skip to main content

In the face of turmoil and uncertainty, the world's major financial institutions continue to choose our team to help them manage their business, litigation and reputational risks and thrive in the new economic and regulatory climate. To our clients we are much more than litigators - we are business partners who have a stake in their success.

President Trump Signs Sanctions Legislation Targeting Russia, North Korea and Iran, Creating New Compliance Risks for U.S. and Non-U.S. Companies

August 3, 2017 Download PDF

Legislation Expands Primary and Secondary Sanctions and Limits Presidential Discretion

On August 2, 2017, President Trump signed into law H.R. 3364, the “Countering America’s Adversaries Through Sanctions Act” (“CAATSA” or the “Act”). CAATSA—which was passed overwhelmingly by the Senate and House of Representatives on a broad bipartisan basis[1]—significantly expands certain U.S. sanctions targeting Russia. The law also restricts President Trump’s ability to lift certain sanctions unilaterally, by including a congressional review mechanism that will allow Congress to potentially block the President from relaxing measures targeting Russia.  CAATSA also adds sanctions targeting North Korea, largely incorporating an earlier House bill, the “Korean Interdictions and Modernization of Sanctions (“KIMS”) Act.”  Finally, CAATSA codifies certain non-nuclear sanctions in place against Iran.  Many of the law’s sanctions are secondary sanctions, meaning that non-U.S. entities that engage in certain activities—even if such activities do not involve U.S. persons or the United States—may themselves be sanctioned by the United States.

While a number of the sanctions included in CAATSA are referred to as “mandatory,” it remains to be seen how certain provisions are enforced by the Trump Administration. As an initial matter, many of these provisions require the President to sanction individuals or entities only after he determines that they have engaged in certain activities, thus allowing the President to theoretically refrain from enforcing these sanctions by withholding certain determinations. Additionally, in signing the Act, President Trump released two signing statements, in which he noted his “concerns to Congress about the many ways [the bill] improperly encroaches on Executive power, disadvantages American companies, and hurts the interests of our European allies,” and his view that the “bill remains seriously flawed,” because it “encroaches on the executive branch’s authority to negotiate” and because “the Congress included a number of clearly unconstitutional provisions.”  President Trump stated that he would implement the statute’s restrictions “in a manner consistent with the President’s constitutional authority to conduct foreign relations.” [2]

We describe below CAATSA’s most significant provisions, and outline considerations for U.S. and non-U.S. companies seeking to mitigate their risks under the new legislation.

Provisions Targeting Russia

Many of the provisions in CAATSA concern Russia. Perhaps most controversially, CAATSA gives Congress the ability to block the President from relaxing certain measures targeting Russia. CAATSA also codifies existing sanctions targeting Russia issued through Obama-era executive orders, and includes new mandatory and discretionary sanctions targeting key Russian industries such as oil and gas, railways, metals and mining.

We explain these measures in turn.

A. Congressional Review Procedure (Section 216)

CAATSA requires the President to go through a “congressional review procedure” in order to relax or lift certain Russia-related sanctions. Modeled after the Iran Nuclear Agreement Review Act of 2015,[3] which gave Congress a similar say on the finalization of the Iran nuclear deal, this procedure applies to a broad range of presidential “action[s]” that would relax sanctions against Russia.[4] Commenting on the review mechanism, House Foreign Affairs Committee Chairman Ed Royce (R-CA) stated:  “This strong oversight is necessary and appropriate.  After all, it is Congress that the Constitution empowers to regulate commerce with foreign nations.”[5]

CAATSA defines “action” broadly to include efforts to: (i) terminate sanctions; (ii) waive the application of sanctions to specific persons; or (iii) take “any licensing action that significantly alters United States’ foreign policy with regard to the Russian Federation.” However, CAATSA does exempt from the review process the “routine issuance of a license that does not significantly alter United States foreign policy with regard to the Russian Federation.”

Whenever the President proposes such an “action,” he must submit a report to Congress, which triggers a 30-day congressional review period during which the President is prohibited from implementing the proposed action. In the event that both houses of Congress pass a Joint Resolution of Disapproval of the President’s proposed action, and such a resolution is enacted (either by the President signing the Joint Resolution or by Congress overriding a Presidential veto), the President’s proposed action would be blocked.

