chevron-down Created with Sketch Beta.

The Year in Review

International Legal Developments Year in Review: 2021

Export Controls & Economic Sanctions - International Legal Developments Year in Review: 2021

John W Boscariol, J. Patrick Briscoe, Sylvia Costelloe, John Phillip Kabealo, Oksana Migitko, Mary Mikhaeel, Timothy P O'Toole, Mollie Sitkowski, Christopher Stagg, and Lawrence Anthony Ward III


  • This article discusses the significant legal developments involving export controls and economic sanctions in 2021.
  • It included export control developments, including the International Traffic in Arms Regulations and Export Administration Regulations.
  • It also included developments from the Committee on Foreign Investment in the United States (CFIUS).
  • Economic sanctions developments, such as cyber-related sanctions developments and Chinese military company and Russia-related sanctions, were also noted.
Export Controls & Economic Sanctions  - International Legal Developments Year in Review: 2021
devid75 via Getty Images

Jump to:

This article discusses the significant legal developments involving export controls and economic sanctions in 2021.

I. Export Control Developments

A. International Traffic in Arms Regulations (ITAR)

1. Judicial Review Inapplicable Where the Directorate of Defense Trade Controls (DDTC) Removes Item From U.S. Munitions List (USML).

On April 27, 2021, in Washington v. United States Department of State, the U.S. Court of Appeals for the Ninth Circuit held that judicial review is not available when DDTC removes an item from USML.

The case came before the Ninth Circuit after twenty-two states and the District of Columbia sued to stop DDTC from removing certain 3D-printable firearms, their software, and technical data from the USML. The district court issued a preliminary injunction preventing DDTC from removing the 3D-printable firearms and related data from USML, and the U.S. Government appealed that decision to the U.S. Court of Appeals for the Ninth Circuit. Holding that Congress precluded judicial review of such decisions, the Ninth Circuit vacated the district court’s injunction and remanded the case with instructions to dismiss.

2. DDTC Proposes to Revise the International Traffic in Arms Regulations (ITAR) “Regular Employee” Definition

On May 27, 2021, DDTC proposed an amendment to ITAR definition of “regular employee.” In doing so, DDTC expanded the definition to cover remote working situations that did not involve proscribed countries. The prior version limited regular employees to those who worked “at a company’s facilities.” The proposed rule would also clarify that the current reference to a “long term contractual relationship” refers to contracts with a term of at least one year, while permitting contractual relationships lasting less than one year in certain situations.

3. Russia and Ethiopia Added as ITAR’s Proscribed Countries

On March 18, 2021, DDTC added Russia as a proscribed destination. Consequently, U.S. policy is to deny licenses for Russia, however, a license may be approved on a case-by-case review for certain space activities. Russia was added to the list because the U.S. Government determined it used chemical weapons. On November 1, 2021, DDTC also added Ethiopia as a proscribed destination due to human rights concerns. As a result, U.S. policy is to deny licenses to Ethiopia.

4. Defense Trade Policy Updates Involving Cyprus and Eritrea

On September 30, 2021, DDTC extended its modification of the current licensing policy for Cyprus through September 30, 2022, which removes the limitations on non-lethal defense items and services destined for or originating in Cyprus. Additionally, on November 1, 2021, DDTC strengthened its licensing policy of denial for Eritrea by eliminating the exception for case-by-case reviews of certain non-lethal items. These changes were also due to human rights concerns.

5. Afghanistan License Review

In response to the Taliban takeover, on August 18, 2021, the DDTC issued an announcement that it was “reviewing all relevant pending and issued export licenses and other approvals” affecting Afghanistan.

