Key takeaways from the “Global russia Risks: Financial Crime and Compliance Forum”

On 17 January 2024, Avellum, a leading Ukrainian law firm, in partnership with Highgate, a strategic advisory firm, hosted the “Global russia Risks: Financial Crime and Compliance Forum”. The Forum convened leading experts in financial crime, anti-money laundering, cryptocurrency, and sanctions to address the risks emanating from russia that impact international businesses. Esteemed speakers from institutions such as the Royal United Services Institute, Global Coalition to Fight Financial Crime, the Association of Certified Anti-Money Laundering Specialists, Elliptic, G3, White & Case, and Debevoise & Plimpton led discussions.

The Forum commenced with an opening speech by Sergii Marchenko, the Minister of Finance of Ukraine. He emphasised Ukraine’s resilience in the face of russian invasion and detailed russia’s repeated violations of the Financial Action Task Force (“FATF”) recommendations, along with the associated threats. Minister Marchenko highlighted russia’s collaboration with various terrorist groups and high-risk countries such as North Korea and Iran, as well as its use of illicit networks and shell companies for sanctions evasion and procurement of western technology for military purposes. He spoke about risks stemming from russia’s malicious cyber activities, corruption, and organised crime. The speech covered challenges in due diligence and compliance due to russia’s lack of transparency and intentional non-compliance with international standards.

The Minister drew a crucial distinction, stating, “The difference between a usual risky jurisdiction with weak institutions and incapable systems for the prevention of financial crime and russia is that in russia, non-compliance with international standards and the prevalence of financial crime is a conscious state policy choice”.

Calling for action, the Minister urged the FATF to recognise the harm russia has inflicted on the global financial system, acknowledge the ongoing risks, and consider blacklisting the country. He appealed to the European Union, G7, and other nations committed to a rules-based international order, urging them to acknowledge the risks posed by russia to the integrity of the global financial system. He recommended placing russia on their respective “high-risk jurisdiction” lists, issuing relevant market guidance, and enhancing national financial crime regulations to counter russian threats.​​

The discussions in the first panel, moderated by Matei Rosca from Reporter.London, focused on the risks of terrorism financing, money laundering, and cybercrimes posed by russia. Tom Keatinge, the Director of the Centre for Financial Crime and Security Studies at RUSI, initiated the panel by highlighting russia’s violations of the UN Security Council resolutions in its dealings with North Korea. He emphasised that even in jurisdictions that do not join with the EU, US, UK, or any other sanctions are obligated to comply with the UN Security Council resolutions.

Keatinge emphasised that businesses should be concerned not only with risks related to sanctions but also with the more significant threats russia poses to the financial system. These threats include facilitating various forms of financial crime, corruption, money laundering, and injecting illicit financing into the financial system. Keatinge concluded by underlining the importance of countries and businesses analysing available evidence and taking unilateral, proportionate actions instead of waiting for the FATF decisions or guidance.

David Carlisle, the Vice President of Policy and Regulatory Affairs at Elliptic, provided insights into the use of cryptocurrency by cybercriminals and the russian cybercrime ecosystem. Carlisle noted a surge in ransomware attacks originating from russia, including the “big game hunting” attacks which target critical infrastructure such as hospitals and energy grids. He also discussed russian cryptocurrency exchanges’ involvement in money laundering, highlighting instances of North Korean cybercriminals laundering funds through russian exchanges. These illicit cyber activities are aided by a blossoming ecosystem of services that help russian cybercriminals convert crypto into russian roubles.

Further, Anna Gumowska, Global Head of Investigations at G3, shared her experience identifying risks that companies face when dealing with russian and russian-related entities. She emphasised that breaching sanctions is not the only concern but highlighted major risks related to terrorism financing, illicit trade, and contributing to the russian financial system that funds the war against Ukraine. The complexity of risks has transformed due diligence checks from a routine exercise into elaborate research tasks where a payment to a security person in Africa may carry risks of violating sanctions or financing dubious russia-related military groups or even terrorist organisations.

