September 8, 2023 - On September 7, 2023, the European Commission (the “Commission”) published much-awaited guidance for European Union (“EU”) operators on implementing enhanced due diligence relating to Russia sanctions circumvention risks (the “Guidance”).  

Since February 2022, the EU has imposed unprecedented sanctions on Russia in response to its war of aggression against Ukraine.  We have covered successive rounds of EU sanctions imposed against Russia to date in our previous and continuing advisories (available here).  Over the months, the EU and its coordinating partners, have increased their attention to preventing and responding to the circumvention of sanctions (see our advisory on the 11th package).

Both Council Regulation (EU) No. 833/2014 (sectoral sanctions) and Council Regulation No. 269/2014 (individual sanctions) prohibit EU operators from knowingly and intentionally participating in activities the effect or object of which is to circumvent these prohibitions (often referred to as the “anti-circumvention” clause).  Recognizing that Russian sanctions targets have deployed various and increasingly sophisticated techniques to evade EU sanctions prohibitions (such as by using complex financial schemes, falsifying the nature or origin of the goods traded or concealing assets), the Guidance notes that “EU operators will find themselves in a position where they may facilitate prohibited activities involving Russia, thereby reducing the impact of sanctions and possibly violating EU regulations.”

According to the Commission, this evolution "justifies the development of an enhanced due diligence model, in particular for high risk sectors and complex supply chains." In its existing Q&A on due diligence for business with Iran, as well as the detailed FAQs on Russian sanctions, the Commission had already underlined that EU operators should adopt“a risk-based approach that consists of risk assessment, multi-level due diligence, and ongoing monitoring” to comply with applicable EU sanctions. 

The Guidance specifically focuses on the possible risks of circumvention of export-related restrictions targeting Russia and provides a general overview of the main points that should be considered by EU operators when conducting sanctions due diligence. 

Identification and Assessment of Sanctions Circumvention Risks

The Guidance first states that EU operators should identify, assess, and understand the possible sanctions circumvention risks to which they are exposed.  It sets forth some of the components of circumvention risk assessments:

  • Identification of risks: This step should allow EU operators to identify the products, transactions, and economic activities that are at risk of being involved in circumvention activities.  The Guidance highlights that certain EU operators should exercise particular vigilance in this regard, such as freight forwarders, manufacturers of semiconductor devices, and operators involved in transactions with high-priority battlefield items or goods which may be easily miscategorized under the HS code.
  • Evaluation of these risks: The risk assessment process should focus on the risks specific to the sector, products, and economic activities of operators.  EU operators may use risk indicators (non-exhaustive list included in the Guidance), typologies, and any other relevant information that is publicly available or forms part of their specialized knowledge.   
  • Design and implementation of mitigation measures: The risks identified, and their mitigation measures, should be incorporated into internal risk management practices and be subject to internal controls.
  • Regular updates: Given the rapid evolution of circumvention techniques, the risk assessment should be regularly updated, in particular following the adoption of new sanctions, the release of new information on circumvention techniques, and trade-flows.  The Guidance also underlines the importance of training personnel on these issues, and the personal involvement of senior management.

Triggers and Scope of Enhanced Due Diligence

In line with the Commission’s FAQs on Russian sanctions, the Guidance underlines that there is no single model for conducting due diligence, which should be proportionate to the risks identified.  However, the Guidance seeks to define several common elements for performing heightened due diligence. 

First, according to the Guidance, enhanced due diligence should be conducted on those activities considered to be the most critically exposed to sanctions circumvention risks.

To help operators, the Guidance lists a number of circumvention red flags which, if identified during general due diligence, should trigger enhanced due diligence.  These escalation triggers include:

  • Indirect transactions using intermediaries or shell companies that make little or no economic sense;
  • New customers and transactions with operators located in countries known as “circumvention hubs” and involving high-priority battlefield items.  The Notice to economic operators, importers and exporters of April 1, 2022 (the “Notice of April 1, 2022”), underlines that particular attention should be paid to countries of the Eurasian Economic Union, in particular Armenia, Kazakhstan and Kyrgyzstan;
  • Transit though territories known as “circumvention hubs;”
  • Complex corporate or trust structures, notably involving offshore companies.  Indeed, the use of trust arrangements was specifically identified by the Russian Elites, Proxies, and Oligarchs (“REPO”) Task Force as being used by sanctioned persons to evade sanctions;  
  • Business partner’s recent establishment or merger with a sanctioned person or an entity linked to such person;
  • Business partner sharing an address with multiple different companies;
  • Changes of ownership to reduce ownership stakes below the 50% threshold;
  • Change of ultimate beneficial owner shortly before or after imposition of sanctions;
  • Movement of assets previously associated with a sanctioned person by family members or on their behalf;
  • Transfers of shares from sanctioned entities to non-sanctioned entities involving corporations incorporated by the same individuals or entities;
  • Potential control of an entity by designated persons;
  • The non-availability of a CEO/manager for discussions, etc.