B. Export Administration Regulations (EAR)

1. Bureau of Industry and Security (BIS) Adds Military End-User List (MEU List) to the EAR

On December 23, 2020, BIS issued a final rule amending the EAR by adding a MEU List as “supplement no. 7 to part 744.” MEU List identifies the foreign parties prohibited from receiving items subject to the EAR, as described in supplement no. 2 to part 744, unless the exporter obtains a BIS license. Parties on MEU List were found by the U.S. Government to be “military end users” as defined in EAR Section 744.21(g), and to represent an unacceptable risk of use in, or diversion to, a “military end use” or “military end user” in China, Russia, or Venezuela. Because the list is not exhaustive, the license requirements in EAR Section 744.21 still require exporters, re-exporters, or transferors to conduct their own due diligence regarding entities not identified in MEU List.

2. BIS Removes Hong Kong as a Separate Destination Under the EAR

On December 23, 2020, BIS amended the EAR, and thus implemented Executive Order 13936, which removed provisions providing differential and preferential treatment for exports, reexports, and transfers (in-country) of items to Hong Kong as compared to the People’s Republic of China. Consequently, under the EAR, exports, reexports, and transfers (in-country) to Hong Kong are treated the same as transactions destined for China, unless otherwise explicitly specified. This amendment removes Hong Kong as a separate destination on the Commerce Country Chart, and in other places within the EAR. This impacts the availability of license exceptions and the licensing policies and requirements for exports, reexports, and transfers that Hong Kong is subject to.

3. BIS Amends the EAR to Remove Sudan as a Designated State Sponsor of Terrorism

On January 19, 2021, BIS issued a final rule amending the EAR by rescinding Sudan’s designation as a State Sponsor of Terrorism, which the Secretary of State rescinded effective December 14, 2020. The rule removed Sudan from Country Group E:1 (terrorist supporting countries) in Supplement No. 1 to EAR Part 740, to Country Group B in Supplement No. 1 to EAR Part 740. The rule also removed Anti-Terrorism (AT) and related controls on Sudan, which eased the EAR licensing policies and requirements applicable to Sudan.

4. Military-Intelligence End Use and End User Rule Goes into Effect

In an interim rule published on January 15, 2020, BIS introduced expansive changes to the EAR General Prohibition 7 by including new controls on military-intelligence end uses and users. The rule requires a license for any U.S. person who knowingly supports certain items or transactions. Notably, the rule expands the restrictions on military-intelligence end uses and users. A license from BIS is required for “the export, re-export, or transfer (in-country) of all items subject to the EAR to military-intelligence end uses and end users in China, Russia, or Venezuela; and countries listed in Country Groups E:1 and E:2” when an entity has “knowledge,” which includes a reason to know, “that the item is intended, either entirely or in part, for a ‘military-intelligence end use’ or a ‘military-intelligence end user’” in the enumerated countries. Consequently, even EAR99 items require a license if the transaction includes an entity falling within the definition of military-intelligence end user when the exporter has some knowledge of the entity’s status.

5. The BIS Updates Reporting Requirements Relating to Mass-Market Encryption Items and Publicly Available Software

On March 29, 2021, BIS published a final rule that implemented the changes to the EAR that were agreed to at the December 2019 Wassenaar Arrangement Plenary meeting. Those changes include the elimination of the self-classification reporting requirement for certain mass-market encryption products under EAR Section 740.17(b)(1).

6. BIS Extends Military-Intelligence End-Use and End-User Controls to Burma

On April 9, 2021, BIS added Burma to the list of countries subject to military-intelligence-related controls. The military-intelligence end uses and end user controls were first issued in an interim rule on January 15, 2021, and became effective on March 16, 2021.

7. BIS Amends the EAR to Reflect United Arab Emirates’ Termination of Participation in Israel Boycott

On June 9, 2021, BIS issued a final rule, effective June 8, 2021, amending the EAR to reflect the formal termination by the United Arab Emirates (UAE) of its participation in the Arab League Boycott of Israel. One consequence of this rule is that certain requests for information, action, or agreement from the UAE, if made after August 16, 2020, will no longer be presumed to be boycott-related and thus, will not be prohibited or reportable under the EAR.

II. Committee on Foreign Investment in the United States (CFIUS) Developments

The last year did not see the introduction of any significant new regulations under the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA); rather, CFIUS continued to build out its infrastructure and enforce its expanded authority. Certain public cases have illustrated CFIUS’s willingness to aggressively pursue cases even at the edges of its authority.

