OFAC, State Department, and Coast Guard Issue New Guidance About Sanctions Evasion Practices in Shipping Industry

On May 14, 2020, the US Department of Treasury’s Office of Foreign Assets Control (“OFAC”), the US Department of State, and US Coast Guard issued a Sanctions Advisory for the Maritime Industry, Energy and Metal Sectors, and Related Communities (the "Advisory"). The Advisory focuses on Iran, North Korea, and Syria, and offers information about, and tools to combat, emerging trends related to illicit shipping and sanctions evasion practices.

Illicit practices identified by the Advisory include, among other things, disabling or manipulating the automatic identification system ("AIS") on vessels, falsifying cargo and vessel documents, and employing complex ownership or management structures. In turn, the Advisory makes several recommendations to combat these practices, including implementing “risk-based” sanctions compliance programs, establishing AIS best practices, and conducting know your customer ("KYC") and counterparty due diligence.

The Advisory is intended primarily for ship owners, managers, operators, brokers, ship chandlers, flag registries, port operators, shipping companies, freight forwarders, classification service providers, commodity traders, insurance companies, and financial institutions. However, the Advisory is yet another reminder of OFAC’s—and US enforcement authorities’—continued focus on risk-based sanctions compliance, and draws its guidance from principles that are generally applicable to all US and non-US companies alike. Indeed, the Advisory “encourages” all energy and metals companies to “take appropriate action” in response to it.

Types of Deceptive Shipping Practices

The Advisory “updates and expands on” several specific shipping advisories OFAC has issued with respect to North Korea (on February 23, 2018, and March 21, 2019), Iran (on September 4, 2019), and Syria (on November 20, 2018, and March 25, 2019), by identifying “common deceptive shipping practices” and “general approaches to . . . tailoring due diligence and sanctions compliance policies and procedures.”

The Advisory identifies several “novel ways” by which “malign actors . . . seek . . . to exploit global supply chains,” and cautions companies involved in the maritime sector “to be vigilant against” against such tactics and to “exercise heightened due diligence with respect to shipments” transiting high risk areas.

• Disabling or manipulating AIS. Malign actors may attempt to disable or manipulate—“spoof”—data transmitted by AIS, “an internationally mandated system that transmits a vessel’s identification and navigational positional data.” These tactics can conceal a vessel’s destination or other information about its voyage.
• Physically altering vessel identification. Sanctions evaders may also physically alter larger vessels’ International Maritime Organization Numbers (“IMO”), a unique seven-digit vessel identification code that does not change regardless of the vessel’s ownership.
• Falsifying cargo and vessel documents. Cargo and vessel documentation, such as bills of lading and certificates of origin, may be falsified to hide or obscure the origin of, for example, petroleum products and metals.
• Ship-to-ship (“STS”) transfers. Although STS transfers (the transfer of cargo between ships at sea) may be used legitimately, they may also be “used to evade sanctions by concealing the origin or destination of surreptitiously transferred petroleum, coal, and other material.”
• Voyage irregularities. Indirect routes, unscheduled detours, and transhipment through third countries may be used to conceal or obscure the ultimate destination or origin of cargo or its recipients.
• False flags and flag hopping. Malign actors may falsify or repeatedly register new flag states “to avoid detection.”
• Complex ownership or management. Malign actors may use “complex business structures, including . . . shell companies and/or multiple levels of ownership and management, to disguise the ultimate beneficial owner of cargo or commodities.”

Shipping Compliance Best Practices

As we have previously reported, US and non-US companies may be able to mitigate their exposure to sanctions risks and liabilities by maintaining “risk-based” sanctions compliance programs consistent with OFAC’s Framework for Compliance Commitments.

The Advisory draws on principles of risk-based compliance outlined in OFAC’s Framework that are generally applicable to all companies, and identifies several specific practices that should, as appropriate, be employed to combat illicit shipping tactics.

