Counterproliferation Finance Detection and Deterrence

What Can Financial Institutions Do?

📅 April 23, 2024

Proliferation Financing a National Security Threat

The Justice Department in late 2022 charged two companies and six individuals for allegedly selling and exporting powerful dual-use technologies to Russia, including a high-precision export-controlled item that can be used for Russia’s nuclear proliferation. Some of the electronic components purchased by the network and sold to sanctioned Russian end-users were discovered in Russian weapons platforms on the Ukrainian battlefield. The case highlights how illicit actors use deceptive practices to mislead financial institutions into participating in schemes to send critical military equipment and dual-use technologies to military end-users in Russia.

According to court documents, Germany-based Russian national Yury Orekhov was part-owner, CEO, and Managing Director of Nord-Deutsche Industrieanlagenbau GmbH (NDA GmbH), a privately held industrial equipment and commodity trading company located in Hamburg, Germany. Artem Uss, the other owner of NDA GmbH, is the son of the governor of Russia’s Krasnoyarsk Krai region. Svetlana Kuzurgasheva served as the CEO of one of the scheme’s shell companies and worked for NDA GmbH under Orekhov.
Using NDA GmbH as a front company, Orekhov and Kuzurgasheva sourced and purchased sensitive military and dual-use technologies from U.S. manufacturers, including advanced semiconductors and microprocessors used in fighter aircraft, missile systems, smart munitions, radar, satellites, and other space-based military applications.
The defendants routed funds for NDA GmbH’s illicit activities through U.S. financial institutions and correspondent bank accounts. To facilitate these transactions, Orekhov and his co-conspirators used fictitious companies, falsified “know your customer” documentation, and exploited bank accounts in high-risk jurisdictions, according to the Justice Department press release.

In its 2024 National Proliferation Financing Risk Assessment, the U.S. Treasury identified proliferation networks operating on behalf of Russia, North Korea, China, Iran, Syria, and Pakistan as threats to U.S. national security. These networks exploited the U.S. financial system to finance the proliferation of weapons of mass destruction (WMD), including financing to procure WMD components and raising revenues to support efforts by these state actors to advance their WMD activities. Treasury identified Russia and North Korea as the highest-risk threat actors because of the scope and sophistication of their efforts.

Because of heavy battlefield losses Russia has experienced since it began its full-scale invasion of Ukraine in early 2022, Moscow has engaged with close partners to replenish its stocks of conventional weapons. Those losses have also increased Russia’s reliance on its nuclear, cyber, and space capabilities to maintain deterrence and project power globally, according to the Treasury assessment.

North Korea since 2022 has continued to augment its WMD capability, including testing of multiple types of intercontinental ballistic missiles (ICBMs), according to the Director of National Intelligence (DNI) 2024 Threat Assessment. North Korea remains dedicated to expanding its nuclear capability, as well as enhancing its conventional missile capabilities, and will use both its offensive cyber capabilities and conventional trade control and sanctions evasion methodologies to steal and launder billions of dollars in cryptocurrencies to fund its WMD programs.

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) in concert with the Republic of Korea in late March 2024 designated six individuals and two entities based in Russia, China, and the UAE that generate revenue and facilitate financial transactions for North Korea. The DPRK uses overseas representatives of state-owned entities and banks to access the global financial system, according to the OFAC press release.

Non-state actors, such as terrorist groups are also working to acquire WMD capabilities, according to the Treasury risk assessment. The United States in March 2023 released a National Security Memorandum (NSM) on WMD Terrorism and Advance Nuclear and Radioactive Material Security. The NSM seeks to provide a framework to prevent non-state actors from acquiring WMD and related materials. However, Treasury has not assessed that the efforts of non-state actors to acquire WMDs have involved exploitation of the U.S. financial system.

Taking Action

Given the complex nature of the activities to hide proliferation financing, what can financial institutions do? The Financial Action Task Force (FATF) has provided indicators that could denote illicit activity and help financial institutions and other stakeholders identify high-risk customers and transactions. Some of these red flags are common methodologies used in sanctions and trade control evasion, fraud, and other financial crimes.

Transaction involves a person or entity in a foreign country of proliferation concern or that is known for diversion activities.
The customer or counterparty or its address is similar to a party found on publicly available lists of “denied persons” or has a history of export control evasion.
Customer activity does not match business profile, or end-user information does not match end-user’s business profile.
A freight forwarding firm is listed as the product’s final destination.
Order for goods is placed by firms or persons from foreign countries other than the country of the stated end-user.
Transaction involves shipment of goods incompatible with the technical level of the country to which it is being shipped, (e.g. semiconductor manufacturing equipment being shipped to a country that has no electronics industry).
Transaction involves possible shell companies or complex webs of ownership and control structures.
Misleading shipping documentation is provided for the transaction.

Although many of the indicators provided by FATF are also red flags that may denote trade-based money laundering, sanctions evasion, and other financial crimes, when coupled with the involvement of entities in jurisdictions at high risk of diversion or WMD proliferation, these red flags should be closely examined for possible proliferation concerns. The more indicators are present, the riskier the transaction. Financial institutions should monitor these transactions to detect and deter possible proliferation financing.

Conclusion

The size and sophistication of the U.S. financial system makes it particularly vulnerable for exploitation by illicit proliferation networks, and new technologies continue to enable illicit money transfers by malign actors. These actors use a combination of tried-and-true techniques and innovative strategies and technologies to transfer sensitive goods to restricted actors.

