with regard to what it means to be a foreign person in the context of an investment fund, which may include “black” and “white” lists of countries whose investors will be subject to different levels of scrutiny.  Notably, the Committee recently approved a Chinese investment in a U.S. business through an investment vehicle with a U.S. manager, in keeping with the investment fund carve out set forth in FIRRMA.
(6) Cautious Investors
Finally, it is worth noting that a number of major foreign investors are treading cautiously with respect to the Committee’s new rules—in some cases, by refraining from appointing board seats despite substantial investments. By contrast, certain Chinese investors are abandoning transactions altogether.  China’s ENN Ecological Holdings Co. recently announced that it had withdrawn its offer for Toshiba’s U.S. liquefied natural gas business because of failure to win approval from CFIUS and shareholders by a specified closing date.  Toshiba announced earlier this month that CFIUS approval had been delayed because of the U.S. government shutdown in early 2019.  Pursuant to FIRRMA, all pending CFIUS reviews were tolled for the duration of the government shutdown.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Jose Fernandez and Stephanie Connor. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

March 5, 2019 |
EU Regulation on Establishing a Framework for Screening of Foreign Direct Investments into the European Union Has Been Adopted

Click for PDF The regulation of the European Parliament and of the Council establishing a framework for screening of foreign direct investments (“FDI”) into the European Union (“EU”) was adopted on March 5, 2019.  This new regulation (“FDI Regulation”) is based on a proposal by the European Commission (“Commission”) presented in September 2017 following an initiative for investment reviews at the EU level by the French, German and Italian governments from February 2017. The FDI Regulation will come into force on the 20th day following its publication in the Official Journal of the EU, hence, presumably sometime in April. It will, however, only apply 18 months after entry into force, thereby giving the EU member states (“Member States”) enough time to take necessary measures for its implementation. The FDI Regulation establishes an EU-coordinated cooperation among Member States and is the result of the EU’s efforts to strike a balance between the opportunities globalization offers and the potential cross-border impact of FDI inflows on security or public order of the Member States and the EU as a whole. By establishing a common framework for screening by Member States and for a mechanism for cooperation on EU level concerning FDI, the FDI Regulation seeks to provide legal certainty for Member States’ screening mechanisms on the grounds of security and public order (by, e.g., expressly determining critical infrastructure, critical technologies, supply of critical inputs, access to sensitive information, and freedom and pluralism of the media as factors that may be taken into consideration in national screening decisions) and to ensure EU-wide coordination and cooperation on the screening of FDI likely to affect security or public order.[1] The creation of designated contact points and the regulated exchange of information at an EU level is aimed to increase transparency and awareness on FDI likely to affect security or public order. The FDI Regulation also provides the Members States and the Commission with the means to address such risks to security or public order. The Commission may issue an opinion and the other Member States may provide comments which are both non-binding but shall be given due consideration by the Member State where the FDI is planned or has been completed. Where an FDI is likely to affect projects and programs of EU interest (regarding areas such as research, space, transport and energy), the Member State concerned will even have to take utmost account of the Commission’s opinion and provide an explanation to the Commission if its opinion is not followed. The FDI Regulation neither aims to harmonize national screening mechanisms (which currently exist in 14 out of 28 Member States), nor does it replace national screening mechanisms with a single EU screening mechanism, i.e., it does not create a European one-stop shop solution. The FDI Regulation also does not oblige Member States without screening mechanisms in place to establish one. The decision whether to set up a screening mechanism, or to screen a particular FDI, remains the sole responsibility of the Member State concerned.[2] Any maintenance, amendment or adoption of a screening mechanism, however, needs to be in line with the provisions of the FDI Regulation.[3] Even though the FDI Regulation stresses that Member States without screening mechanisms are not required to create one, the mere existence of a screening framework at the EU level may nonetheless increase the likelihood of more Member States establishing a national screening mechanism – examples being Hungary, which has introduced a national screening mechanism in January 2019, as well as Sweden and the Czech Republic which may follow suit in the near future. The establishment of a screening framework will also have an impact on currently existing screening mechanisms, most of which will have to be adjusted to allow for the integration of the new EU cooperation process. It is likely that besides extending time frames, national screening rules may be tightened (further), as it is for instance expected in the case of Germany. The developments in Europe can be seen as part of a global trend towards more awareness and scrutiny of foreign investments. Background Prior to the FDI Regulation, there was no comprehensive framework at EU level for the screening of FDI on the grounds of security or public order. No formal coordination was in place, neither between the Commission and the Member States nor amongst the Member States themselves. When the Commission presented its draft proposal for the FDI Regulation in September 2017, only 12 out of 28 Member States had a national mechanism for screening of FDI in place; meanwhile 14 Member States screen FDI, namely Austria, Denmark, Germany, Hungary, Finland, France, the Netherlands, Latvia, Lithuania, Italy, Poland, Portugal, Spain, and the United Kingdom. These national FDI screening mechanisms are not aligned and may differ widely in their scope and design. Key Aspects of the FDI Regulation Enhanced Cooperation A key aspect of the FDI Regulation is the establishment of a formal mechanism for cooperation between the Member States, and between Member States and the Commission, which takes on an active role. The cooperation mechanism is enabled through the following instruments:

  • Designated Contact Points. All Member States (regardless of a national screening mechanism being in place or not) and the Commission have to establish a contact point for the implementation of the FDI Regulation.[4] Such contact points should be appropriately placed within the respective administration, and have the qualified staff and the powers necessary to perform their functions under the coordination mechanism and to ensure a proper handling of confidential information.[5] Direct cooperation and exchange of information between the contact points shall be supported through a secure and encrypted system provided by the Commission. The Member States (and the Commission alike) need to ensure the protection of confidential information acquired in application of the FDI Regulation in accordance with EU law and their national law. It also needs to be ensured that classified information shared under the FDI Regulation is not downgraded or declassified without the prior written consent of the originator.[6] The foregoing confidentiality obligations are particularly important to protect and avoid misuse of commercially sensitive information. The FDI Regulation further stipulates that personal data has to be processed in accordance with EU data protection laws and only to the extent necessary for screening of FDI by the Member States and for ensuring the effectiveness of the cooperation provided for in the FDI Regulation, and may only be kept for the time necessary to achieve the purposes for which it was collected.[7]
  • Group of Experts. A group of experts on the screening of FDI into the EU was set up by Commission decision of November 29, 2017.[8] The group of experts consists of representatives of the Member States and is chaired by a representative of the Commission’s Directorate General for trade. It functions as a second institutional coordination body – next to the envisaged FDI screening contact points – and provides advice and expertise to the Commission on matters relating to FDI into the EU.[9] The group of experts provides a forum to discuss issues relating to the screening of FDI, share best practices and lessons learned, and exchange views on trends and issues of common concern relating to FDI.[10]
  • International Cooperation. The FDI Regulation encourages international cooperation by expressly stating that the Member States and the Commission may also cooperate with the responsible authorities of (like-minded) third countries on issues related to the screening of FDI on grounds of security and public order.[11]
  • Other Stakeholders and Interest Groups. Albeit not directly invited to share their viewpoint (and somewhat hidden in the recital), economic operators, civil society organizations, and social partners such as trade unions may convey relevant information in relation to FDI likely to affect security or public order to the Member States and the Commission, which might consider such information.[12]
  • Active Role of the Commission. The Commission is now equipped with the competence to request information and share its opinion on FDI that are likely to affect (i) projects and programs of EU interest on grounds of security or public order, or (ii) security and public order in more than one Member State which allows it to play an active role in the cooperation mechanism. The Member State where the FDI is planned or has been completed needs to give due consideration to the Commission’s opinion, or, in case of projects and programs of EU interest likely being affected, is even required to take utmost account of it and provide an explanation if it does not follow the Commission’s opinion.
Increased Transparency on FDI The FDI Regulation introduces certain notification, reporting and information requirements related to FDI inflows and screening mechanisms, which shall increase the level of transparency and information exchange. The Member States are required to initially notify the Commission of their existing screening mechanisms no later than 30 days after the entry into force of the FDI Regulation. No later than three months after having received such notifications, the Commission will make publicly available (and keep up to date) a list of the Member States’ existing screening mechanisms. Any newly adopted screening mechanism or any amendment to an existing screening mechanism needs to be notified to the Commission within 30 days of the entry into force of the newly adopted screening mechanism or of any amendment to an existing mechanism. By March 31 of each year, the Member States are required to submit to the Commission an annual report which shall include aggregated information on (i) FDI that took place in their territory, on the basis of information available to them, (ii) the requests received from other Member States, and (iii) the application of their screening mechanisms (including the decisions allowing, prohibiting or subjecting FDI to conditions or mitigating measures and the decisions regarding FDI likely to affect projects and programs of EU interest), if any.[13] The Commission is expected to provide standardized forms in order to improve the quality and comparability of information provided by the Member States and to facilitate compliance with the notification and reporting obligations.[14] The Commission in turn will provide an annual report to the European Parliament and the Council on the implementation of the FDI Regulation, which will be made public for greater transparency. The FDI Regulation further provides for a notification requirement regarding FDI undergoing screening in a Member State with screening mechanism as well as a minimum level of information with regard to all FDI falling under the scope of the FDI Regulation, to be shared either mandatorily (for FDI undergoing screening) or upon request (for FDI not undergoing screening for lack of a national screening mechanism), unless such information is not available in exceptional circumstances despite best efforts. Minimum information to provide includes aspects such as the ownership structure and the business operations of the foreign investor and the target company, as well as the financing of the planned or completed investment and its source. Legal Certainty By creating a framework for screening mechanisms of Member States, the FDI Regulation aims to provide legal certainty for Member States and investors. Screening mechanisms of Member States need to be based on the grounds of security and public order, thereby being compliant with the requirements for imposing restrictive measures under GATS,[15] OECD,[16] or Free Trade Agreements (FTAs), and sending a signal against protectionism.[17] Member States shall apply time frames under their screening mechanisms and allow for the consideration of comments of other Member States and the opinion of the Commission. Rules and procedures relating to screening mechanisms shall provide for the protection of confidential information made available to the Member State conducting the screening, not discriminate between third countries and be transparent by way of setting out the circumstances triggering the screening, the grounds for screening and the applicable detailed procedural rules. National screening mechanisms shall also be equipped with measures necessary to identify and prevent circumvention of the screening mechanisms and screening decisions, and provide foreign investors and target companies concerned with the possibility to seek recourse against the screening decisions of the national authorities. Scope of Application A foreign direct investment, pursuant to the FDI Regulation, is an investment of any kind by a foreign investor aiming to establish or to maintain lasting and direct links between the foreign investor and the entrepreneur to whom or the target company to which the capital is made available in order to carry on an economic activity in a Member State, including investments which enable effective participation in the management or control of a company carrying out an economic activity. Not covered by the FDI Regulation are portfolio investments, i.e. investments without any intention to influence the management and control of a company. Foreign investor is defined as a natural person of a third country or a company of a third (i.e., non-EU) country, intending to make or having made an FDI. How does the new EU cooperation mechanism work? There are three different scenarios to distinguish: (a) FDI undergoing screening by a Member State, (b) FDI not undergoing screening for lack of a national screening mechanism, and (c) FDI likely to affect projects or programs of EU interest. (a) FDI undergoing screening in a Member State with screening mechanism Step 1: The Member State conducting the screening notifies the Commission and the other Member States of the FDI and provides information. The Member States shall, as soon as possible, notify the Commission and the other Member States of any FDI in their territory that is undergoing screening. The notification may include a list of Member States whose security or public orders is deemed likely to be affected and shall indicate whether the FDI is likely to fall within the scope of the EC Merger Regulation. Information to be provided in the notification of an FDI includes:
  • the ownership structure of the foreign investor and of the target company in which the FDI is planned or has been completed, including information on the ultimate investor and participation in the capital;
  • the approximate value of the FDI;
  • the products, services and business operations of the foreign investor and of the target company in which the FDI is planned or has been completed;
  • the Member States in which the foreign investor and the target company in which the FDI is planned or has been completed, conduct relevant business operations;
  • the funding of the investment and its source, on the basis of the best information available to the Member State; and
  • the date when the FDI is planned to be completed or has been completed.
The Member State conducting screening may request the foreign investor or the target company in which the FDI is planned or has been completed to provide the above information.[18] Step 2: The other Member States and the Commission notify the Member State conducting the screening of their intention to provide comments or an opinion and may request additional information. After being notified of the FDI, other Member States and the Commission have 15 calendar days to notify the Member State conducting the screening of their intent to provide comments or an opinion, and to request additional information. Any request for additional information, however, has to be duly justified, limited to information necessary to provide comments or issue an opinion, proportionate to the purpose of the request and not unduly burdensome for the Member State conducting the screening. The Member State conducting the screening shall endeavor to provide such additional information, if available, to the requesting Member States and/or the Commission without undue delay. Step 3: Determining whether the FDI is likely to affect security or public order (screening factors). The FDI Regulation provides for a non-exhaustive list of factors that the Member States and the Commission may take into consideration when determining whether an FDI is likely to affect security or public order. Firstly, the Member States and the Commission may consider the FDI’s potential effects on, inter alia:
  • critical infrastructure, whether physical or virtual, including energy, transport, water, health, communications, media, data processing or storage, aerospace, defense, electoral or financial  infrastructure, and sensitive facilities as well as land and real estate crucial for the use of such infrastructure;
  • critical technologies and dual-use items as defined in point 1 of Article 2 of Council Regulation (EC) no. 428/2009[19], including artificial intelligence, robotics, semiconductors, cybersecurity, aerospace, defense, energy storage, quantum and nuclear technologies as well as nanotechnologies and biotechnologies;
  • supply of critical inputs, including energy and raw materials, as well as food security;
  • access to sensitive information, including personal data, or the ability to control such information; or
  • the freedom and pluralism of the media.
Secondly, the Member States and the Commission may also take into account, in particular:
  • whether the foreign investor is directly or indirectly controlled by the government, including state bodies or armed forces, of a third country, including through ownership structure or significant funding;
  • whether the foreign investor has already been involved in activities affecting security or public order in a Member State; or
  • whether there is a serious risk that the foreign investor engages in illegal or criminal activities.
Step 4: The other Member States and the Commission may provide comments or an opinion. Other Member States may provide comments to the Member State conducting the screening if they consider that the FDI is likely to affect their security or public order, or if they have information relevant for such screening. The Commission may issue an opinion addressed to the Member State conducting the screening if it considers that the FDI is likely to affect security or public order in more than one Member State, or if it has relevant information in relation to that FDI. The Commission may issue an opinion irrespective of whether other Member States have provided comments. The Commission shall, however, issue an opinion where justified following comments from at least one-third of Member States considering that the FDI is likely to affect their security or public order. Other Member States’ comments and the Commission’s opinion have to be duly justified. The Member State conducting the screening may also itself request that the Commission issues an opinion, or other Member States provide comments if it considers that the FDI in its territory is likely to affect its security or public order. Comments and opinions are to be addressed and sent to the Member State conducting the screening no later than 35 calendar days following the receipt of the information conveyed with the notification of the FDI (see above). If additional information was requested, such comments or opinions are to be issued no later than 20 calendar days following receipt of the additional information or the notification that such additional information cannot be obtained. Moreover, the Commission – irrespective of having notified its intention to issue an opinion (pursuant to Step 2 above) – may issue an opinion following comments from other Member States where possible within the aforementioned deadline(s), but not later than 5 calendar days after those deadline have expired. Should the Member State conducting the screening consider that its security or public order requires immediate action, it may issue a screening decision before the time frames above have lapsed. The Member State conducting the screening will need to notify the other Member States and the Commission of said intention and duly justify the need for immediate action. The other Member States and the Commission shall hence endeavor to provide its comments or opinion expeditiously. The Commission will notify the other Member States that comments were provided or that an opinion was issued. Step 5: The Member State conducting the screening makes final screening decision after having given due consideration to the comments of the other Member States and to the opinion of the Commission. The Member State conducting the screening needs to give due consideration to the comments of the other Member States and to the opinion of the Commission. Recital 17 of the FDI Regulation elaborates in this regard that a Member State should give due consideration through, where appropriate, measures available under its national law, or in its broader policy-making, in line with its duty of “sincere cooperation” laid down in Article 4 para. 3 Treaty on European Union (“TEU”). The final screening decision in relation to any FDI, however, remains the sole responsibility of the Member State conducting the screening. For the sake of clarity, the Commission and the other Member States do not have the power to overrule the screening decision made by the competent national authority of the Member State conducting the screening. (b) FDI not undergoing screening (for lack of a national screening mechanism) Step 1: The other Member States and the Commission may request information from the Member State where the FDI is planned or has been completed without undergoing screening. Where the Commission or a Member State considers that an FDI planned or completed in another Member State, where it is not undergoing screening for lack of a national screening mechanism, is likely to affect security or public order, it may request information from the Member State where the FDI is planned or has been completed. Such information may include:
  • the ownership structure of the foreign investor and of the target company in which the FDI is planned or has been completed, including information on the ultimate investor and participation in the capital;
  • the approximate value of the FDI;
  • the products, services and business operations of the foreign investor and of the target company in which the FDI is planned or has been completed;
  • the Member States in which the foreign investor and the target company in which the FDI is planned or has been completed, conduct relevant business operations;
  • the funding of the investment and its source, on the basis of the best information available to the Member State; and
  • the date when the FDI is planned to be completed or has been completed.
Additional information to the above may be requested. Please note that the Member State where an FDI is planned or has been completed may request the foreign investor or the target company in which the FDI is planned or has been completed to provide the above information.[20] Any request for information, however, has to be duly justified, limited to information necessary to provide comments or to issue an opinion, proportionate to the purpose of the request and not unduly burdensome for the Member State where the FDI is planned or has been completed which, in turn, shall ensure that the requested information is made available to the Commission and the requesting Member States without undue delay. Step 2: Determining whether the FDI is likely to affect security or public order (screening factors). See above Step 3 for FDI undergoing screening in a Member State with screening mechanism. Step 3: The other Member States and the Commission may provide comments or an opinion. Other Member States may provide comments to the Member State where an FDI is planned or has been completed which is not undergoing screening in that Member State if they consider that the FDI is likely to affect their security or public order, or if they have relevant information in relation to that FDI. The Commission may issue an opinion addressed to the Member State in which the FDI is planned or has been completed if it considers that the FDI is likely to affect security or public order in more than one Member State, or if it has relevant information in relation to that FDI. The Commission may issue an opinion irrespective of whether other Member States have provided comments. The Commission shall, however, issue an opinion where justified following comments from at least one-third of Member States considering that the FDI is likely to affect their security or public order. Other Member States’ comments and the Commission’s opinion have to be duly justified. The Member State which duly considers that an FDI in its territory is likely to affect its security or public order may also itself request the Commission to issue an opinion, or other Member States to provide comments. Comments and opinions are to be addressed and sent to the Member State where the FDI is planned or has been completed no later than 35 calendar days following the receipt of the requested information or the notification that such information cannot be obtained. Should the Commission issue an opinion following comments from other Member States, it has 15 additional calendar days for issuing that opinion. In order to provide greater certainty for investors, Member States and the Commissions may only issue comments and an opinion in relation to completed FDI not undergoing screening for lack of a national screening mechanism for a limited period of 15 months after the FDI has been completed.[21] This time frame, however, does not apply to FDI completed before the entry into force of the FDI Regulation. The Commission will notify other Member States that comments were provided or that an opinion was issued. Step 4: The Member State where the FDI is planned or has been completed shall give due consideration to the comments of the other Member States and to the opinion of the Commission. The Member State where the FDI is planned or has been completed needs to give due consideration to the comments of the other Member States and to the opinion of the Commission. Recital 17 of the FDI Regulation elaborates in this regard that a Member State should give due consideration through, where appropriate, measures available under its national law, or in its broader policy-making, in line with its duty of “sincere cooperation” under Article 4 para. 3 TEU. The decision to screen an FDI or to establish a screening mechanism for that matter, however, remains the sole responsibility of the Member State in question. (c) FDI likely to affect projects or programs of EU interest If an FDI potentially affects “projects or programs of EU interest” on grounds of security and public order, the Commission’s opinion carries more weight in the sense that the Member State in which the FDI is planned or has been completed (i.e., regardless of whether the FDI is undergoing screening or not) needs not only to give due consideration to, but needs to take utmost account of, the Commission’s opinion and, additionally, provide an explanation to the Commission in case its opinion is not followed. Recital 19 of the FDI Regulation elaborates in this regard that a Member State should take utmost account of the opinion received from the Commission through, where appropriate, measures available under its national law, or in its broader policy-making, and provide an explanation to the Commission if it does not follow its opinion, in line with their duty of “sincere cooperation” under Article 4 para. 3 TEU. The underlying objective is to give the Commission a tool to protect projects and programs, which serve the EU as a whole and represent an important contribution to its economic growth, jobs and competitiveness.[22] “Projects or programs of EU interest” shall include projects and programs which involve a substantial amount or a significant share of EU funding, or which are covered by EU law regarding critical infrastructure, critical technologies or critical inputs, which are essential for security or public order. In its annex, the FDI Regulation sets out a list of eight projects and programs of EU interest, namely the European GNSS programs (Galileo & EGNOS), Copernicus, Horizon 2020, Trans-European Networks for Transport (TEN-T), Trans-European Networks for Energy (TEN-E), Trans-European Networks for Telecommunications, European Defense Industrial Development Program, and the Permanent structured cooperation (PESCO). The Commission is authorized to amend this list by way of adopting a delegated act. As for the cooperation mechanism, the above outlined procedures for FDI undergoing screening / not undergoing screening apply accordingly except for three modifications: (i) the Member State conducting the screening may indicate in the FDI notification whether it considers that the FDI is likely to affect projects and programs of EU interest; (ii) the Commission’s opinion shall be sent to the other Member States (instead of the Commission only notifying the other Member States of the fact that an opinion was issued); and (iii) the Member State where the FDI is planned or has been completed needs to take utmost account of the Commission’s opinion and provide an explanation to the Commission in case its opinion is not followed. Interplay with German Foreign Investment Control Current German Investment Control Regime Germany has had an FDI screening mechanism in place since 2004, which is based on the German Foreign Trade and Payments Act (Außenwirtschaftsgesetz or “AWG”) and codified in more detail in the German Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung or “AWV”). The German Federal Ministry of Economic Affairs and Energy (the “German Ministry”) has the competence to review and potentially prohibit or restrict investments in domestic companies (direct or indirect acquisition of 25% – if in a security-sensitive sector or a critical infrastructure now already of 10% – or more of the voting rights) by a foreign investor on the grounds of public order or security, or to ensure the protection of essential security interests of the Federal Republic of Germany. The rules for German investment control distinguish between so-called “sector-specific reviews” (defense and certain parts of IT security industry) and “cross-sector reviews” (all other industry sectors). In case of sector-specific reviews (defense and certain parts of IT security industry), the foreign investor – EU and non-EU investor – is obliged to report the transaction to the German Ministry which then has three months to initiate formal review proceedings or otherwise clearance is deemed granted. Should the German Ministry decide to enter into formal review proceedings, it has a further period of three months of receipt of certain information on the transaction to render a screening decision. Any such decision by the German Ministry, that is any clearance, restriction or prohibition of a transaction, is consensually agreed with the Foreign Office (Auswärtiges Amt), the Federal Ministry of Defense (Bundesministerium der Verteidigung), and the Federal Ministry of the Interior (Bundesministerium des Inneren). In case of cross-sector reviews (all industry sectors but defense and certain parts of IT security), German Ministry has the competence to review the transaction independently despite the foreign investor – non-EU/non-EFTA – being obliged to report the transaction to the German Ministry, that is if the target company operates a critical infrastructure as listed in sec. 55 para. 1 sentence 2 AWV. The German Ministry then has three months to initiate formal review proceedings; otherwise it foregoes its right to review the transaction. Foreign investors also have the option to apply – even prior to the signing of the acquisition agreement – for a certificate of non-objection (Unbedenklichkeitsbescheinigung), which shall be deemed granted if the German Ministry does not initiate formal review proceedings within two months of receipt of the application. For the sake of transaction security and time, investors will often make use of this option and apply for a certificate of non-objection (Unbedenklichkeitsbescheinigung). Either way, should the German Ministry decide to enter into formal review proceedings, it has a further period of four months of receipt of certain information on the transaction to render a screening decision. Any decision to restrict or prohibit the transaction requires the consent of the German government. Hence, both types of review proceedings, the sector-specific as well as the cross-sector review, may take up to six (or even seven) months. It is noteworthy, however, that, regardless of the industry sector concerned, the ultimate duration of a formal review proceeding is likely to stretch even longer in the individual case as the review period is suspended if and so long as negotiations on contractual arrangements ensuring the protection of public order and security are taking place between the German Ministry and the parties involved in the transaction. In December 2018, the German government further tightened its rules for German foreign investment control. The amended rules provide for greater scrutiny of FDI by lowering the threshold for review of investments in German companies by foreign investors from the acquisition of 25% of the voting rights down to 10% in circumstances where the target operates in security-sensitive sectors (defense and certain parts of IT security industry) or a critical infrastructure. In addition, the amendment also expands the scope of the German screening mechanism to include certain media companies that contribute to influencing the public opinion by way of broadcasting, teleservices or printed materials and stand out due to their special relevance and broad impact. While the lowering of the review threshold as such has the purpose to increase the number of reported, and ultimately, reviewed investments, the broader scope is aimed at preventing German mass media from being manipulated with disinformation by foreign investors or governments. Interplay and Potential Friction between German Investment Control and the FDI Regulation As said above, the newly established framework for screening of FDI into the EU does not supersede German investment control but rather adds a layer of overall transparency and awareness among the Member States and, arguably even more importantly, provides the German Ministry with additional screening factors it may consider when reviewing an FDI under German investment control rules. In the case of the German robot manufacturer Kuka for instance, this would have allowed the German Ministry to actually prohibit the takeover of Kuka by Chinese investors. While, in 2016, robotics itself was not deemed to affect the public order or security of the Federal Republic of Germany – even under the current, more tightened regime, it still is not – it is considered a critical technology pursuant to the FDI Regulation and, as such, may be taken into account by the German Ministry in its screening decision. The EU-wide cooperation process under the FDI Regulation will take place between the respective contact points appointed for the implementation of the FDI Regulation by the Commission and the Member States. The German contact point will almost certainly be the department of the German Ministry in charge of investment control. The German Ministry, therefore, continues to be the sole point of contact for investors. It will need to inform the Commission and other Member States of FDI which undergo German review. The time frame for cooperation activities under the FDI Regulation is generally set to 55 calendar days (60 calendar days in case the Commission decides to issue an opinion following comments from other Member States) but may be longer depending on the individual circumstances that go with the obligation of the Member State concerned to make available additional information requested “without undue delay”. At first glance, the time frames under the FDI Regulation do not seem to conflict with the German screening procedure given that the German Ministry has, depending on the sector concerned, two or three months, to decide on entering into formal screening proceedings while the Commission/other Member States have 15 calendar days to notify their intent to provide an opinion/comments and no longer than 35 calendar days to actually do so. The time frame to issue an opinion or comments, however, may easily stretch longer than 35 calendar days in the event that the Commission or other Member States include a request for additional information in their notification of intent because an opinion or comments only need to be issued (no later than) 20 calendar days following receipt of the additional information. Even though the Member State concerned – in our example the German Ministry – is to ensure that the information requested is made available without undue delay, it is highly unlikely that the Member State concerned will be in a position to provide the information the same day. Therefore, the Commission/other Member States may actually have (much) longer than 35 calendar days to provide an opinion/comments in the individual case which in turn may collide with current time frames under German investment control rendering it impossible for the German Ministry to effectively consider such opinion/comments. This will be true especially in case of applications for certificates of non-objection (Unbedenklichkeitsbescheinigung) which need to be processed within two months. Therefore, it is certain that the German rules will be amended to ensure that both time frames are reconciled. Instead of simply extending the time frames to allow for the inclusion of the new EU cooperation mechanism, it is also conceivable that the German screening process will not start or be suspended until the EU cooperation procedure is completed. There will also be a need to reconcile information requirements. The information to be provided under the EU cooperation mechanism goes beyond what is required under the German screening mechanism. It is to be expected that the information to be submitted under the German screening procedure will be extended to comply with information requirements under the FDI Regulation. Alongside of extended information requirements, foreign investors should also prepare for an increased need for translations, as the German Ministry requires information to be submitted in German – and will continue to do so – whereas information to be shared with the Commission and other Member State will most likely (and at least) need to be provided in English. The German Ministry anticipates that the implementation of the FDI Regulation will take at least until end of 2019 and that the German investment control regime most likely will be tightened even further in the process.