B. Codification and Expansion of Russia-related Sanctions

CAATSA codifies certain sanctions imposed by President Obama through a number of executive orders in response to Russia’s activities in Ukraine[6] and its cyber activity.[7] Coupled with the congressional review procedure discussed above, the codification of these Obama-era sanctions will make it more difficult for President Trump to lift them unilaterally should he wish to do so.

In addition to codifying existing sanctions, CAATSA also expands certain existing sanctions authorities, and imposes new ones altogether—some of which are mandatory rather than discretionary. As noted above, however, the term “mandatory” is somewhat imprecise, as many “mandatory” provisions of CAATSA require the President to sanction persons that the President determines have engaged in certain activities, and the President enjoys leeway in whether to make such determinations.

As an initial matter, CAATSA expands the sectoral sanctions program, which applies certain restrictions on U.S. persons’ business activities with Russian persons operating in certain specified sectors named on the Sectoral Sanctions Identification (SSI) List. It does so by:

  • Authorizing (but not requiring) the Treasury Secretary to apply sectoral sanctions against a state-owned entity “operating in the railway or metals and mining sector of the economy of [Russia].”
  • Directing the Treasury Secretary to tighten SSI Directive 1, which restricts U.S. persons from transacting in, providing financing for, or otherwise dealing in new debt of longer than 30 days maturity or new equity for the benefit of specified entities operating in Russia’s financial sector. The amended directive will lower the applicable maturity limit for new debt from 30 days to 14 days.
  • Directing the Treasury Secretary to tighten Directive 2, which restricts U.S. persons from transacting in, providing financing for, or otherwise dealing in new debt for the benefit of specified entities operating in Russia’s energy sector. The amended directive will lower the applicable maturity limit for new debt from 90 days to 60 days.
  • Directing the Treasury Secretary to expand Directive 4, which restricts U.S. persons from the supply of certain goods and services (except for financial services) to certain types of Russian oil exploration and production projects involving specified Russian entities. The amended directive will prohibit the provision of goods or services (except for financial services) by U.S. persons in support of exploration or production for new deepwater, Arctic offshore, or shale projects anywhere in the world that (1) have the potential to produce oil; and (2) involve any person subject to the directive that has a controlling interesting or a substantial non-controlling (33 percent or greater) ownership interest in the relevant project.[8]

CAATSA also includes a series of new secondary sanctions measures targeting certain Russian persons and economic sectors, and also amends and makes mandatory certain preexisting discretionary secondary sanctions. The most significant measures include:

  • A plethora of new secondary sanctions, which direct the President (subject to certain waiver authority) to sanction any person he determines knowingly engaged in the following activities, whether or not connected to the United States:
    • significant activities undermining the cybersecurity of any person on behalf of the Russian government;
    • certain transactions with the Russian intelligence or defense sectors;
    • investing in or otherwise facilitating privatizations of Russia’s state-owned assets that unjustly benefits Russian officials or their close associates or family members;
    • facilitating deceptive or structured transactions for or on behalf of any persons on Russia-related sanctions lists or any child, spouse, parents or sibling of such persons;
    • being responsible for or complicit in “serious human rights abuses” in Russia, or materially assisting such a foreign person; or
    • exporting or otherwise providing significant financial material, or technological support that contributes materially to the government of Syria to acquire or develop chemical, biological or nuclear weapons or related technologies.
  • Amendments to make mandatory (subject to waiver authority) previously discretionary secondary sanctions included in two prior Russia-related sanctions laws (the Ukraine Freedom Support Act of 2014 and the Sovereignty, Integrity, Democracy, and Economic Stability of Ukraine Act of 2014). These measures include secondary sanctions targeting, among others:
    • entities that knowingly make a significant investment in, or provide financial support for, a Russian deepwater, Arctic offshore or shale oil project;
    • persons that facilitate a significant transaction on behalf of a Russian person designated on Treasury’s Specially Designated Nationals (SDN) List;
    • Russian officials that the President determines are responsible for or complicit in significant acts of corruption, whether in Russia or elsewhere.