To disguise their activity as legitimate commerce, proliferation networks, such as Orekhov’s and Uss’s, use corporate entities to gain access to financial services, including correspondent banking. They also often create multiple front or shell companies in the United States and third-country jurisdictions and falsify documents to move goods and money.
An Iranian and a Chinese national in late 2023 were indicted and charged with a scheme to procure U.S.-manufactured dual-use microelectronics for the Islamic Revolutionary Guard Corps (IRGC) Aerospace Force Self Sufficiency Jihad Organization’s (ASF SSJO) one-way attack unmanned aerial vehicle (UAV) program. According to the DOJ press release, the defendants allegedly used a web of foreign front companies to illegally purchase and export from the United States to Iran dual-use microelectronics that are commonly used in UAV production. The defendants allegedly used entities based in Iran, Malaysia, Hong Kong, and Indonesia to obfuscate the end-destination for the goods. An unwitting French company purchased components from a U.S. company and shipped the components to Hong Kong, where they were reexported to Iran.
Treasury’s assessment also notes DPRK cyber actors target a variety of organizations in the blockchain technology and virtual asset industry, including virtual asset exchanges, decentralized finance (DeFi) protocols, blockchain bridge developers, virtual asset trading companies, venture capital funds investing in virtual assets, and individual holders of large amounts of virtual assets or non-fungible tokens (NFTs). They also seek to exploit CVC mixing activities.

Financial institutions and virtual currency service providers must be aware of the emerging trends used by illicit actors—especially Russia and North Korea—to access restricted technologies and raise revenues for their WMD programs. Closely monitoring risky transactions, researching new proliferation financing methodologies, and putting together pieces of the counterproliferation puzzle will help avoid enforcement actions and secondary sanctions.

Recorded Webinar

Over the past six months, the Russian Federation has vetoed a renewal of UN sanctions against Iran’s ballistic missile and UAV program, as well as a resolution extending the mandate of the UN Panel of Experts monitoring the sanctions on North Korea, while at the same time importing Iranian and North Korean UAVs and ballistic missiles for use in its war against Ukraine.

Russia’s vetoes have effectively dismantled the multilateral sanctions framework on Iran and abolished multilateral sanctions monitoring capabilities for North Korea. Russia’s procurement of North Korean ballistic missiles and Iranian UAVs in Ukraine further heighten proliferation finance and sanctions risk for the private sector.

View Recording

Recommended Blogs

Risky Convergences

October 28, 2024

New digital solutions in money laundering and underground banking have facilitated the expansion of the criminal business environment in Southeast Asia, integrate billions of criminal proceeds into the formal financial system and enabling the growth of new criminal organizations.

Elevating Defenses

August 22, 2024

Dive into the cutting-edge strategies that financial institutions are implementing to combat the evolving threat of AI-driven fraud. From deploying advanced detection technologies to fostering robust networks of allies, learn how the financial sector is bolstering its defenses against sophisticated scams like deepfakes and biometric fraud.

Deepfakes and Dollars

August 20, 2024

While AI has the potential for transformative impact in the financial sector, it also introduces new challenges. From biometric mimicry to the alarming rise of deepfakes, this blog highlights emerging threats and challenges in countering AI-driven fraud.

The Convergence of Sanctions & AML

July 24, 2024

The convergence of sanctions and anti-money laundering efforts has significantly accelerated since Russia’s full-scale invasion of Ukraine in February 2022. FINTRAC in June 2024 released a special bulletin focusing on financial activity associated with suspected sanctions evasion. The report highlighted shared methodologies and insights to help compliance teams collaborate on best practices.

Targeting Russia’s IT Dependencies

July 16, 2024

Delve into the recent determination issued by OFAC, which imposes significant additional restrictions on the provision to Russia of IT consultancy and design services as well as IT support and cloud-based services of enterprise management and design and manufacturing software. Multinational tech corporations, financial institutions, and other companies still operating in Russia will likely require licenses to continue operating there.

Crypto Under the Microscope

July 11, 2024

In the fast-evolving digital assets market, compliance is not just a regulatory requirement—it's a strategic imperative. From Binance's multi-billion-dollar settlement to the dramatic collapse of FTX, recent enforcement actions have sent shockwaves through the industry, underscoring the critical need for a robust compliance system.

Understanding and Addressing Fraud and Corruption Risks

July 2, 2024

In our recent webinar, industry experts delved into the crucial topic of fraud and corruption risks. From seasoned professionals to anti-corruption activists, the webinar featured a panel of distinguished speakers: Steve Burgess, Nikki Kenyon, Chris Williams, and James Wasserstrom. This blog post aims to summarize the key points discussed during the session, equipping readers with the knowledge necessary to navigate these risks effectively.

Corruption in Construction

June 21, 2024

Corruption in the construction sector can include everything from fraud, to extortion, embezzlement, and other abuses. Corruption doesn’t just undermine good governance; it endangers lives and threatens the reputation of any financial institution involved in construction projects that are rife with fraud and abuse. How can government organizations and financial institutions mitigate corruption risks when funding or supporting infrastructure projects? How can they detect suspicious transactions?

OFAC’s Compliance Guidance in Action

June 18, 2024

The Treasury Department’s Office of Foreign Assets Control (OFAC) five years ago published its Framework for OFAC Compliance Commitments. This guidance remains the most comprehensive articulation of OFAC’s compliance expectations to date. Although it notably stopped short of mandating a sanctions compliance program (SCP), recent enforcement actions demonstrate the implications of not having an SCP in place.