InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Pennsylvania District Court Addresses "Public International Organization" Aspect of FCPA
The relatively sparse judicial caselaw on the FCPA expanded last week with a new opinion interpreting the “public international organization” language in the statute. In an opinion denying the defense’s Motion to Dismiss an indictment originally brought in 2015, Judge Paul Diamond of the United States District Court for the Eastern District of Pennsylvania found that the FCPA “plainly” applies to public international organizations. United States v. Dmitrij Harder, No. 2:15-cr-00001 (E.D. Pa. Mar. 2, 2016). Combined with the Eleventh Circuit’s 2014 opinion in Esquenazi, the contours of the types of foreign government entities subjecting defendants to FCPA sanctions are beginning to be fleshed out. (Previous coverage of the Esquenazi case can be found here.)
Dmitrij Harder – a Russian national, German citizen, and U.S. permanent resident – owned and operated two consulting companies that, in 2007 and 2009, assisted two different independent energy companies in obtaining financing from the European Bank for Regional Development (the “EBRD”). The EBRD is a multilateral development bank founded in 1991 to foster the growth of businesses operating in the former Soviet Union. Today it invests throughout Europe and is jointly owned by sixty-four countries.
The DOJ charged Harder in 2015 with 14 counts of violating the FCPA, the Travel Act, and money laundering. The government alleged that the energy companies entered into agreements with Harder whereby they agreed to pay him success fees upon receiving financing from the EBRD. After both companies obtained sizable investments from the EBRD – one company received an $85 million investment; the other a $40 million investment and $60 million loan – they allegedly paid Harder success fees totaling almost $8 million. Shortly after the success fees were paid, Harder allegedly wired payments totaling almost $3.5 million to the sister of an EBRD official. The government alleged that the sister of the EBRD official entered into sham consulting agreements with Harder’s companies, making it appear that the payments were made for services rendered under the agreements, but no such services were actually performed.
In arguing for dismissal of the FCPA counts of the indictment, Harder challenged the sufficiency of the Indictment on several bases, including a failure to plead the involvement of a “foreign official,” and that the Indictment impermissibly substituted the phrase “foreign government or instrumentality thereof” with “public international organization” in reciting the fourth of the FCPA’s proscribed corrupt purposes: “inducing such foreign official []to use his []influence with a foreign government or instrumentality thereof to affect or influence any act or decision of such government or instrumentality.” 15 USC 78dd-2(a)(3)(B).
On the first challenge, Judge Diamond rejected the idea that officials of EBRD could not qualify as “foreign official[s]” within the FCPA’s prohibitions. Op. at 6; see also Op. at 8 (noting that “whether EBRD falls within the FCPA’s ambit is necessarily a ‘fact-bound question[]’ properly decided by a jury”). On the second challenged, Harder had maintained that permitting the government to substitute “public international organization” into the statute would create an entirely new offense with no basis in the statute. Rejecting this argument, Judge Diamond pointed out that public international organizations are themselves “an association of foreign governments.” Op. at 7. He reasoned that refusing to allow this substitution in the language of indictments where a public international organization, rather than a foreign government, is involved would “make it impossible to prosecute any public international organization employee who unlawfully used his position,” calling this “an absurd result” in light of Congress’ decision to include public international organizations within the scope of the FCPA. Op. at 7.
Harder also raised two challenges to the constitutionality of the FCPA’s inclusion of the EBRD. In 1998, the FCPA was amended to include employees of public international organizations within the scope of the Act’s prohibition on certain corrupt payments. The 1998 amendments brought employees of two groups of public international organizations within the scope of the FCPA; (1) those organizations that the President declares by Executive order are covered by the FCPA, and (2) those organizations identified pursuant to the International Organization Immunities Act (“the IOIA”), 22 USC 288. The IOIA allows the President, acting by executive order, to provide public international organizations in which the US participates with legal capacity, certain immunities, and privileges under US law. In 1991, the EBRD was designated a public international organization under the IOIA, and so it became subject to the FCPA after the 1998 amendments.
