CYPRUS FIDUCIARY ASSOCIATION Seminar on Risk Assessment, Sanctions - PowerPoint PPT Presentation

Application of Risk Based Approach – Service risk Low Risk (a) Life insurance policies where premiums are low (b) Pension insurance contracts, not providing early redemption option and the contract can not be used as a guarantee (c) Pension or similar schemes offering retirement benefits to employees, where contributions are paid by deduction from wages and the transfer of members' interest is prohibited (d) Financial products or services that provide appropriately defined and limited services to certain types of clients, for financial inclusion purposes (e) Products where the risks of money laundering and financing of terrorism are limited by other factors, such as the amount of money or ownership transparency , such as certain types of electronic money High Risk (a) Private banking (b) Products or transactions that may favour anonymity (c) Non face to face business relationships or transactions, without the physical presence of the parties, without certain safeguards such as electronic signatures (d) Payments received from unknown or unrelated third parties (e) New products & business practices , including new delivery mechanisms, as well as the use of new or emerging technologies for both new and pre-existing products www.cfa.org.cy 31

Application of Risk Based Approach – Service risk Service risk factors to consider: • Provision of services which may be misused to obscure ownership or real economic purpose • Director services, Trustee services Vs Book keeping, Secretarial services • Services where ASPs may represent the client’s standing, reputation and credibility to third parties, without a sound knowledge of the client’s affairs. • Transactions using unusual means of payment (e.g. precious metals or stones). • Frequent capital contributions without legitimate reason • Abnormal POAs (e.g General, without expiration, irrevocable) • Transactions involving closely connected persons and for which the client provides inconsistent or irrational explanations www.cfa.org.cy 32

Application of Risk Based Approach – Service risk Service risk factors to consider: • Existence of suspicion of fraudulent transactions, or improperly accounted for. These might include: i. Over and under invoicing of goods/services. ii. Multiple invoicing of the same goods/services. iii. Falsely described goods/services – over and under shipments (e.g. false entries on bills of lading). iv. Multiple trading of goods/services • Attempts by settlor, trustee or BO to enter into fraudulent transactions or transactions to fraudulently evade tax www.cfa.org.cy 33

Application of Risk Based Approach Geographical www.cfa.org.cy 34

Application of Risk Based Approach – Geographical risk Low Risk (a) Member States of the European Union (b) 3 rd countries with effective AML/CTF systems (c) 3 rd countries which are recognized by reliable sources having low-level in bribery or other criminal activities (d) 3 rd countries which effectively apply regulations for the prevention of ML/TF accordingly to FATF recommendations according to reliable sources (i.e mutual evaluations, detailed report assessments) High Risk (a) Countries with lack of effective systems preventing ML/TF according to reliable sources (i.e mutual evaluations, detailed report assessments) (b) Countries with high levels of bribery or other criminal activities. (c) Countries subject to sanctions, trade barriers or similar measures imposed by the EU or UN or any other body. (d) Countries providing funding or support to terrorist activities or in their territory act terrorist organizations www.cfa.org.cy 35

Application of Risk Based Approach – Geographical risk Geographical risks to consider: • Countries identified by credible sources to provide funding or support for terrorist activities or have terrorist organisations operating within them. • Countries identified by credible sources as having significant levels of organised crime, corruption, or other criminal activity, including illegal drugs, human trafficking and smuggling and illegal gambling. • Countries subject to sanctions, embargoes or similar measures issued by international organisations such as the UN • Countries identified by credible sources as having weak governance, law enforcement, and regulatory regimes, including countries identified by FATF statements as having weak AML/CFT regimes • Countries identified by credible sources to be uncooperative in providing beneficial ownership information • Countries that permit the use of bearer shares, thereby allowing beneficial ownerships to be obscured. www.cfa.org.cy 36

