Evolving US, UK and EU Sanctions and Export Controls Target Russia for Ukraine Invasion
In response to Russia’s invasion of Ukraine in February 2022, the United States, with support from its allies including the United Kingdom and the European Union, has imposed a complex mix of financial sanctions and export control restrictions aimed at Russia and Belarus. These measures include expanded territorial embargoes; blocking sanctions on banks, financial institutions, government leaders, and other entities and high-wealth individuals; correspondent banking restrictions; sovereign debt restrictions; and expansive export controls. As events continue to unfold, further actions are anticipated.
These measures affect companies with operations or business in Russia, Belarus and Ukraine, as well as companies that have taken or plan to take investment from these jurisdictions. The complexity of the measures assumes that companies have basic risk-appropriate sanctions and export compliance frameworks in place, including processes to:
- Classify products, software and technology (including foreign-produced items) for export control purposes.
- Screen customers, contractual counterparties and other third parties against applicable restricted party lists.
- Block access to products and services by parties located in embargoed jurisdictions (e.g., via geo-IP restrictions).
- Obtain specific licenses or confirm the availability of other regulatory authorizations, such as license exceptions or general licenses.
- Incorporate compliance provisions in customer and third-party contracts.
- Conduct diligence regarding investors, including actual and beneficial owners of investing entities.
Close monitoring of regulatory responses to rapidly evolving geopolitical events is critical to ensure compliance.
Overview of US measures targeting Russia
The recent US regulatory measures in response to Russia’s invasion of Ukraine comprise an aggressive and complex blend of financial sanctions and export control restrictions. These measures are summarized below.
US financial sanctions
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed the following financial sanctions aimed at Russia, Belarus and two self-proclaimed independent regions of Ukraine:
- Comprehensive embargoes on the so-called Donetsk and Luhansk People’s Republics (the DNR and LNR regions of Ukraine): OFAC comprehensively sanctioned the DNR and LNR regions, similar to the territorial sanctions imposed on Crimea in 2014. As a result, US persons are prohibited from directly or indirectly engaging in any activities with persons or entities that are located, organized or resident in these regions. OFAC is permitting certain wind-down activities until March 23, 2022, and is authorizing, with limitations and strict conditions, certain humanitarian, telecommunications, internet communications and personal remittance transactions. As a practical matter, however, the DNR and LNR regions should be fully off-limits to commercial activity by US persons and companies, and transactions involving US dollars.
- Blocking (i.e., asset freezes) and other sanctions on designated persons and entities: OFAC has added dozens of entities and individuals (persons) to the Specially Designated Nationals and Blocked Persons (SDN) List in the past week, including prominent Russian banks, government officials, oligarchs, high-wealth individuals, persons with ties to the Russian government or Russian aggression in Ukraine and the Belarusian military. Importantly, pursuant to OFAC’s “50 Percent Rule,” entities that are owned 50% or more, individually or in the aggregate, by one or more blocked parties are also treated as blocked, despite not being affirmatively designated. Notable designations include Russian President Vladimir Putin, the Russian Direct Investment Fund, two state-owned financial institutions, and several Russian financial institutions, including VTB Bank, Otkritie, Sovcombank and Novikombank.
- Non-blocking financial prohibitions and restrictions: OFAC also issued four new directives that stop short of full blocking, but nonetheless prohibit or restrict dealings with targeted parties. These measures:
- Impose new restrictions on dealings in Russia’s sovereign debt (Directive 1A).
- Prohibit US persons from opening or maintaining correspondent or pay-through accounts for or on behalf of sanctioned parties, or processing transactions involving such parties (Directive 2).
- Expand the list of parties with whom US persons are prohibited from dealing in new debt of longer than 14 days’ maturity (Directive 3).
- Prohibit US persons from engaging in transactions involving the Russian Central Bank, National Wealth Fund or Ministry of Finance (Directive 4).
- Concurrent with these measures, OFAC issued several general licenses permitting limited categories of activities, including certain wind-down activities, humanitarian transactions, activities of specified international organizations and certain energy-related transactions.