The bill also a discretionary new sanctions provision, which authorizes the President—“in coordination with allies of the United States”—to impose secondary sanctions on persons that make significant investments in, or provide significant goods, services, technology, information or support to, certain Russian energy export pipelines. Although the final version of the bill did include the “coordination with allies” language quoted above, CAATSA also states that the United States will “continue to oppose” the NordStream 2 pipeline, which is planned to provide natural gas from Russia to a number of EU countries—“given its detrimental impact on the Europeans Union’s energy security, gas market development in Central and Eastern Europe, and energy reforms in Ukraine.”

Provisions Targeting North Korea

CAATSA significantly expands the scope of North Korea-related sanctions, including both the mandatory[9] and discretionary sanctions that were put in place by the 2016 North Korea Sanctions Policy Enhancement Act (“NKSPEA”).[10] CAATSA also requires the President to make a determination as to whether to designate certain specified entities for North Korea-related activity.

Expansion and enforcement of North Korea sanctions is a high priority for both Congress and the Trump Administration—one that has only been reinforced by the launch of multiple ballistic missiles by the Kim regime, as well as the recent death of U.S. citizen Otto Warmbier after prolonged detention in North Korean custody. A major focus of this effort is expanded secondary sanctions against non-U.S. entities and individuals that are deemed to support the Kim regime and key elements of the economy on which it relies.

Overall, CAATSA’s broad grant of new designation authorities allows for the possibility of sweeping sanctions targeting a broad swath of North Korea-related commercial activity. Recent events, as well as statements by Trump Administration officials, suggest that at least some of the newly authorized secondary sanctions are likely to be used. As Secretary of the Treasury Mnuchin recently stated:

The Department of the Treasury is committed to protecting the U.S. financial system from North Korean abuse and maximizing pressure on the Government of North Korea until it abandons its nuclear and ballistic missile programs.  While we will continue to seek international cooperation on North Korea, the United States is sending an emphatic message across the globe that we will not hesitate to take action against persons, companies, and financial institutions who enable this regime.[11]

We outline CAATSA’s most significant provisions regarding North Korea below.

A. Expansion of Mandatory and Discretionary Sanctions

CAATSA directs the imposition of secondary sanctions against any person that the President determines engaged in a wide range of conduct relating to North Korea, whether or not connected to the United States, including:

  • purchasing of precious metals from, or selling jet fuel to, North Korea;
  • providing certain kinds of support and services to vessels owned or controlled by the North Korean government; and
  • maintaining a correspondent banking account on behalf of any North Korean financial institution.

In terms of discretionary authorities, CAATSA authorizes (but does not require) new sanctions on certain activities, whether or not involving the United States, including:

  • conducting significant transactions in the North Korean transportation, mining, energy or financial services industries;
  • exceeding U.N. limits on coal purchases from North Korea;
  • purchasing significant amounts of food or textiles from North Korea;
  • acquiring fishing rights from North Korea;
  • facilitating a significant transfer of North Korean funds or property that materially contributes to the violation of a U.N. Security Council resolution, or to supporting an individual or entity designated by either the U.N. or the United States;
  • knowingly facilitating the operation of any branch, subsidiary or office of a North Korean financial institution; and
  • facilitating the exportation of workers from North Korea in a manner intended to generate significant revenue for the government of North Korea.

CAATSA also prohibits a U.S. financial institution from maintaining a correspondent account for a foreign financial institution that is used to indirectly provide financial services to any designated North Korean entity. In addition, the law includes shipping restrictions that prohibit the entry or operation in U.S. waters of any vessel owned or operated by North Korea, by a country that reflags North Korean ships, or by any country that the President has identified as not complying with certain U.N. Security Council resolutions against North Korea.

