Sage Journals: Discover world-class research

Abstract

Countering proliferation financing has become an important tool in combating the movement of prohibited nuclear technology and the development of suspect nuclear programs in rogue states. Governments are increasingly calling on financial institutions, manufacturers, and shipping companies to act as the first line of defense by conducting enhanced due diligence on transactions that involve dual-use items or countries or individuals under sanction. This article outlines some of the ways that companies can do so. The financial community takes enhanced due diligence seriously, not least because regulators have in the past imposed fines in the billions of dollars on banks in violation of the rules. While detection of potentially illicit transactions has improved in recent years, the authors argue that there remains room for improvement. The manufacturing sector, for instance, should adopt stricter measures in the effort to combat proliferation financing.

Keywords

banking finance Iran nuclear proliferation sanctions

On December 5, 2014 a Chinese national going by the name of Sihai Cheng¹ stepped off the plane at Boston’s Logan Airport after being extradited from Great Britain where he had been arrested the previous February after a tip-off from US intelligence. He was charged with illegally supplying pressure transducers, critical components in gas centrifuge plants, to at least two companies blacklisted for their ties to Iran’s nuclear weapons program (US Justice Department, 2014b). Under recent US laws and executive orders imposing sanctions on Iran, decades-old US export control laws, and UN sanctions in place since 2008, it is illegal to sell dual-use items—those that can be used for either peaceful civilian purposes or nuclear weapons development—to Iran. Pressure transducers fall into that category.

Cheng’s arrival in the United States and upcoming trial are the culmination of an investigation that began several years ago. The US government will not disclose how the investigation began—it may have been a clue from the manufacturer of the pressure transducers or routine surveillance of Iranian middlemen—and there were doubtless many threads.

Common to all of those threads, though, was money. Financial transactions are the flip side of any exchange of goods, and since 2005 following the money behind the movement of prohibited technology has become an important tool in combating nuclear proliferation and the development of nuclear programs in rogue states. While countering proliferation financing can never be the world’s only anti-proliferation measure, it is an effective one and has become more so as detection practices have evolved. But it is an area in which there is still room for improvement.

Shells, fronts, and shelfs

Knowing that their financial arrangements for acquiring dual-use goods will be closely examined, procurement networks cover their tracks with multiple layers of disguise. In the Cheng case and others like it the conspirators used shell companies expressly set up for the purpose of disguising the ultimate end user of the prohibited dual-use items.

Although the two terms are often used interchangeably, there is a subtle difference between a “front company” and a “shell company.” Shell companies exist only on paper but there is nothing inherently illegal about them. Indeed, there are many legitimate legal and commercial purposes for creating a shell corporation.

A front company, on the other hand, can be a shell company but it can also be a real company with a physical presence which may be conducting legitimate transactions at other times. A front company’s key distinguishing feature is that it is by definition designed to disguise the true originator or end user of a prohibited good or set of transactions. According to a recent UN Panel of Experts report, Iran now appears to be using legitimate companies in the oil sector as intermediaries or front companies for the import of dual-use nuclear items (UN Security Council, 2014: 24).

Criminals can also purchase “shelf” companies. These are shell companies that were officially incorporated some time ago but have been sitting inactive—“on the shelf”—for many years, providing the appearance of a business history. This can give a patina of legitimacy to what might otherwise be easily detected as a sham corporation. Reflecting the value of such camouflage, shelf corporations are more expensive than simple shell companies: A new shell company might cost as little as $300 to set up, whereas acquiring a five-year-old shelf company might cost $3,000. Still, this is hardly a serious impediment for a motivated, state-funded procurement network if the ploy can help obscure the nature of a proliferation-related transaction.

Searching for signals

Concerned governments have long used customs inspections and controls over the export of sensitive items—including outright bans or the requirement that government-approved licenses be obtained—to constrain trafficking in goods that can contribute to proliferation. But given the limitations of these tools, governments are increasingly calling on financial institutions, manufacturers, and shipping companies to act as the first line of defense by conducting enhanced due diligence—a term used in the financial industry and now being more widely applied—on transactions that involve dual-use items or countries or parties under sanction.