Application of Risk Based Approach – Geographical risk Geographical risk factors may be assessed (amongst others) with respect to the following client connections: • Origin, or current location of, the source of funds • Country of incorporation or establishment of the trustee of the trust or entity or other legal arrangement • Location of the major operations or assets • Origin of main associates or other links of the client • Country in which any of the following is a citizen, resident or tax resident: i) Settlor, ii) Beneficiary, iii) Protector iv) Other natural person exercising effective control over the trust v) Any beneficial owner or natural person exercising effective control over the company or other legal entity. www.cfa.org.cy 37

Application of Risk Based Approach Delivery Channels www.cfa.org.cy 38

Application of Risk Based Approach – Delivery channels • Delivery channels of the provided services, influence the ML/TF risk. The identity and credibility of a client may be more difficult to assess depending on the means of providing the services. • Firms should take into consideration the risks posed by a given delivery channel when performing their Client Risk Assessment. Where higher risk levels are identified, firms should establish mitigating controls. www.cfa.org.cy 39

Application of Risk Based Approach If you do not document it…. it never happened!!! www.cfa.org.cy 40

Other Key factors a) PEP b) High Risk Countries c) Other High Risk Clients www.cfa.org.cy 41

Other Key factors - PEPs www.cfa.org.cy 42

Other Key factors a) Politically Exposed Persons (PEPs) Politically Exposed Persons means a natural person who is or who has been entrusted with prominent public functions and includes the following: a) Heads of State, heads of government, ministers and deputy or assistant ministers b) Members of parliament or of similar legislative bodies c) Members of the governing bodies of political parties d) Members of supreme courts, of constitutional courts or of other high-level judicial bodies, the decisions of which are not subject to further appeal, except in exceptional circumstances e) Members of courts of auditors or of the boards of central banks f) Ambassadors, charges d’affaires and high-ranking officers in the armed and security forces www.cfa.org.cy 43

Other Key factors g) Members of the administrative, management or supervisory bodies of State- owned enterprises h) Directors, deputy directors and members of the board or equivalent function of an international organization i) Μayors The definition is extended to include specific categories identified as PEP’s. • Immediate family members (the spouse, any partner considered as equivalent to the spouse, the children and their spouses or partners, the parents) • Close associates (any natural person who is known to have joint beneficial ownership of legal entities or legal arrangements, or any other close business relations a PEP or who is known to be connected with a PEP in any other close business relationship, any natural person who has sole beneficial ownership pf a legal entity (e.g. a company) or legal arrangement (e.g. a trust) which is known to have been set up de facto for the benefit of a PEP) . www.cfa.org.cy 44

Other Key factors Additionally, a 12-month period is set as a minimum time to take into consideration when assessing whether a person no longer poses a risk associated to politically exposed persons (Article 64(1)(γ)(ii) of the Law). Of course, this does not mean that a person ceases to be considered as a PEP if a 12-month period passed from holding his/her PEP position. This is at the discretion of the Compliance Officer of each firm as to whether that person will continue to be considered as PEP. In cases where the BO of a client is a PEP or where a PEP exercises control over the client, firms should by default treat the client as high risk from a ML/TF perspective. In such cases, Enhanced Due Diligence measures should apply. www.cfa.org.cy 45

Other Key factors – High risk countries www.cfa.org.cy 46

Other Key factors b) High Risk Countries • EU Commission adopted a list of 15 third countries that present strategic deficiencies in their AML and CTF frameworks and categorised as high risk in accordance with the risk assessment foreseen by section 58A of our AML Law • FATF – Public Statements (High risk countries) • Sanctions – EU, UN & US list www.cfa.org.cy 47

Other Key factors c) Other High Risk clients Depending on the classification derived following the risk assessment www.cfa.org.cy 48

Due Diligence 19 April www.cfa.org.cy 49

Due Diligence • Firms need to set out specific requirements for gathering KYC information and documentation enabling them to asses the risk. • High risk  Enhanced Due Diligence (EDD) www.cfa.org.cy 50

Due Diligence www.cfa.org.cy 51

Due Diligence a) Enhanced Due Diligence (EDD)  EDD should be performed for higher risk categories of clients, business relationships or transactions.  EDD procedures must be customised according to areas that pose higher risk. www.cfa.org.cy 52

