Over the last month or so, we’ve been hearing that Russia is building its forces on the border of Ukraine. We’ve also heard that economic sanctions would be coming if Russia invaded Ukraine. There was a wide range of things being tossed around for well over a month on potential sanctions.
Then on Wednesday, February 23, Russia invaded Ukraine at 5:00 a.m. Eastern European Standard Time. Once the invasion started, every channel and every social media news feed reported different sanctions going into place. Every country is using different sanctions, and some global banking bodies like SWIFT were also now getting involved. Since Wednesday, my phone has been blowing up with BSA (Bank Secrecy Act) officers all around the country for advice and my thoughts on what they needed to do with these sanctions – and just trying to make sense of it all. So, as I sit here Monday morning Feb 28, I want to share with everyone what those conversations have been and the information we’ve been sharing on those individual calls. Let’s hit those topics one at a time. These are the things a BSA officer needs to consider and implement immediately.
Office of Foreign Assets Control, which we know as “OFAC,” issued a press release on February 24, 2022, called “Unprecedented & Expansive Sanctions Against Russia, Imposing Swift and Severe Economic Costs.” In summary, this added the top 10 banking institutions in Russia to the OFAC list. On a daily basis, Russian institutions conduct $46B worth of foreign exchange with 80% of that in U.S. dollars. That means these sanctions will disrupt their ability to move money. So, what does that mean to BSA officers? It means you need to make sure you are monitoring your foreign transactions. You need to make sure your OFAC list is up to date with the latest release on February 25, 2022. That list has all the Russian entities that you should run all your transactions and customers through. Several of the Russian influential billionaires and government leaders have been added to the list. Many of them have assets and businesses in the U.S. If you come across a positive hit, make sure you file your SAR immediately to stay in compliance with the new sanctions.
On Saturday, February 26, 2022, the U.S. and all major allies requested the Belgium SWIFT to remove the Russian institutions. Bankers know the power of SWIFT and the ability to move money throughout the world on that payment channel. Most people think of SWIFT as just wires, but in many parts of the world, SWIFT runs credit cards, Interbank Transfers, and many other ways financial institutions can move money globally. FIAT is the term for a currency that is backed by a government value. The U.S. has the dollar, Europe has a euro, Russia has a ruble. The value of that currency is only determined by the value of that government. When the Ukrainian allies called for SWIFT to implement that sanction it immediately caused the Ruble to tumble. As of today, a Ruble is now worth less than a penny. Not even worth the paper it is printed on. As BSA officers, you need to make sure that any international transactions to and from Russia are screened. You need to add Russia to your sanctioned country list for transactions. Block any transactions going and coming just like the other sanctioned countries you already have in place. Report via SAR any transactions that have been attempted.
While the first two suggestions were obvious for most seasoned BSA officers, everyone I talked to did not think of crypto until I brought it up. What we have seen in the crypto world is many Russian people started to liquidate their savings from their financial institutions and dump them into crypto. The ones that had the foresight of the possible sanctions that were about to be imposed on their banking system, moved them to the only channel that is not controlled by any governments. That’s why the global stock markets have been down or even since the invasion, but all the major crypto tokens have been up – some more than 18%. In Vegas, it is said it takes a $1M worth of bets on a single team to make the line change a single point. Crypto gaining 18% means there was more than $100M for every percentage being invested to make it go higher. That is on top of some people globally cashing some crypto out to have cash in their pocket as they worry Russians will cyberattack our financial industry (more of this on the next point). That is a lot of money flooding into the crypto market because people feel it’s safer there than in Russian or Ukrainian banks. I read a story yesterday about a Ukrainian that fled the country to Poland. His banking institution shut down because of the invasion, so his savings are not accessible at this time. He made this powerful quote: “I thank God for my Bitcoin and Ethereum because that has been my saving grace and allowed me to provide shelter and eat.” So, what does that mean for U.S. financial institutions? Make sure you are monitoring incoming crypto deposits. Report any large influx of crypto coming into the institution. If it is a foreign national account and a large incoming deposit from crypto, make sure you are filing a SAR. Let the U.S. government figure out if it is a Russian National. This is something they can do via the blockchain.
I remember watching the movie War Games when I was a kid. It’s the first time I heard the term DEFCON. From a cybersecurity position, we need to be on DEFCON 1 (highest alert). As we know in the industry, Russia has many threat actors in the cyber world. From accusations of ransomware to affecting our elections, there has always been a serious undertone from Russian threat actors. As the Ukrainian allies continue to impose stronger and stronger actions to prevent WWIII from happening, we certainly expect these attacks to increase. A recent TIME article lets companies know they must be on high alert. Chris Krebs mentioned that along with utilities and military his thoughts would be the Russians would also target financial institutions since most of the Russian sanctions are targeted at their own. If you have escalation levels within your organizations, today is the day to start reviewing them and possibly raising some of them until the tension in Eastern Europe settles down. Make sure you let your employees know of the heightened threat and treat vague or random emails with added caution.
Again, these are some of the conversations I’ve already had with many financial institutions, and my goal here is to make sure you know the sanctions that are in place and some of the things you need to be concerned about from a U.S. financial institution perspective. As with anything in the financial crimes world, this too will pass over time – but, in the meantime, keep your head down, be sure processes are in place, and get your due diligence done!
Who We Serve
What We Offer