From the perspective of the banks, manufacturers, and shipping companies, the prospect of detecting false documentation or ascertaining the true intentions of possible front companies may seem intimidating. But enhanced due diligence is not as time-consuming or expensive as it sounds, especially if there are alert systems and protocols in place. For one thing, as procurers add more layers to transactions to disguise their true intent, they have to involve more actors, any one of whom could slip up and expose telltale signs of criminal activity. Procurers are also discouraged from adding too many layers by the fact that each additional middleman increases the risk that one may divert funds for his/her own benefit.

Enhanced due diligence requires financial institutions and other businesses to research the registration and ownership of companies placing orders for—or paying for shipment of—dual-use goods and to scrutinize transaction documentation to find and investigate anomalies. Checking government-issued watch lists is an essential first step, as is looking at commercially available lists of end users of concern.² But enhanced due diligence needs to go further. A number of online tools—such as panjiva.com, importgenius.com, and marinetraffic.com—can help determine a company’s true identity, including, for example, where it is registered, when it was registered, how long it has been in existence, its typical activity profile, and in some cases its true (or “beneficial”) owner. Even merely Googling the company name plus the word “sanctions” will often turn up surprising alerts.

Financial institutions, manufacturers, and shipping companies can also learn a great deal by determining the type of business the buyer or shipper had been conducting previously. If a company that exclusively transports grain suddenly moved a shipment of electronics, for example, that would serve as a red flag.

Looking up the company’s location using Google Maps or Google Earth can also yield clues. In 2012, another Chinese national, Qiang Hu,³ was arrested in an earlier phase of the smuggling effort that led to Sihai Cheng’s arrest in 2014. Hu was also working with Iranian middlemen to obtain pressure transducers for Tehran. The address of one of the front companies involved was discovered to be a residential apartment building, an unlikely venue for a commercial enterprise and a signal that further investigation was required.

In some cases, the simplest of searches could have stopped illegal shipments. A North Korean cargo ship transporting military equipment from Cuba, intercepted in the Panama Canal in 2013, used a front company based in Singapore called Chinpo Shipping Company. An online search would have revealed that this front company shared the same street address as the North Korean embassy in Singapore.

Strict rules for financial institutions

The financial community takes enhanced due diligence seriously, not least because banks in breach of the rules have faced steep penalties, with fines of several billion dollars in some cases where willful misconduct was involved. The largest settlement involved BNP Paribas (US Justice Department, 2014a), which had to pay $8.9 billion in June 2014 for doing business with sanctioned countries and entities. Other fines imposed by US regulators include $1.45 billion on Commerzbank (US Justice Department, 2015) and nearly $1.3 billion on HSBC (US Justice Department, 2012c) for stripping identifying information from wire transfers and facilitating additional transactions with sanctioned countries and entities.⁴ (Total fines paid by these banks were so large as they included additional charges for other financial crimes such as enabling tax evasion or laundering funds for drug trafficking organizations.) Regulators can also impose serious penalties for helping customers evade sanctions and other banking restrictions.

But bank regulators do not have to prove willful blindness, let alone ill intent, to penalize financial institutions. Under the US Bank Secrecy Act, for example, US authorities can impose steep fines on banks incorporated or doing business in the United States simply for not having an adequate compliance program in place.⁵ The same rule applies to non-bank financial institutions, such as money exchangers and insurance companies. Fines are not the only risk: Investigation by enforcement authorities can also do great damage to a financial institution’s reputation and in some cases has caused banks to have to close their doors.⁶

Not surprisingly, businesses try to push back against tougher regulations because of the costs involved. For the financial sector, the expense of time-consuming enhanced due diligence, requiring case-by-case investigation of suspected illegality, is of particular concern. That is why most countries have moved from a “rules-based” approach to compliance to a “risk-based” approach. Under the rules-based approach, financial institutions were required to do enhanced due diligence on a broad range of transactions regardless of whether they were truly risky or suspicious. By contrast, under the risk-based approach, institutions are allowed to focus their enhanced due-diligence efforts solely on the transactions that they believe merit a closer look or are of a type that authorities have specifically identified as requiring scrutiny. This approach requires greater reliance on personal judgment. As a result, banks have instituted extensive, ongoing staff training, employee background checks and monitoring, and guidelines and protocols to facilitate decision making.

Fortunately, the new risk-based approach has proven more effective, since under the old method it didn’t take much effort for procurement networks to learn the rules and threshold trip wires and find ways around them. The new approach also helps control compliance costs.

