News

Russian sanctions-evasion schemes connected to the Baltics continue to grow in complexity and sophistication, officials told an industry event in Latvia on Wednesday.

Since the Kremlin-ordered, full-scale invasion of Ukraine began in February 2022 and triggered an unprecedented economic embargo from the West, Baltic officials have observed a rise in exports to Kazakhstan, Azerbaijan, other ex-Soviet states, and Turkey and China, prompting concerns that those countries have given Russia a backdoor to global markets.

Speaking at the ACAMS Baltics Symposium in Riga on Wednesday, Laura Aus, deputy head of Estonia’s Financial Intelligence Unit, said that Russia-related sanctions evasion still disproportionately consists of routing shipments of prohibited goods through buyers in Central Asia.

But companies seeking to evade the EU’s commercial and financial restrictions against Russia now increasingly hide the final destination of their cargo behind progressively more complex “levels” of legal entities in multiple jurisdictions, including in Europe.

“There are now not only three, but up to five levels, six or even seven,” said Aus. “Banks may think that if a company is established in Europe there is no high risk.”

More than 400 compliance officers polled at the conference in Riga on Wednesday identified manufactured goods as the most frequent target of Russian sanctions-evasion schemes, followed by commodities, financial services, and legal and other professional services.

Paulis Iljenkovs, deputy head of the Financial Intelligence Unit of Latvia, said that most of the more than 500 suspicious transaction reports, or STRs, his agency received on possible attempts to evade sanctions last year flagged shipments of luxury goods.

Latvian customs authorities meanwhile blocked more than 2,000 shipments destined for Russia and Belarus based on information from STRs and other sources, Iljenkovs said.

“Our biggest vulnerability is our geographical location,” Iljenkovs said. “We haven’t seen cases involving dual-use goods—that is happening through financial institutions in other countries, and unfortunately sometimes through other EU jurisdictions.”

Estonian, Latvian and Lithuanian firms that previously traded and transacted directly with Russian parties largely ceased doing so after the full-scale invasion of Ukraine began, though banks in the Baltics observed a commensurate uptick in payments to those companies from new partners in the United Arab Emirates, Serbia and other jurisdictions.

Echoing Aus, the Estonian official, a local compliance officer told moneylaundering.com that the relatively basic due diligence his bank conducted on its clients’ new counterparties during the early months of the invasion often led to the discovery of Russian owners and directors, but no longer suffice.

“Now there are more layers,” the compliance officer said.

Supervision

The Bank of Lithuania, which supervises more than 270 electronic money institutions and other fintechs, has ramped up enforcement over the past two years against companies caught flouting anti-money laundering rules, including by revoking licenses in the worst cases.

Denas Gadeikis, head of supervision for payments and EMIs at the Bank of Lithuania, told the audience in Riga on Wednesday that common shortcomings include poor governance and risk management, and above all else, a lack of experienced compliance officers.

“Because these institutions usually are startups, they … try to rely on their IT systems,” Gadeikis said. “The lesson learned is that you still need people who have expert judgement to properly onboard and [vet] customers, and knowledge of how to monitor transactions.”

In response to a poll question, the audience of more than 400 compliance officers also identified a “lack of adequate resources” as their greatest concern, followed by sanctions evasion, rising fraud, and cybersecurity-related threats posed by hackers and ransomware.

Kristine Cernaja Mezmale, a board member at the Bank of Latvia, confirmed that poor internal governance and auditing plagues the country’s financial services industry and often leads to anti-money laundering violations.

“Also, we see quite often that institutions are collecting thousands of pages of KYC [know-your-customer] documents, but they are lacking the ability to draw proper conclusions from all the documents,” Cernaja Mezmale said. “We would encourage firms to really look at the substance of the transactions.”

Regulators also discussed efforts to hire new staff and otherwise prepare for the EU’s markets in crypto-assets regulation, or MiCA. The regulation, which enters into force in December, will subject virtual asset service providers, also known as VASPs, to rules designed to ensure financial stability, prevent market abuse and safeguard investors.

Lithuania, which allows VASPs to open for business shortly after registering as exchanges or custodial wallet providers and meeting other basic requirements, now hosts more than 500 such platforms, many of which relocated from Estonia following a regulatory crackdown.

Gadeikis, the Lithuanian regulator, described roughly half of the cryptocurrency platforms now domiciled in his country as “empty shells” unlikely to pass muster with the Bank of Lithuania and obtain a MiCA license, which entails far more scrutiny than simply registering.

But the steep learning curve highlighted Wednesday applies to more than VASPs.

“Regulators are rather on the conservative side [in how they view the cryptocurrency sector], and they need to be educated,” Jekaterina Govina, head of regulatory affairs at Amlyze, an anti-financial crime advisory in Vilnius, said Wednesday.

Contact Koos Couvée at kcouvee@acams.org