   [1]   See FDI Regulation, recital no. 7.
   [2]   See FDI Regulation, recital no. 8 and article 1 para. 3.
   [3]   See FDI Regulation, article 3 para. 1.
   [4]   See FDI Regulation, recital no. 26 and 27.
   [5]   See FDI Regulation, recital no. 27.
   [6]   See FDI Regulation, article 10 para. 3.
   [7]   See FDI Regulation, article 14.
   [8]   Commission Decision of November 29, 2017 setting up the group of experts on the screening of foreign direct investments into the European Union (not published in the Official Journal), C(2017) 7866 final.
   [9]   See article 2 and article 5 of the Commission Decision of November 29, 2017 setting up the group of experts on the screening of foreign direct investments into the European Union (not published in the Official Journal), C(2017) 7866 final.
  [10]   See FDI Regulation, recital no. 28.
  [11]   See FDI Regulation, recital no. 29 and article 13.
  [12]   See FDI Regulation, recital no. 14.
[13]   See FDI Regulation, recital no. 22 and article 5.
  [14]   See FDI Regulation, recital no. 22.
  [15]   The General Agreement on Trade in Services (GATS) is a treaty of the World Trade Organization (WTO) which establishes a framework of rules to ensure that services regulations are administered in a reasonable, objective and impartial manner and do not constitute unnecessary barriers to trade.
  [16]   The Organisation for Economic Co-operation and Development (OECD) is an international organization with currently 36 member countries committed to promote policies that will improve the economic and social well-being of people around the world by providing a forum in which governments can work together to share experiences and seek solutions to common problems.
  [17]   Statement made by Commission member Dr. Sylvia Baule during her presentation at the panel discussion “M&A – The evolving landscape of foreign direct investment – Just another thing to deal with or the new ice age for cross-border M&A?” at the German & American Lawyers Association (Deutsch-Amerikanische Juristen-Vereinigung or “DAJV”) Working Group Day 2018.
  [18]   See FDI Regulation, article 9 para. 4.
  [19]   Council Regulation (EC) No 428/2009 of 5 May 2009 setting up a Community regime for the control of exports, transfer, brokering and transit of dual-use items (OJ L 134 29.5.2009, p. 1) (whereby ‘dual-use items’ shall mean items, including software and technology, which can be used for both civil and military purposes, and shall include all goods which can be used for both non-explosive uses and assisting in any way in the manufacture of nuclear weapons or other nuclear explosive devices).
  [20]   See FDI Regulation, article 9 para. 4.
  [21]   See FDI Regulation, recital no. 21.
  [22]   See FDI Regulation, recital no. 19.

Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. For further information, please contact the Gibson Dunn lawyer with whom you work or any of the following: Wilhelm Reinhardt - Frankfurt (+49 69 247 411 520, wreinhardt@gibsondunn.com) Jens-Olrik Murach - Brussels (+32 2 554 7240, jmurach@gibsondunn.com) Stefanie Zirkel - Frankfurt (+49 69 247 411 513, szirkel@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

February 11, 2019 |
2018 Year-End Sanctions Update

Click for PDF 2018 was another extraordinary year in sanctions development and enforcement.  This past year may take its place in history as the point at which the United States abandoned the Iran nuclear deal—the Joint Comprehensive Plan of Action (the “JCPOA”)—and re-imposed nuclear sanctions on Iran.  Defying the expectations of many observers, the Trump administration went further than anticipated and re-imposed all nuclear-related sanctions on Iran, culminating in the November 5, 2018 addition of over 700 individuals, entities, aircraft, and vessels to the Specially Designated Nationals and Blocked Persons (“SDN”) List—the largest single set of sanctions designations to date.  This action increased the SDN List by more than 10 percent and brought the total number of persons designated in 2018 to approximately 1,500—50 percent more than has ever been added to the SDN List in any single year.

Chart

Source: Graph Compiled from Data Released by the Office of Foreign Assets Control

In any prior year, the U.S. decision to abandon the JCPOA would have dominated the pages of our client alerts.  But 2018 was no ordinary year, and OFAC continued to enhance the impact of U.S. sanctions against Russia while rumors of election interference filled the airwaves.  On April 6, 2018, the Trump Administration announced a bold set of new designations, including nearly 40 Russian oligarchs, officials, and related entities, including major publicly traded companies.  After the companies took significant steps to disentangle from Russian oligarch Oleg Deripaska, OFAC delisted EN+, Rusal, and JSC EuroSibEnergo (“ESE”) on December 19, 2018. But that’s not all.  Political and economic conditions in Venezuela continued to deteriorate, and in May Venezuelan President Nicolás Maduro was elected to a new six-year term in an election that the United States government has described as a “sham” and “neither free nor fair.”  Venezuela’s economy—which remains heavily dependent on the state-owned oil company, Petroleos de Venezuela, S.A. (“PdVSA”)—continued its sharp decline amid a collapse in oil production.  Against that grim backdrop, the United States continued to gradually expand sanctions targeting members of President Maduro’s inner circle and sources of financing for the Venezuelan state.  On January 28, 2019, OFAC formally designated PdVSA. As with years past, 2018 witnessed the expanding use of sanctions as a foreign policy tool and will provide much fodder for those debating the long-term geopolitical impact of economic sanctions.  But our purpose here is more circumspect: a recap of the continuing evolution of sanctions in 2018 and preparation for what may come next.

I.    Major U.S. Program Developments

A.    Iran

We have spilled much ink on the changing contours of the Iran sanctions regime.  As we first described in our May 9 client alert, the re-imposition of Iran sanctions was subject to 90- and 180- day “wind-down” periods, expiring on August 6 and November 5, respectively.  During these periods, companies were instructed to terminate Iran-related operations that would be targeted by the pending sanctions.  OFAC placed the remaining sanctions relief into wind-down on June 27, as we described here, by withdrawing general authorizations that had permitted U.S. persons to negotiate contingent contracts related to commercial passenger aviation; import and deal in Iranian-origin carpets and foodstuffs; and facilitate the engagement of their non-U.S. subsidiaries in transactions involving Iran. Upon the termination of the first wind-down period on August 6, as we described here, President Trump issued a new executive order authorizing the re-imposition of “secondary” sanctions targeting non-U.S. persons who engage in certain Iran-related transactions involving U.S. dollars, precious metals, the Iranian rial, certain metals, or Iranian sovereign debt.  On November 5, as we described here, the remaining secondary sanctions were re-imposed.  These included sanctions targeting non-U.S. person participation in transactions with Iran’s port operators or its shipping, ship building, and energy sectors; involving petroleum, petroleum products, petrochemicals, the National Iranian Oil Company (“NIOC”), Naftiran Intertrade Company (“NICO”), or the Central Bank of Iran; providing underwriting services, insurance, or reinsurance for sanctionable activities with or involving Iran; or involving Iranian SDNs.  The United States also added a record number of individuals and entities to the SDN List, including entities that had previously been granted sanctions relief under the JCPOA, Iranian government or financial entities transferred from the List of Persons Blocked Solely Pursuant to E.O. 13599 (the “E.O. 13599 List”), and 300 first-time designees. November 5 also marked the end of the wind-down period for General License H, which had authorized non-U.S. entities owned or controlled by U.S. persons to provide goods, services, or financing to Iranian entities under the terms of the JCPOA.  The withdrawal of this authorization effectively subjected these non-U.S. entities to the same limitations on engagement with Iran that restrict their U.S. parents. This broad array of re-imposed restrictions does not, however, entirely prevent U.S. persons or non-U.S. persons from engaging in Iran-related transactions.  The Trump administration has provided sanctions waivers to eight countries that have pledged to significantly reduce their imports of Iranian crude oil, and has also purportedly waived sanctions for dealing with Iran’s Chabahar port—which is strategically important to the reconstruction of Afghanistan—and for certain nonproliferation efforts ongoing at several Iranian nuclear sites.  Certain exceptions, including for transactions related to the Shah Deniz gas field (which is partly owned by the Government of Iran) and for transactions involving the export of agricultural commodities, food, medicine, or medical devices to Iran, also continue to apply.  Additionally, General License D-1—which allows for the export of certain telecommunications goods and services to Iran—remains in force, as does General License J—which permits temporary visits to Iran by U.S.-origin aircraft (thus allowing international carriers to continue flying to Iran).  Additionally, U.S. secondary sanctions do not apply to dealings with Iranian banks that are designated solely because of their status as “Iranian financial institutions” pursuant to Executive Order 13599, leaving certain payment channels open for otherwise permissible operations in Iran. With the full array of pre-JCPOA sanctions re-imposed, we are now awaiting further reaction from the Trump administration, the Iranian leadership and the other signatories to the JCPOA.  The Trump administration has stressed that it plans to adopt “the toughest sanctions regime ever imposed on Iran,” warning that “[m]ore are coming.”  To date, OFAC has designated several tranches of individuals, entities, and aircraft linked to Iranian militias operating in Syria, including those announced on January 24, 2019.  The Trump administration may also be likely to pursue aggressive enforcement efforts against persons that attempt to violate or circumvent U.S. sanctions, although the brief window between the re-imposition of sanctions and the U.S. government shutdown in late 2018 and early 2019 may have stalled such efforts.  Additionally, Iranian entities could begin to react to the new, more restricted business environment, by for example pursuing legal action against their non-U.S. trading partners who have begun to exit Iran—sometimes with outstanding contractual obligations—given the risk of facing sanctions pursuant to the re-imposed secondary sanctions. In response to the U.S. decision, as we described here, the EU supplemented its existing blocking statute to prohibit compliance by EU entities with the new U.S. sanctions on Iran.  In early 2019, Britain, France and Germany established a European special purpose vehicle to facilitate non-U.S. dollar trade with Iran, circumventing many of the risks that EU entities face in complying with U.S. sanctions.  The new measure, called the Instrument in Support of Trade Exchanges (“Instex”), will allow trade between the EU and Iran without relying on direct financial transactions.  Instex has been registered in France, will be run by a German executive, and will have a supervisory board consisting of diplomats from Britain, France, and Germany.

B.    Russia

1.    New Designations

In addition to a significant expansion of U.S. sanctions on Iran, OFAC also continued to enhance the impact of U.S. sanctions against Russia while tensions between the two superpowers increased and rumors of election interference filled the airwaves.  On April 6, 2018, as we analyzed here, the Trump administration announced a bold set of new designations, targeting nearly 40 Russian oligarchs, officials, and related entities, including major publicly traded companies such as EN+ and Rusal.  In announcing the sanctions, Treasury Secretary Steven Mnuchin cited Russia’s involvement in “a range of malign activity around the globe,” including the continued occupation of Crimea, instigation of violence in Ukraine, support of the Bashar al-Assad regime in Syria, attempts to subvert Western democracies, and malicious cyber activities. These new sanctions carried broad macroeconomic implications for Russia’s business partners, including investors in the designated public companies.  To minimize the immediate disruptions, OFAC issued two time-limited general licenses permitting companies and individuals to undertake certain transactions to “wind down” business dealings related to the designated parties.  These licenses were extended numerous times throughout the course of the year, as the targeted companies attempted to extricate themselves from relationships with key leaders and investors that had triggered OFAC’s scrutiny. As OFAC Director Andrea Gacki explained in a letter to Congress, the designation of three companies—EN+, Rusal, and ESE—was not OFAC’s primary intention but rather a reflection of their “entanglement” with Russian oligarch Oleg Deripaska.  On December 19, 2018, OFAC announced its intention to de-list all three entities (though Deripaska himself remains on the SDN List). The three companies’ actions may serve as a roadmap for other entities seeking to distance themselves from sanctioned persons.  EN+ made arrangements for Deripaska to reduce his ownership to less than 45 percent of its shares through transactions that would not involve transfers of funds to Deripaska, to reduce his voting rights in EN+ to no more than 35 percent, and to restructure its board, with eight out of 12 directors selected through a process intended to ensure their independence from Deripaska and half of the new board comprised of U.S. and UK nationals.  Rusal and ESE—which are majority-owned by EN+—undertook specific commitments that, combined with the ownership and governance changes at EN+, similarly reduced Deripaska’s ownership and control.  The three companies also agreed to significant OFAC reporting requirements to ensure transparency with respect to their compliance. OFAC proceeded with the de-listings on January 27, 2019, which resulted in an immediate blowback from members of the newly elected Congress.  Many members on both sides of the aisle clamored for a legislative response that would re-impose sanctions on the Russian entities, as the special counsel investigation lead by Robert Mueller continued to generate headlines.  These efforts—much like the numerous pieces of legislation that were proposed in 2018 to ratchet up sanctions pressure on Russia—were ultimately unsuccessful.