Due Diligence Enhanced Due Diligence (EDD) measures may include: i. Escalated awareness of firm’s employees regarding the business relationship with the client - including enhanced briefing of client teams. ii. Increase of the approval process regarding the establishment of a business engagement (CEO or Managing Director) iii. Obtaining additional information on UBO, Settlor, trustee, person exercising control, other (e.g occupation, overall wealth, information available through public databases, internet) and more frequent update iv. Obtain more detailed info on reasons for intended or performed transactions carried out by the client as well as the nature of the business relationship v. Obtaining more detailed info and documentation on the source of funds or source of wealth of the settlor or BO vi. Corroborate to have a more thorough risk profile vii. Increasing the frequency and intensity of transaction monitoring www.cfa.org.cy 53

Due Diligence www.cfa.org.cy 54

Due Diligence Examples of customization of procedures: High risk area on client profile EDD measures to mitigate risk Non-face to face More identity verification or video call PEP Additional details and supporting documentation on source and size of wealth High net worth client Additional details and supporting documentation on source and size of wealth Business relationship with high risk 3 rd Deeper and sophisticated transaction countries monitoring www.cfa.org.cy 55

Due Diligence www.cfa.org.cy 56

Due Diligence b) Simplified Due Diligence (SDD) SDD measures may be applied in exceptional cases , considered on a case by case basis, ensuring that the business relationship or transaction presents a low risk for ML/TF. In the case of SDD, certain adjustments can be made to reflect the low risk assessment, such as: - the source of information obtained for identification/verification scope - the timing of implementation of client due diligence procedures - the frequency of planned client due diligence updates - the frequency & level of transaction monitoring SDD should NOT be applied in all Low risk clients! Under no circumstances a client transaction monitoring stops! www.cfa.org.cy 57

Other applications of Risk Based Approach RISK BASED APPROACH www.cfa.org.cy 58

Other applications of Risk Based Approach Other applications of RBA a) Staff training procedures b)Staffing requirements c) Use of technology d)Compliance department resources, systems and human capital Proportionality principle should be in mind! www.cfa.org.cy 59

Due Diligence Outline of approach: a) KYC on client identifying true owners, source and size of wealth and other b) Understand the nature of work c) Understand the commercial rationale of work d) Risk grade the client e) Obtain further documentation/information if needed (EDD) f) Be attentive to red flags g) Document your work! www.cfa.org.cy 60

30 minutes break www.cfa.org.cy 61

Restrictive measures www.cfa.org.cy 62

Restrictive measures – Cy Law Cyprus Legislation United Nations Security Council's Resolutions and Decisions (Sanctions) and Decisions and Regulations of the Council of the European Union (Restrictive Measures) Act of 2016 (58 (I) / 2016) Article 4 (1) of the above mentioned Law, provides for the following penalties in case that any person contravenes any of the provisions of the Resolutions / Decisions / Regulations of the Security Council and/or the Council of the European Union: (a) natural person , imprisonment up to 2 years or fine up to EUR 100K or both, (b) legal person , a fine not exceeding EUR 300K The prosecution of any person may take place only upon the approval of the Attorney General of the Republic www.cfa.org.cy 63

Restrictive measures - EU www.cfa.org.cy 64

Restrictive measures - EU Restrictive measures compliance is a live issue among the competent authorities (June 2018) –circulars by CBC, CySEC, CBA and ICPAC A. EU restrictive measures on Ukraine crisis B. EU restrictive measures on Iran (including EU Response – Blocking regulation) www.cfa.org.cy 65

Restrictive measures - EU • EU restrictive measures are Cyprus Sanctions • EU restrictive measures map – www.sanctions.eu • The Council of Ministers on Feb 2016 established in Cyprus the Unit for the Implementation of restrictive measures/sanctions in the Financial Sector which examines licensing (etc) requests within the financial sector and it is chaired by the Head of Directorate of Administration and Finance (Mr Kyriakos Kakouris) www.cfa.org.cy 66

