Capping off a year of robust sanctions enforcement, two recent enforcement actions highlight the risks of doing business with sanctioned countries, in particular Iran. In December 2016, federal and New York state regulators initiated enforcement actions related to alleged sanctions violations involving Iran. In the first enforcement action, Italy’s largest retail bank, Intesa Sanpaolo SpA (Intesa), was alleged to have engaged in dollar-clearing transactions on behalf of Iranian clients. In the second action, a US person individual, Kenneth Zong, was alleged to have engaged in a scheme to move restricted Iranian funds out of South Korea and transfer them to Iranian recipients. This advisory summarizes the enforcement actions against Intesa and Mr. Zong.

Intesa Sanpaolo

Intesa agreed on December 15, 2016 to pay a $235 million fine to the New York State Department of Financial Services (NYDFS) in settlement of allegations that Intesa violated New York anti-money laundering (AML) laws and the Bank Secrecy Act (BSA). The bank was found to have operated a deficient transaction monitoring system, conducting more than 2,700 dollar-clearing transactions on behalf of Iranian and other potentially sanctioned clients. See NYDFS’s press release and consent order.

According to the consent order, Intesa “utterly mismanaged” its transaction monitoring system and failed to identify suspicious transactions. Among other things, NYDFS alleged that Intesa engaged in a pattern of conduct as follows:

  • Intesa processed thousands of transactions bearing strong indicia of shell company activity or other possible money laundering activity, which were cleared through its New York branch or other US banks or branches. Though a transaction monitoring program was in place, the New York branch’s designated anti-money laundering compliance officer allowed his staff to circumvent written policy by “clearing” keyword-based alerts based on their own judgment. The clearances were never subject to any subject re-review, investigation, documentation, or internal audit.
  • Intesa utilized a faulty keyword alert policy that led the bank to miss at least 9 billion dollars’ worth of additional transactions. These programming errors included incorrectly-
  • programmed alerts that contained extra spaces in the searches; searches that only contained the official country name rather than the commonly-used short forms of country names; and algorithms that searched three or more transaction within a single day period instead ten-day period.
  • Intesa used non-transparent practices to process payments on behalf of Iranian clients and other entities from 2002 to 2006. While these transactions were “U-Turn” transactions that may have been legally permissible under federal regulations in effect at the time (which have since been revoked), they involved non-transparent payment messages that deleted details from the transactions. Because of this, neither the New York branch nor NYDFS had the opportunity to learn the true nature of the payments.

Additionally, as noted in the consent order, in 2013 Intesa paid approximately $2.9 million to settle allegations by the US Treasury Department, Office of Foreign Assets Control (OFAC) that it had violated sanctions.

In addition to the monetary fine, Intesa-Milan and Intesa-New York are to jointly submit to NYDFS a written revised BSA/AML compliance program. Additionally, Intesa-Milan and Intesa-New York are to submit a written revised internal audit plan, enhanced customer due diligence program, and program to reasonably ensure the identification and timely, accurate, and complete reporting by Intesa-New York of all known or suspected violations of law or suspicious transactions.

NYDFS noted that the enforcement action against Intesa highlighted the importance of the Department’s forthcoming anti-terrorism and AML regulation that requires regulated institutions to maintain certain specifically prescribed compliance programs. NYDFS stated in its press release:

Today’s action further highlights the importance of DFS’s new risk-based anti-terrorism and anti-money laundering regulation that requires regulated institutions to maintain programs to monitor and filter transactions for potential BSA/AML violations and prevent transactions with sanctioned entities. The final regulation requires regulated institutions to submit an annual board resolution or senior officer compliance finding confirming the steps taken to ascertain compliance with the regulation.

The new regulation will be effective January 1, 2017. We will be publishing an advisory regarding the NYDFS regulation in the near future.

Kenneth Zong

On December 15, the US Department of Justice charged Kenneth Zong of Anchorage, Alaska with evading US sanctions on Iran and money laundering. The charges are specified in an indictment and summarized in a press release. Allegedly, Mr. Zong and one American and three Iranian co-conspirators engaged in fraudulent transactions intended to unlawfully convert and remove Iranian-owned funds worth approximately $1 billion from South Korean banks. As explained in the indictment, the funds were held in controlled Korean bank accounts, and under Korean law, could only be applied towards the purchase of Korean commodities, with any subsequent transfer of the funds into the worldwide financial market subject to rigorous review by Korean regulators. DOJ alleged that Mr. Zong acted to remove the funds from South Korea, convert them into other currencies, and transfer them to more than 10 countries around the world, at the behest of Iranian co-conspirators.

The scheme purportedly began in 2011, when Mr. Zong changed the name of his Korean company to “Anchore” and started fictitiously selling marble tiles and other construction supplies to an Iranian shell company in Iran. Anchore then fictitiously purchased Italian marble tiles from another Iranian-controlled shell company in Dubai. The fake purchases were accompanied by false and fictitious contracts, bills of lading, and invoices intended to satisfy Korean government bank regulators. The sales enabled the transfer of money from the restricted Iranian bank account held at the Industrial Bank of Korea to Zong’s Anchore account, which then were then transferred to entities and individuals throughout the world.

Zong alone was named in a 47-count indictment charging him with conspiracy to violate the International Emergency Economic Powers Act, Iranian Transactions and Sanctions Regulations, and money laundering laws. An arraignment date has not been set.

Conclusion

The recent enforcement actions demonstrate that sanctions against Iran are likely to continue as a focus for enforcement for both the US Government and New York state, with violators facing very significant potential liability under applicable sanctions and money laundering laws. An upcoming NYDFS regulation regarding compliance programs, effective January 1, 2017, is particularly worth noting, as it will impose a range of new compliance obligations on certain financial institutions regulated under New York state law. We will publish an international law advisory regarding the regulation in the near future.