Beyond North Korea’s nuclear and military programme lies a dense web of global commercial networks. While most legitimate businesses are unlikely to be directly involved with activities related to North Korea, this report seeks to demonstrate that the potential for becoming involved with commercial entities and interests linked to the country and its leadership remains a threat. The increasing sophistication of North Korea’s methods and the inconsistent implementation of regulations by international agencies and individual countries expose multilateral corporations and global financial institutions to the risk of sanctions compliance.
On 22 March 2017, the Wall Street Journal newspaper reported that the U.S. government was building a case against North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), for its involvement in a USD81 million theft of funds owned by Bangladesh’s central bank.
The incident involved the Belgium-based Swift financial messaging network, which is used by more than 11,000 financial institutions worldwide for communicating and verifying banking and related transactions. On February 2016, hackers breached Bangladesh’s central bank system to send fake payment orders valued at nearly USD1 billion via Swift to an account at the Federal Reserve Bank of New York. While most of the requests were rejected, several transactions valued at USD81 million went through and were transferred to the Philippines before subsequently disappearing into its casinos.
If accurate, the theft of Bangladesh’s funds by North Korea would be the first known case of bank theft by a nation-state in a cyberattack.
U.S. investigators believe that the theft was linked to North Korea and executed with the help of Chinese middlemen. If accurate, the theft of Bangladesh’s funds by North Korea would be the first known case of bank theft by a nation-state in a cyberattack.
Based on findings by cybersecurity firm Symantec Corp., the malware used in the Bangladesh attack was similar to that found in a series of unsuccessful cyberattacks targeting financial institutions in South-East Asia and Poland in the past 12 months. The same software was also used in the November 2014 hack of U.S.-based film studio Sony Pictures; Washington identified Pyongyang-associated hacking group Lazarus as responsible for that attack.
Revelations of such illicit activities turned investigators’ attention towards Swift’s role in linking North Korea to the global financial system. In March 2017, Swift severed its relationships with seven sanctioned and non-sanctioned DPRK banks after coming under pressure from the U.S. government after it was warned its business ties with North Korea potentially violated U.S. laws.
Annual U.N. reports highlight Pyongyang’s ever-changing tactics to evade sanctions and a list of countries help facilitate its efforts to maintain or gain access to global financial and trading systems and networks.
Non-compliant countries and entities include North Korea’s largest trade partner and de facto patron China and the Chinese financial hub of Hong Kong. In Africa, the Democratic Republic of the Congo has repeatedly ignored U.N. pressure, not least by in 2016 inviting North Korea’s military to train its armed forces. Namibia has also employed North Korea’s Mansudae Overseas Group in various construction projects, including building a munitions factory.
While official trade is negligible, many South-East Asian countries have permitted North Korean-front companies to operate in their territories for many years
The assassination of Kim Jong-nam, half-brother of North Korean leader Kim Jong-un, on 13 February 2017 in Malaysia’s Kuala Lumpur airport, revealed North Korea’s lesser-known diplomatic relations with South-East Asia. While official trade is negligible, many South-East Asian countries have permitted North Korean-front companies to operate in their territories for many years.
They include Malaysia, Singapore and Thailand, where North Koreans are involved in a wide range of legal and illicit activities, ranging from banking and barter trade to procuring defence equipment.
The lack of political will in punishing and enforcing sanctions against North Korea is also evident in the West. In 2017, around 1,000 North Korean workers were employed in Europe, most of them in Poland’s shipyards and farms. They include Nauta, whose repair shipyard in the Polish city of Gdynia is certified to work on Nato warships.
While the hiring of North Korean labour is legal in Poland, the arrangement poses security threats and contradicts national and E.U. labour and human rights laws. The North Koreans typically work for six days a week between 10 and 12 hours per day, with their wages repatriated to the government in Pyongyang, according to the European Alliance for Human Rights in North Korea, a U.K.-based campaign group.
The U.N. estimates there are about 50,000 North Korean workers employed under similar or even more onerous conditions around the world in a business which earns Pyongyang up to USD2.15 billion annually.
The proliferation of North Korea’s overseas ventures, often operating openly as legitimate entities, raises two key issues. First, it reveals that sanctions intended to deter Pyongyang from pursuing its nuclear and missile programme have largely failed. This is partly due to China, which has been reluctant to impose severe punishments on its neighbour for fear of creating a failed state on a sensitive border.
Second, it demonstrates that the global implementation and enforcement of international sanctions against North Korea is at best uneven and often non-existent, as many countries remain unwilling to use the instruments made available under U.N. provisions, such as legal means to act against North Korean-linked activities or transactions. There are clear indications that in some cases, North Korea’s ability to operate in some countries is due to high-level corruption.
Other instances are less clear. For example, the exploitation of North Korean workers by Polish firms is against national Polish and regional E.U. laws as well as International Labour Organization treaties and conventions to which Poland is a signatory. When members of the European Parliament tried to raise this issue with the European Commission (E.C.), the E.U.’s executive arm, it responded that the labour rights of workers in Europe from third countries was not under the purview of the E.C. but that of national authorities and courts.
Allan & Associates notes that international sanctions against North Korea and its entities will only increase and become more complex. This reflects the belief that punitive measures appear to be the main, indeed only, leverage the international community has over North Korea in the absence of military force.
Most businesses understand that the consequences of breaching regulatory obligations are extremely serious, leading to legal repercussions and significant reputational damage. However, it is particularly challenging for those operating across multiple jurisdictions, especially if they are active in the U.S. and U.K., as their regulations are extraterritorial in reach.
In recent years, sanctions regimes have been seeking to capture a wider range of individuals, entities and activities. This could involve those directly or indirectly involved in North Korean overseas ventures, whether they are sources, facilitators or end users. Regulators therefore require companies to manage not only their exposure to blocked parties and entities, but also their clients and counterparties.
One of the high-risk countries is China, reflecting both its close long-standing trade ties with North Korea and the strategic imperative of maintaining a buffer state between its own border and the U.S.-backed South Korea.
The U.S. has previously placed restrictions on several Chinese institutions, including their overseas entities, due the commercial links with North Korea, including the Bank of China. However, after the U.S. Treasury imposed sanctions on the Foreign Trade Bank, Pyongyang’s main foreign exchange facilitator, in March 2013 the Chinese state-owned bank had to cut off all ties with the North Korean institution.
While companies operating in high-risk countries should have robust due diligence in place, Allan & Associates advises major foreign firms to ensure rigid compliance with sanctions regulations, such as screening the counterparty’s ownership structure and transactions. Furthermore, they should be careful to avoid facilitating activities related to North Korea either directly or through intermediaries, which is prohibited under many U.S. and U.K. sanctions programmes.