In its first public statement since the inauguration, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) announced on February 2, 2017, that it had authorized limited dealings with the Federal Security Bureau (FSB) of the Government of the Russian Federation. OFAC previously designated the FSB as a Specially Designated National (SDN) pursuant to Executive Order 13757 (EO 13757), which imposed sanctions upon persons who, among other things, interfere or undermine in elections and other democratic processes. In particular, General License 1 (GL 1) authorizes:

  • Dealings with the FSB in connection with licenses, permits, or notifications required for the distribution in the Russian Federation (Russia) of information technology products;
  • Complying with law enforcement, administrative actions, or investigations involving the FSB; and

In a follow-up comment to the press, the U.S. Government announced that GL1 did not reflect a change in policy towards Russia, but rather a recalibration of the recently imposed prohibitions under EO 13757. Indeed, GL1’s authorizations are consistent with OFAC’s historically favorable policy toward the dissemination of information. Nevertheless, as discussed below, GL1’s authorizations are limited and subject to several conditions.

Limited authorizations

GL1 authorizes dealings with, including payments to, the FSB in connection with licenses, permits, or notifications required by the FSB for the distribution and use of information technology in Russia. The FSB is the Russian government’s security agency, responsible for intelligence, counterintelligence, export controls, and other matters of national security. OFAC’s designation of the FSB as an SDN on December 29, 2016 effectively prohibited U.S. companies and individuals, and any other persons subject to U.S. rules, from doing any business that is subject to the FSB’s jurisdiction. For example, the importation into Russia of certain high technology items, including encryption software, requires notifications to and permits from the FSB. Therefore, any exports or reexports of items to Russia requiring payments to or dealings with the FSB, though otherwise lawful under U.S. law, were prohibited by EO 13757. After GL1, however, covered payments to, or dealings with, the FSB are authorized, so those otherwise lawful transactions (i.e., transactions not subject to any other export or reexport prohibitions) may proceed. This authorization is consistent with OFAC’s historically favorable policy towards the dissemination of information (see, e.g., the general license for the exportation of personal communication software under OFAC’s Iranian sanctions regulations).

GL1’s authorization is limited, however, as payments made to the FSB in connection with permits and notifications related to information technology must not exceed $5,000, in any calendar year. Indeed, GL1 does not authorize any other exports to the FSB. Persons seeking to take advantage of GL1, therefore, must make and keep records of any payments made to the FSB to show their payments (1) have not exceeded the annual $5,000, threshold, and (2) pertain to the export or reexport of information technology items to Russia. Otherwise, those individuals could be subject to penalties for exceeding the authorization of GL1 and therefore violating OFAC’s rules.

Moreover, any goods, technology, or software exported or reexported pursuant to GL1 also must be authorized for export by the U.S. Department of Commerce’s Bureau of Industry and Security (BIS). While GL1 does not require proof of BIS authorization, persons taking advantage of GL1 again should retain records showing that any items exported either do not need a BIS license or already have a valid BIS license. We note that BIS has adopted a policy of denial for requests for authorization to export high technology items to Russia, so any individual or entity aiming to export to Russia should determine first whether its exports are subject to BIS restrictions.

Finally, GL1 authorizes U.S. persons to comply with law enforcement, administrative actions or investigations involving the FSB, as well as rules and regulations administered by the FSB. These authorizations suggest that persons subject to U.S. jurisdiction, if complying with EO 13757, may have been at risk of violating Russian law. After GL1, those persons now may comply with the FSB without raising that risk.

Final thoughts

OFAC takes care to note that GL1 does not authorize the export or reexport of goods, services, or technology to Crimea, thereby leaving intact OFAC’s comprehensive embargo on doing business in that region. In addition, GL1 does not authorize any dealings with any other persons whose property is blocked under U.S. law. In sum, GL1’s authorizations are narrow and aimed only at certain categories of activity. OFAC’s first public announcement under the new administration, therefore, does not appear to depart much from its previous positions. But as we noted in our 11 January 2017 alert, it is unclear whether, how long, and in what form the United States’ cyber-related, and other Russia-related, sanctions will persist. We will continue to monitor any and all developments, and urge corporations and financial institutions whose business involves sanctioned jurisdictions to build flexibility into their plans.