Russian Law Restricts Compliance with US National Defense Authorization Act

May 23, 2022

Russia President Vladimir Putin signed the federal law, “On Amendments to the Federal Law ‘On Measures of Influence (Counteraction) on Unfriendly Actions of the United States of America and Other Foreign States,’” on May 1, substantially restricting the ability of Russian banks to disclose information to foreign regulators, in particular, under the US National Defense Authorization Act.

The Russian government introduced the law to State Duma in June 2021. As stated in the explanatory note, the purpose of the law is to protect Russia against legislative initiatives of “unfriendly states” for Russian banks to disclose bank secrecy under the threat of penalties.

Particularly, the law was prompted by the adoption of the National Defense Authorization Act for Fiscal Year 2021 (NDAA) in the United States, which, among other things, entitles the US secretary of the treasury and the US attorney general to request any information relating to the accounts of foreign banks (including Russian banks) that maintain correspondent accounts in the United States (Section 6308) that are subject to certain types of investigations specified in the NDAA.

Procedure for Disclosure of Information: Consent of Authorized Government Body

According to the law, Russian banks are now banned from sharing information about their customers, transactions, and representatives of their customers and beneficiaries and beneficial owners (the Forbidden Information) with government bodies of foreign states (including judicial authorities) without the prior consent of the authorized government body.

Each time a Russian bank is requested to disclose the Forbidden Information by a foreign government body, it shall report such request to the Central Bank of Russia, which then passes this information on to the Russian authorized government body. If the authorized government body decides that the Forbidden Information may be disclosed, the prohibition shall not apply.

The Russian president shall determine which government body is authorized to grant the relevant permissions.

No Effect on FATCA and CRS Disclosures

At present, a similar procedure for disclosure of information is stipulated for sharing the banks’ records with foreign tax authorities.

Namely, according to Federal Law No. 173-FZ dated June 28, 2014, “On Peculiarities of Financial Transactions with Foreign Citizens and Legal Entities, on Amendments to the Code of Administrative Offences of the Russian Federation and the Repeal of Certain Provisions of Legislative Acts of the Russian Federation” (Law 173-FZ), Russian financial institutions may not disclose information about their customers to foreign tax authorities (or foreign tax agents authorized to withhold taxes) without the prior consent of the customer and the Russian Federal Service for Financial Monitoring (Rosfinmonitoring).

The Law expressly stipulates that it shall not apply to the disclosure of information under Law 173-FZ.

Consequently, the disclosure of information to foreign tax authorities is still regulated by Law 173-FZ, and the new procedure shall only apply to the disclosure of information to all other (non-tax) foreign public authorities.

Consequences for Russian Banks and Their Counterparties

As noted above, the law shall not apply to the disclosure of information to foreign tax authorities (including disclosure under FATCA, which falls within the provisions of Law 173-FZ).

However, it potentially may have a substantial impact on Russian banks. In particular, according to Section 6308 of the NDAA, a US financial institute may be obliged to terminate any correspondent relationship with a foreign bank that fails to comply with an order to disclose information to the US secretary of the treasury or the US attorney general issued under the NDAA.

Therefore, a correspondent account of a Russian bank may be closed if there is any delay on the part of the Russian authorized government body as to granting consent under the law, ultimately resulting in that bank not being able to clear cross-border US dollar payments. Similar consequences may appear in other jurisdictions.

Further, if the bank secrecy is required to be disclosed to a foreign public authority as part of non-Russian legal procedures, regulatory filing, multijurisdictional acquisition, or other similar circumstances, such disclosure of information shall be made in accordance with the procedure prescribed by the law, which may delay and complicate the relevant process.

Although it does not expressly follow, issues may arise if the law is interpreted broadly, i.e., as prohibiting the disclosure of bank secrecy in response to any requests coming from outside Russia (e.g., if such request were made by a foreign bank at the direction of the foreign public authority). 

Ukraine Conflict: How to Maintain Global Business Continuity

Our lawyers have long been trusted advisers to clients navigating the complex and quickly changing global framework of international sanctions. Because companies must closely monitor evolving government guidance to understand what changes need to be made to their global operations to maintain business continuity, we offer this centralized portal to share our insights and analyses. To receive the latest updates, subscribe to our Ukraine Conflict: How to Maintain Global Business Continuity mailing list.


If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers:

Ukraine Conflict Task Force

Giovanna M. Cinelli
Alexey Chertov
Joanna Christoforou
Bruce Johnston
Grigory Marinichev
Michael Masling
Kenneth J. Nunnenkamp
Christina Renner
Melanie Ryan
Vasilisa Strizh
Carl A. Valenstein
Dr. Axel Spies
Abaigael R. Clifford
Jiazhen (Ivon) Guo
Katelyn M. Hilferty
Christian Kozlowski
Eli Rymland-Kelly