Restrictive measures - EU www.cfa.org.cy 67

Restrictive measures - EU A. EU restrictive measures on Ukraine crisis Overview : a) Arms embargo and ban on supply of “dual use of goods” b) Restrictions on “designated persons” i. Freezing of “funds” and economic resources” ii. Prohibition on “making funds available” iii. Visa restrictions and travel bans c) Sectoral restrictions d) Blacklisting of Crimea and Sevastopol business Note : Significant ambiguities exist in the terminology and the risk of misinterpretation is high therefore ALWAYS you should advise Compliance Officer/Legal expert for several issues. www.cfa.org.cy 68

Restrictive measures - EU Council Regulations (EU): a) Council Regulation (EU) 208/2014 dated 5 March 2014 – after the events at Maidan b) Council Regulation (EU) 269/2014 dated 17 March 2014 listing pro-secessionist politicians in Crimea, Donbas and Russia as well as high profile Russian businessmen - after the events at Crimea and Sevastopol c) Council Regulation (EU) 692/2014 dated 23 June 2014 provides the prohibition on Crimea imports or exports - after the events at Crimea and Sevastopol www.cfa.org.cy 69

Restrictive measures - EU d) Council Regulation (EU) 833/2014 dated 31 July 2014 (reinforced on 8 Sep and 4 Dec 2014) - after the events of Luhansk and Donetsk: • state-owned credit institutions , oil & gas firms , military and aviation companies - after the events in Crimea & Sevastopol • restrictions on access to capital and lending • restrictions on oil exploration EU Renews sanctions every 6 months – last renewed Jan 2019 www.cfa.org.cy 70

Restrictive measures - EU Focus on Council Regulation (EU) 833/2014 dated 31 July 2014 (reinforced on 8 Sep and 4 Dec 2014) 1. Prohibited to directly or indirectly purchase, sell, provide investment services for or assistance in the issuance of, or otherwise deal with transferable securities and money-market instruments, issued after 1 August 2014 by: a)SBERBANK b)VTB BANK c)GAZPROMBANK d)VNESHECONOMBANK (VEB) and e)ROSSELKHOZBANK f)All direct or indirect subs (>50%) of entities mentioned (a)-(e) g)any legal person, entity or body acting on behalf , or at the direction, of an entity within the categories (a)-(f) www.cfa.org.cy 71

Restrictive measures - EU No prob to trade shares in the secondary market issued prior to July 2014 and assuming that they are not part of a buyback and reissue schemes www.cfa.org.cy 72

Restrictive measures - EU 2. It shall be prohibited to directly or indirectly purchase, sell, provide investment services for or assistance in the issuance of, or otherwise deal with transferable securities and money-market instruments issued after 1 August 2014 by: a)ROSNEFT b)TRANSNEFT c)GAZPROM NEFT d)OPK OBORONPROM UNITED e)AIRCRAFT CORPORATION f)URALVAGONZAVOD g)All direct or indirect subs (>50%) of entities mentioned (a)-(f) h)any legal person, entity or body acting on behalf , or at the direction, of an entity within the categories (a)-(g) www.cfa.org.cy 73

Restrictive measures - EU 3. It shall be prohibited to directly or indirectly make or be part of any arrangement to make new loans or credit to any legal person, entity or body referred above, after 1 August 2014 with some exceptions 4. No claims valid in connection with any contract or transaction if they are made with any of the entities referred to in points 1, 2 and 3 above. www.cfa.org.cy 74

Restrictive measures - EU EU issued on 4 May 2018 Best practices guide on implementation of Restrictive measures Outline various criteria whereby Ownership and Control may be assessed. Note A natural person may have control over a company without owning 50%+ voting shares www.cfa.org.cy 75

