Effective Compliance Risk Management for EU Sanctions
What’s inside?
Following weeks of discussions and negotiations, EU countries finalized the 11th sanctions package on June 25. These sanctions are live and the ports access provision went into effect yesterday (July 24).
Possessing an effective compliance and risk management strategy and foundational technology is no longer optional. The new regulations impact port authorities, oil terminals, traders, shipping companies, bunker suppliers, and more. We know your organization is feeling left in the dark and that the sanctions are confusing…Windward is here to help.
Part of the motivation for the EU-Russia sanctions was the rise in deceptive shipping practices (DSP), including ship-to-ship (STS) transfers, location (GNSS) manipulation, and dark activity. These are the main behavioral targets, as noted in the Transport Measures section of the package:
- “Prohibition to access EU ports for vessels that engage in ship-to-ship transfers suspected to be in breach of the Russian oil import ban or G7 Coalition price cap.
- Prohibition to access EU ports for vessels if a vessel does not notify the competent authority at least 48 hours in advance about a ship-to-ship transfer occurring within the Exclusive Economic Zone of a Member State or within 12 nautical miles from the baseline of that Member State’s coast.
- Prohibition to access EU ports for vessels which manipulate or turn off their navigation tracking system when transporting Russian oil subject to the oil import ban or G7 price cap.”
A recent article by Ami Daniel, Co-Founder and CEO of Windward, explains how maritime risk and DSPs have evolved quickly in recent years. “…bad actors always innovate faster than regulators, and a new DSP has emerged – AIS spoofing* (an umbrella term for everything that has to do with AIS manipulation). Historically, the focus has been on ‘dark activities’ – when vessels turn off their location transponders – and ‘identity manipulation’ – adopting a fake identity. Now, the industry must confront AIS spoofing, a DSP encompassing multiple new deceptive shipping practices – most notably location (GNSS) manipulation, during which vessels transmit a fake location.
*Windward can help distinguish between the different AIS spoofing techniques.
The Three Steps
The three steps below are vital for any shippers, logistics service providers, shipping companies, importers/exporters, and port authorities looking to urgently implement a compliance and risk management strategy in light of these latest sanctions against Russia.
1. Effectively detect deceptive shipping practices:
– STS engagements: implementing technology that accurately flags STS engagements with as few false positives (or false negatives) as possible is essential. Windward’s AI-driven STS model offers a 96% accuracy rate for identifying illicit STS activities. Organizations can cut investigation times in half with 4x less false positives than the industry standard. For example, Windward’s Q2 Risk Report found that of the over 880,000 AIS signal losses, only 0.8% were related to sanction evasions – that’s a lot of cleared business.
– Automatic Identification System (AIS) manipulation: Windward has detected more than 1,200 confirmed cases of AIS manipulation, also known as location (GNSS) manipulation. When we break down the data by vessel class, it becomes clear that this type of illicit behavior is being used for one main purpose – oil smuggling, which is obviously highly relevant to Russia and the recent sanctions imposed.
- Here are a few important questions to ask when implementing a compliance and risk management strategy to help identify DSPs:
- Can I accurately distinguish between legitimate and illicit STS operations?
- Can I determine if the oil onboard the vessel in question came from Russia?
- Do I have the right technology to alert me for any location (GNSS) manipulation events?
- Do I only receive alerts from my current solution for sanctions-relevant dark activities?
2. Voyage visibility: the transit ban on certain containerized goods was added to impact the Russian defense industry and prevent relevant items that could contribute to Russia’s development from ending up in Russia during transport. Here are a few important questions to ask when planning to obtain voyage visibility as part of your compliance and risk management strategy:
- Do I have automated alerts for containers expected to sail through Russia?
- Do I have visibility into transshipments and ad hoc rollovers to ensure my container is not passing through Russia?
- Do I have the right tools and knowledge to implement a voyage-based sanctions compliance scheme to avoid regulatory, financial, and reputational risk?
3. A vessel screening procedure: sanctions indicators are no longer nice to have, they are now critical for shipping stakeholders across the entire supply chain. Here are a few important questions to ask when implementing a vessel screening procedure as part of your compliance and risk management strategy:
- Do I have automatic indicators of former Russian-flagged vessels and companies in sanctioned countries, aligned with EU regulations?
- Who is the owner of the vessel?
- Does the company that owns the vessel sit in a sanctioned country?
- Is the vessel sanctioned?
Taking Proactive Measures
Compliance and risk management is an ongoing process that needs to be continuously monitored. Practices must be constantly updated to align with any future changes in sanctions regulations. This includes adopting technologies such as Windward’s patented Maritime AI™ platform to easily identify and report deceptive shipping practices.
By understanding and implementing these three steps, shippers, logistics service providers, shipping companies, importers/exporters, and port authorities can better navigate the complexities of the EU sanctions package and ensure smooth operations, while staying compliant with the new requirements.