A. Magnachip Semiconductor Corporation (Magnachip)

The proposed acquisition of Magnachip by an affiliate of Wise Road Capital, an investment fund based in China with a global base of investors, illustrated a dramatic assertion of CFIUS’s authority. When the deal was originally announced, Magnachip said it did not believe any regulatory approvals were required in the United States because, although it is a Delaware entity listed on the New York Stock Exchange, Magnachip did not have employees, tangible assets, or IT systems located in the United States. Notwithstanding the parties’ public assertions, in May 2021, CFIUS initiated a pre-closing review of the transaction, and on June 15, 2021, CFIUS issued an interim order suspending the acquisition until the formal CFIUS review was complete. In September 2021, the parties requested, and CFIUS granted, approval to withdraw and re-file their notice related to the merger to allow them and the U.S. Government additional time to negotiate conditions.

This case illustrates that CFIUS will assert both jurisdictional and national security concerns as a basis for potentially blocking a transaction altogether, even where the target effectively has no U.S. operations. CFIUS’s jurisdictional hook may owe to a significantly expanded definition of what constitutes a “U.S. business” under FIRRMA, and U.S. links to Magnachip’s corporate existence (i.e., its incorporation in Delaware and its public listing on the New York Stock Exchange). The national security concerns do not appear to be limited to Magnachip’s operations in the United States.

B. Momentus Inc. (Momentus)

Over the course of CFIUS’s review of the proposed acquisition of Momentus by a special purpose acquisition company (SPAC), the Department of Defense (DOD) engaged in unprecedented inter-agency coordination. This included DOD’s engagement with the Federal Aviation Administration to delay launch licenses for Momentus, the U.S. Securities and Exchange Commission (SEC) to review the accuracy of statements made by the Company, and the SPAC sponsors to address a wide array of U.S. Government concerns. The case prompted a broad set of governmental remedies, including a National Security Agreement whereby Momentus founders agreed to divest their shares in the company. Additionally, the SEC brought formal charges against Momentus, alleging that it, the SPAC, and SPAC sponsors, made materially misleading statements to investors regarding the national security concerns associated with Momentus’ founders, as well as the viability of the company’s technology. All parties, other than Mikhail Kokorich, the primary founder of Momentus, settled with the SEC.

Ordinarily, CFIUS would not have a reliable basis to pursue an action against a founder of a company because its jurisdiction is generally limited to investment transactions. In the case of a SPAC transaction, the SPAC is effectively a well-funded shell entity whose sole purpose is to make an acquisition with no operations bearing on national security. The assertion of jurisdiction over the SPAC’s acquisition of Momentus demonstrates that CFIUS will seek to address “latent” national security concerns against a company whenever an investment transaction may provide it with the jurisdiction to do so. It also indicates that CFIUS will not limit its remedies to concerns arising out of the transaction itself. Put another way, while it is hard to imagine the dilution of Russian founders’ interests in a sensitive company by a public shareholder base could increase United States national security concerns, CFIUS may pursue the company for just that.

Notwithstanding the significant regulatory obstacles, the SPAC acquisition of Momentus closed on August 12, 2021, which required the approval of the SPAC’s shareholders.

III. Economic Sanctions Developments

As the Trump Administration ended and the Biden Administration began, we saw significant shifts in U.S. sanctions, regulations, and policies. These shifts included noteworthy developments in cyber-related sanctions and the expansion of sanctions programs directed at China and Russia.

A. Cyber-Related Sanctions Developments

As malicious cyber activities continued, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) expanded its guidance on cyber-related threats and increased related enforcement activity, including its first designation of a virtual currency exchange.

