OFAC, DOJ Reports on EO 14067 and OFAC Issues GL D-2 in Support of Iranian Populace


Coinfirm’s Regulatory Affairs overviews the US’ Office of Foreign Assets Control (OFAC) and the Department of Justice (DOJ) reports on EO 14067 and OFAC’s Issuance of General License D-2 in Support of the Iranian Populace.

Department of Treasury Reports Pursuant to President Biden’s Executive Order 14067

Pursuant to President Biden’s Executive Order 14067 on Ensuring Responsible Development of Digital Assets, four reports have been issued by OFAC and the DOJ, addressing:

OFAC Reports:

  1. The future of Money and Payments
  2. Implications for Consumers, Investors and Businesses
  3. Action Plan to Address Illicit Financing Risks of Digital Assets

DOJ Report:

OFAC Report: The Future of Money and Payments

Recent innovations, such as instant payments, stablecoins, the potential development of a U.S. Central Bank Digital Currency (CBDC), have led to the review of U.S.’ system of money and payments to be reviewed in order to identify opportunities to promote faster, cheaper, and more inclusive payments.

The report starts off by explaining the meaning of money and payment systems:

Money is described threefold:

  1. Monetary value of goods and services.
  2. A medium of exchange to buy and sell goods and services.
  3. A store of value: the value of money is preserved over time.

There are two types of money:

  1. Public: cash (money issued in the form of paper and coins by the Federal Reserve)
  2. Private: funds held in banks and nonbank financial institutions such as fintech firms or payment service providers (PSPs)

Payment systems are described as technical systems which facilitate the transfer of private money.

For advancing payment system developments the Treasury has set forth four recommendations:

  • Recommendation 1: Advance work on developing a U.S. CBDC. “A CBDC is a digital form of a country’s sovereign currency”. The report reviews selected design choices for CBDC such as features of the CBDC, the payment system to be used in transferring it as well as intermediaries. It also outlines the need for the CBDC to be regulated and for intermediaries to implement all AML/CFT and sanctions obligations. This CBDC-related recommendation encourages:
    • The treasury to continue its research and technical experimentation on CBDCs while considering implications of its adoption via an inter-agency working group (“CBDC Working Group”)
    • The evaluation of policy considerations described in the January 2022 Money and Payments: The U.S. Dollar in the Age of Digital Transformation discussion paper
    • The periodic update of the public on CBDC-related developments.
  • Recommendation 2: Encourages the use of instant payment systems to support a more competitive, efficient, and inclusive U.S. payment landscape. Consumers, businesses, and financial institutions may need to adjust their financial habits and practices to incorporate new technologies to:
    • Allow for the inclusion of underserved communities.
    • Support the use of instant payment systems.
    • Facilitate greater consumer access to, and use of, instant payment systems.
  • Recommendation 3: Establish a federal framework for payments regulation to protect users and the financial system, while supporting responsible innovations in payments. The need for this recommendation stems from the provision of payment services, such as issuing money (or money-like) liabilities and processing payments capabilities by nonbank financial institutions which are regulated and supervised at a state level only. State oversight  of nonbank payment providers  is inconsistent in addressing payments risks. Thus, it is recommended to:
    • Create a federal framework for payments regulation to regulate and supervise nonbank financial institutions to make the most of the benefits these provide while minimising the risks.
    • Create a federal framework for nonbank payment providers to complement existing federal requirements.
    • Promote responsible innovation in payments by establishing appropriate federal oversight of nonbank companies that are involved in the issuance, custody, or transfer of money or money-like assets.
    • A federal framework for payments regulation would also support considerations for both a U.S. CBDC and instant payments.
  • Recommendation 4: Prioritise efforts to improve cross-border payments. In the US the G20, FSB and Committee on Payments and Market Infrastructure (CPMI) are active in improving cross-border payments. This recommendation is based on a roadmap for developing a faster, cheaper, and more transparent cross-border payments system set forth by the G20 in 2020. The main priorities to achieve these outcomes are:
    • Fostering the safety and soundness of private and public sector innovations for cross-border payments.
    • Considering the feasibility of new multilateral platforms and arrangements for cross-border payments, including utilising instant payments.
    • Working across jurisdictions to align regulatory, supervisory, and oversight frameworks for cross-border payments.
    • Harmonising data and market practices for cross-border payments.

OFAC’s Report: Crypto-Assets: Implications for Consumers, Investors, and Businesses

Reviews the current crypto-asset markets and trends outlining opportunities and risks associated with their use and discusses the implications of these opportunities and risks for consumers, investors, and businesses.