Restrictive measures - EU www.cfa.org.cy 76

Restrictive measures - EU B. EU restrictive measures on Iran 2015 to present: Restrictive measures reduced following the Joint Comprehensive Plan of Action (JCPOA) August 2018: EU Blocking statute on US snapback – EU officials amended “blocking” regulation designed to shield European firms from the effect of U.S. sanctions. Blocking statute was originally deployed during 1996 re. Cuba Now includes Iran Key questions unaddressed e.g. how the rule would work in practice (especially in case of secondary sanctions) There are two EU restrictive measures regimes: -Human rights abuses: Council Regulation (EU) 359/2011 -NPT breaches: Council Regulations (EU) 267/2012 www.cfa.org.cy 77

Restrictive measures - EU JCPOA • Restrictions on financial transfers removed • Removal of 34 individuals and 298 entities from asset freeze • Banking activities between Iran and the EU permissible • Iran rep offices, branches or subsidiaries by EU institutions possible • Provision of insurance and reinsurance to non-listed entities allowed • Supply of financial messaging services (SWIFT) enabled • Purchase of crude oil, petroleum and petrochemical products allowed • Investment & dealings with shipping, aviation and transport liberalised • Tx in public and public-guaranteed bonds with Iranian non-listed entities permitted www.cfa.org.cy 78

Restrictive measures - EU Overall: • Restrictive measures are here to stay • Restrictive measures are becoming more complex • Criminal offences possible, penalties can be high • Navigating restrictive measures compliance is therefore fundamental www.cfa.org.cy 79

Sanctions – UN www.cfa.org.cy 80

Sanctions – UN UN Sanctions -> Security Council has authority to issue sanctions • UN member states must comply • Cyprus is part of UN • China, France, Russia, UK and US  UNSC Permanent Members • P5 are veto holders: relevant to Russian and Syrian sanctions • UNSC Committees: notifications on licences and panel of experts report on developments www.cfa.org.cy 81

Sanctions - US www.cfa.org.cy 82

Sanctions - US A. US Sanctions on Russia for Ukraine crisis B. US Sanctions on Iran US left the JCPOA in November 2018 www.cfa.org.cy 83

Sanctions - US A. US Sanctions on Russia for Ukraine crisis Types of US sanctions: 1.“Blocking” sanctions freeze assets of designated persons (Special Designated Nationals – SDN) 2.Sectoral Sanctions restrict access to US capital markets by designated persons in Russia’s finance, defence and energy sectors – similar with EU (Sectoral Sanctions Identifications – SSI) 3.“Secondary” sanctions target certain activities of non-US persons with or for the benefit of US-sanctioned persons and others www.cfa.org.cy 84

Sanctions - US 1. “Blocking” sanctions Earlier designations (before 6 April 2018) • Executive Order 13660 (Ukraine-focused sanctions): Persons contributing to the instability of Eastern Ukraine • Executive Order 13661 (Russia-focused sanctions): Russian governmental officials, businessmen and companies with close ties to the Russia government • Executive Order 13685 (Crimea Embargo ): Investments in Crimea www.cfa.org.cy 85

Sanctions - US April 2018 the OFAC added the following individuals and entities on SDN i) 7 Russian individuals and 12 Entities under their direct and indirect control: a.Oleg Deripaska  GAZ Group (23 October 2018)  B-Finance Ltd (5 June 2018)  Basic Element Ltd (5 June 2018)  Russian Machines (5 June 2018)  Agroholding “Kuban” (5 June 2018) b.Igor Rotenberg  Gazprom Burenie (5 June 2018)  NPV Engineering (5 June 2018) c.Suleiman Kerimov d.Andrey Skoch e.Viktor Vekselberg (Renova Group - 5 June 2018) f.Kirill Shamalov (Ladoga Management - 5 June 2018) g.Vladimir Bogdanov www.cfa.org.cy 86

Sanctions - US ii) 17 Russian state officials and managers of state-owned entities iii) 2 state-owned entities  Rosoboronexport and  Russian Financial Corporation Bank www.cfa.org.cy 87