The most effective tool for US law enforcement has been the requirement that banks and non-bank financial institutions report suspicious transactions, a requirement initially imposed to address money laundering but now also extending to the financing of terrorism and proliferation. These suspicious activity reports (SARs, or STRs—suspicious transaction reports—as they are known outside of the United States) are required to contain as much detail as possible about the customer and the attempted or completed transactions. Financial intelligence units⁷ review these reports, looking for items that require further investigation and for patterns that may point toward additional problematic transactions. Regulators can impose fines for failure to produce adequate suspicious activity reports. Financial institutions are encouraged to submit reports even when evidence of a violation is ambiguous. US authorities, for example, strongly urge institutions to file a report if the customer is vague about the purpose of a transaction or resistant to providing more information; if the financing is unusually complex, with multiple letters of credit, layered shell companies, multiple intermediaries, and the like; or if the delivery route is unusually circuitous and not consistent with normal geographic trade patterns.

How can a financial institution protect itself from the risk of penalties? By gathering adequate intelligence on its customers—especially new customers—and through ongoing monitoring of high-risk accounts. Without establishing a baseline of normal activity, it is more difficult to recognize unusual activity. Banks need to ask customers as a matter of course whether they produce, export, or import sensitive dual-use commodities. They also need to confirm the identities of the end users of goods being financed, and make sure they have provided required export licenses and valid certificates describing the ultimate end user—and use—of the commodities being financed. In addition, banks should confirm that none of the parties to the transaction, including intermediaries, share a name or address with a sanctioned entity, and they should search for inconsistencies in the names, addresses, and final destinations, not only on the trade documents but also on the financing papers.

Closing the gaps

Countries around the world are waking up to the need for tougher regulatory regimes if they wish to participate freely in global trade. Some of this increased awareness is due to a US sanctions regime that denies foreign violators certain benefits, such as the right to export goods to the United States or import goods from the U.S., and for financial institutions the right to access the US banking system. Evaluations of countries’ financial sectors conducted by the Paris-based Financial Action Task Force (FATF) and similar regional bodies⁸ have also created pressure for improvement in this sphere. The FATF assesses, among other things, national mechanisms for implementing the UN Security Council’s targeted economic sanctions against Iran and North Korea, and may publicly identify states that do not have such mechanisms as “high risk and uncooperative jurisdictions,” a stigma that discourages foreign financial institutions from dealing with them.

Separately, UN Security Council Resolution 1540 requires all states to implement controls over WMD-related materials and equipment, including over related financing.⁹ The Security Council committee overseeing the implementation of that resolution publishes periodic assessments of compliance in which any lack of necessary financial controls is noted. Although the committee does not censure underperforming states, its benchmarking nonetheless contributes to pressure to improve compliance. Reports and analyses by nongovernmental organizations such as Global Financial Integrity, which identify gaps in national performance, act as a further mechanism for encouraging measures to counter proliferation finance.¹⁰

There remains room for improvement. One challenge ahead is to build capacity in medium-to-low-income countries that have weak or limited regulatory enforcement and may suffer from corruption. Another potential target for change is the set of rules that apply to the manufacturing sector, which is less pervasively regulated than banking. Tools used in finance offer some useful models. In the financial world, for example, suspicious activity reports are mandatory, while in manufacturing, a formalized system for even voluntarily reporting suspicious activities does not exist. Similarly, while enhanced due diligence before completing suspect transactions is required of financial companies, it is up to individual manufacturers to adopt equivalent, proactive measures, referred to in this sector as “internal compliance programs.”

A set of guidelines for voluntary internal compliance programs was issued under the auspices of the 48-member Nuclear Suppliers Group, but they are far less detailed than the FATF’s rules and indeed have not been formally endorsed by the Nuclear Suppliers Group as a whole because of the objections of some members.¹¹ And while the FATF undertakes peer reviews the Nuclear Suppliers Group does not, providing little incentive for underperforming members to improve their practices. The risk of penalties and damage to reputation from enforcement actions does give manufacturers good reason to put internal compliance programs in place. Also, when lapses occur, having such a program is often accepted by authorities as a mitigating factor in enforcement proceedings. But for the moment they are not required. Financial sector measures may not offer the perfect road map for the manufacturing sector but they can serve as a checklist of areas that need attention.