• Institutionalize sanctions compliance programs. Companies should institute compliance programs tailored to the risks of their businesses (e.g., jurisdictions in which they do business, customers that they serve). These programs should, among other things, be reflected in written policies and procedures, incorporate counterparty due diligence programs (such as screening software), and “provide training and resources to personnel.” Companies should also consider communicating their sanctions compliance commitments and expectations to customers and counterparties.
• Establish AIS best practices and contractual requirements. Companies “are encouraged to investigate signs and reports of AIS transponder manipulation before entering into new contracts,” and financial institutions may “implement relevant controls for their maritime industry clients.” Significantly, OFAC suggests that companies should also “consider incorporating contractual language . . . [among other things] prohibit[ing] transfers of cargo to client vessels that are not broadcasting AIS.”
• Monitor ships throughout the entire transaction lifecycle. Ship owners, managers, and charter companies should consider “continuously monitor[ing] vessels,” by, for example, supplementing AIS with Long Range Identification and Tracking (LRIT).
• KYC and counterparty due diligence. Companies “should continue to conduct risk-based due diligence,” by, for example, investigating the ultimate beneficial owners of a vessel and verifying those owners with name, passport, and address information.
• Conduct supply chain due diligence. Likewise, companies should consider conducting supply chain due diligence to ensure that customers and counterparties are not “sending or receiving commodities that may trigger sanctions” (e.g., by re-exporting US-origin goods from a third country to Iran or otherwise violating US economic sanctions or export controls).
• Contractual language. The Advisory encourages members of the maritime industry “to incorporate [the Advisory’s] best practices” into contracts related to “commercial trade, financial, and other business relationships.”
• Industry information sharing. The Advisory also encourage maritime industry groups to raise awareness of potential illicit practices. For example, P&I clubs could inform other P&I clubs of new tactics used to evade sanctions.

Specific Guidance for Different Members of the Maritime Industry

The Advisory also offers specific guidance for different members of the maritime industry. For example, among other things:

• Maritime insurance companies. The Advisory encourages maritime insurance companies to monitor AIS transmissions and investigate suspicious disruptions of those transmissions, conduct appropriate due diligence, and incorporate contractual protections with counterparties.
• Flag registry managers. The Advisory encourages flag registry managers to verify IMO numbers, research the AIS history of vessels transporting, for example, oil and petroleum, and continuously monitor AIS transmissions.
• Port state control authorities. The Advisory encourages these authorities to deny entry to ships with a history of AIS disablement or manipulation, review bills of lading and other shipping documentation, and protect authority employees from retaliation for reporting illegal and sanctionable behavior.
• Shipping industry associations. Associations are encouraged to share information with other associations to address illicit shipping practices as new practices develop.
• Commodity trading, supplier, and brokering companies. These companies are encouraged to monitor AIS transmissions for potential STS transfers, sensitize clients to potential sanctions risks, and identify other signs of misconduct (e.g., below market-rate sales of petroleum products).
• Financial institutions. The Advisory encourages financial institutions to “employ appropriate risk mitigation measures consistent with applicable existing US laws and regulations designed to combat money laundering and terrorist and proliferation financing.”
• Ship owners, operators, and charters. These entities are encouraged to continuously monitor vessels, assess the AIS history of new clients, and communicate their compliance expectations to customers and counterparties.
• Classification Societies. These societies are encouraged to keep records of vessels to enhance end-use verification, adopt KYC diligence measures, and retain color photocopies of relevant diligence documents (e.g., passports).
• Vessel captains and crewing companies. Captains and crewing companies are encouraged to ensure deck officers are aware of AIS regulations and illicit shipping guidance and research a vessel’s AIS history.

* * *

We have a global platform specializing in compliance and investigations work, and are ready to help companies design and implement sanctions and other compliance programs to meet regulators’ expectations. Please contact the authors or your usual Herbert Smith Freehills contacts for more information.