The Guidance underlines that this list is indicative and should be updated on the basis of information shared by the Commission or EU Member States.  For instance, the practical guidance published by Member States neighboring Russia (Estonia, Latvia, Lithuania, Finland, and Poland) in July 2023 also includes an insightful list of circumvention red flags which should be taken into account by EU operators when conducting due diligence.  

Second, the Guidance indicates that enhanced due diligence should be conducted on (i) the counterparties (“stakeholder level”), (ii) the transaction level, and (iii) the goods or services. 

  • Identification and verification of business partners, their representatives, and beneficial owners.  These verifications should be conducted on direct stakeholders (e.g., customers, distributors, agents), as well as indirect stakeholders (e.g., end-users, intermediaries, banks) in order to ensure that none of these persons are directly or indirectly (through ownership or control) targeted by sanctions. 
  • Verifications on transactions, notably covering money flows, the routes of goods and the involvement of transportation companies.  These verifications should notably take into account the following red flags: the use of complex or unusual transportation routes, whether the country of transit or destination neighbors Russia or Belarus, the impact of sanctions on the value of goods, the business rationale for the transaction, the use of complex financial schemes, etc.
  • Verifications on the goods to identify whether the goods subject to export/import restrictions, are included in the list of high-priority battlefield items or on the economically critical goods list, are similar to sanctioned goods or contain components that can be disassembled or diverted for non-intended purposes.

Anti-Diversion Prevention Policy

The Guidance recommends that EU operators put in place adequate due diligence procedures to ensure that their operations involving goods subject to Russian sanctions are not diverted to Russia. In particular, when exporting these goods, operators should know their counterparties and include in their contracts sanctions compliance clauses prohibiting further re-export of these goods to Russia and Belarus, as well as the possibility to conduct ex-post verifications.  As underlined in the Notice of April 1, 2022, the same vigilance should be exercised on the imports of goods subject to import restrictions from countries that do not apply such restrictions.

Vigilance with Regard to the Use of Correspondent Accounts

The Guidance notes that transactions relying on correspondent accounts can lead to a higher residual risk of sanctions circumvention.  The Guidance notes that financial institutions should monitor transactions related to correspondent accounts to detect and prevent potential attempts to breach sanctions.  These due diligence policies should take into account the level of risk of sanctions evasion posed by the foreign respondent. 

Key Takeaways

EU Member States are responsible for the implementation and enforcement of EU sanctions, including those adopted against Russia.  The Guidance specifically mentions that national competent authorities may consider the failure to conduct adequate due diligence to be a violation of EU sanctions.  

Given the increasing focus of the EU and its Member States on the effective enforcement of Russian sanctions and the fight against their circumvention, EU operators face increasing risks of finding themselves in a situation of violating sanctions.  For instance, since 2022, the Dutch Public Prosecution Service reportedly launched 45 criminal investigations concerning the circumvention of Russian sanctions.  On July 6, 2023, the European Parliament adopted its report on the proposal for a directive on the definition of criminal offences and penalties for the violation of Union restrictive measures, along with a decision to enter into trialogue negotiations.  This proposal aims at harmonizing criminal offences and penalties for violations of EU sanctions, including their circumvention.

In this context, it is critical that EU operators ensure the effectiveness of their economic sanctions and export controls program.  As a reminder, the Commission Recommendation (EU) 2021/1700 of September 15, 2021 provides guidance on how to set up and review an internal compliance program for dual-use items (which could be used for other controlled items) and describes the main elements of these programs:

  • Risk assessment;
  • Top-level management commitment;
  • Organization structure, responsibilities and resources;
  • Training and awareness raising;
  • Export screening process and procedures;
  • Performance review, audits, reporting and corrective actions;
  • Recordkeeping and documentation;
  • Physical and information security.

Separately, in its Global Advisory on Russian Sanctions Evasion, the REPO Task Force identified certain typologies of Russian sanctions circumvention and provided recommendations for regulated entities subject to anti-money laundering/countering the financing of terrorism (“AML/CFT”) obligations to mitigate their exposure to sanctions circumvention risks.  These recommendations notably include:

  • Ensure compliance with national rules incorporating the Financial Action Task Force recommendations, in particular the designation of appropriate risk mitigation measures;
  • Ensure compliance with applicable AML/CFT laws and regulations, and reporting requirements;
  • Take part in existing public-private partnership with competent authorities to better inform their efforts in countering Russian sanctions circumvention;
  • Leverage information sharing protocols to enhance their efforts in identifying and mitigating the risk of Russian sanctions circumvention;
  • Ensure that internal risk assessments remain up to date.

Although the Guidance is focused on the risk of circumvention, it is another reminder of the critical importance of developing and implementing effective risk-based sanctions and export control compliance programs.