While the international community has been issuing recommendations on countering proliferation financing for at least the past five years,¹² the United States remains largely alone in imposing fines for violating sanctions. European banks have been ensnared, however, because of their connection to the US market. The challenge now is to ensure that peripheral banks around the world begin to take proliferation financing seriously, especially in the area of trade finance. At the same time, countries should extend enforcement of tougher compliance regulations to sectors beyond banking. Manufacturers, freight forwarders, and customs brokers need to be held to a standard of vigilance as high as that applied to financial institutions. Efforts to counter proliferation financing can only be their most effective if governments widen the existing net.

Footnotes

Funding

Research for this article was supported by the Foreign and Commonwealth Office of the United Kingdom as part of a project to promote public understanding of international efforts to combat proliferation financing.

Notes

Author biographies

Moyara Ruehsen is an associate professor at the Middlebury Institute of International Studies at Monterey.

Leonard Spector directs the Washington, DC office of the James Martin Center for Nonproliferation Studies.

References

Financial Action Task Force (2010) Combating proliferation financing: A status report on policy development and consultation. February. Available at: http://www.fatf-gafi.org/media/fatf/documents/reports/Status-report-proliferation-financing.pdf.

Johnson AR and Chaudhuri S (2013) Bank of Tokyo Mitsubishi to pay $250 million to settle New York charges. Wall Street Journal, June 20. Available at: http://www.wsj.com/articles/SB10001424127887323893504578557410749473962.

Kar D and Spanjers J (2014) Illicit financial flows from developing countries: 2003–2012. Global Financial Integrity, December. Available at: http://www.gfintegrity.org/report/2014-global-report-illicit-financial-flows-from-developing-countries-2003-2012/.

Nuclear Suppliers Group (n.d.) Good practices for corporate standards to support the efforts of the international community in the non-proliferation of weapons of mass destruction. Available at: http://www.nuclearsuppliersgroup.org/images/Files/National_Practices/NSG_Measures_for_industry_update_revised_v3.0.pdf.

UN Security Council (2014) Final report of the Panel of Experts established pursuant to resolution 1929 (2010). S/2014/394. June 11. Available at: http://www.securitycouncilreport.org/atf/cf/%7B65BFCF9B-6D27-4E9C-8CD3-CF6E4FF96FF9%7D/S_2014_394.pdf.

US Justice Department (2009) Credit Suisse agrees to forfeit $536 million in connection with violations of the International Emergency Economic Powers Act and New York State law. December 16. Available at: http://www.justice.gov/opa/pr/credit-suisse-agrees-forfeit-536-million-connection-violations-international-emergency.

US Justice Department (2012a) ING Bank N.V. agrees to forfeit $619 million for illegal transactions with Cuban and Iranian entities. June 12. Available at: http://www.justice.gov/opa/pr/ing-bank-nv-agrees-forfeit-619-million-illegal-transactions-cuban-and-iranian-entities.

US Justice Department (2012b) Standard Chartered Bank agrees to forfeit $227 million for illegal transactions with Iran, Sudan, Libya, and Burma. December 10. Available at: http://www.justice.gov/opa/pr/standard-chartered-bank-agrees-forfeit-227-million-illegal-transactions-iran-sudan-libya-and.

US Justice Department (2012c) HSBC Holdings Plc. and HSBC Bank Usa N.a. admit to anti-money laundering and sanctions violations, forfeit $1.256 billion in deferred prosecution agreement. December 11. Available at: http://www.justice.gov/usao/nye/pr/2012/2012dec11.html.

10.

US Justice Department (2014a) BNP Paribas agrees to plead guilty and to pay $8.9 billion for illegally processing financial transactions for countries subject to U.S. economic sanctions. June 30. Available at: http://www.justice.gov/opa/pr/bnp-paribas-agrees-plead-guilty-and-pay-89-billion-illegally-processing-financial.

11.

US Justice Department (2014b) Indicted Chinese national lands at Boston’s Logan Airport to face federal prosecution for supplying Iran with nuclear production parts. December 5. Available at: http://www.justice.gov/usao-ma/pr/indicted-chinese-national-lands-boston-s-logan-airport-face-federal-prosecution-supplying.

12.

US Justice Department (2015) Commerzbank AG admits to sanctions and bank secrecy violations, agrees to forfeit $563 million and pay $79 million fine. March 12. Available at: http://www.justice.gov/opa/pr/commerzbank-ag-admits-sanctions-and-bank-secrecy-violations-agrees-forfeit-563-million-and.

13.

Wisconsin Project on Nuclear Arms Control (n.d.) The risk report. Available at: http://www.riskreport.org/.