by Jeremy Paner
Recent press reports indicate that the U.S. Treasury Department is preparing designations under its malicious cyber-enabled activities authority. Prior to these reports, which cite anonymous administration sources, there were clear signs that this sanctions authority would probably remain dormant.
Empty Executive Order, Without Regulations
First, Executive Order 13694 is “an empty E.O.,” in that it does not contain an annex of designees. OFAC utilizes derivative designations of individuals and entities listed in an annex to effectively and efficiently block vast networks. With no annex, the Office of Foreign Assets Control (OFAC) has to start the designations of networks with identifications of key nodes and then derivatively designate those that act for or on behalf of, or provide services to key actors.
Secondly, OFAC has yet to implement regulations for this sanctions program. Although such regulations are not necessary for the designation process, the licensing, enforcement and compliance aspects of the program will need regulatory guidance. Therefore, expect OFAC to issue regulations concurrently with, or shortly after the announcement of designations.