2.    CAATSA Implementation

Also in 2018, the Trump administration took steps toward the implementation of sanctions under the Countering America’s Adversaries Through Sanctions Act (“CAATSA”), discussed in our November 21, 2017 alert.  On September 20, 2018, President Trump issued Executive Order 13849, formally authorizing the Treasury and State Departments to issue sanctions under four sections of CAATSA:  (i) Section 224(a)(2), which relates to materially assisting Russian government efforts to undermine cybersecurity; (ii) Section 231(a), which relates to significant transactions involving persons in or acting on behalf of the Russian defense or intelligence sectors; (iii) Section 232(a), which relates to the provision of goods or services that support the construction of Russian energy export pipelines; and (iv) Section 233(a), which relates to investments in the privatization of Russian state-owned enterprises to the benefit of government officials and their family members. On the same day, the administration announced 33 additions to the list of individuals associated with the Russian defense and intelligence sectors under Section 231 of CAATSA (the “Section 231 List”), with whom significant transactions are prohibited.  At the same time, the administration announced its first two SDN designations based on participation in significant transactions with an entity on the List of Specified Persons:  the Chinese entity Equipment Development Department (“EDD”) and its director, Li Shangfu.  EDD was designated based upon transactions with Russian arms exporter Rosoboronexport involving the purchase of ten Russian Sukhoi fighter jets and a “batch” of surface-to-air missiles. Over the course of the year, OFAC also designated two dozen individuals and entities associated with Russian intelligence and election interference operations.

3.    Chemical and Biological Weapons Act Sanctions

On August 8, 2018, the United States announced plans to impose additional sanctions on Russia in response to Russia’s alleged use of a nerve agent in the United Kingdom.  The Chemical and Biological Weapons Control and Warfare Elimination Act of 1991 (the “CBW Act”) requires, in the event that the President determines that a foreign government has used chemical or biological weapons, two rounds of sanctions. The first round of sanctions, imposed on August 22, 2018, expanded U.S. export controls to prohibit the export to Russia of items subject to the Export Administration Regulations (“EAR”) and controlled for national security reasons.  Previously applicable exceptions—such as those covering exports for servicing and repair and for temporary exports—continue to apply.  Further export authorizations may also be granted on a case-by-case basis.  However, if, for example, no exception or authorization applies and the items are to be exported to a state-owned or -funded enterprise, requests for authorization to export covered items will be denied and their export prohibited. The second round of sanctions, expected November 6, 2018 but now months overdue, must include at least three of six sanctions set forth in the CBW Act, unless waived by the President for national security reasons.  Possible sanctions include restrictions on bank loans to the Russian government, the downgrade or suspension of diplomatic relations, and/or an expansion of export controls to broadly prohibit the export to Russia of all U.S.-origin items, regardless of the reason for their control.  Despite its delay and the mandatory obligation, as of this writing it is not clear that the Trump administration will ever impose this second round of restrictions.

C.    Venezuela

The United States sent shockwaves through markets on January 31, 2019, when it designated Venezuela’s state-owned oil company, PdVSA, to the SDN List, as we described here.  The events of 2018 laid the groundwork for that decision, as the United States gradually increased sanctions pressure on the regime of Venezuelan President Nicolás Maduro, who had been elected to a new six-year term in a May 2018 election that critics described as a “sham” and “neither free nor fair.”  At the same time, Venezuela’s economy—which remains heavily dependent on PdVSA—continued its sharp decline amid a collapse in oil production.  New measures imposed by the United States over the course of 2018 included a warning about transacting in Venezuela’s new cyber currency, further sanctions on certain debt and equity of the Government of Venezuela, as well as new sanctions targeting both Venezuela’s gold sector and corruption in government programs. In February 2018, President Maduro announced that his government would begin issuing a new “cyber currency” known as the petro, in an effort to circumvent the use of U.S. dollars and the concomitant reach of OFAC regulations.  In response, OFAC on March 19, 2018 issued its first official guidance discussing cyber currencies.  Though perhaps not broadly applicable to the world’s more mainstream cyber currencies, it is noteworthy that OFAC held that its jurisdiction explicitly extended to the use of any new Venezuelan cyber currencies and that U.S. persons could face enforcement if they undertook dealings in the new currency.  In a sign of things to come, OFAC also warned that it may add digital currency addresses associated with blocked persons to the SDN List and put the onus on individuals engaging in such transactions to screen potential counterparties and ensure that they are not dealing with banned persons.  For a more detailed discussion of OFAC’s approach to cyber currencies like the petro, see our client alert, OFAC Issues Economic Sanctions Guidance on Digital Currencies (Oct. 5, 2018). To further constrain the Maduro regime’s access to capital, the Trump administration in May 2018 expanded sanctions on certain financial instruments issued or sold by the Government of Venezuela.  The “Government of Venezuela” is broadly defined to include not only its political subdivisions, agencies, and instrumentalities but also the Central Bank of Venezuela, PdVSA, and any entity that is at least 50 percent owned or controlled by these targeted entities. The Trump administration first began targeting Venezuelan financial instruments in August 2017 with the issuance of Executive Order 13808, which was modeled in part on sectoral sanctions targeting Russia.  Under that executive order, U.S. persons are prohibited from engaging in transactions involving (1) new debt owed by the Government of Venezuela with payment terms greater than 30 or 90 days (depending on the debtor), (2) new equity of the Government of Venezuela, (3) bonds issued by the Government of Venezuela, (4) dividend payments or other distributions of profits to the Government of Venezuela from any entity owned or controlled, directly or indirectly, by the Government of Venezuela, and (5) the purchase of securities from the Government of Venezuela.  The scope of those sanctions is then cabined by four general licenses issued by OFAC.  Executive Order 13808 is described at length in our client alert, President Trump Issues New Sanctions Targeting Certain Activities of PdVSA and the Government of Venezuela (Sept. 1, 2017). Shortly following President Maduro’s re-election, President Trump on May 21, 2018 issued Executive Order 13835, which built on the measures described above by prohibiting U.S. persons from engaging in certain transactions involving debt owed to the Government of Venezuela, as well as certain transactions involving equity of Venezuelan state-owned entities. The policy rationale behind those measures was twofold.  The new restrictions on debt—which apply to transactions that involve either purchasing or pledging as collateral any debt owed to the Government of Venezuela, including accounts receivable—were designed to curtail the government’s ability to use accounts receivable financing to support its continued operations.  (For example, a U.S. person would likely be prohibited from participating in transactions between a PdVSA customer and a PdVSA creditor where the customer paid its outstanding debt to the creditor, in lieu of payment to PdVSA.)  At the same time, the restrictions on equity—which apply to transactions that involve the sale, transfer, assignment, or pledging as collateral by the Government of Venezuela of any equity interest in any entity in which the Government of Venezuela has a 50 percent or greater ownership interest—were calculated to prevent the Maduro regime from selling off valuable state-owned assets in “fire sales,” which deprive the Venezuelan people of “assets the country will need to rebuild its economy.”  Executive Order 13835 and its implications are described at length in our client alert, President Trump Issues Additional Sanctions Further Targeting PdVSA and the Government of Venezuela (May 31, 2018). In tandem with measures directed at Venezuela’s cyber currency and other more traditional financial instruments, the Trump administration also imposed new sanctions targeting Venezuela’s gold sector, which represents a vital source of hard currency (the cash-starved economy is home to some of the world’s largest known gold deposits).  In 2018, Venezuela exported more than 23 tons of gold worth an estimated U.S. $900 million, giving rise to concerns on the part of U.S. officials that Venezuela’s natural resources were being “plundered” to enrich senior regime officials.  More broadly, U.S. officials expressed concern that gold originating from Venezuela could find its way into the hands of other regimes the U.S. government views as unsavory, such as Iran, where it could be used to evade U.S. financial sanctions. In response, the Trump administration on November 1, 2018 issued an executive order which imposed sanctions on persons who operate in the gold sector of the Venezuelan economy, engage in corruption involving Venezuelan government projects and programs, or who facilitate such activities.  Additionally, the executive order gave the Treasury Secretary discretion to extend those sanctions to any other sector of the Venezuelan economy he deems appropriate, providing the basis for PdVSA’s designation in January 2019.

D.    Other Programs

1.    Sudan

On June 28, 2018, OFAC announced that it would be removing the Sudanese Sanctions Regulations (“SSR”) from the Code of Federal Regulations following the formal revocation of the SSR in October 2017.  As we reported in our 2017 Sanctions Year-End Update, the Obama administration initiated the revocation process in January 2017.  In addition to the removal of the SSR—which historically had included a trade embargo; a prohibition on the export or re-export of U.S. goods, technology and services; a prohibition on transactions relating to Sudan’s petroleum or petrochemical industries; and a freeze on the assets of the Sudanese government—OFAC officially incorporated into the Terrorism List Government Sanctions Regulations a general license authorizing certain exports of agricultural commodities, medicines, and medical devices to the Government of Sudan. Sudan, however, remains subject to sanctions due to its inclusion on the State Sponsors of Terrorism List (“SST”), and sanctions previously imposed relating to the conflict in Darfur remain in place.  Similarly, OFAC’s separate sanctions program relating to South Sudan remains in effect.  Indeed, in June 2018 OFAC entered into a settlement agreement with two subsidiaries of Telefonaktiebolaget LM Ericsson, Ericsson AB and Ericsson, Inc. (collectively, “Ericsson”), for an apparent violation of the SSR that occurred years earlier, and on December 18, 2018, OFAC sanctioned three individuals and their related entities for providing weapons, vehicles, and soldiers to fuel the conflict in South Sudan.

2.    Nicaragua

The regime of Nicaraguan President Daniel Ortega—which the Trump administration has condemned for its human rights abuses and anti-democratic measures in response to civil protests—has become the subject of a new list-based sanctions program.  On November 1, 2018, National Security Advisor John Bolton denounced the governments of Cuba, Venezuela, and Nicaragua, dubbing them the “Troika of Tyranny” and threatening that “we will no longer appease dictators and despots near our shores.”  Shortly thereafter, on November 27, 2018, President Trump issued Executive Order 13851 and declared a national emergency with respect to “the situation in Nicaragua, including the violent response by the Government of Nicaragua to the protests that began on April 18, 2018, and the Ortega regime’s systematic dismantling and undermining of democratic institutions and the rule of law,” violence against civilians, and corruption. The executive order authorizes OFAC to block the property of anyone who, inter alia, with respect to Nicaragua:  (1) commits human rights abuses; (2) undermines “democratic processes or institutions;” (3) threatens the country’s peace, security, or stability; (4) conducts transactions involving deceptive practices or corruption related to the Government of Nicaragua; or (5) has materially assisted in any of the activities described by categories 1 through 4.  The sanctions also empower OFAC to designate anyone who is or has been a government official since January 10, 2007.  Pursuant to this new program, OFAC has already added to the SDN list Rosario Maria Murillo de Ortega, the Vice President and First Lady, and Nestor Moncada Lau, the National Security Advisor to President Ortega.  Prior to the issuance of this new sanctions program, FinCEN, in October 2018, also issued an advisory alerting the financial system to the risks posed by corruption in Nicaragua, particularly relating to the possibility that members of the Ortega government may try to move proceeds of corruption out of the country because of the threat of unrest and the specter of potential sanctions.  The advisory noted that four Nicaraguan officials have already been sanctioned under the Global Magnitsky Human Rights Accountability Act (the “Global Magnitsky Act”). Further targeting the Ortega regime, on December 20, 2018, President Trump signed into law the Nicaragua Human Rights and Anticorruption Act, which had passed in the Senate on November 27, the same date Nicaragua sanctions went into effect.  The statute instructs the U.S. executive directors at the World Bank Group and Inter-American Development Bank to oppose any loan for the Nicaraguan government’s benefit unless certain steps strengthening democratic institutions have been met.  It is still too early to tell what effect this legislation, together with the new sanctions program, will have, but it is clear that companies must now take precautions when considering business opportunities in Nicaragua.  The Nicaraguan government is firmly within the sights of the U.S. government.

3.    North Korea

Although 2018 witnessed brief warming of relations between the United States and North Korea—marked by the June 12, 2018 summit between President Trump and Supreme Leader Kim Jong-un—relations between the countries have remained volatile, and OFAC has continued to push forward with its renewed focus on North Korea in connection with the U.S. government’s policy of denuclearizing the Korean Peninsula.  In our 2017 Sanctions Year-End Update, we discussed the intensification of the North Korea sanctions program in the face of North Korea’s increasing bellicosity.  New measures taken in 2017 included the enactment of a new section of CAATSA focusing on North Korea, the re-addition of North Korea to the state sponsors of terrorism list, and the issuance of a new executive order imposing sanctions on specific sectors of the North Korean economy and threatening to cut off access to the U.S. banking system for non-U.S. persons involved in North Korean trade. OFAC continued to add North Korean individuals and entities to the SDN List throughout 2018, kicking off the year with a January 24, 2018 designation of nine entities, 16 individuals, and six vessels in response to North Korea’s “ongoing development of weapons of mass destruction” and violations of Security Council resolutions.  One month later, on February 23, OFAC added to the SDN List what was billed as “the largest North Korea-related sanctions tranche to date,” aimed primarily at disrupting the regime’s shipping and trading companies.  This action—which was focused on disrupting the activities of shipping companies that have been used to evade sanctions—designated an outstanding 56 individuals and entities  across nine countries.  That same day, OFAC joined the State Department and U.S. Coast Guard in issuing an advisory which highlighted the deceptive practices used by North Korea to evade U.S. sanctions so that companies, including financial institutions, can adequately implement controls to account for these practices.  OFAC, together with the State Department and Department of Homeland Security, issued another similar advisory on July 23, 2018.  This second advisory highlights North Korea’s evasion tactics that could expose businesses involved in the supply chain—such as manufacturers, buyers, and service providers—to risk and urged the implementation of proper controls and due diligence measures. Last, though largely procedural, it is also worth noting that on March 1, 2018, OFAC amended and reissued the North Korea Sanctions Regulations and issued 14 new FAQs relating to the North Korea sanctions program. As the year drew to a close and the new year began, the U.S. government’s position vis-à-vis North Korea once again was thrown into question.  Although in December 2018 there were media reports of a new ballistic missile base being constructed in North Korea, in January 2019 the President reiterated that the United States is “doing very well” with respect to North Korea and is moving forward with scheduling a second summit to discuss the complete denuclearization of the Korean Peninsula.  Regardless, based on developments in 2017 and 2018, it is likely that OFAC’s intensification of its North Korea program will continue apace in the coming year.

