Photo of Blake Hulnick

Blake Hulnick practices at the intersection of export controls, sanctions, and white-collar defense. He represents companies and individuals in sensitive civil and criminal investigations matters, particularly those focused on issues implicating national security and international trade controls. He also maintains an active sanctions and export controls advisory practice.

In his litigation and investigations practice, Mr. Hulnick has experience representing both individual clients and sophisticated international companies, often in matters involving parallel investigations by civil and criminal authorities. His experience ranges from scoping subpoena responses and overseeing the collection and production of documents in multiple languages to conducting analyses of legal exposure, preparing witnesses and presentations, and crafting the strongest possible arguments in support of his clients’ positions.

Mr. Hulnick’s investigations practice is informed by his experience advising clients on the rapidly changing U.S. sanctions and export controls landscape. He advises a wide range of U.S. and non-U.S. companies on U.S. sanctions administered by the Treasury Department’s Office of Foreign Assets Control, particularly those targeting Crimea, Cuba, Iran, North Korea, Russia, and Venezuela. He also regularly advises clients on the export controls administered by the State Department’s Directorate of Defense Trade Controls and the Commerce Department’s Bureau of Industry and Security. In each of these areas, Mr. Hulnick’s work ranges from providing guidance, assessing newly announced rules, seeking advisory opinions or export licenses, and conducting corporate due diligence to assisting clients with voluntary disclosures and enforcement matters.

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an “Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments” (the “Updated Advisory”).  The Updated Advisory updates and supersedes an earlier OFAC Advisory released on October 1, 2020, and is directed toward not only organizations victimized by ransomware attacks, but also financial institutions, cyber insurance firms, and forensic and incident-response firms that assist organizations victimized by ransomware attacks.

The Updated Advisory is largely consistent with the previous version released in October 2020, restating the U.S. government’s opposition to ransomware victims making payments to cyber threat actors and making clear OFAC’s commitment to bringing enforcement actions in connection with such payments when they constitute U.S. sanctions violations.  However, the Updated Advisory adds important new guidance on “the proactive steps companies can take to mitigate [sanctions enforcement] risks,” including implementing strong cybersecurity practices before an attack; and promptly reporting a ransomware attack to, and engaging in timely and ongoing cooperation with, law enforcement or other relevant agencies.  Taking these steps would constitute “mitigating factors” in any OFAC enforcement action resulting from sanctions violations in connection with ransomware payments.

In conjunction with the new Advisory, OFAC for the first time designated for sanctions a Russian cryptocurrency exchange, SUEX OTC, that OFAC alleges has been involved in facilitating numerous ransomware payments for malicious cyber actors.  As a result of this designation, U.S. persons (that is, all individual U.S. citizens and permanent residents, U.S.-incorporated entities and their branch offices, and anyone physically within the United States) are now prohibited from engaging in or facilitating virtually all transactions with or involving SUEX OTC.

Continue Reading OFAC Issues Updated Guidance on Ransomware Payments

Consistent with the U.S. Department of the Treasury’s ongoing focus on cyber-enabled financial crime, on October 1, 2020, two components of the Treasury Department’s Office of Terrorism and Financial Intelligence issued guidance on ransomware-related payments.  One, an advisory issued by the Office of Foreign Assets Control (“OFAC”), describes the significant U.S. sanctions risks of facilitating ransomware payments, and expresses a strong policy preference against doing so.  The second, an advisory issued by the Financial Crimes Enforcement Network (“FinCEN”), alerts financial institutions to trends and indicators of ransomware-related money laundering.  Both underscore the difficult decisions faced by ransomware victims and third parties who assist them as they seek to navigate the loss of access to key data on the one hand, and increasingly significant regulatory risks that making a ransomware payment could entail on the other.
Continue Reading Coordinated OFAC and FinCEN Guidance on Ransomware Attacks Underscores the Regulatory Risk and Complexity of Paying a Ransom