The expanded guidance was published on September 21, 2021, when OFAC issued a ransomware advisory titled, “Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments” (the “2021 Advisory”), which updated an earlier advisory released in 2020 (the “2020 Advisory”). The 2021 Advisory “strongly discourages” entities from engaging in ransomware payments, whereas the 2020 Advisory provided no like guidance. The 2021 Advisory also warns entities of the application of strict liability with respect to ransomware payments (i.e., entities making ransomware payments to a blocked person or a sanctioned jurisdiction risk facing penalties from OFAC, even if they have no knowledge of the nexus to the sanctioned jurisdiction or blocked person). Because of this regulatory structure, OFAC encourages entities to expand their controls to account for the risk of ransomware payments being made to prohibited persons.

Further, the 2021 Advisory encourages, and provides a significant incentive to, companies for reporting ransomware demands to law enforcement. The 2021 Advisory indicates that OFAC will consider cooperation with law enforcement as a mitigating factor when assessing penalties against entities who made ransomware payments to a sanctioned party. Additionally, the 2021 Advisory states that “OFAC would be more likely to resolve apparent violations involving ransomware attacks with a non-public response (i.e., a No Action Letter or a Cautionary Letter) when the affected party took the mitigating steps described above, particularly reporting the ransomware attack to law enforcement as soon as possible.”

Critical to understanding later policy developments, the cyber-related enforcement action involving BitPay, Inc. (BitPay) is a relevant cyber-related sanctions development. On February 18, 2021, BitPay, a payment processing solution that allows merchants to make and receive payments in digital currency, settled over 2,000 apparent violations arising from transactions on its digital currency platform by persons in sanctioned jurisdictions. The root cause of the violations was that BitPay’s compliance process screened its merchants but not customers of those merchants. OFAC found that because BitPay had access to the customers’ IP addresses, and, therefore, had information available to them that the customers were located in sanctioned jurisdictions, BitPay had knowledge it facilitated the transactions to customers in those sanctioned jurisdictions. OFAC emphasized that it regards digital currency services as it does other financial institutions. As such, the digital currency services have sanctions compliance obligations and should implement technical controls, including screening and IP blocking mechanisms, to avoid facilitating transactions with blocked parties or persons in sanctioned jurisdictions.

Consistent with its position in the BitPay action, OFAC published “Sanctions Compliance Guidance for the Virtual Currency Industry,” which provides an overview of best practices. The guidance begins with the proposition that “OFAC sanctions compliance obligations apply equally to transactions involving virtual currencies and those involving traditional fiat currencies.” It also echoes the conclusion in OFAC’s settlement with BitPay, namely that those in the virtual currency industry “are responsible for ensuring that they do not engage, directly or indirectly, in transactions prohibited by OFAC sanctions.” As a result, companies may violate sanctions indirectly by facilitating a transaction between their user and a blocked party or person in a sanctioned jurisdiction.

OFAC’s guidance on virtual currency was published after it designated the first virtual currency exchange, Suex OTC, S.R.O. (Suex), as a Specially Designated National (SDN) for facilitating payments involving illicit ransomware actors. In its press release, OFAC stated that over 40 percent of payments made by Suex involved illicit actors and “[s]ome virtual currency exchanges are exploited by malicious actors, but others, as in the case with Suex, facilitate illicit activities for their own illicit gains.” This suggests that OFAC’s designation authorities will not be used against those exchanges that fail in good faith to detect violations but rather against those that act in concert with the malicious actors.

B. Chinese Military Company Sanctions

On November 12, 2020, former President Trump issued Executive Order 13,959, “Addressing the Threat from Securities Investments That Finance Communist Chinese Military Companies.” Executive Order 13,959 imposed broad restrictions with respect to U.S. persons’ ability to engage in transactions in “publicly traded securities, or any securities that are derivative of, or are designed to provide investment exposure to such securities to any Chinese Communist military company” (CCMC). But the traditional authority given to OFAC to designate individuals, entities, or vessels was missing from Executive Order 13,959. Rather, the Executive Order prohibited transactions with entities listed as a CCMC as determined by the DOD.

