In this article for Law360, Kirkland attorneys Mario Mancuso, Anthony Rapa and Carrie Schroll examine how the Biden administration's newly authorized Russian sanctions, restrictions on dealings with companies in Belarus and other likely measures will affect the technology sector and how companies should respond to the changes.
On April 15, President Joe Biden issued Executive Order No. 14024, Blocking Property with Respect to Specified Harmful Foreign Activities of the Government of the Russian Federation, authorizing new sanctions in response to certain concerning actions by Russia, including election interference, extraterritorial activities against dissidents and journalists, and cyber threats to the U.S. and its allies.
The order authorizes the imposition of sanctions on an array of actors, including persons operating in the Russian technology and defense sectors.
Separately, on May 23, Belarusian President Alexander Lukashenko's regime allegedly forcibly diverted to Belarus a plane carrying a prominent Belarusian opposition figure and arrested him upon landing. Both the U.S. and European Union have responded by restricting flights over Belarus, and have called for sanctions on the responsible Belarusian parties.
These actions come after the Office of Foreign Assets Control, on April 19, issued General License 2H under the Belarus Sanctions Regulations. This replaced a series of general licenses that had broadly authorized dealings with certain restricted Belarusian parties, and instead provided authorization solely for the wind-down of existing business with those parties by June 3, 2021.
Based on these developments, U.S. companies may face more headwinds going forward in dealings in Russia and Belarus, particularly within the tech sector, and should monitor developments closely for additional restrictions imposed by the Biden administration and the EU.
The View From Washington
The Biden administration demonstrated a renewed focus on Russia in its first 100 days, and Executive Order No. 14024 represents the latest attempt to address Russia-related national security concerns.
In particular, the executive order's broad authorization of sanctions on any person operating in the Russian technology sector reflects concerns over Russian actors' malicious cyber activities, such as election interference and the SolarWinds Corp. hack.
The incident in Belarus led to swift international outcry and calls for multilateral sanctions. Although the EU and U.S. have not yet imposed sanctions, the expectation is that such sanctions will issue, and focus on members of the Lukashenko regime. Combined with General License H's stricter implementation of sanctions on major Belarusian companies, there could be indirect impacts on the growing software development industry in Belarus.
The president's recent executive order authorizes OFAC to designate persons on the List of Specially Designated Nationals and Blocked Persons, or SDN list, for involvement in certain activities deemed contrary to U.S. national security, including any person worldwide who is:
- Operating in the Russian technology sector;
- Operating in the Russian defense sector;
- Engaged in certain malign activities on behalf of the Russian government — i.e., malicious cyber activities, election interference, undermining of democratic processes, transnational corruption, assassination or infliction of bodily harm on U.S. nationals or nationals of U.S. allies, undermining of political stability or territorial integrity, or sanctions evasion;
- An official, senior officer or director of the Russian government or the parties described above;
- An agency, subdivision or instrumentality of the Russian government;
- A spouse or an adult child of designated individuals;
- Materially assisting the above activities or sanctioned persons;
- Owned or controlled by the Russian government, or any sanctioned person;
- A Russian person involved in providing assistance to sanctioned governments — e.g., Iran, Venezuela; or
- A Russian person involved in disrupting energy supplies to Europe, the Caucasus or Asia.
Pursuant to this, on April 15, OFAC designated 19 individuals and 25 entities on the SDN list. This included several entities determined to be operating in the technology sector, with OFAC citing their nexus to the Russian government and involvement in malicious cyber operations as the rationale.
Given OFAC's authority to designate persons operating in the Russian tech sector, Russian subsidiaries of U.S. software companies could face risk under the executive order.
Notably, the initial designations focused on entities with a nexus to the Russian government, e.g., state-owned or state-funded entities, or entities supplying goods and services to the Russian government.
Russian subsidiaries of U.S. companies that are solely involved in developing software for their U.S. parents may face less risk under the executive order. However, with respect to Russian subsidiaries that are more active in selling to customers, it may be prudent for U.S. parents to review their customer base and assess risks related to potentially sensitive customers.
The Biden administration has called for a thorough investigation of the May 23 incident, which U.S. Secretary of State Antony Blinken described as a "brazen and shocking act," and on May 24 and 25, the European Council held special meetings in response to Belarus' actions.
The council called for imposition of targeted sanctions without delay. As mentioned above, no sanctions have been imposed yet. When imposed, such sanctions could target the potash, oil and financial sectors, as well as Belarus' national air carrier, Belavia. Furthermore, the European Union has banned all Belarusian carriers from using its airspace or accessing airports, and encouraged EU-based carriers to avoid overflight of Belarus.
Additionally, General License 2H, issued on April 19, marked a significant shift in U.S. policy related to Belarus, signaling the end of years of authorization for dealings with certain sanctioned entities, and prompting U.S. persons to wind down all such dealings.
Since Oct. 30, 2015, OFAC had issued and renewed every six months a general license authorizing U.S. persons to engage in dealings with nine Belarusian SDN-list entities, including some of the largest companies in Belarus, historically designated for their role in potentially undermining the 2006 Belarus election or otherwise supporting the Lukashenko regime.
General License 2H broke from this approach, and required U.S. persons to wind down dealings with the specially designated nationals by June 3, 2021.
Importantly, since June 3, U.S. persons are not only be prohibited from dealing with the nine listed entities, but also with entities owned 50% or more in the aggregate by those entities. The nine specially designated nationals potentially have ownership interests in a broad swath of Belarusian companies and economic sectors.
Notably, Belarus' tech sector has grown in recent years, with more U.S. companies engaging contractors in Belarus for software development. U.S. companies should seek to confirm that their Belarusian counterparties are not specially designated nationals, or owned 50% or more by specially designated nationals, and terminate contracts as warranted.
In issuing General License 2H, the Biden Administration signaled it is getting tougher on the Lukashenko regime, and more sanctions might be forthcoming. Continued reliance on contractors in Belarus may become increasingly difficult, especially in the event that additional sanctions are imposed.
- U.S. companies must ensure their compliance programs effectively identify new specially designated nationals, as well as entities owned 50% or more by specially designated nationals to avoid dealings prohibited by sanctions.
- Sanctions risk related to Russia continues to escalate; companies looking to do business in Russia should conduct fulsome diligence on counterparties and obtain adequate contractual rights related to sanctions.
- U.S. companies with subsidiaries in Russia should consider whether those entities are engaged in any activity that elevates the risk of designation on the SDN list.
- The sanctions risk associated with Belarus is likely to increase from June 2021 with new sanctions imposed as a result of the May 23 incident and the end of the wind-down period under General License H, and companies should monitor how sanctions impact relationships with Belarusian counterparties.
Sanctions related to Russia and Belarus have already ramped up, and figure to ramp up further, during the Biden administration. These changes increase the risk of doing business in Russia and Belarus, including with the growing tech sectors in both countries. Companies should ensure their compliance programs adequately monitor the evolving sanctions and flag potential risks before transactions occur.