In addition to the above, the US government announced that it may, in coordination with allies, remove certain Russian banks from the Society of Worldwide Interbank Financial Telecommunications (SWIFT) messaging system. Such sanctions would effectively disconnect these Russian banks from the international financial system. On March 2, the EU announced that as part of this allied, coordinated effort, seven Russian banks would be removed: VTB Bank, Otkritie, Novikombank, Promsvyazbank, Bank Rossiya, Sovcombank and VEB.RF.
US export control measures
In addition to OFAC’s hard-hitting financial sanctions, the US Department of Commerce’s Bureau of Industry and Security (BIS) significantly expanded controls applicable to Russia and Belarus. Notably, these restrictions increase the scope of hardware, commodities, software and technology (collectively referred to as “items” below) subject to the US Export Administration Regulations (EAR) that require a license to be exported, reexported or transferred in country (each referred to as an “export”) to Russia and Belarus.
These measures also extend the reach of US export control regulations to certain foreign-produced items that are the direct product of US-origin software or technology and known to be destined for Russia or Belarus. These measures are complex and nuanced – and appear primarily aimed at dramatically inhibiting both nations’ ability to procure a wide range of critical items originating in the US or otherwise dependent on US-indigenous technology. Specifically, these measures:
- Prohibit exports of items to the DPR and LPR regions: Complementing OFAC’s territorial embargo, these restrictions effectively preclude the DPR and LPR regions of Ukraine from receiving any items subject to the EAR (subject to certain very limited exceptions, such as in the humanitarian aid context).
- Impose new country-based export licensing requirements: The new measures significantly expand the scope of items subject to license requirements for exports to Russia and Belarus. Items that will now require a license include microelectronics, telecommunications items, certain software, certain encryption items, sensors, optics, navigation equipment, avionics, marine equipment and aircraft components, among many others. Further, BIS significantly reduced or, in some cases, fully eliminated certain license exceptions, requiring exporters who previously relied on them to apply for licenses for future exports. These actions affect commonly relied upon license exceptions, including License Exception ENC. License applications will be reviewed, with few exceptions, under a policy of denial, meaning that BIS is generally unlikely to issue licenses.
- Expand controls on military end users and end uses: The scope of items restricted from export to Russian or Belarusian military end users and end uses (MEUs) has been significantly expanded. Although some such restrictions were previously in effect, a license is now required for all items subject to the EAR, with narrow exceptions for food and medicine.
- Add Entity List designations: BIS added 49 Russian entities to the Entity List (47 Russian entities previously designated on the MEU List were transferred to the Entity List, and two new Russian MEUs were added). BIS also added two Belarusian MEUs to the Entity List. A license is required for all exports of EAR-regulated items to these Entity List parties, including items designated EAR99.
- Extend licensing jurisdiction to foreign-produced items intended for Russia or Belarus: The new measures extend the reach of the EAR to control a larger scope of items produced outside the United States (i.e., foreign-produced items). Specifically, the expanded license requirements for exports to Russia or Belarus will result in potentially more controlled US content in foreign-produced items, thereby increasing the likelihood that such items will be subject to EAR jurisdiction under the EAR’s de minimis test.
In addition, foreign-produced items that are the direct product of certain US-origin software or technology, or that are produced by a plant or major component of a plant that is the direct product of such software or technology, are now subject to the EAR, unless such items are minimally controlled (i.e., foreign-produced items that would be designated as EAR99) and destined for commercial end users. Controlled foreign-produced items will require an export license when the exporter knows that such items are destined for Russia or Belarus – or will be incorporated into or used in the production or development of an item produced in or destined for either of those countries. Compliance with these new restrictions on foreign-produced items will require complex, case-by-case analyses.
Overview of EU and UK sanctions against Russia
The UK and the EU generally coordinated with the US in their responses to Russia’s invasion of Ukraine, with some key distinctions.