After a number of court challenges revealed flaws in the DOD designation process, the Biden Administration revamped this program entirely. Biden did so by signing the June 3, 2021, Executive Order 14,032, “Addressing the Threat from Securities Investments that Finance Certain Companies of the People’s Republic of China.” This Executive Order maintains the imposition of restrictions on U.S. persons buying and selling securities of CCMCs but uses a more traditional designation process under OFAC’s authority. It also created the Non-SDN Chinese Military-Industrial Complex Companies List (NS-CMIC List). Notably, Executive Order 14,032 expands the criteria for designation, imposing restrictions on companies involved in the use and development of surveillance technology, which has been a key underpinning of U.S. foreign policy on China over the past year or more, particularly with respect to the Chinese Government’s use of surveillance in Xinjiang.

C. Russia Related Sanctions

The Biden Administration expressed a desire in its 2020 campaign to impose tougher sanctions on Russia, and, in 2021, it promulgated a series of new executive orders directed at Russia. This includes Executive Order 14,024, “Blocking Property with Respect to Specified Harmful Foreign Activities of the Government of the Russian Federation,” which expands the reach of U.S. sanctions to new sectors of the Russian economy (to include the technology sector) and to a host of new types of conduct (to include corruption and certain types of cyber-related activities). It also authorizes new sanctions against the Russian Government, including sanctions impacting Russia’s ability to raise funds. OFAC consequently issued Directive 1 pursuant to Executive Order 14,024, which prohibits U.S. financial institutions from participating in the primary market for ruble or non-ruble denominated bonds issued after June 14, 2021, by the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation. It also prohibits U.S. financial institutions from lending ruble or non-ruble related funds to the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation.

These actions followed OFAC’s earlier March 2021 announcement that it had levied sanctions against members of the Russian Government under Executive Order 13,661, “Blocking Property of Additional Persons Contributing to the Situation in Ukraine.” Notably, OFAC made these designations the same day the European Union acted against several Russian officials for the Navalny poisoning, indicating OFAC’s increasing cooperation with Europe on Russia-related matters.

The Biden Administration also took new actions regarding the Russian Nord Stream 2 pipeline. On August 20, 2021, President Biden signed Executive Order 14,039, “Blocking Property with Respect to Certain Russian Energy Export Pipelines,” which targets entities involved in the construction of Nord Stream 2, TurkStream, or any other related successor pipeline projects under the protecting Europe’s Energy Security Act of 2019 (PEESA). OFAC subsequently added additional individuals, entities, and vessels to the SDN List under this Executive Order and issued General License 1A, which authorized certain transactions with Marine Rescue Services that are not directly related to the Nord Stream 2 pipeline project.

D. Other Notable Policy and Regulatory Developments

OFAC designated several individuals over the past year under Hong Kong related sanctions. These designations were made under Executive Order 13,936, “The President’s Executive Order on Hong Kong Normalization.” Dated July 14, 2020, Executive Order 13,936, issued in response to the assertion that Hong Kong “is no longer sufficiently autonomous to justify differential treatment in relation to” China, gave OFAC authority to block any person involved in several enumerated activities relating to undermining Hong Kong’s autonomy. Although OFAC made some designations during the Trump era in December 2020, the majority occurred under the Biden Administration. This reflects overall U.S. policy over the past year opposing China’s treatment of Hong Kong.

On April 1, 2021, President Biden signed Executive Order 14,022, “Termination of Emergency with Respect to International Criminal Court,” which reversed Executive Order 13,928, signed by President Trump on June 11, 2020. OFAC designated two International Criminal Court (ICC) officials under Executive Order 13,928 based on the United States’ disagreement with the ICC’s assertion of jurisdiction under certain circumstances. Although Executive Order 13,928 was reversed, the Biden Administration was clear that the United States continues to disagree with the ICC’s assertion of jurisdiction over the United States and Israel and its investigation into the actions of the United States in Afghanistan and Israel in Palestine. Biden’s reversal of the Executive Order came days before the United States’ filing was due in a case initiated by the Open Society Justice Initiative in the Southern District of New York, which challenged the ICC-related designations. In January 2021, the court granted a narrow preliminary injunction on First Amendment grounds and allowed the Open Society Justice Initiative to continue collaborating with the individuals designated pursuant to Executive Order 13,928.

