In ruling NY N313010 (July 22, 2020), Customs and Border Protection (CBP) discussed the classification of the AquaFusion Water Filter.

General Rule of Interpretation (GRI) 1, HTSUS, states in part that for legal purposes, classification shall be determined according to the terms of the headings, any relative section or chapter notes and, unless otherwise required, according to the remaining GRI’s taken in order. Goods that are, prima facie, classifiable under two or more headings, are classifiable in accordance with GRI 3, HTSUS. CBP stated that the articles are put up in a manner suitable for sale directly to users without repacking. Therefore, the item in question is within the term “goods put up in sets for retail sale.” GRI 3(b) states in part that goods put up in sets for retail sale, which cannot be classified by reference to GRI 3(a), are to be classified as if they consisted of the component that gives them their essential character. In this case, CBP found that the essential character of the AquaFusion is filtering component. The item’s primary function is to filter water with an auxiliary or secondary feature of mixing the flavor in the end. Without the filter function, the machine will not work but not vice versa. Water filters are more specifically provided for elsewhere.

CBP determined that the applicable subheading for the AquaFusion will be 8421.21.0000, HTSUS, which provides for “Centrifuges, including centrifugal dryers; filtering or purifying machinery and apparatus, for liquids or gases; parts thereof: Filtering or purifying machinery and apparatus for liquids: For filtering or purifying water.”  The general rate of duty is Free.

Pursuant to U.S. Note 20 to Subchapter III, Chapter 99, HTSUS, products of China classified under subheading 8421.21.0000, HTSUS, unless specifically excluded, are subject to an additional 25 percent ad valorem rate of duty.  At the time of importation, the Chapter 99 subheading, 9903.88.01, in addition to subheading 8421.21.0000, HTSUS, must be reported.

In ruling NY N312553 (July 16, 2020), Customs and Border Protection (CBP) discussed the classification of vegetable oil spreads.

There are two products under review:

I Can’t Believe It’s Not Butter!® is made of vegetable oil (canola oil, palm kernel oil, and palm oil, canola – 45 percent), water, salt, sunflower lecithin, natural flavor, vinegar, vitamin A palmitate and beta-carotene (color). The product will be imported in retail sized tubs with a net weight of 490 grams.

Flora™ Plant Butter is made of vegetable oil (palm oil, palm kernel oil, sunflower oil, and canola oil – 79 percent), water, salt, sunflower lecithin, fava bean protein, citric acid, natural flavor, beta carotene (color), and vitamin A palmitate.  The product will be imported in retail sized paper wrappers with a net weight of 250 grams.

CBP determined that the applicable subheading for the “I Can’t Believe It’s Not Butter!®” and “Flora™ Plant Butter” will be 1517.90.9090, HTSUS, which provides for: “Margarine; edible mixtures or preparations of animal or vegetable fats or oils or of fractions of different fats or oils of this chapter, other than edible fats or oils or their fractions of heading 1516: Other: Other: Other.” The rate of duty is 8.8 cents/kg.

The Financial Crimes Enforcement Network (FinCEN) has issued two advisories to alert financial institutions to scams related to the COVID-19 pandemic, and has stated that it intends to continue to issue similar alerts.  The advisories, based on FinCEN’s analysis of COVID-19-related information obtained through Bank Secrecy Act (BSA) data, public reports, and law enforcement partners are intended to aid financial institutions in detecting, preventing, and reporting potential COVID-19-related criminal activity and provide “red flags” that may assist financial institutions in identifying suspicious activity.

Most recently, FinCEN issued an alert on July 7, 2020, describing indicators of imposter scams and money mule schemes, which FinCEN said illicit actors are using to take advantage of the COVID-19 pandemic.  On May 18, 2020, FinCEN issued an advisory alerting financial institutions to the rise in medical scams related to the pandemic.  These alerts follow earlier COVID-19-related guidance from FinCEN that, in part, identified certain trends of potential suspicious activity, and advised financial institutions to be alert for the kind of malicious or fraudulent transactions that it suggested are common with natural disaster.  FinCEN requested that financial institutions reference the consumer fraud advisory by including the term “COVID19 MM FIN-2020-A003” in SAR field 2 and reference the medical scam advisory by including “COVID19 FIN-2020-A002”.

Consumer Fraud Scams

On July 7, 2020, FinCEN issued an advisory alerting financial institutions to indicators of imposter scams and money mule schemes; two forms of consumer fraud that FinCEN has observed during the COVID-19 pandemic.

Imposter scams involve criminals impersonating organizations such as government agencies, non-profit groups, universities, or charities to offer fraudulent services or to defraud victims.  FinCEN described the basic methodology of an imposter scam as one that “involves an actor (1) contacting a target under the false pretense of representing an official organization, and (2) coercing or convincing the target to provide funds or valuable information, engage in behavior that causes the target’s computer to be infected with malware, or spread disinformation.”  Based on FinCEN’s analysis of COVID-19-related information obtained from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement partners, in COVID-19-related scams, imposters may pose as officials from the U.S. Internal Revenue Service (IRS), the Center for Disease Control and Prevention (CDC), the World Health Organization (WHO), or other healthcare and non-profit groups and academic institutions.  These illicit actors may use the scams to deceive vulnerable populations, such as the elderly or unemployed, through the solicitation of payments, donations, or personal information through email, robocalls, and text messages.