B. Required Reports on Designations and State Sponsor of Terrorism Status

The President is required to make a determination within 180 days on whether to sanction a number of entities or individuals linked to North Korea.[12] The President is also required to submit a report within 90 days that includes a determination on whether North Korea should be designated a state sponsor of terrorism. Additionally, the President must submit a report that identifies the operators of foreign seaports and airports that fail to implement or enforce North Korea-related shipping inspections or otherwise facilitate sanctionable conduct relating to North Korea.  Cargo emanating from a port identified in this report may be subject to increased customs inspections.  CAATSA also requires the creation of an annual report identifying any noncompliant governments engaging in arms deals with North Korea.

Provisions Targeting Iran

Despite the Trump Administration’s continued criticism of the Iran nuclear deal, CAATSA’s Iran-related provisions are intended to remain consistent with the United States’ obligations under the deal. From a compliance perspective, most of the Iran-related provisions are not new, but rather codify certain authorities already used in some form by the Treasury Department to target Iran outside the scope of the JCPOA.

CAATSA imposes mandatory sanctions on:

  • the Islamic Revolutionary Guard Corps (“IRGC”) and foreign persons that are officials, agents or affiliates of the IRGC;
  • persons who knowingly engage in any activity that materially contributes to the Iranian Government’s ballistic missile program or any other Iranian program for developing, deploying or maintaining weapons of mass destruction;
  • persons who materially contribute to the supply, sale or transfer of military equipment to or from Iran, including providing technical training, financial resources or assistance; and
  • persons involved in Iranian human rights abuses.

In contrast to its Russia provisions, on Iran, CAATSA provides presidential waiver authority in certain circumstances. CAATSA allows the President to waive any Iran-related sanctions required by CAATSA, on a case-by-case basis, for up to 180 days at a time, if the President determines and reports to Congress that it is vital to the national security interest of the United States to waive such sanctions.

Implications and Recommendations

While the Iran-related measures should not require major compliance attention beyond existing efforts by financial institutions or other companies subject to Iran-related sanctions risk, the same is not true for the new Russia and North Korea measures. Instead, CAATSA presents significant new compliance risks for both U.S. and non-U.S. companies conducting business with Russia. The law does the same for non-U.S. companies that may be doing business with North Korea.

In light of CAATSA, companies may want to consider the following:

1. For U.S. financial institutions and other U.S. entities doing business with Russia, careful review of their activities for exposure to new sectoral sanctions restrictions. The coming amendments to the sectoral sanctions program will present increased compliance challenges for U.S. companies providing financing or goods and services to designated Russian entities.  As noted above, SSI Directives 1 and 2 will further limit the provision of goods and services on credit from U.S. suppliers to designated Russian entities.  In addition, Directive 4 will soon cover deepwater, Artic offshore, and shale projects worldwide in which a Russian sanctioned person holds a 33% or greater ownership interest.  This will represent a significant expansion of Directive 4—which now only applies to projects in Russia or Russian waters—as well as an expansion of the typical ownership threshold required by OFAC’s 50% rule.  Given such compliance landmines, companies contemplating transactions implicated by the revised directives may want to consider increased precautions, including careful diligence on all stakeholders.

2. For non-U.S. financial institutions and non-U.S companies doing business with Russia, enhanced diligence to avoid the threat of expanded Russia-related secondary sanctions. This may be especially important for non-U.S. entities that wish to invest in, or provide significant goods or services to, Russian energy export pipeline projects—a potentially broad category that will likely be the subject of negotiations between the United States, the EU, and relevant EU countries.  There may also be particular compliance challenges for those non-U.S. entities that wish to participate in the privatization of Russia’s state-owned assets.

3. For non-U.S. financial institutions and non-U.S. companies conducting business with North Korea, careful review of relevant relationships. The broad scope of CAATSA’s expanded secondary sanctions authorities heightens the risk of forming or maintaining trade, financial, or other business relationships, directly or indirectly, with North Korea.  Non-U.S. financial institutions may want to review their customer activity and profiles for business that is vulnerable to either mandatory or discretionary sanctions.  U.S. financial institutions may want to review their correspondent banking relationships and conduct due diligence on foreign financial institutions in order to accurately assess risk and ensure that correspondent accounts are not being used for the benefit of any sanctioned entity or individual.  While most financial institutions were already conducting enhanced diligence related to North Korea—particularly in the wake of FinCEN’s 2016 finding that North Korea is a “jurisdiction of primary money laundering concern”—CAATSA serves as another wake-up call regarding the perils of conducting business with any nexus to North Korea.