EU and UK financial sanctionsThe EU and the UK similarly imposed financial sanctions on Russia, Belarus, and the DNR and LNR regions. In addition to the SWIFT removals summarized above, these measures include:
- Asset freezes on Russian persons and entities: The EU imposed asset freezes on hundreds of entities and individuals determined by the EU to have undermined the territorial integrity of Ukraine, including Putin and Russian Foreign Minister Sergey Lavrov. The list of sanctioned entities includes three significant Russian banks – Bank Rossiya, Promsvyazbank and VEB.RF. For transactions originating prior to the designation date, certain wind-down activities are permitted until August 24, 2022. Further designations are expected in the near term. Additionally, the EU has sanctioned 22 high-ranked members of Belarusian military personnel for their support to the Russian forces in the invasion of Ukraine.
The UK’s asset freezes, administered by the Office for Financial Sanctions Implementation, are more limited, but similarly target Putin and his inner circle, as well as prominent Russian financial institutions, including VTB Bank, Bank Rossiya, Sberbank, IS Bank, Genbank, and Black Sea Bank for Development and Reconstruction. Like the EU, the UK is permitting certain limited wind-down activities and is expected to issue additional asset freezes in the coming days. The UK has also listed Belarusian entities and persons associated with providing support to Russia. - Restrictions on access to capital and financial markets: These measures restrict Russian companies and banks from dealings in transferable securities and money-market instruments within the EU and UK. In the EU, certain exceptions apply for emergency loans to EU entities owned by designated persons.
- Restrictions on loans and transactions with Russian governmental agencies: These measures prohibit transactions with the Russian government, the Russian Central Bank and the Russian Wealth Fund.
- Restrictions on investment in the DNR and LNR regions: These measures prohibit EU and UK companies from investing in these regions. Acquiring real estate or shares of companies are among the prohibited transactions.
- Prohibition on broadcast for Russia Today and Sputnik in the EU: The EU suspended the broadcasting of Russian state-owned media outlets Russia Today (RT) and Sputnik in the EU territory. This regulation also prohibits other platforms – including internet-based platforms – from hosting content produced by these media companies or rebroadcasting their programs.
EU and UK export and trade-related sanctions
Like the United States, the EU and the UK adopted export and trade-related measures that include:
- Prohibitions on exports of dual-use controlled goods: Exports of dual-use goods from the EU or the UK to any person or entity in Russia or for use in Russia are now prohibited, subject to certain exceptions, including use by non-Russian MEUs or for limited authorized purposes such as humanitarian and medical-related activities, software updates, certain consumer IT devices, or personal use.
- Export bans: The EU and the UK have banned unlicensed exports to Russia and Belarus of high-tech products that could be used in the military or defense sectors (an authorization can be requested); goods to be used in oil refining; and certain aviation goods. Additionally, in connection to Belarus, the EU has restricted the trade of products used for the production or manufacturing of tobacco products, mineral fuels, bituminous substances and gaseous hydrocarbon products, potassium chloride (“potash”) products, wood products, cement products, iron and steel products, and rubber products.
- Import bans: The EU and the UK have banned imports of all goods originating from the DNR and LNR regions.
Compliance essentials
The scope and complexity of these new measures underscore the importance of establishing or shoring up a risk-appropriate compliance program. The following elements are critical to identifying and preventing unauthorized transactions.
Compliance considerations for financial transactions and investments
- Conduct diligence on existing and prospective investors: Existing and prospective investors with a known or potential Russia nexus should be screened and undergo appropriate diligence (e.g., with respect to actual or beneficial ownership and control) to ensure that they are not subject to sanctions. As screening alone is insufficient to identify all such risks, obtaining representations that investors are not subject to sanctions through ownership or control would be prudent and further protective.
- Assess governance rights of existing investors: Given the fluid situation and the potential for additional Russian persons and entities to be sanctioned with no notice and immediate effect, companies should consider proactively reviewing investment agreements with existing Russian investors to assess their governance rights. If a Russian investor is sanctioned and unable to provide consent or exercise rights, company governance may become difficult or impossible; accordingly, consideration should be given to proactively amending the critical consent requirements or other governance rights of Russian investors at risk of being sanctioned to reduce disruption in the event that such parties become designated.