First, Harder argued that the FCPA’s inclusion of the EBRD and other public international organizations violates the non-delegation doctrine, which provides that where Congress delegates legislative authority it must do so with “an intelligible principle” to guide the exercise of the delegated authority. United States v. Cooper, 750 F.3d 263, 270 (3d Cir. 2014). Harder argued that Congress, by allowing the President to expand the list of public international organizations covered by the FCPA by executive order, impermissibly delegated its legislative function to the executive branch. Judge Diamond rejected this argument, finding that the legislative scheme enacted by Congress constrains the President’s ability to add public international organizations to the scope of the FCPA, and that the clearly stated purposes of the FCPA provide sufficient guidance. Op. at 9-11.
Second, Harder argued that the FCPA’s inclusion of the EBRD violates the void-for-vagueness doctrine, which provides that a criminal law is void if it fails to define the offense in a way that “ordinary people can understand what conduct is prohibited” and in a way that does not encourage “arbitrary and discriminatory enforcement.” Skilling v. United States, 561 U.S. 358, 402-403 (2010). Harder argued that the somewhat circuitous route by which the EBRD was made subject to the FCPA renders the law unconstitutionally vague because it would require individuals to monitor whether a particular public international organization has been the subject of an executive order that subjects it to the FCPA. Judge Diamond rejected this argument also, finding that an ordinary person could research the status of a public international organization. Judge Diamond also pointed out that there is a publicly available list of all public international organizations subject to the FCPA, and that the FCPA’s knowledge requirement alleviated any concern that a defendant might unwittingly violate the FCPA. Op. at 13.
OFAC Announces Settlement with London-Based Financial Institution for Alleged Violations of the Zimbabwe Sanctions Regulations
On February 8, OFAC settled with a London-based financial institution for alleged violations of the Zimbabwe Sanctions Regulations, 31 C.F.R. part 541 (ZSR). The financial institution agreed to pay $2,485,890 for processing 159 transactions to or through financial institutions located in the United States for or on behalf of corporate customers of the financial institution’s Zimbabwean subsidiary that were owned, directly or indirectly, 50% or more by a customer identified on OFAC’s SDN List. According to OFAC, the financial institution relied on the subsidiary’s electronic customer records and documentation to perform cross-border transactions screenings and sanctions-related customer screening. Due to deficiencies in the subsidiary’s electronic customer system and its “Know Your Customer” procedures, neither the financial institution nor its subsidiary detected certain customers as blocked persons – under Executive Order 13469 of July 25, 2008 – on the SDN List and “continued to process [U.S. Dollar] transactions for or on their behalf to or through the United States in apparent violation of the ZSR.” OFAC determined that the company did not voluntarily self-disclose the apparent violations, and that the apparent violations constitute a non-egregious case. In determining the settlement amount, OFAC found the following to be mitigating factors: (i) the financial institution had not received a penalty notice or Finding of Violation in five years preceding the earliest date of the transactions giving rise to the apparent violations; (ii) the financial institution took remedial action in response to the apparent violations; and (iii) the financial institution substantially cooperated with OFAC’s investigation. In addition, OFAC “considered the fact that the prohibited entities were not publicly identified or designated and included on the SDN List at the time that Barclays processed transactions for or on their behalf.”
Obama Administration Announces Executive Orders: Commission on Enhancing National Cybersecurity; Establishment of the Federal Privacy Council
On February 9, President Obama issued two Executive Orders (EO) titled, Commission on Enhancing National Cybersecurity and Establishment of the Federal Privacy Council. The first EO creates a Commission on Enhancing National Cybersecurity (Commission), which will be comprised of top industry thinkers outside of the government. The President will appoint the Commission’s members, with the Speaker of the House of Representatives, the Minority Leader of the House of Representatives, the Majority Leader of the Senate, and the Minority Leader of the Senate each being invited to recommend one individual for membership. As outlined in the White House’s Fact Sheet on the EO, the Commission will, among other things, (i) assist in diagnosing and addressing the causes of cyber-vulnerabilities; (ii) “make detailed recommendations on actions that can be taken over the next decade to enhance cybersecurity awareness and protections throughout the private sector and at all levels of Government”; and (iii) report specific findings and recommendations to the President before the end of 2016.
