Criminal Justice & the Rule of Law Foreign Relations & International Law

Is the Trump Administration Breaking the Law By Failing to Issue New Russia Sanctions?

Robert Chesney
Wednesday, January 31, 2018, 4:09 PM

Author’s Note: After drafting the post below, I belatedly checked Lawfare’s recent posts to ensure I’m not preempted. And there I found this terrific post by my colleague Megan Reiss, covering a great deal of the same ground on the Section 231 and 241 issues (and doing a much better job of contextualizing them).

Published by The Lawfare Institute
in Cooperation With

Author’s Note: After drafting the post below, I belatedly checked Lawfare’s recent posts to ensure I’m not preempted. And there I found this terrific post by my colleague Megan Reiss, covering a great deal of the same ground on the Section 231 and 241 issues (and doing a much better job of contextualizing them). Please be sure to read her post first, but then (if you still have an appetite for more sanctions talk) come back to this one for some additional statutory details and, especially, for my concluding comments about the other parts of CAATSA—especially Section 224—that the administration has not yet implemented.

Did the Trump administration flout a federal law when it did not produce new sanctions relating to Russia this week? Some of the commentary yesterday suggested as much: Reuters used the headline “Trump administration holds off on new Russia sanctions, despite law,” while Rep. Eliot Engel’s proclaimed that the administration has elected not to “follow the law.”

Does that hold water? No. There are plenty of reasons to criticize President Trump on matters relating to Russia, to put it mildly, and (as I explain below) there are indeed problems with the administration’s implementation of one particular part of the statute in question—but not the parts of it that are in issue with this week’s developments. Let me explain.

1. What is the relevant statute?

The relevant statute is the “Countering America’s Adversaries Through Sanctions Act” (“CAATSA”), which became law almost exactly six months ago. It covers a wide range of topics, but for our purposes what matters is the part of it that deals with Russia. It contains many sections, some of which create obligations relating to sanctions and some of which create obligations to generate mere reports.

Two sections of CAATSA had six-month deadlines that came due this week. One was a sanctions provision, one was a reporting provision. Let’s look at each.

2. Section 241: The Requirement to Publish a Report on High-Level Corruption

One deadline that came due this week was from Section 241 of CAATSA. Section 241 gave Treasury six months to produce a report (in consultation with State and ODNI) that must include:

(A) [identification of] the most significant senior foreign political figures and oligarchs in the Russian Federation, as determined by their closeness to the Russian regime and their net worth.

(B) An assessment of the relationship between individuals identified under subparagraph (A) and President Vladimir Putin or other members of the Russian ruling elite.

(C) An identification of any indices of corruption with respect to those individuals.

(D) The estimated net worth and known sources of income of those individuals and their family members (including spouses, children, parents, and siblings), including assets, investments, other business interests, and relevant beneficial ownership information.

(E) An identification of the non-Russian business affiliations of those individuals.

There’s more to it, but you get the point. The idea is to force the administration to produce a kind of name-and-shame document.

It seems likely that some observers have mistakenly assumed that the statute requires the administration to issue sanctions against those who are listed in the report. But the statute doesn’t require this; it merely requires the report. There really isn’t any ground to criticize the administration for non-compliance under section 241.

3. Section 231: Sanctions Relating to Russian Military and Intelligence

Section 231 also had a six-month deadline, but its focus is different from 241 in three respects. First, it involves sanctions rather than a mere report. Second, its focus is on any entities or persons who engage in major transactions with Russia’s military and intelligence entities. Third, and most notably for present purposes, it has significant carve-outs through which Congress intentionally empowered the President not to impose said sanctions.

Here’s the text, edited for readability:



[Within 6 months,] the President shall impose … sanctions … with respect to a person the President determines knowingly … engages in a significant transaction with a person that is part of, or operates for or on behalf of, the defense or intelligence sectors of the Government of the Russian Federation….


The President may waive the initial application of sanctions under subsection (a) with respect to a person only if the President submits to the appropriate congressional committees—

(1) a written determination that the waiver—

(A) is in the vital national security interests of the United States; or

(B) will further the enforcement of this title; and

(2) a certification that the Government of the Russian Federation has made significant efforts to reduce the number and intensity of cyber intrusions conducted by that Government.


The President may delay the imposition of sanctions under subsection (a) with respect to a person if the President certifies to the appropriate congressional committees … that the person is substantially reducing the number of significant transactions described in subsection (a) in which that person engages.

[the rest omitted].

So what happened this week when the Section 231 deadline arrived? Well, no sanctions issued. This played a key role in stories suggesting that the administration was flouting federal law. But as noted above, sanctions didn’t have to issue, so long as a proper waiver or delay determination was made. Did either occur?

