Opportunities and Legal Risks in the New OFAC Cyber-Related Sanctions Regulations Explored!
Following the cyberattack on the Office of Personnel Management that had caused significant loss of corporate intellectual property, the Department of the Treasury's Office of Foreign Assets Control (OFAC) has released new cyber-related sanctions regulations that will implement Executive Order 13694 (Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Related Activities) last December 31, 2015.
E.O. 13694 prohibits transactions involving individuals and entities that are assigned as Specially Designated Nationals (SDNs). Such parties are engaged in cyber-enabled activities that were identified as malicious in nature.
Neither E.O. 13694 nor the new regulations clearly define what constitutes “cyber-enabled” activities. However, FAQs on OFAC’s website indicate that “such activities include deliberate activities accomplished through unauthorized access to a computer system, including by remote access; circumventing one or more protection measures, including by bypassing a firewall; or compromising the security of hardware or software in the supply chain.”
In this two-hour LIVE Webcast, a panel of key thought leaders and professionals assembled by The Knowledge Group will help the audience understand the significant issues with respect to the Opportunities and Legal Risks in the New OFAC Cyber-Related Sanctions. Speakers will also provide the audience with helpful insights and up-to-the-minute regulatory developments to ensure compliance with applicable laws.
Key topics include:
- New Cyber-Related Sanctions Regulations - An Update
- Identifying Significant Malicious Cyber-Enabled Activities
- Restrictions and Covenants
- Two Categories of Individuals or Entities
- Specially Designated Nationals List (“SDN List”)
- Recent Regulatory Updates
Jeremy P. Paner, Of Counsel
Holland & Hart LLP
- The OFAC designation process
- Interagency discussions
- Compilation of administrative record
- Interagency legal review
- Release of press release
- General criteria for selection of designation targets
- Network theory of targeting
- Clearance of intelligence community equities
- Effect of designation
- U.S. person prohibitions
- Potential future derivative designations
Kevin Petrasic, Partner
White & Case LLP
- Implications of how OFAC may exercise authority in terms of collateral impact and how it may more complicated than anticipated
Julie Myers Wood, Chief Executive Officer
Guidepost Solutions, LLC
- What an initial designation could look like
- Rising expectations on due diligence for the SDN list
- Practical steps for companies that may have greater exposure to cyber-related sanctions
- Additional due diligence requirements for IT service providers
David Simon, Counsel
Sidley Austin LLP
Background and purpose of cyber EO?
- In the aftermath of the cyberattack on the Office of Personnel Management and the significant loss of corporate intellectual property, the U.S. government has announced new tools to respond to and to deter such harmful attacks. On December 31, 2015, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new U.S. Cyber-Related Sanctions Regulations, set forth in 31 C.F.R. § 578 (Cyber-Related Sanctions Regulations).
- The Cyber-Related Sanctions Regulations are designed to implement Executive Order 13694 (E.O. 13694), which targets perpetrators of malicious cyber-enabled activities (e.g., hacking and distributed denial of service attacks) as well as those who support such activities and certain recipients and users of stolen trade secrets.
- In its December 31 publication, OFAC stated that it was publishing the regulations in an abbreviated form and expressed its intention to supplement them with a more comprehensive set. The regulations, as currently published, largely mirror OFAC’s standard abbreviated regulations for programs involving blocked persons.
What does the cyber EO do?
- EO 13694 authorizes the imposition of sanctions
- on those individuals or entities outside the United States
- that the Secretary of Treasury determines
- to be responsible for or complicit in
- malicious cyber-enabled activities that
- result in harms that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States
Select examples of these activities?
- misappropriating funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain
- knowingly receiving or using trade secrets that were stolen by cyber-enabled means for commercial or competitive advantage or private financial gain
- attempting, assisting, or providing material support for any of the above harms
Status of designations under this sanctions authority?
- The U.S. government has not yet designated any parties under this new sanctions program.
- Therefore, for the time being, companies need not take any action.
- However, once parties are blocked for cyber-related sanctions purposes, their names will be added to the OFAC Specially Designated Nationals List, which must be checked and complied with. Finally, while OFAC has not provided any specific channel for companies to identify possible cyber-related sanctions targets to the U.S. government (i.e., foreign hackers), we believe that OFAC and other agencies would be receptive to receiving such information from companies with potentially relevant information.
- Potential for cyber sanctions designations that correspond to DOJ indictments related to cyber-enabled economic espionage, as well as DOJ indictments related to cyber attacks on U.S. civilian critical infrastructure.