The risks consumers, investors, and businesses are exposed to are:

  • Conduct risks: the threat of financial loss to an organisation caused by poor regulations, or judgment of managers and employees:
    • Fraud, Theft, and Mismanagement
    • Lack of Transparency:
      • Crypto-asset Investments risks and company governance
      • Operating unregulated crypto-asset platforms
      • Unhindered access to crypt-platforms leading to illegal activities
      • Lack of screening potential investments for quality and legitimacy
      • Conflicts of interest
  • Operational risks: the risk of loss caused by flawed or failed processes, policies, systems, or events including the technology-specific risks of crypto-assets and systems.
  • Risks arising from crypto-asset intermediation: traditional financial risks that have the potential to manifest in crypto-asset markets.

Recommendations suggested to promote responsible development of digital assets:

  1. Detect, investigate and enforce civil and criminal actions:
    • Expand and increase investigations and bring enforcement or other legal action against unlawful activity in crypto-asset markets such as misrepresentations made to consumers and investors (false or misleading advertising, terms of service, claims of returns or income potential, statements of protections available to users of crypto-assets).
    • Coordinate cross-agency enforcement actions
    • Share information on illegal crypto-asset activity
  2. Issue supervisory guidance and rules to address current and emerging risks in crypto-asset products and services
    • Provide supervisory guidance or rule-makings through individual actions
    • Collaborate to improve clarity on vocabulary, the identification and assessment of key risks, and areas of future focus
    • Provide plain language guidances readily understandable by a wide audience
  3. Promote consumer education and provide access to trustworthy information on crypto-assets which relay risks associated the use of crypto-assets, common practices employed by perpetrators, reporting procedures, information on operational risks that are unique to the crypto-asset ecosystem and their impact.
  4. Engaging with industry leaders, academics, and other relevant parties to promote and coordinate public and private strategies for financial education outreach to consumers.

OFAC’s Report: Action Plan to Address Illicit Financing Risks of Digital Assets

The report outlines the crypto-related risks identified in National Risk Assessments (NRAs) and an action plan to address them.

The identified risks in order of occurrence are:

  1. Money Laundering
  2. Terrorist Financing
  3. Sanctions Evasion
  4. Proliferation Financing

The identified vulnerabilities which give rise to these digital-assets-associated risks are:

  • Gaps in implementation of the international AML/ CFT standards across countries
  • The use of anonymity enhancing technologies
  • The use of VASPs that are either not regulated or not compliant with AML regulatory requirements

This action plan lays out seven main mitigating measures and supporting actions to which the U.S. government is committed to:

  • Monitor Emerging Risks

By monitoring the development of the digital assets sector and its inherent risks and assessing the robustness of the legal, regulatory, and supervisory regimes the US can identify gaps and address them. Supporting actions additional to existing ones are ML and TF risk assessments on DeFi and NFTs (to be published in 2023).

  • Improving Global AML/CFT Regulation and Enforcement

Supporting actions to address weaknesses in AML/CFT regulation, supervision, and enforcement in foreign jurisdictions related to digital assets remain the same. The US shall continue its collaboration with international bodies such as the FATF, G7, Egmont Group, FSB, BIS, IMF, World Bank, and UN.

The BSA shall be updated according to identified emerging risks as part of the exercise under point 1. Monitor emerging risks. Supporting actions remain the same.

  • Strengthening U.S. AML/CFT Supervision of Virtual Asset Activities

Strengthen domestic supervision and examination of firms to raise the bar of AML/CFT compliance. “Treasury is working to ensure that VASPs doing business wholly or in substantial part in the United States, wherever located, register with the requisite regulatory bodies at the state or federal level, and that they implement AML/CFT requirements.”  On top of the existing supporting actions, more efforts shall be channelled to “promote standardisation and coordination of state licensing and AML/CFT obligations, as well as supervision for MSBs, and improve state‑state and state‑federal coordination more broadly”.

  • Holding Accountable Cybercriminals and Other Illicit Actors

Continued actions, such as seizures, criminal prosecutions, civil enforcement, and targeted sanctions designations, will be taken to disrupt criminal activities and to expose the parts of the virtual asset ecosystem enabling it. Supporting actions remain the same.

  • Engaging with the Private Sector

Enhance communication with the private sector to ensure market participants understand their obligations and learn from the private sector’s experience and assessment of risks. Supporting actions remain the same.

  • Supporting U.S. Leadership in Financial and Payments Technology

“Promote a modern, transparent domestic payments system that supports innovation and maintains U.S. technological leadership, while safeguarding our financial system and national security”. Supporting actions include modernising the U.S. payments infrastructure and funding technological developments on top of existing efforts.