II.    U.S. Enforcement

A.    Designations

1.    Designations of Iran-Based Persons with Digital Currency Addresses

On November 28, 2018, pursuant to its cyber-related sanctions program, OFAC designated Iranian residents Ali Khorashadizadeh and Mohammad Ghorbaniyan for facilitating the exchange of bitcoin payments into Iranian rial on behalf of cyber actors involved with the “SamSam” ransomware scheme, and depositing the rial into Iranian banks.  Perpetrators of this scheme gain control of a victim’s computer network by installing unauthorized malicious software, and then demand the victim pay a ransom to regain control.  There are at least 200 known victims of this scheme, including corporations, hospitals, universities, and government agencies. In connection with these designations, OFAC listed identifying information that included two digital currency addresses associated with Khorashadizadeh and Ghorbaniyan.  Digital currency addresses are alphanumeric identifiers linked to online wallets, from which and to which bitcoins or other digital currency can be transferred.  According to OFAC, these two addresses were subject to over 7,000 bitcoin transactions (worth millions of U.S. dollars)—at least some of which were derivative of SamSam ransomware attacks.  In the past, OFAC has listed a designee’s date of birth, email address, and nicknames, but this marks the first time it has listed a digital currency address.  The Treasury Department had flagged this possibility earlier in 2018 when it published guidance stating that digital currency addresses may be listed “to alert the public” to specific property associated with a designated person.  Like funds stored in a traditional bank account, digital currency associated with a digital currency address must be blocked by U.S. financial institutions if they are the property of designated persons. We fully expect OFAC to continue this practice of listing a designated person’s digital currency address, particularly where the person operates in the digital currency space.  Undersecretary of the Treasury for Terrorism and Financial Intelligence Sigal Mandelker has stressed that the administration is “aggressively pursuing Iran and other rogue regimes attempting to exploit digital currencies and weaknesses in cyber AML/CFT safeguards” and the importance of “publishing digital currency addresses to identify illicit actors” in this space.  Indeed, as former senior Treasury adviser David Murray has pointed out, these addresses may be the most reliable identifiers for these bad actors.

2.    Designations Related to Jamal Khashoggi

On October 10, 2018, a bipartisan group of 22 U.S. senators sent a letter to President Trump demanding that he investigate Saudi journalist Jamal Khashoggi’s disappearance and determine whether to impose sanctions on any culpable foreign government officials pursuant to the Global Magnitsky Act.  President Trump was statutorily required to respond to the demand within 120 days.  His response came a little over a month later, on November 15, 2018, when OFAC imposed Magnitsky sanctions on certain individuals it found were involved in the killing of Khashoggi.  These individuals included senior Saudi government official Saud al-Qahtani; his subordinate, Maher Mutreb; Saudi Consul General Mohammed Alotaibi; and 14 other Saudi government officials. The Global Magnitsky Act gives the President the authority to sanction individual perpetrators of serious human rights abuse and corruption.  Trump’s use of Magnitsky sanctions with respect to the Khashoggi disappearance is not surprising.  As we noted last year, President Trump issued an executive order in December 2017 effectively broadening his authority under the statute.  Since then, more than one hundred individuals and entities have been sanctioned under this executive order.  Moreover, President Trump has shown a willingness to act fast when imposing Magnitsky sanctions.  As Senator Robert Menendez (D-NJ) put it, “When President Trump wants to move quickly on human rights sanctions he does.”  For example, in early 2018, the Trump administration swiftly sanctioned two government ministers in Turkey over the imprisonment of American pastor Andrew Brunson. While President Trump has been applauded for previous Magnitsky sanctions, a recurring critique of the Khashoggi-related sanctions is that they do not go far enough.  Some in Congress have called for much tougher action against the Saudi government, such as curtailing arms sales or forcing a wind-down of Saudi involvement in Yemen’s destructive civil war.  Indeed, although the United States has imposed Magnitsky sanctions on certain Saudi government officials, the government itself has escaped any direct punishment.  Setting aside the merits of this critique, it appears the United States’ approach has been mirrored by its Western allies:  Canada, France, and Germany have all imposed sanctions on individuals culpable in the killing of Khashoggi, but not on the Saudi government.

B.    Enforcement Actions

2018 was a deceptively quiet year for OFAC sanctions enforcement.  The agency netted U.S. $71,510,561 in penalties through seven enforcement actions in 2018, compared to 16 enforcement actions and over U.S. $119,527,845 in penalties in the prior year.  But the numbers belie a more aggressive approach to enforcement, masked in certain circumstances by OFAC’s relatively small stake of large global settlements with other regulators.  Moreover, in December 2018 Treasury Undersecretary Sigal Mandelker announced significant changes already underway in sanctions enforcement with a goal of “better enforcement through compliance.”  Mandelker explained that OFAC would be outlining the hallmarks of an effective sanctions compliance program in an effort to aid the compliance community in strengthening defenses against sanctions violations.  Foreshadowing a more aggressive approach to enforcement, she noted that compliance commitments would become an essential element in settlement agreements between OFAC and apparent violators. As we were going to press, OFAC settlement with the Kollmorgen Corporation provided a clear indication of the new frontiers in OFAC enforcement.  The case concerned the company’s Turkish affiliate’s alleged violations of Iran sanctions.  Especially noteworthy was that this was the first time OFAC concurrently concluded a settlement action while also designating an individual who allegedly managed the Iranian operations for evading sanctions. Undersecretary Mandelker noted that the action was “a clear warning that anyone in supervisory or managerial positions who directs staff to provide services, falsify records, commit fraud, or obstruct an investigation into sanctions violations exposes themselves to serious personal risk.”

1.    Zhongxing Telecommunications Equipment Corporation

On April 15, 2018, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) activated a denial order against Chinese telecommunications company Zhongxing Telecommunications Equipment Corporation (“ZTE”) for its alleged failure to abide by terms of a March 2017 settlement agreement.  As we described in our 2017 Sanctions Year-End Update, ZTE previously agreed to settle its potential civil liability for alleged violations of OFAC’s Iran sanctions for U.S. $100,871,266, part of a combined U.S. $1.19 billion civil and criminal settlement with BIS and the U.S. Department of Justice (“DOJ”).  As part of the settlement, ZTE agreed to a seven-year suspended denial of export privileges, which could be activated if any aspect of the agreement was not met. BIS decided to impose the order based on information suggesting that ZTE made false statements regarding the disciplinary measures imposed on employees responsible for the illegal activity.  Specifically, ZTE informed U.S. authorities that the company had taken or would take action against 39 employees and officials that ZTE identified as having a role in the violations.  But letters of reprimand were not issued until after BlS requested further information in February 2018, and all but one of the individuals involved in the underlying misconduct received his or her 2016 bonus. Denial orders are among the most powerful weapons BIS has in its civil enforcement tool box, and would have imposed strict penalties and licensing requirements on U.S. and non-U.S. persons involved, directly or indirectly, in any transaction related to the export or reexport of U.S. origin items to ZTE.  However, in July 2018, after initial trade negotiations with Chinese President Xi Jinping, President Trump instructed BIS to work out an arrangement that would ultimately lift the restrictions.  BIS subsequently terminated the order after ZTE paid a U.S. $1 billion penalty, replaced its board, and placed U.S. $400 million in escrow pursuant to the superseding settlement agreement, in addition to the U.S. $361 million in penalties ZTE had already paid to BIS under the original March 2017 settlement.  ZTE was also required to retain an external compliance coordinator for a period of ten years to monitor and report on ZTE’s compliance.

2.    DOJ Charges Russian and Syrian Nationals for Syrian Sanctions Violations

In June 2018, eight businessmen, including five Russian nationals and three Syrian nationals, were indicted on federal charges alleging that they conspired to violate U.S. economic sanctions against Syria and Crimea by sending jet fuel to Syria and making U.S. wire transfers to Syria and to sanctioned entities in Syria absent a license from the U.S. Treasury Department. According to the indictment, beginning in 2011, the alleged conspirators started using front companies and falsifying information in shipping records and the related U.S. dollar wires in order to circumvent sanctions.  From 2011 to 2017, the alleged conspirators engaged in business with various blocked entities and used front companies to do so.

C.    Select OFAC Enforcement Actions

1.    Ericsson

In June 2018, two subsidiaries of Ericsson agreed to pay U.S. $145,893 in a settlement with OFAC for an apparent violation of U.S. sanctions on Sudan, scarcely three weeks before OFAC announced that it would be removing the Sudan sanctions from the CFR.  The Sudan sanctions were revoked in October 2017, and the Ericsson enforcement action provides a warning regarding OFAC’s willingness to pursue historical violations, even in the face of changing U.S. policies. In late 2011, some of Ericsson’s telecom equipment located in Sudan malfunctioned.  Consequently, two Ericsson employees and a senior director requested assistance from an EUS specialist in an attempt to repair the damaged equipment.  The specialist informed them that Ericsson could be fined for engaging in such business activities in Sudan.  Despite this, Ericsson’s subsidiary and personnel continued to discuss repairing the damaged equipment, but removed any references to Sudan from the correspondence.  Despite being warned on another occasion by Ericsson’s compliance department that replacing the equipment in Sudan would violate U.S. sanctions, Ericsson personnel continued to plan the replacement of the equipment and also engaged a third party in doing so.  Ultimately, Ericsson personnel decided to solve the issue by purchasing an export-controlled U.S.-origin satellite hub capable of withstanding the heat in Sudan, and then engaged in a multistage transaction involving transshipping the hub through Switzerland and Lebanon en route to its final destination in Sudan. Notably, this enforcement action involved alleged violations that took place as far back as 2012 and earlier, prior to the revocation of certain Sudan sanctions.  While the statute of limitations for violations of U.S. sanctions is generally five years from the offending conduct, Ericsson entered into a tolling agreement with OFAC in order to fully cooperate with the investigation.

2.    Epsilon

In September 2018, Epsilon Electronics Inc. (“Epsilon”) agreed to pay U.S. $1,500,000 to settle liability for alleged violations of OFAC’s Iran sanctions.  OFAC issued Epsilon a penalty notice in 2014, alleging that, from August 2008 to May 2012, Epsilon had committed 39 violations for its sales to a company that Epsilon knew or had reason to know distributed most, if not all, of its products to Iran. The settlement followed a decision by a split panel of the D.C. Circuit Court of Appeals in 2017 to set aside OFAC’s initial $4.07 million penalty.  The case considered OFAC’s prohibition of the transshipment of U.S. goods to Iran through third countries, or the “general inventory rule,” which sets forth a standard of liability based on an exporter’s “knowledge or reason to know” that such goods are ultimately intended specifically for Iran.  The D.C. Court of Appeals upheld OFAC’s determination that an exporter could be liable where substantial evidence supported a conclusion that all of the relevant third-country customer’s sales were to Iran during one set period of time.  However, it also held that OFAC’s determination of a violation was arbitrary and capricious with respect to alleged violations that took place during another period of time because the agency failed to adequately consider all evidence presented by the company regarding sales it reasonably believed to have been made outside of Iran. OFAC considered the following in determining a penalty: (1) the violations constituted a systematic pattern of conduct; (2) Epsilon exported goods valued at U.S. $2,823,000 or more; (3) Epsilon had no compliance program at the time of the violations; (4) Epsilon had not received a penalty notice in the five years preceding the transactions at issue; (5) Epsilon is a small business; and (6) Epsilon provided some cooperation to OFAC in addition to taking independent remedial action.

3.    JPMorgan Chase

In October 2018, JP Morgan Chase Bank, N.A. (“JP Morgan”) agreed to remit U.S. $5,263,171 to OFAC to settle its potential civil liability for apparent violations of U.S. sanctions.  This action demonstrates the culpability that U.S. financial institutions may face for processing transactions involving sanctioned targets—in this case, JP Morgan operated a net settlement mechanism that resolved billings by and among various airlines and airline industry participants, including several parties that were at various times on the SDN List.  Between January 2008 and February 2012, JP Morgan processed 87 transactions with a total value of over U.S. $1 billion, U.S. $1,500,000 (0.15%) of which were attributable to the interests of designated entities. Separately, OFAC issued a Finding of Violation to JP Morgan—with no concomitant penalty—for violations relating to deficiencies in its sanctions screening mechanism.  Between August 2011 and April 2014, the bank’s screening system failed to identify six customers as SDNs, resulting in the processing of 85 transactions totaling $46,127.04 in violation of U.S. sanctions.  JP Morgan’s screening logic capabilities purportedly failed to identify customer names with hyphens, initials, or additional middle or last names as potential matches to similar or identical names on the SDN List.  Despite strong similarities between the accountholder’s names, addresses, and dates of birth in JP Morgan’s account documentation and on the SDN List, JP Morgan maintained accounts for, and/or processed transactions on behalf of, the six customers. Notably, JP Morgan identified weaknesses in the screening tool’s capabilities as early as September 2010 and implemented a series of enhancements during the period 2010 to 2012.  After transitioning to a new screening system in 2013, the bank re-screened 188 million clients’ records through the new system and identified the suspect transactions.  JP Morgan voluntarily self-disclosed the matter to OFAC.

4.    Société Générale

In November 2018, OFAC joined regulators from the Federal Reserve, DOJ, New York County District Attorney’s Office, U.S. Attorney for the Southern District of New York, and New York State Department of Financial Services (“DFS”) in a combined settlement agreement with Société Générale (“SocGen”) for apparent violations of U.S. sanctions, among other matters.  SocGen agreed to pay U.S. $53,966,916 to OFAC as part of a $1.34 billion global settlement agreement.  Unlike in any other major banking case of which we are aware—and in line with the increasing aggressiveness of enforcement that Undersecretary Mandelker would make public a month later—OFAC did not credit the penalties assessed by other regulators or agencies.  The OFAC penalty was to be paid on top of the other penalties assessed. The settlement documents alleged that SocGen processed transactions involving countries and persons subject to U.S. sanctions programs through U.S. financial institutions for five years up to and including 2012.  OFAC alleged that SocGen processed such transactions after removing, omitting, obscuring, or failing to include references to sanctioned parties in the information submitted to U.S. financial institutions and ignored warning signs that its conduct was in violation of U.S. sanctions regulations. In addition to enforcement actions by federal regulators, DFS entered into two consent orders with SocGen and its New York branch under which SocGen will pay fines totaling $420 million for violations under U.S. sanctions programs and New York anti-money laundering laws. The DFS investigation found that from 2003 to 2013 SocGen failed to take sufficient steps to ensure compliance with U.S. sanctions laws and regulations.  Namely, individuals responsible for originating U.S. dollar transactions outside of the United States had a minimal understanding of U.S. sanctions laws as they pertained to Sudan, Iran, Cuba, North Korea, and other sanctions targets.