FinCEN included in the alert the following list of “red flags” to help financial institutions identify and report suspicious activity related to imposter scams:

  • A customer indicating that a person claiming to represent a government agency contacted them asking for personal or bank account information to verify, process, or expedite Economic Impact Payments (“EIPs”), unemployment insurance, or other benefits. FinCEN suggested that financial institutions remain alert to communications emphasizing “stimulus check” or “stimulus payment” in solicitations to the public, sometimes claiming that the fraudulent entity can expedite the “stimulus check” or other government payment on behalf of the beneficiary for a fee paid by gift card or prepaid card;
  • Receipt of a document that appears to be a check or prepaid debit card from the U.S. Treasury, often in an amount less than the expected EIP, with instructions to contact the fraudulent government agency, via a phone number or online, to verify personal information in order to receive the entire benefit;
  • Unsolicited communications from purported trusted sources or government programs related to COVID-19, instructing readers to open embedded links or files or to provide personal or financial information, including account credentials (e.g., usernames and passwords);
  • Email addresses in COVID-19 correspondence that do not match the name of the sender, contain misspellings, or do not end in the corresponding domain of the organization from which the message allegedly was sent. For example, while government agencies will use “.gov” or “.mil”; many legitimate charities will use “.org”; and WHO emails will contain “@who.int”, fraudsters may use “.com” or “.biz” in place of the expected domain;
  • Email correspondence that contains subject lines that government or industry have identified as being associated with phishing campaigns, or that contains embedded links or webpage addresses for purported COVID-19 resources that have irregular URLs (e.g., slight variations in domain extensions like “.com,” “.org”; and “.us”). Examples of U.S. government-identified COVID-10 phishing email subject lines include “2020 Coronavirus Updates,” “Coronavirus Updates,” “2019-nCov: New confirmed cases in your City,” and “2019-nCov: Coronavirus outbreak in your city (Emergency)”;
  • Solicitations where the person, email, or social media advertisement seeks donations on behalf of a reputable organization, but is not affiliated with the reputable organization (e.g., the solicitor is not recognized or endorsed as an employee or volunteer by the organization, the email address is misspelled or not connected to the organization, or the social media advertisement directs individuals to an unaffiliated website);
  • A charitable organization soliciting donations that (1) does not have an in-depth history, financial reports, IRS annual returns, documentation of their tax-exempt status, or (2) cannot be verified by using various internet-based resources that may assist in confirming the group’s existence and its non-profit status;

Money mule schemes use witting, unwilling, or complicit participants, to move illegally acquired money.  During the COVID-19 pandemic, FinCEN noted that U.S. authorities have detected illicit actors using money mule schemes involving good-Samaritan, romance, and work-from-home schemes and have identified criminals using money mules to exploit unemployment insurance programs during the COVID-19 pandemic.

FinCEN included in the alert a list of “red flags” specific to money mule schemes:

  • The customer’s personal bank account starts to receive transactions that do not fit his or her transactional history profile, including overseas transactions, the purchase of large sums of convertible virtual currency, or transactions in large fiat amounts, or the account generally had a low balance until the customer became involved in a money mule scheme. When asked about the changes in transactions, the customer declines requests for “know your customer” documents or inquiries regarding sources of funds, and may mention COVID-19, relief work or a “work-from-home” opportunity as the source of the income;
  • The customer opens a new bank account in the name of a business and someone shortly thereafter transfers the funds out of the account. The person transferring the funds could be the registered accountholder or someone else, and may keep a portion of the money he or she transferred (per instruction of the scammer).  FinCEN noted that while this activity, in and of itself, may not be suspicious, it may become so if the individual provides unsatisfactory answers to the financial institution’s inquiries, declines to provide essential “know your customer” documents, or mentions COVID-19, relief work, or “work from home” opportunities as the source of the funds;
  • The customer opens accounts in his or her name at multiple banks so he or she may receive money from various individuals or businesses, then moves the money to other accounts at the direction of the customer’s purported employer;
  • The customer receives multiple state unemployment insurance payments to his or her account, or to multiple accounts held at the same financial institution, within the same disbursement timeframe (e.g., weekly or biweekly payments) issues from or multiple states;
  • The customer’s account(s) receives an unemployment deposit from a different state in which he or she reportedly resides or has previously worked;
  • The customer’s account receives unemployment insurance payments for numerous employees or the accountholder name and ACH program “remit to” name do not match;
  • Deposited funds are quickly diverted via wire transaction to foreign accounts located within countries known for having poor anti-money laundering controls;
  • The customer makes one or more atypical transactions involving an overseas account, especially through unusual payment methods for the customer. When asked about the transaction, the customer indicates it is for a person located overseas who is in need of financial assistance because of the COVID-19 pandemic;
  • Documentation from the customer shows that the purported employer or recruiter uses a common web-based, free email service instead of a company-specific email. For example, instead of a company- or organization-specific email address, such as first.lastname@ABCcompany.com or lastname@XYZ.NGO.org, the email address is from a common and free email address provider;
  • The customer provides information that his or her purported employer asked the customer to receive funds into his or her personal bank account, so that the employer can then process or transfer funds via wire transfer, ACH, mail, or money services businesses out of the customer’s personal account; and
  • The customer states, or information shows, that an individual, whom the customer may not have known previously, requested financial assistance to send/receive funds through the customer’s personal account, including requested by individuals claiming to be a U.S. Service member who is reportedly stationed abroad; a U.S. citizen working or traveling abroad; or a U.S. citizen quarantined abroad.