III. Notable Enforcement Cases

A. ITAR Enforcement

As part of a civil consent agreement effective April 27, 2021, DDTC fined Honeywell International Inc. (Honeywell) $13 million and imposed a variety of remedial compliance measures in connection with multiple alleged violations of ITAR. In 2016 and 2017, Honeywell voluntarily disclosed 2011 to 2015 unauthorized exports of seventy-one ITAR-controlled technical drawings of parts and components for military aircraft, vehicles, and missiles to suppliers in Canada, China, Ireland, and Taiwan. During the investigation and resolution of that disclosure case, Honeywell informed DDTC of several corrective actions taken in its procurement system and processes designed to prevent similar violations from occurring again.

Honeywell voluntarily disclosed that in June and July of 2018, some of its procurement personnel deviated from the adjusted system and corrective processes, causing the unauthorized export of twenty-seven ITAR-controlled drawings of military aircraft parts and components to suppliers in Canada, China, and Mexico. DDTC identified several aggravating factors in its penalty analysis, including that: (1) Certain violations harmed national security; (2) other violations involved technical data designated as Significant Military Equipment; (3) still other violations involved exports to a destination proscribed by ITAR section 126.1; and (4) The 2018 exports were materially similar to the 2011-2015 exports, which were the subject of Honeywell’s corrective actions. These led to the consent agreement, fine, and additional remedial compliance measures.

In an action involving Keysight Technologies Inc. (Keysight), an August 3, 2021, consent agreement was reached, whereby Keysight committed to pay a $6.6 million civil fine and take several remedial measures to settle allegations that it violated ITAR twenty-four times between 2015 and 2018. DDTC alleged Keysight incorrectly treated its Signal Studio for Multi-Emitter Scenario Generation (MESG) software as EAR99, rather than ITAR-controlled, even after DDTC shared its export jurisdiction/classification concerns with Keysight. According to DDTC, the MESG software is controlled by USML Category XI(d) because of its direct use in modeling and simulating multi-emitter electronic warfare threat scenarios in the testing of radar equipment.

Keysight’s misclassification contributed to the unauthorized export of the MESG software. As aggravating factors, DDTC noted: (1) Certain violations harmed national security; (2) other violations involved exports to a country proscribed by ITAR section 126.1; (3) still other violations involved exports to Russia while it was subject to elevated licensing restrictions; (4) several exports occurred after DDTC notified Keysight of its misclassification concerns; and (5) others occurred while a commodity jurisdiction determination was pending.

B. EAR Enforcement

On January 29, 2021, BIS assessed a civil penalty of $3,229,000 against Avnet Asia Pte. Ltd. (Avnet Asia), a Singapore-based electronics distributor, as part of an agreement to settle allegations that the company committed fifty-three violations of EAR. The alleged violations involved multiple unauthorized exports and re-exports of U.S.-origin 3A001 and EAR99 electronic components to end-users in China and Iran, as well as a Hong Kong company on the Entity List. BIS stated that certain Avnet Asia employees took deliberate steps, including creating misleading and fraudulent documentation, to conceal ultimate destinations and end-users from its suppliers.

On October 12, 2021, BIS also fined California-based VTA Telecom Corporation (VTA) $1,869,372 as part of an agreement to settle civil charges alleging the company committed six violations of EAR. BIS alleged that VTA repeatedly provided false information to BIS licensing officials and other federal personnel to conceal the military end-use of amplifiers, transistors, actuators, and other hardware being shipped to Vietnam. Moreover, VTA unlawfully exported controlled transistors, development tools, and processor chips to Vietnam without BIS’ authorization.