Sanctions - US Russia – Sectoral sanctions • Directive 1 prohibits US person transactions in new debt or new equity of designated Russian banks or subsidiaries • Directive 2 prohibits US person transactions in new debt of designated Russian oil companies or subsidiaries • Directive 3 prohibits US person transactions in new debt of designated Russian defence companies or subsidiaries • Directive 4 prohibits US persons from providing goods, non-financial services or technology in support of exploration or production for deepwater, Arctic offshore or shale projects that:  Have the potential to produce oil in Russia or its territorial waters and involve a designated Russian energy company; or  If initiated after 29 January 2018, have the potential to produce oil anywhere if a designated entity holds at least a 33% interest www.cfa.org.cy 88

Sanctions - US Russia – “Secondary” sanctions • Secondary sanctions seek to deter non-US persons from engaging in targeted Russia-related activities • Blocking sanctions (SDN designation) may be imposed on a non-US person for engaging in any of the following activities:  Knowingly violating or causing a violation of US sanctions against Russia (Section 228 of CAATSA)  Facilitating a “ significant ” transaction for a sanctioned Russian person or his or her close relatives (Section 228)  Committing serious human rights abuses in Russia (Section 228)  Being responsible for or “materially” assisting in acts of “significant corruption” in Russia (Section 227) www.cfa.org.cy 89

Sanctions - US • OFAC determines whether a transaction is “ significant” for the purpose of Section 228 of CAATSA based on 7 parameters: o the size, number and frequency of the transaction(s) o the nature of the transaction(s) o The level of awareness of management and whether the transaction(s) are part of a pattern of conduct o The nexus between the transaction(s) and a blocked person o The impact of the transaction(s) on statutory objectives o Whether the transaction(s) involve deceptive practices o Such other factors that the Secretary of the Treasure deems relevant on a case-by-case basis If a US person requires specific license, transaction is considered “significant” Transactions with SSI entity are not “significant” unless “deceptive” www.cfa.org.cy 90

Sanctions - US “Secondary sanctions” can reach non–US companies - Global Reach of US sanctions BE AWARE - companies engaging in certain activities may become sanctions targets although no one sanctioned yet under these secondary sanctions authorities. Cyprus is keen to foster positive relations with the US – especially after the visit of US Treasure Assistant Secretary for TF (Q2-2018) www.cfa.org.cy 91

Sanctions – US - Developments Developments:  Lifted sanctions from En+, Rusal and EuroSibEnergo (Unprecedented!) - Congress expected to make “life difficult”  Putin list was established on January 2018  New targets from “Putin list” were expected in q1 2019  Congress is expected to increase pressure on Trump administration re. new targets since they are overdue  Defending American Security from Kremlin Aggression Act ( DASKA ) & Defending Elections from Threats by Establishing Redlines Act ( DETER ) pending in Congress www.cfa.org.cy 92

Sanctions - US - Developments Defending American Security from Kremlin Aggression Act ( DASKA ) (Senator Lindsey Graham) • Financial Institutions - SDNs or Correspondent banking restrictions on 1 or more of: a) Sperbank d) VEB g) Promsvyazbank b) VTB e) Bank of Moscow c) Gazprombank f) Rosselkhozbank • Oligarchs & Senior Political figures “Putin list” – SDNs • 5 or more “Menu sanctions” on : a) Persons investing in energy projects outside Russia (>250 mil) supported by SOE b) Persons providing services, goods, tech or support to new crude oil production projects in Russia >1m USD per Tx or >5m USD per 12 months c) Anyone engaged in significant Tx with parties that have the capacity to support cyber activities • New reports – Revised “Putin list”, New sanctions every 90 days, Report on Putin personal assets & Net worth, Report on Russia’s war crimes in Syria • Russian sovereign debt restrictions & Real estate reporting on large Tx www.cfa.org.cy 93