Who Should Attend:
- Cybersecurity Lawyers
- Cybersecurity Officers
- Cybersecurity Professionals
- Risk and Compliance Officers
- Chief Compliance Officers
- Other related/interested Professionals and Organizations
Julie Myers Wood is the chief executive officer of Guidepost Solutions, a leading investigative and compliance consulting firm. She joined the firm in 2012, as president of its Compliance, Federal Practice and Software Solutions division. Prior to joining Guidepost Solutions, Ms. Wood was the former founder and president of ICS Consulting, LLC, a firm specializing in compliance, risk assessments, immigration and customs investigations. Guidepost Solutions acquired ICS Consulting in September 2012.
Ms. Wood focuses on regulatory compliance and investigative work. Most recently, she supervised a comprehensive technology review and assessment of the Office of Foreign Assets Control (OFAC) and anti-money laundering (AML) capabilities for a global bank, overseeing the implementation of data analytics capability to detect anomalies in AML and OFAC screening, as well as USD clearing for correspondent banks. Ms. Wood managed a team reviewing the AML and sanctions rules/wraps, internal software platform, investigator training and alert closure, and procedures/policies. In this role, she worked closely with New York regulators.
Prior to joining the private sector, Ms. Wood served as Head of Immigration and Customs Enforcement for the Department of Homeland Security (DHS) leading its largest investigative component and the second largest investigative agency in the federal government. She oversaw the agency’s wide variety of AML and trade compliance (OFAC, EAR, ITAR) investigations and private sector compliance programs, testified about best practices and investigations, and enforced the Export Administration Act and related export control regulations. Ms. Wood’s previous leadership positions in the federal government include Assistant Secretary for Export Enforcement at the Department of Commerce and Chief of Staff for the Criminal Division at the Department of Justice. She also served as Deputy Assistant Secretary (Money Laundering and Financial Crimes) at the Treasury Department, where she helped draft regulations relating to Title III of the Patriot Act, coordinated the U.S. government’s national report/strategy on money laundering, and oversaw Treasury Enforcement activities relating to OFAC. Ms. Wood served as an Assistant U.S. Attorney for the Eastern District of New York, where she prosecuted criminal cases including financial crimes, securities fraud, and other white-collar criminal cases.
Julie Myers Wood is the chief executive officer of Guidepost Solutions, a leading investigative and compliance consulting firm. She joined …
Kevin Petrasic is a banking partner and Global Head of the Financial Institutions Advisory practice of White & Case LLP, based in the Firm’s New York and Washington, DC offices. He advises banks and financial firms on regulatory, transactional, compliance, supervisory, enforcement, legislative, and policy issues. His clients include domestic and foreign banks, investment banks, private equity and hedge funds, investment managers and advisers, securities firms, insurance companies, payments companies, and FinTech firms.
Kevin has extensive experience in Dodd-Frank compliance, bank holding company regulation, anti-money laundering issues and OFAC compliance, credit card and consumer financial compliance laws, UDAAP issues, data privacy and data breach issues, compliance laws impacting payments systems, mergers and acquisitions, bank powers and activities, legislative matters, mortgage market regulation, and corporate governance.
He has over 20 years of government experience, including serving as Special Counsel, Managing Director of External Affairs, Director of Congressional Affairs, Legislative Counsel, and Assistant Chief Counsel at the US Treasury Department's Office of Thrift Supervision, as well as Counsel to the former US House Banking Committee.
Kevin Petrasic is a banking partner and Global Head of the Financial Institutions Advisory practice of White & Case LLP, …
Mr. Paner is Of Counsel at Holland & Hart’s Washington, DC office. His practice focuses on economic and trade sanctions compliance issues, in addition to general white collar criminal and regulatory investigations. Mr. Paner leverages his sophisticated governmental experience to deliver valuable risk analysis and compliance and avoidance advice to private clients.
Prior to joining Holland & Hart, Mr. Paner worked for a major international consulting company that served as the New York State Department of Financial Services appointed independent economic sanctions monitor of a major international financial institution. He was responsible for providing remedial enhancements to the economic sanctions compliance program throughout the bank’s worldwide operations. Mr. Paner enhanced the bank’s Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures and he improved its sanctions filter screening and escalation procedures to better manage evolving risk. Mr. Paner also enriched the bank’s economic sanctions training and OFAC risk assessment programs. Throughout his tenure, Mr. Paner specifically focused on enhancing the compliance program of the international trade business unit to effectively reduce the bank’s overall sanctions compliance risk.