5.    Mashreqbank

In addition to the SocGen matter, in October 2018 DFS fined United Arab Emirates-based bank, Mashreqbank PSC (“Mashreqbank”) and its New York branch in the amount of U.S. $40 million for deficiencies in its compliance programs, including its compliance policy regarding U.S. sanctions, and for violations to the U.S. Bank Secrecy Act and anti-money laundering (“AML”) laws in its U.S. dollar clearing operations.  Under the consent order announced by DFS and the Federal Reserve Bank of New York, Mashreqbank must immediately hire a third-party compliance consultant to oversee and address deficiencies in the branch’s compliance function, including compliance with AML requirements, federal sanctions laws, and New York law and regulations.  In addition, Mashreqbank must hire a third-party “lookback consultant” to conduct a review of the branch’s transaction clearing activity for April 2016 to September 2016, along with other remedial actions. DFS conducted a safety and soundness examination of the New York branch’s operations in 2016, finding that the branch had been unable to meet its compliance commitments.  DFS identified defects in the bank’s OFAC compliance program and found that its OFAC policies lacked detail, nuance or complexity.  The examination also found that each transaction monitoring alert would be reviewed only once by a single reviewer, who would then determine whether the alert should be closed or escalated, but without adequate quality assurance reviews.  The branch’s OFAC program also suffered from certain deficiencies in important aspects of its recordkeeping.  Specifically, Mashreqbank maintained inadequate documentation concerning its dispositions of OFAC alerts and cases, with branch compliance staff failing to properly record its rationales for waiving specific alerts.

III.    European Union Developments and Enforcement

In 2018, the European Union (“EU”) broadly stayed the course it set in 2017 and modestly extended the scope of its sanctions programs on Iran and Russia.  Additional sanctions were adopted, namely with respect to Venezuela and Mali. The most significant sanctions-related development this year at the EU level has been that, following the unilateral withdrawal of the United States from the JCPOA, the so-called “EU Blocking Statute” was expanded, prohibiting EU nationals from complying with requirements or prohibitions contained in those sanctions or applied by means of rulings under those sanctions.  While there has not been enforcement action to date, the first lawsuits and judgments making reference to the EU Blocking Statute have begun to emerge.  This divergence between U.S. and EU policy on Iran sanctions has caused and is likely to cause in the future significant compliance hurdles for multinational companies.

A.    Legislative Developments

1.    Iran

In response to the U.S. decision to abandon the JCPOA, on August 6, 2018 the European Union enacted Commission Delegated Regulation (EU) 2018/1100 (the “Re-imposed Iran Sanctions Blocking Regulation”), which amended the EU Blocking Statute.  The EU Blocking Statute is a 1996 European Commission Regulation (EC) No 2271/96 that was designed as a countermeasure to what the EU considers to be the unlawful effects of third-country (primarily U.S.) extra-territorial sanctions on “EU operators.”  The combined effect of the EU Blocking Statute and the Re-imposed Iran Sanctions Blocking Regulation is to prohibit compliance by EU entities with U.S. sanctions which have been re-imposed following the U.S. withdrawal from the JCPOA.

The EU Blocking Statute applies to a wide range of actors including:

  • any natural person being a resident in the EU and a national of an EU Member State;
  • any legal person incorporated within the EU;
  • any national of an EU Member State established outside the EU and any shipping company established outside the EU and controlled by nationals of an EU Member State, if their vessels are registered in that EU Member State in accordance with its legislation;
  • any other natural person being a resident in the EU, unless that person is in the country of which he or she is a national; and
  • any other natural person within the EU, including its territorial waters and air space and in any aircraft or on any vessel under the jurisdiction or control of an EU Member State, acting in a professional capacity.
Accompanying the Blocking Statute, the EU issued a Guidance Note: Questions and Answers: adoption of update of the Blocking Statute, which notes that subsidiaries of U.S. companies formed in accordance with the law of an EU Member State and having their registered office, central administration or principal place of business within the EU are subject to the EU Blocking Statute; although mere branch offices of U.S. companies, without separate legal personality, are not. The EU Blocking Statute requires (Article 2) parties to which it applies whose economic and/or financial interests are affected, directly or indirectly, by certain extra-territorial U.S. sanctions laws (including those re-imposed in 2018) or by actions based thereon or resulting therefrom, to inform the European Commission accordingly within 30 days from the date on which it obtained such information.  With respect to companies, this obligation applies to the directors, managers and other persons with management responsibilities.  We refer to this as the “Notification Obligation.” The EU Blocking Statute also prohibits (Article 5) EU operators from complying, whether directly or through a subsidiary or intermediary, and whether actively or by omission, with any prohibition or requirement contained in a set of specific extra-territorial laws or any decisions, rulings, or awards based on those laws.  However, the EU Blocking Statute does also provide for authorization to engage in such activities. The U.S. sanctions laws to which the EU Blocking Statute applies are explicitly listed, and include six U.S. sanctions laws and one set of U.S. regulations (OFAC’s Iranian Transactions and Sanctions Regulations). The Blocking Statute entered into effect on August 7, 2018 and does not allow for any grandfathering of pre-existing contracts or agreements.  The EU Guidance noted above indicates that EU operators are prohibited from even requesting a license from the United States to maintain compliance with U.S. sanctions.  Requesting such permission—without first seeking authorization from the European Commission or a competent authority in a Member State to apply for it—is tantamount to complying with U.S. sanctions. The Blocking Statute also provides that decisions rendered in the United States or elsewhere made due to the extraterritorial measures blocked by the EU Blocking Statute cannot be implemented in the EU.  This means, for instance, that any court decision made in light of the extraterritorial measures cannot be executed in the EU, even under existing mutual recognition agreements. Finally, the EU Blocking Statute allows EU operators to recover damages arising from the application of the extraterritorial measures.  Though it is unspecified how this would work under the various laws of the EU member states, it appears to allow an EU operator suffering damages because of a company’s compliance with the U.S. sanctions to assert monetary damage claims.  For instance, if a European company has a contract to provide certain goods to Iran, non-fulfillment of that contract to comply with U.S. sanctions would be a violation of the Blocking Statute.  However, if some of the European company’s goods are supplied from companies that decided to comply with U.S. sanctions and, therefore, refuse to further supply these goods, this may result in the European company not being able to meets its obligations vis-à-vis its Iranian customer.  In such a case, the Iranian company could sue the European company for breach of contract, and the European operator could in turn sue its supplier for the damages caused due to the supplier’s compliance with the extraterritorial U.S. sanctions.

We have described the generally available possible options for affected companies here.

As an EU Regulation, the EU Blocking Statute is directly applicable in the courts of any Member State without the need for domestic implementing legislation.  However, it is the competent domestic authorities of the EU Member States (not the European Commission) that are responsible for the enforcement of the EU Blocking Statute, including implementation of penalties for possible breaches.  Such penalties are laid down in national legislation and vary by Member State.  Some EU member states have in place, or have introduced, criminal offences applicable to violations of the EU Blocking Statute (notably the UK, Ireland and Germany); others maintain administrative penalties, but not criminal offences (notably Spain and Italy).  Certain member states, notably France and Belgium, appear not to have introduced legislation to implement the EU Blocking Statute.

2.    Russia

Since March 2014, the EU has progressively imposed EU Economic and EU Financial Sanctions against Russia.  The EU Russia Sanctions were adopted in response to deliberate destabilization of (particularly Eastern) Ukraine and the annexation of Crimea. EU Russia Economic Sanctions include an arms embargo, an export ban for dual-use goods for military use or military end users in Russia, limited access to EU primary and secondary capital markets for major Russian majority state-owned financial institutions and major Russian energy companies, and limited Russian access to certain sensitive technologies and services that can be used for oil production and exploration. In particular, in broad alignment with U.S. sanctions, EU Russia Economic Sanctions prohibit the sale, supply, transfer, or export of products to any person in Russia for oil and natural gas exploration and production in waters deeper than 150 meters, in the offshore area north of the Arctic Circle and for projects that have the potential to produce oil from resources located in shale formations by way of hydraulic fracturing.  The provision of associated services (such as drilling or well testing) is also prohibited, while authorization must be sought for the provision of technical assistance, brokering services, and financing relating to the above. However, there are certain noteworthy differences in the nuances.  The above-detailed latest round of U.S. Russia Sectoral Sanctions due to CAATSA have created some disparities between the U.S. and the EU regimes.  The EU Russia Economic Sanctions are currently in place until July 31, 2019.  Also, the EU Russia Financial Sanctions were further extended in September 2018 until March 15, 2019.  As of now, 164 people and 44 entities are subject to a respective asset freeze and travel ban. For those subject to EU Financial Sanctions, EU member states may authorize the release of certain frozen funds or economic resources to satisfy the persons and their dependents’ basic needs, for payment of reasonable professional fees, for payment for contracts concluded before the sanction and for claims secured to an arbitral decision rendered prior to the sanction. In a recent development, the EU on January 21, 2018 targeted with EU Financial Sanctions two senior Russian military intelligence officials and two of their officers accused of the poisoning of a former Russian double agent in Britain, Mr. Skripal, and his daughter. The EU still does not recognize the annexation of Crimea and Sevastopol by Russia, and the EU imposed broad sanctions against these territories in 2014.  The EU Crimea Sanctions included an import ban on goods from Crimea and Sevastopol, broad restrictions on trade and investment related to economic sectors and infrastructure projects in Crimea and Sevastapol, an export ban for certain goods and technologies to Crimea and Sevastapol and a prohibition to supply tourism services in Crimea or Sevastopol.  On June 18, 2018, the EU Council extended the EU Crimea Sanctions until June 23, 2019.  These restrictions are similar to those in place in the United States.

3.    Venezuela

Following the U.S. lead on Venezuela sanctions, on November 13, 2017, the EU had decided to impose an arms embargo on Venezuela, and also to introduce a legal framework for travel bans and asset freezes against those involved in human rights violations and non-respect for democracy or the rule of law.  Subsequently, on January 22, 2018, the EU published an initial list of seven individuals subject to these sanctions. On June 25, 2018, the EU added an additional eleven individuals holding official positions to the EU Venezuela Financial Sanctions for human rights violations and for undermining democracy and the rule of law in Venezuela. Though these measures are not yet as severe as U.S. measures on Venezuela—and the EU stated that the sanctions can be reversed if Venezuela makes progress on these issues— the Council was also explicit previously in its warning that the sanctions may be expanded if the situation worsens. On November 11, 2018, the EU Venezuela Sanctions were prolonged until November 14, 2019.

4.    North Korea

As noted in last year’s sanction update and above with respect to U.S. measures, the events on the Korean Peninsula in 2017 also gave rise to significant new EU measures against North Korea.  While the first half saw a further increase in EU North Korea Financial and Economic Sanctions, the second half of 2018 eased some of the tension due to, inter alia, high-level meetings between South and North Korean, the United States, and China, without however (yet) changing the EU North Korea Sanctions Framework. On January 8, 2018, the EU Council added 16 persons and one entity to the EU North Korea Financial Sanctions, making them subject to an asset freeze and travel restrictions.  This decision implemented a part of the sanctions imposed by the UN Security Council on December 22, 2017 with resolution 2397 (2017). On January 22, 2018, the EU Council autonomously added 17 citizens of the DPRK to the EU North Korea Financial Sanctions, due to their involvement in illegal trade activities and activities aimed at facilitating the evasion of sanctions imposed by the UN. On February 26, 2018, the EU implemented further UN Security Council resolution 2397 (2017) and accordingly expanded its EU North Korea Economic Sanctions regime and strengthened the export ban on North Korean refined petroleum products by reducing the amount of barrels that North Korea may export from two million barrels to 500,000 barrels per year; banned imports of North Korean food and agricultural products, machinery, electrical equipment, earth, stone, and wood; banned exports to North Korea of all industrial machinery, transportation vehicles as well as iron, steel, and other metals; introduced further sanctions against vessels where there are reasonable grounds to believe that the vessel has been involved in the breach of UN sanctions; and demanded the repatriation of all North Korean workers abroad within 24 months. On April 6, 2018, the EU added one person and 21 entities to the EU North Korea Financial Sanctions, implementing a decision of March 30, 2018 by the UN Security Council Committee.  Also, the EU has implemented the asset freeze targeting 15 vessels, the port entry ban on 25 vessels and the de-flagging of 12 vessels. On April 19, 2018, the EU—in yet another round of autonomous EU North Korea Sanctions—added four persons to the EU North Korean Financial Sanctions.  The four individuals were targeted due to their involvement in financial practices suspected of contributing to the nuclear-related, ballistic-missile-related or other weapons of mass destruction-related programs of North Korean. By the end of 2018, accordingly, 59 individuals and 9 entities were designated autonomous by EU North Korea Financial Sanctions; and in addition, 80 individuals and 75 entities are subject to EU Financial Sanctions due to the implementation of respective sanctions of the UN.

5.    Mali

On September 28, 2017, the European Union Council Decision (CFSP) 2017/1775 implemented UN Resolution 2374 (2017), which imposes travel bans and assets freezes on persons who are engaged in activities that threaten Mali’s peace, security, or stability.  Interestingly, the imposition of this regime was requested by the Malian Government, due to repeated ceasefire violations by militias in the north of the country.  Affected persons will be determined by a new Security Council committee, which has been set up to implement and monitor the operation of this new regime, and will be assisted by a panel of five experts appointed for an initial 13-month period.  For a long time no individuals were actually designated. On December 20, 2018, the Security Council Committee added three individuals to its Mali sanctions list: Ahmoudou Ag Asriw, Mahamadou Ag Rhissa, and Mohamed Ousmane Ag Mohamedoune.  Each of them were targeted with a travel ban. On January 10, 2019, the EU implemented these UN listings in respective EU Mali sanctions by Council Implementing Decision (CFSP) 2019/29. As a result of this implementation, the above-mentioned individuals will now be subject to EU-wide travel bans.