Medical Scams

FinCEN had earlier issued an advisory on May 18, 2020, alerting financial institutions to rising medical scams related to the COVID-19 pandemic.  Based on BSA information, and information collected from other federal agencies, foreign government partners, and public sources, FinCEN informed financial institutions of possible illicit activities related to the COVID-19 pandemic.  Such scams include those in which (1) fraudulent COVID-19-related cures, tests, vaccines, and associated services are offered to the public; (2) a customer pays a company for goods the customer will never receive; and (3) bad actors engage in price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.

In the alert, FinCEN identified the following “red flags” to help financial institutions identify and report suspicious activity related to COVID-19-related medical scams:

  • Medical-Related Frauds, Including Fraudulent Cures, Tests, Vaccines, and Services
    • S. authorities, such as the Federal Trade Commission (“FTC”), the Food and Drug Administration (“FDA”), or the Department of Justice (“DOJ”), have identified the company, merchant, or business owners as selling fraudulent products;
    • A web-based search or review of advertisements indicates that a merchant is selling at-home COVID-19 tests, vaccines, treatments, or cures;
    • The customer engages in transactions to or through personal accounts related to the sale of medical supplies, which could indicate that the selling merchant is an unregistered or unlicensed business or is conducting fraudulent medical-related transactions;
    • The financial institution’s customer has a website with one or more indicia of suspicion, including a name/web address similar to real and well-known companies, a limited internet presence, a location outside of the United States, and/or the ability to purchase pharmaceuticals without a prescription when one is usually required;
    • The product’s branding images found in an online marketplace appear to be slightly different from the legitimate product’s images, which may indicate a counterfeit product;
    • The merchant is advertising the sale of highly sought-after goods related to the COVID-19 pandemic and response at either deeply discounted or highly inflated prices;
    • The merchant is requesting payments that are unusual for the type of transaction or unusual for the industry’s pattern of behavior. For example, instead of a credit card payment, the merchant requires a pre-paid card, the use of a money services business, convertible virtual currency, or that the buyer send funds via an electronic funds transfer to a high-risk jurisdiction; and
    • FinCEN also stated that financial institutions might detect patterns of high chargebacks and return rates in their customer’s accounts, which may be indicative of merchant fraud in general.
  • Non-Delivery Fraud of Medical-Related Goods Scams
    • The merchant does not appear to have a lengthy corporate history (e.g., the business was established within the last few months), lacks physical presence or address, or lacks an Employer Identification Number (“EIN”). Additionally, if the merchant has an address, there are noticeable discrepancies between the address and a public record search for the company or the street address, multiple businesses at the same address, or the merchant is located in a high-risk jurisdiction or a region that is not usually associated with the merchandise they are selling;
    • Searches in corporate databases reveal that the merchant’s listing contains a vague or inappropriate company name, multiple unrelated names, a suspicious number of name variations, multiple “doing business as” (“DBA”) names, or does not align with its business model;
    • Merchants are reluctant to provide the customer or the financial institution that is processing that transactions with invoices or other documentation supporting the stated purpose of trade-related payments;
    • The financial institution does not understand the merchant’s business model, and has difficulty determining the true nature of the company and its operations;
    • The merchant cannot provide shipment-tracking numbers to the customer or proof of shipment to a financial institution so it may process related financial instructions;
    • The merchant claims several last minute and suspicious delays in shipment or receipt of goods. For example, the merchant claims that the equipment was seized at port or by authorities, that customs has not released the shipment, or that the shipment is delayed on a vessel and cannot provide any additional information about the vessel to the customer or their financial institution;
    • The merchant cannot explain the source of the goods or how the merchant acquired bulk supplies of highly sought-after goods related to the COVID-19 pandemic;
    • Domestic or foreign governments have identified the merchant or its owners/incorporators as being associated with fraudulent criminal activities; and
    • A newly-opened account receives a large wire transaction that the account holder failed to mention during the account opening process.
  • Price Gouging and Hoarding of Medical-Related Items
    • In addition to the use of personal accounts for business purposes, a customer begins using their personal accounts for business-related transactions after January 2020, and sets up a medical supply company or is selling highly sought-after COVID-19-related goods online, such as hand sanitizer, toilet paper, masks and anti-viral disinfectant cleaning supplies;
    • The customer begins using their money services or bank account differently;
    • The customer’s accounts are receiving or sending electronic fund transfers (“EFT”) to/from a newly established company that has no known physical or internet presence;
    • The customer’s account is used in transactions for COVID-19-related goods, such as masks and gloves, with a company that is not a medical supply distributor, is involved in other non-medical-related industries, or is not known to have repurposed its manufacturing to create medical-related goods.; and
    • The customer makes unusually large deposits that are inconsistent with the customer’s profile or account history. Upon further investigation, the customer states, or open-source research indicates, that the customer was selling COVID-19-related goods not usually sold by the customer.

Practical Considerations

FinCEN’s guidance throughout the COVID-19 pandemic makes clear that the agency expects financial institutions to remain vigilant against efforts by fraudsters and other bad actors to take advantage of the pandemic.

Institutions should consider the “red flags” identified by the agency in these advisories, in addition to other available information, and consider incorporating them as part of their suspicious activity monitoring.

As the environment surrounding the COVID-19 pandemic continues to evolve, financial institutions should continue to watch for additional guidance from FinCEN and other regulators.