Prior to his monitorship role, Mr. Paner served for six years at the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), where he gained extensive experience in a variety of issues involving economic sanctions. Highlights from Mr. Paner’s OFAC career include numerous sensitive and complex investigations and actions against Iranian‐linked financial institutions, and the identification of a key Al‐ Qaeda financier. During his time at OFAC, Mr. Paner also gained significant experience adjudicating petitions for removal from the Specially Designated Nationals (SDN) List.
Mr. Paner is admitted to practice only in Virginia; he is not admitted to practice in the District of Columbia.
Mr. Paner is Of Counsel at Holland & Hart’s Washington, DC office. His practice focuses on economic and trade sanctions …
DAVID SIMON, a former Special Counsel to the Department of Defense (DoD) General Counsel from 2011–2015, has advised extensively on cutting edge economic sanctions and cybersecurity matters. David’s practice focuses on cybersecurity, privacy and national security matters involving U.S. courts, Congressional investigations, Executive Branch proceedings and international regulatory authorities. David counsels U.S. and foreign clients on national security and international legal issues, including U.S. and multilateral economic sanctions and asset controls and transactions reviewed by the Committee on Foreign Investment in the United States (CFIUS). He has substantial experience in U.S. foreign relations litigation involving the Alien Tort Statute, the Foreign Sovereign Immunities Act, the immunities of foreign governments and government officials. He also advises clients on other public international law matters, including international humanitarian law, human rights law and treaty law.
David is widely recognized for his experience regarding cybersecurity law and policy. He serves as a member of the Center for Strategic International Studies Cyber Policy Task Force, which is composed of leading officials from the government, industry and non-profit worlds to identify and recommend new U.S. policies for cybersecurity. David also serves, at the invitation of the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia, as a peer reviewer of the second edition of the “Tallinn Manual on the International Law Applicable to Cyber Warfare.”
DAVID SIMON, a former Special Counsel to the Department of Defense (DoD) General Counsel from 2011–2015, has advised extensively on …
Print and review course materials
Method of Presentation:
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE Credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Guidepost Solutions, LLC
In a world where change is certain, experience is the best protection. Guidepost Solutions offers global investigations, compliance and monitoring, and security and technology consulting solutions for clients in a wide range of industries. Our expert team provides leadership and strategic guidance to address critical client needs across the globe. With headquarters in New York, Guidepost Solutions maintains offices in key markets including Chicago; Dallas; Honolulu; London; Los Angeles; Oakland; Palm Beach; Sacramento; San Francisco; Seattle; Singapore; and Washington, D.C., and has resources across the globe. Experience guides us. Solutions define us. For more information, please visit www.guidepostsolutions.com.
About White & Case LLP
White & Case is an international law firm that serves companies, governments and financial institutions, and is consistently ranked at the top of the list of global law firms. The firm’s Financial Institutions Advisory practice advises on a wide range of issues affecting banks and nonbank financial firms, including regulatory and compliance matters; transactions and structuring; disputes, enforcement and investigations; risk management and legal assistance in day-to-day operations; and cross-border legal and regulatory implications for firms with a global multijurisdictional presence. The firm’s clients include domestic and international banking organizations, investment banks, and an extensive list of nonbank financial firms that includes investment funds and advisers, private equity and hedge funds, sovereign wealth funds, outsourcing and other third party service providers, Fintech enterprises, and other key players in the financial industry sector. The firm also advises many of the largest banks in the US, UK, Latin America, Europe, the Middle East, Africa and Asia.
About Holland & Hart LLP
Holland & Hart provides customized trade compliance audits, training, programs, and regulatory responses that address each company’s business needs and reflect industry best practices.
From small privately held start-ups to publicly traded Fortune 50 companies, the export control and trade sanctions attorneys at Holland & Hart have considerable experience in this complex area of law. We counsel companies to develop robust compliance systems, conduct employee training, provide advice for appropriate internal investigations, and discreetly resolve export trade sanction matters, including:
- Investigations and Enforcement
- Export Controls
- Trade Sanctions
- Customs Law / Import Controls
- Anti-boycott Compliance
- Foreign Corrupt Practices Act
- Homeland Security
- National Security Restrictions on Investment
- Compliance and Training
About Sidley Austin LLP
Sidley provides a broad range of legal services to meet the needs of our diverse client base. The strategic establishment of our offices in the key corporate and financial centers of the world has enabled us to represent a broad range of clients that includes multinational and domestic corporations, banks, funds and financial institutions.