On March 15, the Office of Foreign Assets Control (OFAC) designated as Specially Designated Nationals (“SDNs”) 2 new persons under an existing Obama-era cyber Executive Order, and 13 new persons under new authority granted by the Countering America’s Adversaries Through Sanctions Act (CAATSA). This was the first time OFAC has utilized any of the multitude of CAATSA authorities to designate new SDNs.
The agency also updated nine previously sanctioned persons, adding the Cyber and/or CAATSA designations.
As background, CAATSA Section 224 requires the imposition of asset blocking sanctions on a person the President determines “knowingly engages in significant activities undermining cybersecurity” on behalf of the Government of Russia.
These actions are closely linked to the recent Mueller indictment of Russian persons for allegedly interfering with U.S. elections. All 15 defendants in that indictment have now been designated as SDNs: three of them were previously designated (but have now been re-designated under a second authority) and the 12 others were newly designated as part of this action. Specifically, the Internet Research Agency LLC is named in the indictment, as are 11 individuals linked to the company.
OFAC amended Cyber General License No. 1, “Authorizing Certain Transactions with the Federal Security Service” (GL 1), and reissued it as Cyber General License No. 1A (GL 1A). GL1A has the same net effect as GL1 insofar as it authorizes transactions, subject to certain conditions, with the Federal Security Service (a.k.a. Federalnaya Sluzhba Bezopasnosti) (a.k.a. FSB) related to certain licensing and authorization functions that the FSB performs. The only change under GL1A was to clarify that the authorization continues to apply despite the FSB’s new designation under CAATSA Section 224 (i.e., GL1A authorizes transactions otherwise prohibited by both the Cyber sanctions and Section 224).
OFAC also published four updated FAQs relating to GL 1A and one updated CAATSA-related FAQ related to this action.