Iranian and Russian based crypto addresses sanctioned by OFAC
A series of crypto wallet addresses including Bitcoin (BTC), Ethereum (ETH) and Tether (USDT) were added to the US SDN sanctions list by OFAC in September. The addresses belong to Iranian ransomware attackers and a neo-Nazi Russian paramilitary group Task Force Rusich. Task Force Rusich is known to be affiliated with The Wagner Group, which is also sanctioned by OFAC.
Sanctions teams should be wary about the potential for sanctioned entities to leverage the ability to move between crypto assets and blockchains in an attempt to obscure illicit activity.
How does crypto factor into sanctions?
This is known as cross-chain crime, and has been made easier as the decentralised exchanges, known as DEXs, do not apply AML controls. For example, using DEXs, criminals can readily exchange Ether for other assets – such as Tether – to attempt untraceability. In June 2022, North Korean ransomware attackers did this to launder funds they stole in a hack.
Another emerging risk factor are cross-chain bridges. These are services that allow a user to transfer assets from one blockchain, such as Bitcoin, to another, such as Ethereum.
Before these bridges, users could not easily move across blockchains. But these have become important parts of the crypto ecosystem.
Criminals and state actors have found these bridges another way to launder crypto through blockchains. Similar to how cash can be laundered through the financial system by being rapidly sent around the world or swapped into different currencies.
Just one cross-chain bridge called RenBridge, is believed to have facilitated over half a billion dollars in illicit crypto transactions already. This includes over $150 million from ransomware attackers and $33 million traced to a North Korean attack.
OFAC and Tornado Cash
On August 8 2022, OFAC sanctioned “crypto-mixer” Tornado Cash, alleging that more than $7 billion worth of virtual currency had been laundered through the protocol since it began operating in 2019, including over $455 million by the North Korean state-sponsored hacking group, the Lazarus Group (sanctioned by OFAC in 2019). In addition to sanctioning the Tornado Cash protocol and URL, OFAC also sanctioned several large wallets associated with Tornado Cash.
On September 13, 2022, OFAC issued FAQs 1076-1079 clarifying certain key points for ordinary cryptocurrency users.
Although the Tornado Cash website has been deleted from the internet, it remains available through internet archives. OFAC clarified that, without “additional facts,” it would not be a sanctions violation to visit the internet archives for the Tornado Cash historical website, or to otherwise interact with the open-source code. It would also not be a violation to merely visit the Tornado Cash website, if it were to become active again.
OFAC clarifies that the sanctions prohibit US persons from “engaging in transactions with” Tornado Cash, or with one of the sanctioned wallet addresses. In particular, US persons which sent funds to Tornado Cash prior to its designation must apply for a specific license from OFAC to withdraw the assets.
How to protect against crypto sanctions risks?
OFAC has already added more than 350 crypto addresses belonging to cybercriminals, money launderers, and state actors to the sanctions list of Specially Designated Nationals and Blocked Persons List (SDN List).
However OFAC has clarified that this list is non-exhaustive, meaning that it expects compliance with sanctions to not only avoid transactions with sanctioned entities and individuals, but any other crypto addresses that sanctioned entities control.
Therefore it is vital for compliance teams to use the analytical processes of blockchain to understand the web of transactions, and the ultimate beneficial owners of crypto assets as they would for any other asset, and apply sanctions checks to these.
Quantum computing sanctions against Russia
As the war in Ukraine continues, US, UK and EU authorities are increasing their sanctions against Russia and Russian interests. OFAC recently banned the sale or supply of quantum computing services to anyone located in Russia, starting from 15 October 2022.
This comes in parallel to export controls to Russia and Belarus on quantum computing hardware, software, and related technology. OFAC interprets this broadly to include the infrastructure, web hosting, data processing and design services related to quantum computing. This also includes associated materials like cryogenic refrigeration systems required for quantum computing.