Gumowska confirmed the Minister’s point that information coming out of russia is unreliable, making risk analysis and due diligence checks challenging. The inability to provide answers about risks with a level of certainty often drives companies to avoid dealing with risky entities connected to the russian financial system altogether. Gumowska said this may be the best choice for safeguarding businesses from risks emanating from russia.

Vadim Medvedev, a partner at Avellum, concluded the first panel by addressing the origin of russia’s risks. According to Medvedev, risks such as sanctions evasion, money laundering, and abuse of financial systems of non-sanctioned states for illicit purposes result from a deliberate state-run machine that launders criminal proceeds, finances terrorist organisations, and evades sanctions. He illustrated russia’s tradition of misuse of the international financial system for illicit purposes, which dates back to Soviet times and has always involved intelligence services, such as KGB then and FSB now. Medvedev advised that regulators and businesses assessing russia-linked risks must acknowledge this deliberate state involvement. He urged international businesses to ask a fundamental question: Do they want to test their compliance teams against cunning FSB schemes or better stay away from the risky jurisdiction altogether?

Yuriy Nechayev, a partner at Avellum, spoke about Ukrainian sanctions and their impact on international businesses. He advised international businesses to monitor the Ukrainian sanctions regime and comply with it to avoid legal and reputational consequences as well as use the sanctions lists as a source of information about potentially risky counterparts and evolving threats.

The second panel, moderated by Chris Cook from the Financial Times, focused on the current state of the russian sanctions and financial crime. John Cusack, Chair of the Global Coalition to Fight Financial Crime, highlighted that russia ranks among the top five offending countries for almost all major predicate offences and highlighted a high level of threat indicated by his financial crime dashboard. He criticised the Financial Action Task Force’s designation of russia as a medium risk-high response jurisdiction but warned that FATF was unlikely to change its position on russia, as it would require a tectonic shift in the FATF’s worldview.

He also argued that on 22 December 2023, the US made a “game changer” move in relation to russia, similar the the US crackdown on Iran in 2004-2005. On 22 December 2023, the US issued the order targeting financial institutions worldwide, regardless of whether they engage in transactions with russian counterparties with or without direct knowledge of the illegal activity. Importantly, the order extends to non-Western countries such as China and Turkey, which conduct transactions with russian counterparties. Cusack’s key takeaway was that continued access to the US dollar banking system will be increasingly dependent on sanctions compliance.

Wilbert Luna, a lawyer for White & Case and a former member of the Mexican delegation to the FATF, spoke about the compliance challenges faced by companies in a rapidly evolving geopolitical landscape. He advised businesses to be aware of foreign partners on FATF, OFAC and similar watchlists and seek legal and compliance advice to avoid violations. Luna emphasised that ignorance of sanctions and regulations is not a valid excuse for non-compliance.

Jane Shvets, a Partner at Debevoise & Plimpton, suggested that secondary sanctions will be a primary risk to manage in 2024. She explained that russia and its allies are becoming more creative in how they are structuring operations in order to get around Western sanctions. At the same time, US authorities seem determined to crack down on such violations and the 22 December executive order is one of the examples of that. Therefore, companies must be aware of these increasing risks of getting caught up in sanctions violations even without direct interaction with sanctioned entities and take appropriate steps to mitigate these threats.

Justine Walker, Global head of Sanctions Compliance & Risks at Association of Certified Anti-Money Laundering Specialists (ACAMS), agreed with Shvets and said regulators in 2024 will focus on export controls, strategic trade, and dual-use goods. She highlighted the increasing risk to businesses with indirect exposure to russia and stressed the importance of understanding sanctions and authorities’ concerns to manage these risks. Walker noted the challenges faced by banks in integrating sanctions and export control teams due to divergent skill sets but added that coordination between these two groups will be key for compliance in the coming months and years. She also encouraged non-US entities to seek guidance from US authorities when they face challenges in managing the licensing landscape due to the complexity of russia sanctions.

The panel concluded by highlighting the need for continuous discussions among business, political, and legal communities to address the growing risks posed by russia.

A recording of the Forum will be available to the public for three months via this link.