On July 16, 2020, the Financial Crimes Enforcement Network (FinCEN) issued an alert to financial institutions emphasizing a recent scam exploiting Twitter accounts to fraudulently solicit virtual currency payments.  The cyber threat actors involved in the scam compromised accounts of various public figures, organizations, and financial institutions in an attempt to solicit virtual currency payments by claiming these payments would be doubled and returned to the senders.  FinCEN asked financial institutions not to send money or provide identifying or confidential information if they receive such a solicitation before verifying its authenticity, and reminded virtual currency exchanges and other financial institutions to identify and report suspicious transactions determined to be associated with the scam. Included in those Suspicious Activity Reports (SARs) should be any “relevant technical cyber indicators related to cyber events and associated transactions.”   Examples of possible cyber indicators include chat logs, suspicious IP addresses, suspicious email addresses, suspicious filenames, malware hashes, CVC addresses, command and control (C2) IP addresses, C2 domains, targeted systems, MAC address or port numbers.  This appears to be a reference to the types of “cyber-related information” that FinCEN previously has instructed financial institutions to include in SARs where it is available.

FinCEN included in the alert a list of “red flags” to help financial institutions identify and report suspicious activity potentially related to the scam:

  • Promises of high or guaranteed investment or donation returns for payments made to accounts with which a financial institution had no prior business relationship.
  • Communications, including social media posts, soliciting payments that have misspellings or messages out-of-profile for the counterparty, soliciting payments from individuals or organizations with whom a financial institution had no prior existing business relationship, including celebrities or public figures.
  • Solicitations requesting donations via social media where the solicitor is not affiliated with a reputable organization.
  • Social media posts that solicit donations or advertise give-aways that appear from accounts that are not “verified” through the social media platform account verification processes or that misspell the celebrity or financial institution’s name.
  • Multiple social media accounts communicating the same message soliciting funds for an unknown purpose or to an unknown account.
  • Communications, including social media posts, that provide the same CVC address across multiple celebrity or prominent financial institution social media accounts.

FinCEN directed financial institutions to include the term “FIN-2020-Alert001” in SARs reporting this activity.  Financial institutions may also reference FinCEN’s May 2019 Advisory on Illicit Activity Involving Convertible Virtual Currency for additional red flags of illicit CVC activity, and its Cyber Event FAQs for additional information on reporting cyber events.

In ruling NY N312893 (July 10, 2020), Customs and Border Protection (CBP) discussed the classification of a garden weeding robot. The Tertill™ Model T1 – Garden Weeding Robot is designed to remove weeds from gardens in two ways.  As it moves and turns in the garden, the robot’s wheels scrub the soil, which in turn damages weed sprouts and prevents growth.  The robot also cuts emerging weeds with a nylon string that is affixed to the bottom of the robot.  The string spins rapidly and cuts the weed in place.  The weeding robot is battery operated and weighs approximately 5lbs, with an 11.7” diameter and 7.2” in height.  The battery is solar powered and the robot also incorporates a supplemental USB charging port.

The weeding robot will be imported in a box along with protective plant collars, a wheel wrench and spare nylon weed whacker strings.  In its imported condition, the Tertill™ Model T1 is classified as a “set” pursuant to General Rule of Interpretation (GRI) 3(b). GRI 3(b) states that “goods put up in sets for retail sale shall be classified as if they consisted of the material or component which gives them their essential character”.  Although sold in a box with plant collars, a wrench, and spare nylon weed whacker stings, CBP states that the robot imparts the essential character of the set. 

CBP determined that the applicable subheading for the Tertill™ Model T1 – Garden Weeding Robot is be 8432.29.0080, HTSUS, which provides for agricultural, horticultural or forestry machinery for soil preparation or cultivation; lawn or sports ground rollers; parts thereof: …harrows, scarifiers, cultivators, weeders, and hoes: other… cultivators, weeders and hoes: other.  The general rate of duty will be free.

Pursuant to U.S. Note 20 to Subchapter III, Chapter 99, HTSUS, products of China classified under subheading 8432.29.0080, HTSUS, unless specifically excluded, are subject to an additional 25 percent ad valorem rate of duty.  At the time of importation, the Chapter 99 subheading, 9903.88.02, in addition to subheading 8432.29.0080, HTSUS, must be reported.

On July 14th, President Trump signed into law the Hong Kong Autonomy Act (the “Act”) that Congress unanimously passed earlier this month, and simultaneously issued an as-yet-unnumbered Executive Order (the “HK EO”) that implements many of its provisions. These actions follow the June 30th imposition by the government of the People’s Republic of China (“China”) of a far-reaching national security law on Hong Kong (“National Security Law”). Taken together, the Act and the HK EO create a new Hong Kong / China-related sanctions program that targets non-U.S. persons making “material contributions” to the failure of the Government of China to uphold its obligations under the Joint Declaration and Basic Law, the law that codified China and Hong Kong’s ‘one country, two systems’ paradigm (the “Basic Law”). They also, along with the recent Uighur Human Rights Policy Act and designations against Chinese companies under existing authorities, such as the Magnitsky Human Rights Accountability Act, can be understood as part of the emergence of a broader sanctions policy targeting China.

While the Act and the HK EO contain a number of elements that are not sanctions-related, the following are the key sanctions aspects.