- Exercise care when accepting non-sanctioned Russian financing: Companies should seek a commitment from each investor to promptly notify the company if the investor becomes subject to sanctions. In addition, companies should consider limiting the rights of new Russian investors or ensuring that the investor’s governance rights would be automatically revoked should the investor become subject to sanctions.
Compliance considerations for company operations and sales
- Perform diligence and screen customers, business partners and other counterparties: Although not a regulatory requirement, screening is the best way to identify and prevent unauthorized transactions with restricted parties and embargoed jurisdictions. Restricted party screening can be conducted manually through the US, UK, or EU published lists or through automated tools – and geo-IP restrictions to block access to products and services, including software as a service (SaaS) solutions and software downloads, by users with IP addresses associated with embargoed jurisdictions can typically be implemented via a third-party cloud provider. Importantly, screening may not be sufficient to identify parties that are prohibited due to their ownership or, in some circumstances, control, by sanctioned parties. Accordingly, companies should develop risk-appropriate diligence processes to complement their screening efforts. Such diligence should address risks related to expanded restrictions on exports to MEUs, government end users and state-owned enterprises.
- Confirm the export classification of products, software and technology: Export classification is a critical element of compliance, and companies that have not classified their products for export purposes should do so as soon as possible – ideally, prior to new export activities. Parties that export products (including software downloads) or provide technical support to Russia or Belarus should evaluate their existing activities with the understanding that most non-EAR99 items will now require a license. In addition, even EAR99 items – other than food and medicine – will require an export license to MEUs.
- Reevaluate EAR license exception eligibility for Russia: Exporters that have historically relied on license exceptions for exports to Russia or Belarus, including the commonly used License Exception ENC for encryption hardware and software, should reevaluate eligibility given the significant reductions in scope and availability. Transactions previously authorized by a license exception may now require a license.
- Assess supply chains for foreign-produced items: The expansion of US export control jurisdiction to reach foreign-produced items intended for Russia or Belarus will require companies to reevaluate their supply chains and assess whether specific licenses are required for items that contain more than a de minimis level of controlled US content, are the direct product of certain US-origin software or technology, or are produced by a plant or major component of a plant that is the direct product of such software or technology. Companies that export foreign-produced items to Russia or Belarus based on a prior determination that such items are not subject to the EAR will need to update their jurisdictional analyses in light of the new rules.
- Review contractual terms and conditions with customers and other counterparties: Companies should evaluate their customer agreements, terms and conditions, distributor and reseller agreements, and other contractual documents to ensure that these materials effectively cover sanctions and export controls compliance, including representations regarding prohibited destinations, end users, and end uses for the company’s products and services. Such contracts should also provide companies with the right to immediately terminate services should the counterparty become subject to sanctions.
- Evaluate banks involved in payments to employees and contractors in Russia, Belarus and Ukraine: If employees and contractors in Russia, Belarus and Ukraine do not appear on any US or other applicable sanctions lists, are not located in any embargoed jurisdictions (e.g., Crimea or the DNR or LNR regions), and the payments would not involve any sanctioned financial institutions, then companies are currently authorized to make payments to such parties. However, many banks and payment processors have suspended processing of all inbound payments to Russia and/or Ukraine (including authorized transactions) and may soon extend these actions to Belarus. As such, some companies are considering alternative mechanisms for paying contractors in the region, such as cryptocurrency or digital asset transfers. However, such transfers should be separately evaluated to address potential sanctions and financial regulatory risks.
What’s next?
Circumstances on the ground, as well as responsive regulatory actions, are in flux. More measures are forthcoming, and interpretive guidance from US enforcement agencies is expected. Companies with business activities in Russia, Belarus and Ukraine should carefully monitor these developments – and be prepared to adjust their compliance response accordingly. Cooley attorneys are available to advise on these requirements, and assist you in establishing appropriate compliance measures and procedures.
Related contacts
This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.