B.    Judgments

1.    Mamancochet Mining v Aegis

On October 12, 2018, the High Court handed down a judgment making reference to the EU Blocking Statute.  The case, which involved a non-U.S. subsidiary of a U.S. insurance entity, could provide importance guidance for U.S. companies and their EU, or at least UK, subsidiaries. The case arose from a dispute between UK-based insurers that are owned or controlled by U.S. persons and their customer, regarding the scope of contractual provisions excusing the parties from performance if transactions pursuant to the contract created sanctions exposure.  The insured had submitted a claim under its marine insurance contract to recover the cost of goods stolen in Iran.  The insurance underwriters asserted they were not required to pay that Iran-related claim pursuant to a provision in the insurance contract excusing performance if “payment…would expose that insurer to any sanction, prohibition or restriction” under applicable sanctions. The court held that, prior to the revocation of General License H on November 4, payment of a valid claim by the insured did not “expose” the insurers to sanctions because it would not breach applicable sanctions.  While General License H was in effect, non-U.S. subsidiaries of U.S. entities would not be prohibited from engaging in such transactions.  These transactions would have only breached sanctions—and therefore created sanctions exposure—after November 4, when non-U.S. subsidiaries of U.S. persons were no longer generally authorized to engage in transactions involving Iran.  For the UK Commercial Court, conduct creating the risk of sanctions exposure—rather than actual exposure through breach of applicable restrictions—did not excuse the insurers’ performance.  Had the insurers wanted to suspend performance when faced only with risk of sanctions exposure, the court suggests they could have expressly indicated that performance would be excused if “payment…would expose that insurer to any risk of being sanctioned.” The case suggests that insurance providers and brokerages, should be precise and comprehensive when describing the sanctions-related circumstances that trigger suspension or excuse-of-performance clauses and must describe clearly the effect of such provisions when triggered. These clauses must also clearly describe the effect of their invocation.  In this case, the contract provided that “no (re)insurer shall be liable to pay any claim . . . to the extent that the provision of such . . . claim . . . would expose that (re)insurer” to applicable sanctions.  The court found this provision would only suspended the insurers’ payment obligations, rather than terminate them.  This suggests that, just as insurers should be precise in describing the circumstances that trigger these excuse-of-performance clauses, they must also be precise in describing the effect of those provisions when they are triggered. In this case, the insured also sought to rely upon the EU Blocking Regulation in the event that the insurance underwriters were otherwise entitled to rely upon the sanctions clause to resist payment.   While this issue did not arise for determination, the court noted, rather than held, that considerable force was inherit in the argument that the EU Blocking Regulation is not engaged where the insurer’s liability to pay a claim is suspended under a sanctions clause such as the one in the policy at hand.  In such a case, the court noted, the insurer is not “complying” with a third country’s prohibition but is simply relying upon the terms of the policy to resist payment.

2.    EU Blocking Statute Challenge by Rotenberg

In October, Russian oligarch Boris Rotenberg filed a law suit with the Helsinki District Court against Nordea, Danske Bank and Svenska Handelsbanken.  Rotenberg claims that the banks refused to provide certain services in order to comply with secondary U.S. sanctions.  The case is pending.

C.    Enforcement

1.    France

In France, “l’affaire Lafarge” remains the most prominent enforcement action.  In June 2018, the French judiciary initiated a formal investigation to examine whether LafargeHolcim had paid nearly $13 million to the Islamic State to protect one of its cement plants in Syria.  The corporation as a legal entity has been charged by a panel of three French judges appointed by the Paris High Court with violating the European embargo on oil purchases.  In addition, the charges also include financing a terrorist organization, endangering the lives of former employees and complicity in crimes against humanity.

2.    Belgium

Belgian authorities started prosecution of three Belgian companies AAE Chemie, Anex Customs and Danmar Logistics and two of their managers.  Allegedly, the firms exported chemicals used to produce sarin gas to Syria without applying for the necessary export licenses.  Prior to the proceedings, the Belgian Finance Ministry had offered a financial settlement but the companies refused. The trial started in Antwerp in May 2018, a verdict is expected for January 2019.

3.    Germany

The German government is facing resistance against its recent decision to halt arms exports to Saudi Arabia.  While not based on EU sanctions, but rather based on a political decision, the result for German defense suppliers remains the same.  German defense suppliers recently announced a plan to sue for damages resulting from the ban of all arms exports to Saudi Arabia.  The ban was established in November 2018 after details about the murder of journalist Jamal Khashoggi surfaced.  The restrictions apply to exports that had previously been approved by the German government.

4.    The United Kingdom

There have been a number of enforcement actions in respect of sanctions and export control violations completed in 2018, the two most significant of which are:
(i)    terms of imprisonment ranging from six months suspended (on a married couple associated with a small UK company Pairs Aviation) to 2½ years in respect of UK businessman, Alexander George, convicted of exporting certain military aircraft items to Iran, through  companies in a number of jurisdictions, including Malaysia and Dubai; and (ii)    the imposition by the Financial Conduct Authority in June 2018 of a financial penalty of almost £900,000 (reduced by 30 percent on account of early settlement) on Canara Bank for systems and controls inadequacies relating, inter alia, to sanctions.  This matter related to that institution’s trade finance operations.
There were also three prosecutions of UK companies in 2018 in respect of unlicensed exports of military or dual-use goods, including chemicals and metals, with relatively modest fines imposed.

IV.    United Kingdom Developments and Enforcement

A key focus of attention of sanctions professionals in the United Kingdom this year has been the likely treatment of EU sanctions post-Brexit. On October 12, 2018, the UK’s Office for Financial Sanctions Implementation, which is part of HM Treasury, circulated a technical notice issued by another UK Ministry, the Department for Exiting the European Union (“DEXEU”), considering the implications for sanctions law in the UK in the event of a “no-deal Brexit.”  A no-deal Brexit is a scenario in which the UK does not reach an agreement with the European Union in connection with the future trading relationship between them by 11pm March 29, 2019 (midnight on March 30, 2019 CET), the date on which the UK is currently due to exit the EU. Whilst the UK does introduce its own sanctions legislation from time to time (and can be expected to do so following Brexit), the majority of UK sanctions instruments are introduced in implementation of EU sanctions.  EU sanctions regimes are brought into effect by legislative instruments passed at EU level, typically Decisions and Regulations of the Council of the EU.  EU Decisions are binding only on the persons to whom they are addressed; EU Regulations are binding on all persons and are automatically applicable in the domestic courts of the EU member states. However, the EU Member States have not given the EU competence to create criminal offences; only the Member States themselves can do that.  As such, EU sanctions instruments do not, by themselves, create criminal offences in the domestic legal orders of the EU Member States.  In order to create such criminal offences, domestic implementing legislation is generally required.  EU Member States take a variety of different approaches to such implementing legislation.  Some Member States have a standing implementing law which creates a criminal offence of violation of EU sanctions in force, so that as soon as a new EU Regulation implementing sanctions is brought into force, breach thereof will be an offence in the domestic legal order.  The UK does not take this approach.  Instead, in the UK, new delegated legislation (in the form of implementing regulations) is adopted each time the EU introduces (and sometimes when it amends) a sanctions regime, and it is those new implementing regulations that create the criminal offences in question. The UK’s future relationship with EU law in its national legal orders following Brexit will depend on the final terms of the Withdrawal Agreement that the UK is currently seeking to negotiate with the EU and any subsequent trade agreements regarding the future trading relationship.  There remains some uncertainty as to what these agreements will contain—and there is a possibility that no agreement will be reached.  In the event of a “no deal” Brexit, the UK will not be obliged automatically to adopt EU sanctions following Brexit. The question also arises as to the legal basis of EU sanctions in effect at the point the UK leaves the EU, given that the underlying EU legal basis for those sanctions will no longer apply to the UK.  In order to avoid legal lacunae resulting from Brexit, the UK passed in 2018 the European Union (Withdrawal) Act 2018, which enacts certain savings for EU-derived legislation, direct EU legislation and EU law-derived rights.  This Act provides, in broad summary, that all of these will be deemed to have effect as domestic law in the UK (i.e., English law, Scots law and the law of Northern Ireland) on and after Brexit day, save to the extent that Parliament enacts regulations modifying or negating the relevant law. The technical notice sets out the policy of the UK Government regarding sanctions in the event of a “no deal” Brexit.  The relevant section of the technical notice reads as follows:
As international law requires, we will implement UN sanctions in UK domestic law after the UK leaves the EU. If the UK leaves the EU without a deal, we will look to carry over all EU sanctions at the time of our departure. We will implement sanctions regimes through new legislation, in the form of regulations, made under the Sanctions and Anti-Money Laundering Act 2018 (the Sanctions Act). The Act will provide the legal basis for the UK to impose, update and lift sanctions after leaving the EU. We propose to put much of this legislation before Parliament before March 2019, to prepare for the possibility of the UK leaving the EU without a deal. Any sanctions regimes that we did not address, through regulations under the Sanctions Act by March 2019, would continue as retained EU law under the EU (Withdrawal) Act 2018. This means there will be no gaps in implementing existing sanctions regimes. We expect that the UK’s sanctions regulations will include:
  • the purposes of the sanctions regime (what the UK hopes will be achieved through imposing sanctions)
  • the criteria to be met before sanctions can be imposed on a person or group
  • details of sanctions, such as trade and financial sanctions
  • details of exemptions that may apply, such as exemptions which allow people to trade with a certain country that would otherwise be prohibited by the regulations
  • how we will enforce the sanctions measures
  • other areas, such as circumstances in which information about sanctions may be shared
We would publish the names of sanctioned persons or organisations. Regulations would be published as normal. After the UK leaves the EU, in addition to implementing UN sanctions, and looking to carry over existing EU sanctions, we will also have the powers to adopt other sanctions under the Sanctions Act. We will work with the EU and other international partners on sanctions where this is in our mutual interest.
It is also noted that, in its December 2018 Mutual Evaluation Report on the United Kingdom, the Financial Action Task Force (an independent inter-governmental body which promotes policies to protect the global financial system against, inter alia, money laundering) criticized the UK’s recent lack of public-enforcement actions in relation to sanctions breaches, and recommended that the U.K. Office of Financial Sanctions Implementation and other UK enforcement authorities “ensure” that they pursue such actions.
The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam Smith, Patrick Doris, Michael Walther, Stephanie Connor, Laura Cole, Helen Galloway, Jesse Melman, R.L. Pratt, Richard Roeder, Audi Syarief and Scott Toussaint. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Helen L. Galloway - Los Angeles (+1 213-229-7342, hgalloway@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Sacha Harber-Kelly - London (+44 20 7071 4205, ) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Steve Melrose - London (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com)
© 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

January 31, 2019 |
Venezuela Update: The Trump Administration Imposes Oil Sanctions to Effect Regime Change

Click for PDF On January 28, 2019, amid mounting tensions between Washington and Caracas, the Trump Administration imposed the most stringent sanctions to date on Venezuela by designating the state-owned oil company Petroleos de Venezuela, S.A. (“PdVSA”) on the Specially Designated Nationals and Blocked Persons (“SDN”) List administered by the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”).[1]  This measure is especially noteworthy because it targets not just the most significant actor in Venezuela’s oil-dependent economy but also an entity that is very closely tied to the United States – owning U.S. assets, employing thousands of U.S. workers and providing 500,000 barrels of oil per day to the United States.  By virtue of being added to the SDN List, all of PdVSA’s property and interests in property that are subject to U.S. jurisdiction are frozen and U.S. persons are, except as otherwise authorized by general or specific OFAC license, generally prohibited from engaging in transactions with PdVSA and its majority-owned subsidiaries. This was a sprawling action, including not just the designation of a major, multi-billion dollar company, but also the issuance by OFAC of eight new General Licenses (“GLs”).  The interpretation of some of the language in the GLs will require OFAC to issue additional Frequently Asked Questions (“FAQs”) beyond the one published to date. As a policy matter, the primary driver behind the decision to designate PdVSA appears to have been a desire on the part of the United States to prevent the looting of state assets by the regime of current Venezuelan President Nicolás Maduro and to facilitate a change in control of Venezuela’s government.  The designation comes just days after the Trump administration declared President Maduro’s recent re-election illegitimate and recognized Juan Guaidó, the head of Venezuela’s National Assembly, as the country’s interim leader.[2]  According to Secretary of State Mike Pompeo, the new sanctions on PdVSA “will prevent Maduro and other corrupt actors from further enriching themselves at the expense of the long-suffering Venezuelan people.  It will also preserve the core pillar of Venezuela’s national assets for the people and a democratically elected government.”[3] Treasury Secretary Steven Mnuchin similarly stressed that U.S. sanctions are by design reversible, and raised the possibility that PdVSA could in the future be de-listed.[4]  In that sense, the measures announced this week may best be viewed as a form of protective measure designed to safeguard Venezuelan state assets—for example, by placing them in blocked accounts—until they can be delivered to a non-Maduro government for use in the re-building of Venezuela’s shattered economy. Overview of New Sanctions The designation of PdVSA represents an extension of existing U.S. sanctions policy toward Venezuela, which for the last several years has been implemented in a series of steadily expanding sanctions targeting both President Maduro’s inner circle and sources of financing for the Venezuelan state.  Up to this point, those measures have generally been narrow and incremental.  For example, during the past 12 months, OFAC has issued a warning about transacting in Venezuela’s new cyber currency[5] and imposed sectoral sanctions on certain debt and equity of the Government of Venezuela.[6]  The most recent step, which laid the groundwork for the designation of PdVSA, came on November 1, 2018, when President Trump issued Executive Order 13850, imposing sanctions on persons who operate in the gold sector of the Venezuelan economy, who engage in corruption involving Venezuelan government projects and programs, or who facilitate such activities.[7]  Crucially, Executive Order 13850 grants the Secretary of the Treasury discretion to extend these sanctions to any other sector of the Venezuelan economy he deems appropriate.[8]  That is the authority that Secretary Mnuchin employed this week to determine that persons operating in Venezuela’s oil sector may be subject to sanctions and on that basis designated PdVSA.[9] Through this designation, and except as otherwise authorized in any of several general licenses described below, the United States government has frozen all PdVSA property and interests in property that are in the United States, that later come into the United States, and that are within the possession and control of U.S. persons worldwide.  By operation of OFAC’s “50 Percent Rule,” any property or interest in property that is owned 50 percent or more by PdVSA is also deemed to be blocked.[10]  Accordingly, U.S. persons can no longer deal with PdVSA’s majority-owned subsidiaries without OFAC authorization. General Licenses In connection with these sanctions, OFAC issued eight new GLs that will enable many U.S. persons to continue temporarily engaging with PdVSA and its affiliated entities, either to wind down their operations or to continue other kinds of engagement with PdVSA for specified periods of time.  This approach is consistent with OFAC’s recent past practice of issuing strong and broad sanctions that are then calibrated through the issuance of general licenses and FAQs. While OFAC has not yet issued FAQs that will further construe the scope of these licenses, the structure of these licenses suggest an attempt by OFAC to incrementally redirect PdVSA revenue streams away from the Maduro government and Maduro’s associates while maintaining the value and viability of PdVSA and its U.S. subsidiaries PDV Holding, Inc. (“PDVH”) and CITGO Holding, Inc. (“CITGO”). In moving to sanction a state asset like PdVSA, OFAC appears to be following the playbook it developed in Iraq and Libya in an effort to secure and preserve state assets from the grasp of a dictator.  In 2011, OFAC employed sanctions to secure Libyan state assets just as Muammar Gaddafi was about to launch his forces on the opposition in Benghazi.  In 1990, OFAC took similar action with respect to Kuwait after Iraq invaded the state in 1990.  In both cases, OFAC froze core state assets as a “protective” measure and then de-listed the assets once the threat had been definitively removed.  The challenge in Venezuela is that PdVSA is much bigger and far more intertwined in the United States, giving rise to potential domestic collateral consequences in the United States that were far more limited in the case of Libya and Kuwait.