The Hong Kong Autonomy Act (the “Act”)

The Act creates a structure for the potential future imposition of sanctions, requiring the Department of State (“State”) to issue a report (the “State Report”) within 90 days after its enactment and annually thereafter.  The initial State Report must be published by October 12, 2020, 90 days after the Act was signed into law on July 14, 2020.  The structure for the Report and the sanctions it requires are below:

  • Persons Identified in the State and Treasury Reports: State must identify in the State Report any non-U.S. persons that have “materially contributed” to the failure of the Government of China to uphold its obligations under the Basic Law.  Between 30 to 60 days after the State Report, the Treasury Department (“Treasury”) is required to issue a separate report (the “Treasury Report”) that identifies any foreign financial institution (“FFI”) that “knowingly conducts a significant transaction with the foreign persons.”
    • The Act defines an FFI by cross-referencing a much broader definition of “financial institution” in the U.S. code, and not the definition of “foreign financial institution” used by the U.S. Financial Crimes Enforcement Network (“FinCEN”), which is cross-referenced in other U.S. sanctions legislation, such as the Countering America’s Adversaries Through Sanctions Act (“CAATSA”). This means that a number of non-U.S. entities, including, in particular, insurance companies, that are not considered FFIs in most aspects of U.S. sanctions, would be subject to this provision.
  • Sanctions on Non-U.S. Persons: Under the Act, once the State Report is issued, the President “may,” impose blocking sanctions on those non-U.S. persons named in that initial report or any subsequent report.  However, if a non-U.S. person is named in any two State Reports then the President “shall” impose blocking sanctions on that non-U.S. person.
  • Sanctions on FFIs: The Act structures sanctions against FFIs differently
  • Sanctions After One Year: Following the expiration of one year after an FFI has been included in a Treasury Report, State is required to impose five or more sanctions from the following “menu” of sanctions, unless the FFI has been removed from the Treasury Report: (1) prohibitions on loans from U.S. financial institutions; (2) prohibition on designation as a primary dealer of United States Government debt instruments; (3) prohibition from serving as an agent of the United States Government or from serving as a repository for United States Government funds; (4) prohibition on foreign exchange transactions subject to U.S. jurisdiction in which the FFI has an interest; (5) prohibition on U.S. correspondent banking services to the FFI; (6) imposition of blocking / asset freezing on any property or interest in property within U.S. jurisdiction of the FFI; (7) restrictions or prohibitions on exports to the FFI; (8) ban on United States persons “investing or purchasing significant amounts in equity or debt instruments of the foreign financial institution”; (9) denial of Unites States entry to corporate officers of the FFI; and (10) imposition of sanctions options (1)–(8) on principal executive officer(s) of the FFIs or persons with similar functions or authorities.
  • Sanctions After Two Years: If an FFI remains on the Treasury Report for two years, the President is statutorily required to impose all10 of these sanctions against the FFI.

The President can remove entities from either the State Report or Treasury Report, if he determines that the entity’s actions (1) “do not have a significant and lasting negative effect that contravenes” China’s obligations under the Basic Law; (2) “are not likely to be repeated in the future”; and (3) “have been reversed or otherwise mitigated through positive countermeasures taken” by the FFI or foreign person.

The President’s Executive Order on Hong Kong Normalization (“HK EO”)

The President simultaneously issued the HK EO, which includes provisions beyond those required by the Act.  The HK EO includes a number of elements that require “normalizing” the U.S. treatment of Hong Kong to be consistent with how the U.S. Government treats the rest of China on everything from passports to export controls, which we do not summarize here; we did recently summarize export control related developments with respect to Hong Kong in a separate alert.

The HK EO also creates a new sanctions program, which provides additional designation criteria beyond those enumerated in the Act. Specifically, the as-yet unnamed sanctions program grants either the Secretary of State or the Secretary of the Treasury (in consultation with the other) to designate for blocking sanctions any non-U.S. person they determine to:

  • be or have been involved, directly or indirectly, in the coercing, arresting, detaining, or imprisoning of individuals under the authority of, or to be or have been responsible for or involved in developing, adopting, or implementing, the Law of the People’s Republic of China on Safeguarding National Security in the Hong Kong Administrative Region (also referred to herein as the “National Security Law”);
  • be responsible for or complicit in, or to have engaged in, directly or indirectly, any of the following:
    • sanctions or policies that undermine democratic processes or institutions in Hong Kong;
    • actions or policies that threaten the peace, security, stability, or autonomy of Hong Kong;
    • censorship or other activities with respect to Hong Kong that prohibit, limit, or penalize the exercise of freedom of expression or assembly by citizens of Hong Kong, or that limit access to free and independent print, online or broadcast media; or
    • the extrajudicial rendition, arbitrary detention, or torture of any person in Hong Kong or other gross violations of internationally recognized human rights or serious human rights abuse in Hong Kong;
  • be or have been a leader or official of:
    • an entity, including any government entity, that has engaged in, or whose members have engaged in, any of the activities described in subsections (a)(i), (a)(ii)(A), (a)(ii)(B), or (a)(ii)(C) of this section; or
    • an entity whose property and interests in property are blocked pursuant to this order;
  • have materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, any person whose property and interests in property are blocked pursuant to this section;
  • be owned or controlled by, or to have acted or purported to act for or on behalf of, directly or indirectly, any person whose property and interests in property are blocked pursuant to this section; or
  • be a member of the board of directors or a senior executive officer of any person whose property and interests in property are blocked pursuant to this section.