With the creation of the Federal Privacy Council, senior privacy officials from various Government agencies will come together to (i) develop recommendations on government privacy policies and requirements; (ii) collaborate on ideas, best practices, and approaches for protecting privacy and implementing appropriate safeguards; (iii) evaluate how best to address the hiring, training, and professional development needs of the Federal Government with respect to privacy matters, making the appropriate recommendations; and (iv) perform other privacy-related functions, consistent with law, that the Chair designates. Ultimately, this “interagency support structure” will be the principal “forum to improve the Government privacy practices of agencies and entities acting on their behalf.”
OFAC Publishes Cyber-Related Sanctions Regulations
On December 31, OFAC issued regulations to implement Executive Order 13694 of April 1, 2015, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.” Effective immediately, the regulations prohibit all transactions prohibited by Executive Order 13694, including dealing in the property or interests in property, that come within the United States, of blocked persons. Among other things, under Executive Order 13694, a party may be blocked if the U.S. government finds the party “to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States” and that have one of the purposes or effects enumerated in the Order. More information on the Executive Order is available here. OFAC’s Specially Designated Nationals (SDN) List will include persons blocked pursuant to the Executive Order and regulation. OFAC intends to supplement the new regulations with a more comprehensive set of regulations, “which may include additional interpretive and definitional guidance, regarding ‘cyber-enabled’ activities, and additional general licenses and statements of licensing policy.”
OFAC Authorizes Certain Transactions and Activities to Liquidate Honduras-Based Bank, Replaces Previously Issued General License
On December 8, OFAC announced that it issued a revised General License replacing a previously issued license to a Honduras-based bank, which OFAC designated as a Specially Designated Narcotics Trafficker. The General License authorizes certain transactions and activities to assist with the liquidation and winding down of the bank. The revised General License permits liquidation-related transactions and activities that are otherwise prohibited by the Foreign Narcotics Kingpin Sanctions Regulations through 12:01 a.m. on June 12, 2016, with the following exceptions: (i) the unblocking of any blocked property pursuant the Foreign Narcotics Kingpin Sanctions Regulations; or (ii) transactions or dealings that are limited by Executive Order or are with another individual or entity on OFAC’s List of Specially Designated Nationals or Blocked Persons. U.S. persons involved in the bank’s liquidation process must file a report with OFAC’s Licensing Division to include the parties involved, and the type, scope, and dates of the activities conducted.
OFAC Authorizes Transactions Involving Certain Belarusian Entities
On October 29, OFAC granted a General License authorizing nine Belarusian entities to make transactions otherwise prohibited by Executive Order 13405, effective October 30. The General License also authorizes transactions with any entities that are owned 50 percent or more by the nine named entities. U.S. persons must report authorized transactions or series of transactions exceeding $10,000 to the U.S. Department of State no later than 15 days after execution. The General License expires on October 31, 2016, unless extended or revoked.
OFAC Authorizes Certain Transactions and Activities to Liquidate Honduras-Based Bank
On October 21, following the October 7 designation of a Honduras-based bank as a Specially Designated Narcotics Trafficker, OFAC announced that it granted a General License authorizing certain transactions and activities to help with the liquidation and wind down of the same bank. Pursuant the General License, transactions and activities that are otherwise prohibited by OFAC during a bank’s liquidation process will be permitted through 12:01 a.m. ET on December 12, 2015, with the following exceptions: (i) the unblocking of any party pursuant to the Foreign Narcotics Kingpin Sanctions Regulations; and (ii) transactions or dealings that are limited by Executive Order, or are with an individual or entity, other than the Honduras-based bank, that is on OFAC’s List of Specially Designated Nationals or Blocked Persons. Any U.S. persons involved in the bank’s liquidation process must file a report with OFAC’s Licensing Division to include the parties involved, and the type, scope, and dates of the activities conducted.
