The United Nations (U.N.) North Korea Panel of Experts1 report released this month confirms that North Korea continues to evade U.N. sanctions.2 The implementation of financial sanctions remains one of the main challenges for governments and financial institutions around the world. The report provides valuable data on North Korea’s methods and tactics that can help financial institutions adjust their preventive measures programs. Main vulnerability points for financial institutions are ship-to-ship transfers, cyber activity, abuse of the financial system by North Korean diplomats and overseas representatives of the North Korean banks. The report’s recommendations to U.N. member states offers a hint of what financial institutions might expect if their governments take these recommendations on board.
Main Avenues for Exploiting Global Financial System
One of the most efficient ways North Korea circumvents sanctions is by engaging in illegal ship-to-ship transfers of petroleum, coal and other goods. In this scheme, vessels meet in the open sea for transfer of goods from one vessel to another. North Korea massively increased the use of ship-to-ship transfers, with more than 50 vessels and 160 companies currently under investigation by the Panel of Experts.3 The vessels operating on North Korea’s behalf transmit automatic identification system (AIS) of other vessels, effectively stealing other vessels’ identity to remain undetected. Other methods include switching off AIS signal entirely, providing false documentation or changing the physical appearance of the ships.4 Financial institutions end up unwittingly facilitating financial transactions associated with these illegal ship-to-ship transfers. For example, they provide letters of credit to a transnational trading network that assists North Korea with vessel-to-vessel transfers. Insurance and reinsurance companies provide protection and indemnity to vessels involved in ship-to-ship transfers.5
Another trend that the U.N. North Korea Panel of Experts observes is the growing number and sophistication of cyberattacks by North Korea on financial institutions. North Korea’s intelligence agency—Reconnaissance General Bureau—leads and coordinates cyberattacks to force the transfer of funds from financial institutions and cryptocurrency exchanges. For example, in 2018 the Reconnaissance General Lab group forced the transfer of $10 million from Banco de Chile mainly to accounts in Hong Kong. It managed to do it with the help of unauthorized Society for Worldwide Interbank Financial Telecommunication (SWIFT) transactions. In another case from 2018, a cyberattack facilitated withdrawal of $13.5 million from India’s Cosmos Bank via more than 14,000 ATM withdrawals in 28 countries and additional transfers to a company in Hong Kong using SWIFT. The report offers details of numerous other cyberattacks on financial institutions around the globe.6
North Korea targets not only brick-and-mortar financial institutions but cryptocurrency exchanges as well. The U.N. North Korea Panel of Experts determined that there were at least five successful attacks on cryptocurrency exchanges in 2017-2018.7
North Korea continues to use diplomatic cover to engage in illicit activities. Financial institutions fall prey to the North Korean diplomats who establish bank accounts in their own names, the names of their family members and front companies, and then use those accounts to conduct transactions in violation of sanctions. In one of the typical examples, a North Korean diplomat accredited in a European country opened more than a dozen accounts in European banks using typical evasion techniques (accounts in the names of family members and front companies and using different addresses). He then used those accounts to engage in illicit procurement of goods on behalf of North Korea.8
North Korean financial institutions continue to install their operatives abroad successfully. The U.N. North Korea Panel of Experts is currently investigating more than 30 such cases. The scheme employed can be summarized in the following way. North Korean importers transfer funds to a North Korean bank. Said bank then instructs its overseas operatives to use foreign bank accounts often opened in the name of front companies to pay for goods and shipping. A ledger system is used to balance payments from overseas accounts and the North Korean bank. In cases of substantial balance discrepancy, couriers carry bulk cash across borders.9
What Financial Institutions Can Expect
If U.N. member states heed to the recommendation from the U.N. North Korea Panel of Experts, insurance and reinsurance companies can expect an introduction of a regulatory requirement for them to include AIS screening and “AIS switch-off” clauses in contracts for at-risk vessels operating in relevant regions.Similarly, banks can expect their governments to introduce a requirement for them to include AIS screening and vessel due-diligence-risk-assessment clauses into letters of credit, loans and other financial instruments for commodity traders and oil and petroleum brokers in higher-risk, free-onboard markets.10 In general, insurance companies can expect greater scrutiny as governments are reminded that insurance companies are financial institutions, and as such are subject to all financial provisions of sanctions—including a requirement on freezing assets.11
Financial institutions should be aware of North Korea’s increasing malign cyber activity and protect themselves accordingly. The Panel of Experts recommends that governments share information with other governments and with the financial institutions on North-Korea-led cyberattacks.12
North Korea’s use of diplomats as agents in illicit procurement and financing is not new, but the increasing well-documented abuse of diplomatic cover and the recommendations offered by the Panel of Experts suggests that at least some governments will be inclined to strengthen relevant regulations to minimize exposure. As a result, financial institutions can expect tighter regulations on opening, managing and closing bank accounts for North Korean diplomats. The Panel of Experts recommends that governments provide banks with the lists of all accredited North Korean diplomats and the members of their families in their country so that banks can more effectively curb attempts by North Korean diplomats to establish numerous accounts. They also recommend that only one bank in a country services all North Korean diplomats. Once diplomats end their tenure in a country, relevant authorities will be expected to verify the accounts are closed. Governments might recommend to banks not to open accounts for North Korean diplomats unless they are accredited in the country where a bank is located. Governments might start sharing information on the financial activity of North Korean diplomats in their country with other governments to avoid cross-border circumvention of sanctions.13
The U.N. North Korea Panel of Experts report pays special attention to provisions in U.N. resolutions that require freezing of assets of designated entities and individuals, those operating on their behalf, and members of the North Korean government that are violating or evading the sanctions. Financial institutions can expect a greater emphasis on freezing assets as opposed to just closing accounts.14
North Korea has perfected sanctions evasion which makes curbing its illicit activities challenging. By studying North Korea’s methods and techniques, financial institutions can become better equipped to minimize the country’s access to the global financial system. The 300-plus page report meticulously compiled by the U.N. North Korea Panel of Experts provides a wealth of case studies worth studying.
- The formal name is the Panel of Experts established pursuant to resolution 1874 (2009).
- “S/2019/171*,” United Nations Security Council, March 5, 2019, https://www.undocs.org/S/2019/171
- Ibid, 7.
- Ibid, 7-14.
- Ibid, 26.
- Ibid, 51.
- Ibid.
- Ibid, 52.
- Ibid, 228.
- Ibid, 30.
- Ibid, 65.
- Ibid, 64.
- Ibid, 53, 64.
- Ibid, 64.
