$10 million reward for anyone who can answer the question: where is Hamas getting its stolen money from?

Anti-money laundering audit

Following earlier rounds of US sanctions on Hamas, the US is now offering up to $10 million for information on five Hamas financiers or anything leading to the disruption of the Palestinian terror group’s financial mechanisms, the State Department reported. The five Hamas financial facilitators under this reward offer are named as Abdelbasit Hamza Elhassan Khair, Amer Kamal Sharif Alshawa, Ahmed Sadu Jahleb, Walid Mohammed Mustafa Jadallah, and Muhammad Ahmad ‘Abd Al-Dayim Nasrallah.

Abdelbasit Hamza Elhassan Khair, known as Hamza, is based in Sudan and has managed many companies in Hamas’s portfolio. He was previously involved in the transfer or close to $20 million to Hamas and is tied to former Sudanese president Omar Bashir as well as Islamist groups undermining stability in Sudan, the State Department said.

Alshawa, Jahleb and Jadallah are part of Hamas’s investment network in Turkey.
Nasrallah, who as of October was based in Qatar, is a longtime Hamas member with close ties to Iranian entities who has been involved in the transfer of tens of millions of dollars to Hamas, including to the Izz al-Din al-Qassim Brigades, Hamas’s military wing.


The rewards will be provided for any information on any source of revenue for Hamas, Hamas donors or financial facilitators, businesses owned or controlled by Hamas, front companies that procure dual-use technology for the group and criminal schemes that involve Hamas members or supporters that financially benefit the organisation.


Funds such as those managed by these individuals were likely key to Hamas’s preparations for the terror organisation’s deadly October 7th attacks against Israel.

These reward offers join a rash of recent sanctions by countries around the world including the US, Britain, and Japan on Hamas, Hamas members and their financial enablers. These come in addition to more than 16,000 sanctions currently in place against Russian individuals and entities as well as over 3,000 active sanctions by the US, UN, EU and other countries against Iran and Iranian entities and associated individuals.

Sanctions offences carry strict liability, meaning that legal responsibility or culpability is imposed on an individual or entity without the need to prove intent, knowledge, or fault. In other words, strict liability implies that a person or organisation can be held legally responsible for violating sanctions regulations regardless of whether they were aware of the violation, intended to commit the offence, or exercised due diligence.

When operating in international markets, whether those markets are directly located in areas subject to sanctions or not, it’s important to stay vigilant and be aware of the strict liability nature of sanctions offences. This includes paying close attention to ultimate beneficial owners and source of funds, as a sanctioned individual or entity could likely attempt to conceal their identity through shell companies or by having friends or family members conduct the transaction on their behalf.

To mitigate the risks of inadvertently engaging with entities associated with designated FTOs and avoid inadvertent violations, organisations should examine their compliance frameworks and due diligence and risk management procedures and make sure they are taking a robust, proactive approach to sanctions compliance as well as staying on top of ongoing changes and updates to sanctions and sanctions regulations. 

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.