C. OFAC and Department of Justice (DOJ) Enforcement

German software company SAP SE (SAP) and the Departments of Justice, Commerce, and Treasury reached a global resolution on April 29, 2021, to settle charges against SAP from activities that occurred between 2010 and 2017. DOJ alleged SAP and its subsidiaries directly and indirectly exported or caused the export of U.S.-origin software and cloud services to thousands of users in Iran without the required federal authorization. SAP voluntarily disclosed the apparent violations to all three agencies—the “first-ever” such disclosure to the DOJ. Internal audits, acquisition-related due diligence, and other reviews revealed the company failed to implement and enforce recommended controls, such as geo-location IP address-blocking safeguards, to prevent such exports. SAP agreed to disgorge $5.14 million to DOJ, pay civil penalties of $3.29 million to BIS, and pay $2,132,174 in penalties to the OFAC.

In a September 14, 2021, announcement, DOJ stated that it reached a deferred prosecution agreement with three U.S. citizens alleged to have violated ITAR, as well as federal computer fraud and access device fraud laws, while engaged in “hacking” for the benefit of a foreign government. Despite having been advised on several occasions that their computer network exploitation operations constituted an export of ITAR-controlled defense services to the U.A.E., the men provided these services without DDTC’s authorization between 2016 and 2019. The defendants agreed to pay $1.68 million in fines over three years, lost their security clearances, and were prohibited from obtaining ITAR-related and certain other types of employment.

In addition, OFAC’s enforcement actions this year emphasize that it continues to exercise jurisdiction over transactions that have no other U.S. nexus than U.S. dollar transactions processed through U.S. banks. For example, Mashreqbank, headquartered in the U.A.E., ignored banking protocols to conceal the source of U.S. dollar transfers from Sudanese bank accounts held outside of the United States. Similarly, before the Romanian First Bank SA was acquired by U.S.-based JC Flowers, it processed transactions destined for Iran through U.S. banks. Union de Banques Arabes et Françaises, a bank based in France, operated U.S. dollar accounts on behalf of sanctioned Syrian financial institutions by processing internal transfers and corresponding funds transfers through a U.S. bank. These settlement agreements highlight OFAC’s position that virtually all U.S. dollar transactions wind their way through U.S. banking institutions at some point.

Finally, OFAC’s enforcement actions this past year shed light on the sanction risks inherent in both domestic transactions and exports to friendly countries. As an example, OFAC settled with Alliance Steel, Inc., a U.S. manufacturer which did not export from the United States, but did import engineering services from Iran with actual knowledge of the source of the engineering, and without awareness of the requirements of OFAC regulations. Additionally, OFAC published a settlement with MoneyGram Payment Systems, Inc. for processing transactions with blocked persons located at U.S. federal prisons. Lastly, OFAC settled with U.S. company Unicontrol, Inc. (Unicontrol) and its European customers arising out of allegations that Unicontrol ignored red flags concerning its sales of goods to those European customers, which the customers then sold to Iran.

While OFAC reached fewer settlements in previous years, it continues to move away from settlements focused on the financial industry and into settlements that provide lessons to all manner of companies.

IV. Canadian Export Control and Economic Sanctions Developments

A. Economic Sanctions

1. Afghanistan Under the Taliban

The Taliban takeover of Afghanistan following the withdrawal of U.S. troops in the summer of 2021 created new challenges for organizations engaged in activities in or with that region. Although Canada has not imposed sanctions against Afghanistan, the Taliban is a listed terrorist group and several individuals in its leadership are listed under Canadian sanctions. Canada’s Criminal Code prohibits directly or indirectly providing or making available property and financial or related services that will be used by or benefit such terrorist groups either in whole or in part. The Government of Canada also announced it has no plans to recognize the Taliban as the legitimate government of Afghanistan.

2. Canada Imposes Sanctions and Export Control Measures Against Belarus

In response to the Belarusian government’s crackdown on opposition leaders and civilians protesting the results of Belarus’ presidential election, Canada imposed sanctions against various officials of the Belarusian government under the Special Economic Measures Act (SEMA) in the fall of 2020. It also sanctioned President Aleksandr Lukashenko and his son.