Practical Considerations

The simultaneous passage into law of the Act and the implementation of the new HK EO raise a number of compliance issues for companies, including:

  • Identifying Direct Exposure to Sanctionable Conduct: The Act was designed to provide a built-in implementation period for companies to evaluate their exposure to potential sanctions risk by tying sanctions to a report that was only going to be issued 90 days after its enactment (October 12, 2020).  The HK EO changes that dynamic by providing an immediate sanctions authority that could be exercised today.  In the first instance, companies with operations in Hong Kong and China will need to immediately evaluate their operations to determine if they are undertaking any activity that could meet the designation criteria in the HK EO.
  • Indirect Exposure: The primary risk for most persons that are not actively engaged in activity that may be considered to meet the designation prongs is indirect; specifically, the risk that a company’s customers or other counterparties may become designated, creating legal and commercial exposure for the company. For companies that are subject to U.S. jurisdiction and operating in Hong Kong or China, this risk is immediate because they would be required to immediately terminate relationships with any non-U.S. person designated as subject to asset freezing measures, regardless of any contractual commitments they might have to such entities. Entities operating outside of U.S. jurisdiction will have a risk calculation to make regarding whether they want to continue to transact with U.S.-sanctioned parties and run the risks of (a) being designated themselves (for “material support”) and (b) counterparty pressure from banks and insurers unwilling to transact with persons transacting with U.S.-sanctioned parties.
  • Potential FFI Exposure: One specific variation of the above theme is the exposure to FFIs. The Act is designed to force the Administration to publicly identify FFIs that undertake a “significant” transaction for a designated person and to incentivize the FFI to change its behavior by only mandating sanctions 12 months later if it remains on the list. The net effect is that there may be a number of FFIs identified in the Treasury Report that will be issued between November 11 and December 10 (assuming the State Report is issued on time). Companies will then be forced to assess their risk appetite in interacting with those FFIs, knowing that they might be sanctioned within a year, and which may include some of the largest Chinese banks, insurers, or other financial institutions.
  • Conflict of Law Challenges: Finally, if the United States were to utilize the new designation authority, it could create conflict of law challenges for any persons operating in Hong Kong or China that are also subject to U.S. jurisdiction. Specifically, companies subject to the oversight of both U.S. and Chinese regulators will be forced to try and balance U.S. prohibitions on transacting with sanctioned persons with ambiguous requirements under China’s National Security Law.

We will continue to monitor this rapidly evolving scenario and provide guidance regarding the scope of the U.S. implementation of the Act and the HK EO.

In ruling NY N312344 (July 7, 2020), Customs and Border Protection (CBP) discussed the classification of a vinyl record recorder, the “PHONOCUT.” It records audio onto vinyl records from any analog audio source, such as the output of a smartphone.  Once an audio source is plugged into the “PHONOCUT,” the user pushes a button and sound is recorded onto a vinyl record.  This device has a cutting head that contains transducers that vibrate the diamond stylus, which cuts the appropriate grooves into the disc.  The finished vinyl records are playable on any standard phonograph record player; however, the “PHONOCUT” itself cannot reproduce sound .

CBP determined the applicable subheading for the “PHONOCUT” will be 8519.89.3000, HTSUS, which provides for Sound recording or reproducing apparatus: Other apparatus: Other: Other.  The rate of duty will be Free.

On June 29, 2020, the Financial Crimes Enforcement Network (FinCEN) issued helpful guidance on due diligence requirements for hemp-related businesses under the Bank Secrecy Act (BSA). The four-page guidance builds upon a December 3, 2019 joint statement on this topic issued by FinCEN, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency, in consultation with the Conference of State Bank Supervisors, and provides additional detail on due diligence and suspicious activity reporting for such businesses. FinCEN’s goal for the guidance is to “enhance the availability of financial services for, and the financial transparency of, hemp-related businesses in accordance with federal law.”

The 2018 Farm Bill

On December 20, 2018, the Agriculture Improvement Act of 2018 (2018 Farm Bill) removed hemp as a Schedule I substance under the Controlled Substance Act and directed the U.S. Department of Agriculture (USDA) to establish a regulatory framework for legal hemp production. The Bill defines “hemp” as the plant sativa L. and any part of that plant, including any derivatives, with a concentration of delta-9 tetrahydrocannabinol (THC) of 0.3 percent or less. THC is the psychoactive component of the sativa L. plant. Marijuana, a cousin of hemp which contains greater than 0.3 percent of THC, is still a controlled substance under federal law. USDA issued an interim final rule in October 2019 establishing such a program. It allows the production of hemp under a federal licensing scheme in states that do not prohibit hemp production, or under approved state or tribal licensing plans.

2019 Guidance from Federal Banking Agencies

Following this rule, FinCEN and the federal banking regulators issued the December 2019 joint statement, highlighting the key points of the USDA interim final rule—namely that hemp production requires a USDA-issued license or state or tribal approval and state and tribal governments may still make hemp production illegal.

The 2019 joint statement also discussed BSA anti-money laundering (AML) considerations. Specifically, the statement noted that financial institutions are no longer required to file a Suspicious Activity Report (SAR) solely because a customer is growing or cultivating hemp in accordance with the law, but still must otherwise comply with applicable regulatory “requirements for customer identification, suspicious activity reporting, currency transaction reporting, and risk-based customer due diligence, including the collection of beneficial ownership information for legal entity customers.”