California Governor Signs Executive Order Aimed At Strengthening Cybersecurity Strategy
On August 31, California Governor Edmund G. Brown signed Executive Order B-34-15. A response to recent cyber-attacks, this order is intended to bolster the state’s preparedness, to improve inter-agency, cross-sector coordination, and to reduce the likelihood and severity of such attacks. Specifically, the order establishes the California Cybersecurity Integration Center (Cal-CSIC) and explains that the Cal-CSIC “will work closely with the California State Threat Assessment System and the U.S. Department of Homeland Security and will facilitate more integrated information sharing and communication with local, state and federal agencies, tribal governments, utilities and other service providers, academic institutions and non-governmental organizations.”
Under the order, the Cal-CSIC will also establish a multi-agency Cyber Incident Response Team, which will be comprised of personnel from agencies, departments, and organizations from the Cal-CSIC. The Response Team will serve as California’s “primary unit to lead cyber threat detection, reporting, and response in coordination with public and private entities across the state.”
OFAC Announces Settlement Agreement with Insurance Company
On August 6, OFAC announced a $271,815 settlement with a New York-based insurance company with an overall focus on marine insurance and related lines of business, professional liability insurance, and commercial umbrella and primary and excess casualty businesses. According to OFAC, from May 8, 2008 to April 1, 2011, the company and its London branch office, “issued global protection and indemnity (“P&I”) insurance policies that provided coverage to North Korean-flagged vessels and covered incidents that occurred in or involved Iran, Sudan, or Cuba—some of which led to the payment of claims.” The company’s willingness to engage with OFAC-sanctioned countries resulted in 48 alleged violations of Foreign Assets Control Regulations, Executive Order 13466 of June 26, 2008, North Korea Sanctions Regulations, Iranian Transactions and Sanctions Regulations, Sudanese Sanctions Regulations, and Cuban Asset Control Regulations. OFAC stated that (i) the company did not maintain a formal compliance program at the time it issued the P&I insurance policies; and (ii) the company’s London office personnel “misinterpreted the applicability of OFAC sanctions regulations.” The final settlement amount reflects the fact that managers and supervisors knew or had reason to know that the majority of the insurance policies and claims payments at issue involved OFAC-sanctioned countries; the company is a commercially sophisticated financial institution; and it did not have a formal OFAC compliance program in place at the time the apparent violations occurred. Mitigating factors included the company’s cooperation with OFAC’s investigation; lack of prior enforcement action; and its remedial action plan to implement a sufficient OFAC compliance program.
OFAC Provides Guidance to Financial Institutions to Help Comply with Crimea Sanctions Regulations
On July 30, OFAC issued a “Crimea Sanctions Advisory,” highlighting certain actions that have been used to circumvent or evade U.S. sanctions involving the Crimea region as described in Executive Order 13685. The Advisory provides guidance to U.S. persons and persons engaging in business activities in or through the United States, directing them to implement appropriate internal controls relative to their OFAC sanctions risk profile. Specifically with respect to financial transactions, OFAC noted that “certain individuals or entities have engaged in a pattern or practice of repeatedly omitting originator or beneficiary address information” from SWIFT messages. OFAC advised that U.S. financial institutions should be “cautious” when processing payment instructions that fail to disclose complete address information when engaging in transactions involving an individual or entity that has previously omitted information of Crimean individuals or entities. OFAC offered three examples of risk mitigating measures: (i) ensure that transaction monitoring systems include appropriate search terms corresponding to major geographic locations in Crimea and not simply references to “Crimea”; (ii) request additional information from entities that previously violated or attempted to violate U.S. sanctions on Crimea; and (iii) clearly communicate U.S. sanctions obligations to international partners and discuss OFAC sanctions compliance expectations with correspondent banking and trade partners.
In addition to issuing the Crimea Sanctions Advisory, OFAC updated its Specially Designated Nationals List and Sectoral Sanctions Identifications List with additional designations.