Sanctions – US - Developments Defending Elections from Threats by Establishing Redlines Act ( DETER ) (Senators Marco Rubio & Chris Van Hollen) • Financial Institutions - SDNs or Correspondent banking restrictions on 3 or more of: a) Sperbank d) VEB b) VTB e) Bank of Moscow c) Gazprombank f) Rosselkhozbank • Energy companies – SDNs on 2 or more of: a) Gazprom b) Rosneft c) Lukoil • Oligarchs & Senior Political figures “Putin list”, Defense & Intelligence sector – SDNs • Russian SOEs (>25% interest by Russian Gov) SDNs in the following fields: a) Railway b) Metals & Mining c) Aerospace d) Air carriers • Any new >20% acquisitions by Russian SOEs - SDNs • Russian sovereign debt restrictions www.cfa.org.cy 94

Sanctions – Iran www.cfa.org.cy 95

Sanctions – Iran B. US Sanctions on Iran Iran – JCPOA Effect on US Sanctions Refresher a) Primary sanctions (“Trade embargo”) – Many entities removed US companies and individuals must not deal directly or indirectly with:  Government of Iran and its controlled entities  Goods and services of Iranian origin  Goods and services for export to Iran  SDNs of Iran (human rights, missile tech)  Re-exports of US-origin items to Iran are prohibited b) Primary sanctions affecting non-US subsidiaries – Introduction of General License H - They apply to persons “owned or controlled” by a US person c) Secondary sanctions – Mostly suspended  Restrict non- US companies from undertaking certain trading activities with Iran  Imposition of secondary sanctions may lead to restrictions on access to US Financial system, disqualification from US government contracts and blocking of company property www.cfa.org.cy 96

Sanctions – Iran  On 8 May 2018, the US government announced the full reinstatement within 6 months of the sanctions waived under the JCPOA.  Non-US companies owned or controlled by US companies will no longer be able to trade with Iran  OFAC Recently replaced General License H with an updated license authorising wind- down of existing activities until 4 November 2018  Little effect on US-Iran trade, which was already mostly prohibited.  Iran-related SEC reporting obligations remain in place  Secondary sanctions targeting activities by non-US persons with or involving Iran will be reinstated, following a wind-down period. www.cfa.org.cy 97

Sanctions – Iran Some secondary sanctions became fully effective 6 August 2018 • Supply of certain goods, services and software to Iran (i.e. coal, graphite, certain metals, software for integrating industrial processes, goods and services to Iran’s automotive sector) • Trade with Iran in golds and precious metals • Certain financial transactions involving Iran (i.e. sale or supply of US dollar banknotes to Iranian government, purchase or sale of Iranian rials, purchase of subscription to or facilitation of issuance of Iranian sovereign debt) On 4 November 2018 other secondary sanctions fully effective: • “Significant” dealings with the government of Iran and entities that it controls • Certain transactions with Iran’s port operators, shipping and shipbuilding sectors • Certain transactions involving petroleum or Iran’s energy sector (including i.e. purchase or transport of petroleum products, petrochemicals from Iran - sale of refined petroleum to Iran - certain investments in Iran’s energy sector - Insurance, reinsurance and underwriting services related to the Iranian petroleum sector and certain other activities • Transactions with the Central Bank of Iran and Iranian Financial Institutions (i.e. significant transactions by FFIs, provision of financial messaging services) Iranian FI and government-owned entities will be moved to the SDN list and tagged as “ Subject to Secondary Sanctions ” www.cfa.org.cy 98

Sanctions – Iran Impact for Non-US Companies a) Waivers provided by JCPOA will not be recognised after relevant wind-down period b) Non-US banks risk losing US correspondent banking privileges if they continue to support non-US companies’ dealings with Iran c) International energy companies and oil importers, including Sinopec and Total, have ongoing dealings with Iranian energy industry which could give rise to secondary sanctions risks d) Iran-related reporting to the SEC by affiliates with US-listed securities may present greater risks www.cfa.org.cy 99

Sanctions – Iran US sanctions on DPRK: • 31 Jan 19 - OFAC fined 1m USD E.l.f. Beauty (cosmetics company) for violations • Eyelashes made in China, with help from Korea…! • Significant new development since we may see something similar in Iran or Russian sanctions www.cfa.org.cy 100