Frequently Asked Questions

452. Are these sanctions consistent with international obligations?

452 … As with all financial sanctions programs Treasury administers, these measures will be implemented in accordance with domestic law and our international obligations. … Are these sanctions consistent with international …

447. What will significant malicious “cyber-enabled” activities mean for the purposes of Executive Order (E.O.) 13694?

447 … We anticipate that regulations to be promulgated will define “cyber-enabled” activities to include any act that is primarily accomplished through or facilitated by computers or other electronic devices. For purposes of E.O. 13694 , malicious cyber-enabled activities include deliberate… Read more

448. I conduct cyber-related activities for legitimate educational, network defense, or research purposes only. Am I vulnerable to the application of sanctions under this authority for these activities?

448 … The measures in this order are directed against significant malicious cyber-enabled activities that have the purpose or effect of causing specific enumerated harms, and are not designed to prevent or interfere with legitimate cyber-enabled academic, business, or non-profit activities. The U.S… Read more

449. I administer a network for my employer and I regularly deny access to certain services and systems (e.g., retail websites, social media platforms) in order to ensure the performance of the network for authorized business activities. Could I or my employer be sanctioned for this?

449 … The measures in this order are designed to address the threat posed by individuals and entities engaged in significant malicious cyber-enabled activities that have the purpose or effect of causing specific enumerated harms. These measures are not designed to prevent or interfere with… Read more

450. Will Treasury impose sanctions on persons whose personal computers (or other networked electronic devices) are, without their knowledge or consent, used in malicious cyber-enabled activities (e.g., in denial-of-service attacks against U.S. financial institutions)?

450 … No. These sanctions are designed to target those actors whose malicious cyber-enabled conduct is reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.… Read more

451. How do financial sanctions relate to existing legal authorities in this context?

451 … The United States’ whole-of-government strategy to combat cyber threats draws from a broad range of tools and authorities to respond to the growing and evolving threat posed by malicious cyber actors. Similar to our approach to global threats from terrorists, narcotics traffickers, and… Read more

489. The President has amended E.O. 13694 to cover “misappropriation of information.” What does that term mean? Does that mean that Treasury will impose sanctions related to the publication of information by American whistleblowers or members of the press?

489 … No. This authority does not target American whistleblower activity or constitutionally protected activity. The E.O. defines misappropriation to be the “taking or obtaining by improper means, without permission or consent, or under false pretenses.” Importantly, to be eligible for sanctions… Read more

444. How will Treasury decide whom to sanction under this authority?

444 … Executive Order (E.O.) 13694, as amended on December 29, 2016, focuses on specific harms caused by significant malicious cyber-enabled activities, and directs the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to impose sanctions on those… Read more

445. What are my compliance obligations with respect to E.O. 13694, as amended?

445 … As with many of the sanctions programs that Treasury administers, U.S. persons (and persons otherwise subject to OFAC jurisdiction) must ensure that they are not engaging in trade or other transactions with persons named on OFAC’s SDN List pursuant to E.O. 13694, as amended, or any entity… Read more

501. What does General License 1C (GL 1C), “Authorizing Certain Transactions with the Federal Security Service,” authorize?

501 … GL 1C authorizes transactions with the Federal Security Service (a.k.a. Federalnaya Sluzhba Bezopasnosti) (a.k.a. FSB) that are ordinarily incident and necessary to requesting, receiving, utilizing, paying for, or dealing in certain licenses and authorizations for the importation,… Read more

Frequently Asked Questions

Office of Terrorism and Financial Intelligence