Here is what a State Department spokesperson had to say about the situation:

“Today, we have informed Congress that this legislation and its implementation are deterring Russian defense sales,” State Department spokeswoman Heather Nauert said in a statement. “Since the enactment of the ... legislation, we estimate that foreign governments have abandoned planned or announced purchases of several billion dollars in Russian defense acquisitions.” … “From that perspective, if the law is working, sanctions on specific entities or individuals will not need to be imposed because the legislation is, in fact, serving as a deterrent,” she said in a statement.

This looks to me like a “delay” determination under 231(c). As noted above, 231(c) permits delay before imposing sanctions if the erstwhile target of those sanctions is “substantially reducing the number of significant transactions” with Russian military and intelligence entities. The State Department statement asserts that this is happening in general.

4. So is that at the end of the matter with respect to Section 231 sanctions?

There are two lingering issues.

a. Must the delay justification be individualized?

First, note that the State Department’s public statement was generalized, rather than specific to particular targets. The statute, however, appears to contemplate an individualized decision. It may be, of course, that the administration’s certification to Congress was in fact individualized. Then again, perhaps it was not. If not, that’s a problem: it is possible that transactions with the Russians are down in general, but not at all in particular cases. A good question for journalists to explore, at any rate.

b. How long can the delay continue?

Second, a delay certification under 231(c) is good for only 180 days at a time. (I omitted that clause from the quote above, but it’s there.) That means that this issue will arise again in late July this year.

When that time comes, the administration might assert again that the standard has again been met—that is, that the number of significant transactions for the target is still decreasing substantially. And maybe that’ll happen again in January 2019. At some point, though, such assertions will begin to seem implausible.

5. Is it possible that this was an instance of waiver under 231(b) rather than just delay under 231(c)?

Perhaps, but I’m skeptical. The waiver provision has two elements, as noted above, and only one of them seems easily met here.

The easy part is that the president could have determined that not-sanctioning entities would, at this particular moment, advance the aims of the statute. People could of course dispute that analysis, but it’s left to the judgment of the president so there you go.

The hard part is the second requirement. Let’s look at it again:

“a certification that the Government of the Russian Federation has made significant efforts to reduce the number and intensity of cyber intrusions conducted by that Government.”

We have not heard a whisper that the administration has so certified, and if they had I’m confident some members of Congress would squawk loudly about it (and rightly so). Therefore, this is probably best understood as a delay rather than waiver scenario.

6. Nevermind the provision that expired this week. What about all the other Russia Sanction provision that already had come into effect?

Amidst all the talk about Sections 231 and 241 brought on by the 180-deadlines expiring this week, we may have lost sight of a more important question: Has the administration flouted the many provisions of CAATSA that required sanctions and had much earlier deadlines?

Let’s focus especially on Section 224, which explicitly mandates sanctions in response to Russian government hacking. There have been no sanctions issued under it. Is that ok, or is this an implicit assertion of constitutional authority to disregard the statute?

Section 224 gave the administration two months (that was, until the end of September 2017) to impose sanctions on whomever he determines “knowingly engages in significant activities undermining cybersecurity … on behalf of the Government of the Russian Federation” as well as on those he determines provided such persons with various kinds of support.

There is a waiver provision. It’s the same language, in fact, as we saw above with Section 231 (including the obligation to certify that Russia has “made significant efforts to reduce the number and intensity of cyber intrusions conducted by that Government”). There’s no sign that provision has been invoked, and as noted above it seems that it could not be invoked in good faith given that certification requirement. But what about a “delay,” along the lines of Section 231?

Well, 224 doesn’t have a delay provision. It’s less forgiving than 231. At some point, the administration should issue waivers, or else issue sanctions.

When does that point really arise? I think it’s understandable that sanction would not flow on October 1st. There may be any number of hard questions that arise regarding just whom to sanction under the 224 standard, after all. But delay that seems reasonable early on necessarily becomes less so as time goes by. Four months past the statutory deadline, the delay is looking rather unreasonable.

All the stories this week therefore may have been on to something after all, even if off-target in their particular areas of focus.

Note: Senate Democrats have sent the administration this letter complaining about some of these exact issues.

Robert (Bobby) Chesney is the Dean of the University of Texas School of Law, where he also holds the James A. Baker III Chair in the Rule of Law and World Affairs at UT. He is known internationally for his scholarship relating both to cybersecurity and national security. He is a co-founder of Lawfare, the nation’s leading online source for analysis of national security legal issues, and he co-hosts the popular show The National Security Law Podcast.

Subscribe to Lawfare