June 2020 Guidance

FinCEN’s June 2020 guidance builds upon the December 2019 joint statement by (1) outlining BSA/AML due diligence expectations, (2) detailing SAR requirements and providing examples, and (3) briefly discussing currency transaction reporting.

  1. BSA/AML Due Diligence

FinCEN explains that, when conducting customer due diligence, financial institutions may confirm a hemp grower’s compliance with state, tribal, or federal licensing requirements by obtaining a written attestation by the business that it is validly licensed, or by obtaining a copy of the business’ license. The guidance further suggests that, depending on the risk the financial institution assesses for the customer, it might be appropriate to obtain additional information such as “crop inspection or testing reports, license renewals, updated attestations from the business, or correspondence with the state, tribal government, or USDA.”

  1. Suspicious Activity Reporting

Consistent with the December 2019 joint statement, FinCEN states that financial institutions no longer are required to file a SAR on a customer solely because it is engaged in the growth or cultivation of hemp in accordance with the law. However, normal SAR requirements otherwise apply, and FinCEN identifies several scenarios that might require reporting on such businesses, including customers that combine hemp with other, illegal, activities, or that operate without appropriate licenses or otherwise in violation of state or federal law. In cases where the transactions of a hemp-related business are comingled with marijuana-related activities, FinCEN instructs financial institutions to file a SAR in compliance with its 2014 guidance on SARs for marijuana-related businesses (MRBs). However, it says, “if the proceeds of the businesses are kept separate, or the customer and its financial institution are able to identify which proceeds are marijuana-related and which are hemp-related,” then the 2014 SAR guidance “applies only to the marijuana-related part of the business.” This is important guidance for financial institutions that may have understood that any transaction with a MRB would require a SAR.

  1. Currency Transaction Reports and FinCEN Form 8300

There are no special requirements for reporting currency transactions in connection with hemp-related businesses. Financial institutions should report hemp-related currency transactions in the same manner they would for any other transaction. Similarly, individuals receiving more than $10,000 in cash or other monetary instruments from a hemp-related business still need to report the transaction on FinCEN Form 8300.

Practical Considerations

The guidance provides practical, concrete suggestions for financial institutions to meet their customer diligence obligations with respect to hemp businesses, and useful clarification on the interaction of the 2018 Farm Bill with FinCEN’s previous guidance on SAR reporting relating to marijuana.

Financial institutions that provide, or are considering providing, financial services to such businesses should consider incorporating these diligence methods. They also should consider any necessary adjustments to their reporting under the 2014 marijuana guidance to reflect FinCEN’s new hemp-specific guidance, as well as the red flags FinCEN identifies for events that still may require SARs with respect to hemp businesses.

With implementation of the 2018 Farm Bill provisions on hemp-related businesses continuing, financial institutions should watch for additional guidance on this topic from FinCEN.

The Office of the Comptroller of the Currency (OCC) and the New York Department of Financial Services (NYDFS) each recently took significant steps to address the key impediments for virtual currency (VC) companies in the U.S. First, on June 24, NYDFS announced significant updates to its approach on Bitlicenses, New York’s business license for VC activities, which has traditionally been considered difficult to obtain.

Second, on June 25, 2020, Brian Brooks, the former Chief Legal Officer of Coinbase, Inc., and current Chief Operating Officer and First Deputy Comptroller at the OCC, announced that the OCC is planning to unveil a “payments charter” later this year which is intended to serve as a “national version of a state money transmission license.”

NYDFS Announcement

On June 24, 2020, NYDFS announced the following initiatives:

  • Proposed Conditional Licensing Framework: While NYDFS already has the authority to issue conditional Bitlicenses, it has yet to use this authority. With this proposed framework, VC businesses may apply for a conditional license when partnering with an existing Bitlicense holder. The existing Bitlicense holder would provide the conditional licensee with the operational, staffing, and other support the conditional licensee may need, including ensuring the conditional licensee meets anti-money laundering requirements. NYDFS requests public comment on this proposed framework by August 10th.
  • NYDFS and the State University of New York (SUNY) Memorandum of Understanding with the “SUNY Block”: The memorandum provides for a new program through which eligible start-ups and emerging companies may collaborate with a SUNY-related entity will be established and authorized by NYDFS to conduct VC business activity (the “SUNY VC Entity”). By offering this program at all 64 SUNY campuses, NYDFS seeks to expand virtual currency activity throughout the state; not just in New York City. The individual SUNY campuses will provide entities from local communities, including entities started or run by students or alumni, guidance and encouragement in applying for and receiving conditional BitLicenses from NYDFS based on their collaboration with the SUNY VC Entity.
  • Finalized Guidance on Self-Certification for New VC Listings: In addition to the conditional licensing framework, NYDFS also announced final guidance related to VC companies self-certifying the use of new VCs. NYDFS-regulated VC companies will be able to self-certify the use of new VCs without prior NYDFS approval, provided they have in place a coin-listing policy that has been previously approved by NYDFS. In addition, NYDFS will continuously provide updates to a list (the “Greenlist”) of VCs that all Bitlicense holders can list without prior approval of NYDFS.
  • Additional Resources for the VC Market on NYDFS Launch and Operational Requirements: Consistent with the tone of partnership and transparency of the other three updates, NYDFS also issued a notice of NYDFS Bitlicense review practices and new VC FAQs which NYDFS commits to updating regularly

NYDFS’ June 24th updates are partly the result of feedback the agency has received from VC businesses on their experiences with the Bitlicense and with NYDFS. Early on in her relatively new role, NYDFS’ Superintendent Linda Lacewell identified improving that experience and encouraging innovation, while ensuring regulatory compliance, as a “year one” priority.