DoJ: The Role Of Law Enforcement In Detecting, Investigating, And Prosecuting Criminal Activity Related To Digital Assets

As per Joe Biden’s Executive Order 14067, the DOJ was tasked with identifying ways to improve law enforcement agencies’ ability to combat crypto crimes.

A) The report is divided into three major parts covering:

  • The three principal categories of digital assets illicit use:
    1. A means of payment for criminal activity:
      • To complete illegal transactions on dark-net markets
      • To collect ransomware payments
      • To facilitate fraud and scams
      • To finance terrorism
    1. A means of concealing illicit financial activity:
      • Money laundering
      • Tax evasion
      • Sanctions evasion
    2. Crimes involving or affecting the digital assets ecosystem:

B) Law enforcement efforts and initiatives to detect, investigate, and prosecute crimes relating to digital assets and seizing illicit crypto gains, reports issued over the years since 2018 and new bodies created specialised in crypto crimes.

Also, this section announces the formation of a new network of prosecutors, called DAC (DIGITAL ASSET COORDINATORS NETWORK), specialising in investigating and prosecuting criminal activity stemming in cryptocurrency.

C) Based on encountered obstacles in digital assets-related investigations a set of recommendations was listed. It suggests changes in legislative and regulatory actions to advance in the disruption of digital assets-related criminal activity. The most notable ones are stated follows:

  1. Making it illegal for VASPs to tip-off their users that an investigation is being carried out against them, by including MSBs in the definition of “financial institution” that applies to the statues of non-disclosure of subpoenas.
  2. For MSBs operating without a license it’s requested to increase the statute of limitations to 10 years, double criminal fines and triple corporate criminal fines.
  3. Either mandate legislative and regulatory changes and international-cooperation initiatives, to address identified challenges in gathering evidence of crimes related to digital assets OR enhance penalties for non-compliance with cryptocurrency‐​related record requests.
  4. Adopt FinCEN’s suggested travel rule amendments.
  5. NFTs to be covered by the BSA.
  6. Facilitate the forfeiture of cryptocurrency in appropriate cases and the strengthening of the Sentencing Guidelines applicable to certain BSA violations.
  7. Increase funding for the DOJ.

OFAC Issues General License D-2 in Support of Iranian Populace

On September 13, Mahsa Amini was detained by the Iranian Morality Police for allegedly wearing her hijab too loosely. Three days later she was declared dead while in police custody, which outraged the Iranian populace, who began protests against the country’s regime. Unfortunately, the government of the Islamic Republic of Iran’s reaction to the protests has been violent – with hundreds reported dead in clashes with government forces – with the government also cutting off the population’s access to the internet (in similar fashion to ’19).

In response to this action, the United States lifted several Iran sanctions and issued, on September 23rd ’22, the General License D-2, in support of Iranian people’s access to information to be “better equipped to counter the government’s efforts to surveil and censor them”.

The GL D-2, which has no expiration date, “authorizes technology companies to offer the Iranian people more options of secure, outside platforms and services”. Any US person (legal or individual) within the US or wherever located, can:

  • Provide to Iran fee-based or no-cost communications software and services over the internet, such as messaging platforms, social media, video conferencing, web maps, learning platforms, user authentication services, and cloud-based services.

Such tools and services may be provided both to the Iranian government and to the general population. However, when provided to the government, these must be available at no cost.

  • persons not authorised to provide such tools and services to Iran are encouraged to submit a specific license application to OFAC. 

The provision of such services is prohibited to any person:

  • “whose export privileges have been denied pursuant to part 764 or 766 of the EAR, without authorization from the Department of Commerce”
  • “whose property and interests in property are blocked pursuant to any part of 31 CFR chapter V, other than persons whose property and interests in property are blocked solely pursuant to Executive Order 13599 as the Government of Iran”

The GL D-2 continues to authorise the provision of tools which protect the ability of Iranian people to engage in free expression and resist regime oppression, such as anti-virus software, anti-malware software, anti-tracking and anti-censorship software, VPN and mobile operating systems.

Additional to the GL D-2, OFAC has issued several FAQs that clarify certain aspects relayed in the GL D-2.

“Treasury is announcing the expansion of Iran General License D-2, which will expand the range of internet services available to Iranians. With these changes, we are helping the Iranian people be better equipped to counter the government’s efforts to surveil and censor them. In the coming weeks, OFAC will continue issuing guidance to support the Administration’s commitment to promoting the free flow of information, which the Iranian regime has consistently denied to its people.” – Deputy Secretary of the Treasury, Wally Adeyemo

Looking to comply with crypto AML compliance stipulations?

Contact Coinfirm or sign up/log in to the AML Platform to experience the most flexible crypto RegTech platform powered by more than 350 proprietary risk analysis algorithms.