Canada expanded these measures following the Belarusian government’s diversion and forced landing of Ryanair Flight 4978 as well as the arrest of Belarusian journalist Roman Protasevich and his companion Sofia Sapega in May of 2021. Between June and August, Canada adopted additional measures, which included significant sectoral and trade sanctions targeting important sectors of Belarus’ economy. These measures apply to dealings in transferable securities and money market instruments; interactions with debt with more than ninety days’ maturity; the provision of insurance and reinsurance to certain individuals and entities; and dealings in petroleum and potassium chloride products. This was the first time Canada imposed trade or sectoral measures against a sanctioned country in over seven years. In addition, Canada suspended the issuance of new export and brokering permits to Belarus.

3. China, the New Sanctions Target

Canada imposed economic sanctions against China on March 22, 2021, which was the first time since the 1989 crackdown on student protestors in Beijing’s Tiananmen Square. The list-based measures under SEMA target four Chinese government officials and one Chinese entity, Xinjiang Production and Construction Corps Public Security Bureau, “for their roles in the mass arbitrary detention, torture . . . mass surveillance and forced labour of Uyghurs and other Muslim ethnic minorities in [the Xinjiang region].”

Canada issued several guidance documents (measures and an advisory) to Canadian businesses designed to address human rights concerns in sourcing from and exporting to China.

4. Expansion of Existing Sanctions Measures—Myanmar

Canada introduced two new rounds of sanctions against Myanmar in February and May of 2021. Canada listed several Burmese individuals, their family members, and affiliated commercial entities under SEMA for their involvement in the coup d’état and the subsequent systemic human rights abuses. To date, sanction measures against Myanmar include an arms embargo, asset freezes, and technical assistance prohibitions.

5. Expansion of Existing Sanctions Measures—Nicaragua

In November of 2021, Canada imposed additional sanctions on Nicaragua by listing eleven high-ranking officials as part of President Daniel Ortega’s inner circle.

6. Expansion of Existing Sanctions Measures—Russia and Ukraine

Canada continued strengthening its sanctions regime against Russia in March of 2021 in response to Russia’s systemic human rights violations. The new list-based measures were tied to three things: (1) the detention of prominent Russian opposition figure Alexey Navalny; (2) Russia repressing internal dissent; and (3) the seventh anniversary of Russia’s invasion of the Crimea region of Ukraine. Canada’s sanctions against Russia are imposed under both SEMA and the Sergei Magnitsky Law. They encompass a broad set of measures including asset freezes, prohibitions on dealings with listed persons, and financial and supply prohibitions. In the same month, Canada also added two Ukrainian entities, a federal railway enterprise and an insurance company, to the Ukrainian sanction list under SEMA. The entities are linked to Russia’s annexation and ongoing occupation of Crimea.

B. Export Controls

1. Changes to the Export Control List (ECL)

In June of 2021, Canada announced changes to its ECL. Among the more significant changes are: (1) Additional controls over exports and technology transfers related to software designed for monitoring or analysis by law enforcement; (2) Certain items designed to circumvent information security; and (3) Certain military-related software, including software for offensive cyber operations. The order brings Canada’s export controls into compliance with its multilateral export control commitments made as of December of 2020.

2. Controlled Exports to Turkey

In October of 2019, Canada suspended the issuance of new permits for exports for military goods and technology to Turkey pending the results of an investigation into allegations that Canadian controlled technology was being used by Azerbaijan in the military conflict in Nagorno-Karabakh. This investigation was completed in the spring of 2021 when Canada issued a final report announcing there is “credible evidence” of Canadian technology being used in Nagorno-Karabakh. Consequently, Canada cancelled export permits for all military goods and technology that had been temporarily suspended in the fall of 2020. But the report stated there was “no reason to take any action in relation to any remaining permits that were currently valid for Group 2 (military) items to Turkey.”

Contributing authors include John Boscariol, J. Patrick Briscoe, Sylvia Costelloe, John Kabealo, Oksana Migitko, Mary Mikhaeel, Timothy O’Toole, Mollie Sitkowski, Christopher Stagg, and Lawrence Ward. Mr. Stagg and Mr. Ward served as editors of this article.