OCC Announcement

The proposed “payments charter” unveiled by Brian Brooks would not only create a national money transmitter license, it would also offer nonbank payment providers, including VC businesses, a “national platform with preemption.” The charter would be rolled out in two versions; version 1.0 would not provide VCs access to the Federal Reserve’s (“Fed’s”) payment system. Version two, which is expected approximately 18 months after version 1.0, would include direct access to the Fed’s payment system.

This may be valuable for many VC businesses, because one of the greatest impediments has been the fact that nearly all U.S. states, plus the District of Columbia, have their own money transmitter laws, requiring businesses that want to operate across the U.S. to individually consider the laws of every state they operate in.  Preemption through a national “payments charter” would enhance efficiency and promote growth of VC businesses.

Practical Considerations

VC businesses interested in operating in New York may wish to provide comments (by August 10, 2020) and to help shape the NYDFS’ approach to conditional licenses.

Likewise, exploring the OCC’s new national money transmitter license offering with experienced counsel might help to understand whether this provides a better solution than the current “50 state” approach for money transmitter registration.

On July 3, 2020 Iran initiated a dispute resolution mechanism contained in the Joint Comprehensive Plan of Action (JCPOA), more commonly referred to as the Iran nuclear deal, to address concerns over implementation of the deal. The EU’s Foreign Policy Chief stated that he had received a letter from Iran triggering the dispute mechanism over concerns regarding implementation issues by the United Kingdom, France, and Germany. No details about the nature of Iran’s concerns were provided.

As set out in Paragraph 36 of the JCPOA, if Iran believes that any or all of the deal’s signatories were not meeting their commitments, Iran can refer the issue to the Joint Commission for resolution. The Joint Commission, consisting, since the U.S. withdrawal from the deal in May 2018, of China, Russia, the United Kingdom, Germany, France, and Iran would then have 15 days to resolve the issue, unless the Joint Commission parties mutually agree to an extension. If the issue remains unresolved, it may be reviewed at the Ministerial level and then by an Advisory Board consisting of two members appointed by the JCPOA states involved in the dispute and one independent member. If, after the Advisory Board issues a non-binding opinion, the Joint Commission still does not resolve the issue, it would be grounds for the complaining participant, in this case, Iran, to cease performing its commitments under the JCPOA and notify the UN Security Council (UNSC) that it believes the issue constitutes significant non-performance of the deal. Upon such notification, the UNSC would then have 30 days to vote on whether or not to continue with the sanctions lifting as outlined in the Iran nuclear deal. If a decision is not made within 30 days, then prior UNSC resolutions imposing sanctions against Iran would be re-imposed automatically. Iran has made clear that if sanctions are reinstated in whole or in part, that it will treat that as grounds to cease performing its commitments under the JCPOA.

This is the second time the dispute resolution mechanism of the JCPOA has been triggered. In January 2020, the UK, France, and Germany triggered the mechanism to force discussions on possible violations of the deal based on Iran’s refusal to be bound by the uranium enrichment limits of the deal. After negotiations between those parties and Iran, the dispute resolution mechanism was later suspended. No party, including the United States during its withdrawal from the deal, has triggered the full dispute resolution mechanism and followed the process to its conclusion with a UNSC vote.

Practical Considerations

The immediate practical effect of Iran’s complaint will be limited while the dispute resolution procedures play out. This could change if Iran claims grounds under the dispute resolution mechanism to cease performing its commitments under the JCPOA. Although Iran is unlikely to trigger the UNSC’s snapback procedure, in the event that Iran ceases performance, the remaining JCPOA states may decide to do so.

Even before events reach that point, Iran’s triggering of the dispute resolution procedure represents yet another threat to the JCPOA that has been on life support since the U.S. withdrawal in May 2018.

Iran has argued that it is no longer earning the benefits it expected from the deal, while the remaining EU signatories have struggled to provide those benefits, even going so far as to establish a separate payment mechanism, INSTEX. Nevertheless, despite these steps and the UNSC and EU’s repeated statements of support for the deal—as recently as a week ago, Rosemary DiCarlo, Under-Secretary-General for Political and Peacebuilding Affairs at the United Nations told the UNSC that the JCPOA “remains the best way to ensure the exclusively peaceful nature of Iran’s nuclear program. Its full implementation, and faithful adherence to resolution 2231, is also fundamental to regional stability”—many non-U.S. companies have withdrawn from Iran in reaction to the potential threat from U.S. primary and secondary sanctions, leaving Iran’s economy struggling.

Iran’s triggering of the dispute resolution mechanism is unlikely to affect these dynamics insofar as it will have no impact on the U.S.’s previous withdrawal from the deal and it is unlikely to be able to force EU Member States to take further steps to encourage their companies to invest in Iran’s economy. Instead, with every original member of the JCPOA except China and Russia now either having withdrawn from the deal (United States) or having accused the other parties of being in violation (Iran, France, Germany, and the United Kingdom), it remains to be seen just how much longer the deal can survive. If it collapses, that could lead to a renewed Iranian nuclear program and renewed EU and potentially UNSC sanctions sitting in parallel to the re-imposed U.S. sanctions.