4. For companies considering business with Iran, being alert to the heightened risk of a snapback of U.S. sanctions against Iran. While CAATSA’s Iran-related measures appear to be compliant with the JCPOA, they also may further ratchet up tension with Iran.  This tension—combined with statements from President Trump that the Iran deal may be on thin ice, as well as a steady stream of non-nuclear sanctions designations—heightens the risk that one or both sides could walk away from the JCPOA.  Companies contemplating Iran-related transactions may therefore want to consider (among other risks) the increased risk of a deterioration in U.S.-Iran relations that leads to a snapback of U.S. sanctions that were in place prior to the JCPOA.

The full text of CAATSA is available here. We will continue to monitor sanctions developments and look forward to providing you with further updates.


[1]       The Senate passed CAATSA by a vote of 98-2.  See U.S. Senate, “Vote Summary for Roll Call 175,” available here.  The House passed CAATSA by a vote of 419-3.  Speaker of the House Paul Ryan called CAATSA “one of the most expansive sanctions packages in history.”

[2]       Statement by President Donald J. Trump on the Signing of H.R. 3364; Statement by President Donald J. Trump on Signing the “Countering America’s Adversaries Through Sanctions Act” (Aug. 2, 2017), available here and here.  One of the signing statements concludes:  “My Administration will give careful and respectful consideration to the preferences expressed by the Congress in these various provisions and will implement them in a manner consistent with the President’s constitutional authority to conduct foreign relations.  Finally, my Administration particularly expects the Congress to refrain from using this flawed bill to hinder our important work with European allies to resolve the conflict in Ukraine, and from using it to hinder our efforts to address any unintended consequences it may have for American businesses, our friends, or our allies.”

[3]      The full text of the Iran Nuclear Agreement Review Act of 2015 is available here.

[4]      Section 216(a)(2).  Separately, CAATSA also requires the President to prepare and submit reports to Congress on the following topics:  senior political figures, oligarchs and parastatal entities of the Russian Federation (Section 241); the effects of expanding sanctions to include sovereign debt and derivative products (Section 242); illicit financing relating to the Russian Federation (Section 243); media organizations controlled and funded by the Russian Government (Section 255); and Russian influence on elections in Europe and Eurasia (Section 256).

[5]       House Foreign Affairs Committee, Press Release, “House Votes to Sanction Iran, Russia, and North Korea,” (July 25, 2017), available here.

[6]      These include:  Executive Order 13660, Executive Order 13661, Executive Order 13662, and Executive Order 13685.

[7]     See Executive Order 13694 relating to blocking the property of certain persons engaging in significant malicious cyber-enabled activities; and Executive Order 13757 relating to taking additional steps to address the national emergency with respect to significant malicious cyber-enabled activities.

[8]     These changes will take effect 60 days after OFAC issues the relevant amendments to Directives 1 and 2, and 90 days after OFAC issues the relevant amendment to Directive 4.

[9]      As noted above in the Russia context, the President retains a significant amount of discretion to enforce certain “mandatory” sanctions.

[10]       See North Korea Sanctions and Policy Enhancement Act of 2016, Pub. L. No. 114-122 (2016).

[11]      U.S. Dep’t of the Treasury, “Treasury Acts to Increase Economic Pressure on North Korea and to Protect the U.S. Financial System” (announcing FinCEN 311 action against China-based Bank of Dandong) (June 29, 2017), available here.

[12]     Section 311(d) (listing The Korea Shipowners’ Protection Indemnity Association; Chinpo Shipping Company; The Central Bank of the Democratic People’s Republic of Korea; Kumgang Economic Development Corporation; Sam Pa, also known as Xu Jinghua; and The Chamber of Commerce of the Democratic People’s Republic of Korea).

© 2024 Paul, Weiss, Rifkind, Wharton & Garrison LLP

Privacy Policy