Authorizations that expire on February 27, 2019
GL 12(b) is a wind-down license and authorizes, until February 27, 2019, all transactions and activities ordinarily incident and necessary to an ordered termination of involvement in operations, contracts, or other agreements, including the importation into the U.S. of goods, services, or technology, involving PdVSA or any entity in which PdVSA owns a 50 percent or greater interest.
Authorizations that expire on March 29, 2019
GL 11 is a maintenance and wind down license and authorizes, until March 29, 2019, U.S. person employees and contractors of any non-U.S. entities except those non-U.S. entities located in Venezuela and the United States (“Certain Non-U.S. Entities”), to engage in all transactions and activities that are ordinarily incident and necessary to maintain or wind down operations, contracts or agreements involving PdVSA or any entity in which PdVSA owns a 50 percent or greater interest.  This license additionally authorizes U.S. financial institutions to reject (rather than block and freeze) fund transfers involving both (i) PdVSA or any entity in which PdVSA owns a 50 percent or greater interest, and (ii) Certain Non-U.S. Entities, provided that neither the originator nor the beneficiary is a U.S. person and the funds are not destined for a blocked account on the books of a U.S. person.  For reasons that are unclear, this License specifically excludes U.S. person employees and contractors of non-U.S. entities located in the United States from its authorization, and it appears that multinational corporations with a business presence in the United States whose employees and contractors are supporting PdVSA and its subsidiaries now require specific licensing from OFAC to continue doing so.
Authorizations that expire on April 28, 2019
GL 12(a) is a wind down license and authorizes, until April 28, 2019, all transactions and activities ordinarily incident and necessary to the purchase and importation into the United States of petroleum and petroleum products from PdVSA and/or from any entity in which PdVSA owns a 50 percent or greater interest.  However, all payments for these products to or for the benefit of PdVSA or other blocked persons must be made into a blocked, interest-bearing account located in the United States.  OFAC likely issued this license to ensure that U.S. persons have sufficient time to switch to alternate sources of these products and to try to avoid any short term supply shocks to the price of these products in the United States that an immediate cessation of these imports would have otherwise caused. GL 7(b) authorizes, until April 28, 2019, all transactions and activities by PDVH, CITGO, and any of their subsidiaries that are ordinarily incident and necessary to the purchase and importation of petroleum and petroleum products from PdVSA or from any entity in which PdVSA owns a 50 percent or greater interest. This license is not styled as a wind down license, but as a license with a specific expiration.  From a policy perspective, this is likely an effort by the Trump administration to allow PDVH and CITGO, which are now blocked persons, to complete delivery of currently scheduled imports from PdVSA to U.S. refiners without disrupting U.S. oil prices, but then pause any new orders of Venezuelan crude until the Maduro regime is replaced.  Like General License 12(a), General License 7(b) and 7(a)(see below) require that any payments made by PDVH and CITGO for these transactions to PdVSA and its subsidiaries be made into blocked U.S. accounts.
Activities that must be complete by July 27, 2019
GL 7(a) authorizes, until July 27, 2019, all activities with respect to PDVH, CITGO, and their subsidiaries, where the only PdVSA entities involved are these entities and their subsidiaries.  Notably, however, OFAC makes clear in GL 7(d)(1) that its license does not extend to authorizing PDVH, CITGO, or any other U.S. persons supporting them, to export or reexport any goods, services, or technology to PdVSA in the context of other transactions authorized by the license. GL 8 authorizes, until July 27, 2019, five named corporations to engage in all transactions and activities ordinarily incident and necessary to operations in Venezuela involving PdVSA or any entity in which PdVSA owns a 50 percent or greater interest.  Notably, this is not styled as a wind down license, which suggests that the U.S. government’s policy will be to allow U.S. multinational companies to continue supporting PdVSA’s oil production and maintaining PdVSA’s general viability as a future asset of the Venezuelan people and any transitional government. GL 13 authorizes, until July 27, 2019, any transactions that would otherwise be prohibited (except payments to or for the benefit of a blocked person, which must be placed into a blocked account) involving PdVSA and Nynas AB or any of Nynas AB’s subsidiaries.
General Licenses with No Expiration
GL 9 authorizes U.S. persons to continue engaging in any dealings in debt (including certain listed bonds, promissory notes, and other receivables) in which PdVSA owns a 50 percent or greater interest, provided that the debt was issued prior to August 25, 2017 and that any divestment or transfer of any U.S. person holdings are to a non-U.S. person. General License 9 effectively bifurcates a prior-issued OFAC license, General License 3, which is now replaced with General License 3A.  General License 9 now continues OFAC’s authorization for trade in debt issued by PdVSA and by PDVH, CITGO, and Nynas AB. General License 3A continues to authorize secondary market trade in listed bonds issued by the Government of Venezuela and other U.S. entities it owns and controls prior to August 25, 2017. GL 10 authorizes U.S. persons in Venezuela to purchase refined petroleum products for personal, commercial or humanitarian uses from PdVSA or from any entity in which PdVSA owns a 50 percent or greater interest.  This authorization does not, however, extend to any commercial resale, transfer, exportation or reexportation of these products. GL 14 authorizes U.S. persons to engage in all transactions that are for the conduct of official business of the United States government by employees, grantees or contractors. Implications and Opportunities In addition to being one of the largest companies ever designated by OFAC, PdVSA is also more deeply interconnected with the United States than any previously designated entity.  While OFAC’s recent experiences with sanctions involving the Russian oligarch Oleg Deripaska and his holdings (including Rusal, En+ Group and JSC EuroSibEnergo) were complex, we expect that U.S. refiners’ historical reliance on crude imports from PdVSA and the direct sanctioning of a major U.S. person refiner and distributor (CITGO) will present OFAC with many new, unintended collateral effects to work through.  PdVSA currently sells more than 500,000 barrels of oil a day to the United States,[11] and through its subsidiary CITGO owns several refineries along the U.S. Gulf Coast that employ hundreds of Americans.[12]  Accordingly, severing ties between PdVSA, its subsidiaries, both U.S. and non-U.S., and other U.S. persons is an unusually complex undertaking, in connection with which additional FAQs and guidance from OFAC will almost certainly be required. However, with this complexity comes opportunity.  In the past, OFAC has issued FAQs and new GLs to help manage the unintended consequences of its sanctions designations.  In our experience, specific outreach to OFAC on these consequences can help prompt and shape the issuance of FAQs and GLs that can further clarify what activities are and are not specifically authorized.  Moreover, and especially given the strong U.S. policy interests in enabling a rapid, peaceful transfer of power in Venezuela and in preserving PdVSA’s continued viability as a revenue source, we believe that OFAC will be receptive to applications for specific licenses for transactions that can be shown to support both of these policy objectives.  In the interim, and especially given the economic reach of PdVSA and its subsidiaries in Venezuela, the United States, and throughout the region, those continuing to do business with Venezuela’s energy sector and in the many ancillary businesses, products and services that support it should take due care to identify any potential connection to PdVSA and U.S. persons that may require OFAC authorization.

   [1]   Press Release, Treasury Sanctions Venezuela’s State-Owned Oil Company Petroleos de Venezuela, S.A., U.S. Dep’t of Treasury (Jan. 28, 2019), https://home.treasury.gov/news/press-releases/sm594.
   [2]   See, e.g., Ana Vanessa Herrero, After U.S. Backs Juan Guaidó as Venezuela’s Leader, Maduro Cuts Ties, N.Y. Times (Jan. 23, 2019), https://www.nytimes.com/2019/01/23/world/americas/venezuela-protests-guaido-maduro.html.
   [3]   Press Statement, Sanctions Against PDVSA and Venezuela Oil Sector, U.S. Dep’t of State (Jan 28, 2019), https://www.state.gov/secretary/remarks/2019/01/288623.htm.
   [4]   See Press Release, Treasury Sanctions Venezuela’s State-Owned Oil Company Petroleos de Venezuela, S.A., U.S. Dep’t of Treasury (Jan. 28, 2019), https://home.treasury.gov/news/press-releases/sm594.
   [5]   OFAC, FAQ No. 566 (Mar. 19, 2018), https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_other.aspx#566.
   [6]   Exec. Order No. 13835, 83 Fed. Reg. 24001 (May 21, 2018).
   [7]   Exec. Order No. 13850, 83 Fed. Reg. 55243 (Nov. 1, 2018).
   [8]   Exec. Order No. 13850, 83 Fed. Reg. 55243 (Nov. 1, 2018).  OFAC has emphasized, however, that it intends to interpret these potentially sweeping authorities narrowly.  For example, OFAC has stressed that these measures are not meant to target legitimate transactions involving the Venezuelan gold sector, or any other sector that might be targeted in the future.  OFAC, FAQ No. 629 (Nov. 1, 2018), https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_other.aspx#629.  Rather, OFAC has indicated that it intends to sanction only transactions in targeted sectors that feature some added element of wrongdoing, such as “dishonest or fraudulent conduct” or transactions whose purpose or effect is to “misappropriate[e] Venezuelan resources . . . for personal, professional, or political gain.”  Id.
   [9]   Press Release, Treasury Sanctions Venezuela’s State-Owned Oil Company Petroleos de Venezuela, S.A., U.S. Dep’t of Treasury (Jan. 28, 2019), https://home.treasury.gov/news/press-releases/sm594.
[10]   See generally OFAC FAQ Nos. 398-402 (Aug. 13, 2014), https://www.treasury.gov/resource-center/faqs/sanctions/pages/faq_general.aspx (describing the mechanics of OFAC’s Fifty Percent Rule).
[11]   Matthew Lee & Deb Riechmann, US Hits Venezuela with Oil Sanctions to Pressure Maduro, Associated Press (Jan. 28, 2019), https://www.apnews.com/dbc0e01d010d41dba3576393c47c860e.
[12]   Steven Mufson, Trump Administration Announces Sanctions Targeting Venezuela’s Oil Industry, Wash. Post (Jan. 28, 2019), https://www.washingtonpost.com/national/health-science/trump-administration-announces-sanctions-targeting-venezuelas-oil-industry/2019/01/28/4f4470c2-233a-11e9-90cd-dedb0c92dc17_story.html; Saleha Mohsin & Jennifer Epstein, Trump Slaps De-Facto Oil Ban on Venezuela, Bloomberg (Jan. 28, 2019), https://www.bloomberg.com/news/articles/2019-01-28/trump-sanctions-venezuela-oil-company-pdvsa-rubio-announces.

The following Gibson Dunn lawyers assisted in preparing this client update: Judith Alison Lee, Adam M. Smith, Chris Timura, Stephanie Connor and Scott Toussaint. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm's International Trade practice group: United States: Judith Alison Lee - Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com) Ronald Kirk - Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com) Jose W. Fernandez - New York (+1 212-351-2376, jfernandez@gibsondunn.com) Marcellus A. McRae - Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com) Adam M. Smith - Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com) Christopher T. Timura - Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com) Ben K. Belair - Washington, D.C. (+1 202-887-3743, bbelair@gibsondunn.com) Courtney M. Brown - Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com) Laura R. Cole - Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com) Stephanie L. Connor - Washington, D.C. (+1 202-955-8586, sconnor@gibsondunn.com) Helen L. Galloway - Los Angeles (+1 213-229-7342, hgalloway@gibsondunn.com) Henry C. Phillips - Washington, D.C. (+1 202-955-8535, hphillips@gibsondunn.com) R.L. Pratt - Washington, D.C. (+1 202-887-3785, rpratt@gibsondunn.com) Scott R. Toussaint - Palo Alto (+1 650-849-5320, stoussaint@gibsondunn.com) Europe: Peter Alexiadis - Brussels (+32 2 554 72 00, palexiadis@gibsondunn.com) Attila Borsos - Brussels (+32 2 554 72 10, aborsos@gibsondunn.com) Patrick Doris - London (+44 (0)207 071 4276, pdoris@gibsondunn.com) Penny Madden - London (+44 (0)20 7071 4226, pmadden@gibsondunn.com) Benno Schwarz - Munich (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther - Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Richard W. Roeder - Munich (+49 89 189 33-160, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.