SecState Pompeo to UNSC to Invoke Iran Snapback Sanctions

Posted on August 20, 2020August 20, 2020 by Denise Simon

President Trump confirmed on Wednesday that he had asked Secretary of State Mike Pompeo to notify the UN Security Council that the U.S. intends to initiate “snapback” sanctions on Iran. The formal request is expected on Thursday, Israeli officials told Axios.

The backdrop: This move could create a diplomatic and legal crisis unlike any seen before at the Security Council. It comes days after the U.S. failed to mobilize support at the council to extend an international arms embargo on Iran.

The big picture: Despite having withdrawn from the 2015 Iran nuclear deal, the U.S. is invoking its terms in an attempt to force sanctions lifted under the pact to snap back into place.

The deal says any of the signatories — the U.S., Russia, China, France, Germany and the U.K. — can demand sanctions be reimposed automatically if they believe Iran has committed substantial violations. No country can veto such a move.
Russia and China contend that the U.S. gave up its right to reimpose the sanctions when it withdrew from the deal. That view is shared by others on the council, and even by John Bolton, the hawkish former national security adviser.
The U.S., on the other hand, claims it has the right to initiate the snapback mechanism because it is a party to the Security Council resolution that endorsed the nuclear deal and included the snapback mechanism.
The European signatories, who have tried desperately to save the nuclear deal, also oppose the U.S. move.

How it works: Pompeo is expected to arrive in New York on Thursday and present formal letters to the UN secretary-general and the UN ambassador from Indonesia, who holds the Security Council’s rotating presidency.

The letter will then be circulated to other members, beginning a 30-day consultation period.

What to watch: Israeli officials and Western diplomats both say they expect a major diplomatic crisis over those 30 days.

If any member of the Security Council submits a resolution to stop the snapback move, the U.S. will be able to veto it.
U.S. officials believe that the renewal of international sanctions will lead Iran to withdraw from the nuclear deal — and likely make it impossible for Democratic nominee Joe Biden to put the deal back together if he wins in November.
Israeli officials were notified on Monday that the Trump administration intended to submit the official complaint on Thursday.

The latest: “When the United States entered into the Iran deal, it was clear that the United States would always have the right to restore the UN sanctions that would prevent Iran from developing a nuclear weapon,” Trump claimed in a press conference on Wednesday.

*** UN crisis looms as US readies demand for Iran sanctions ...

For background and context:

In May of 2020 –

State Dept: The 13-year-old arms embargo on the Iranian regime will expire in October. The embargo was created by the United Nations Security Council but is scheduled to end because of the 2015 Iran nuclear deal, leaving the world’s foremost state sponsor of terrorism and anti-Semitism free to import and export combat aircraft, warships, submarines and guided missiles. To prevent this, the Security Council must pass a resolution to extend the arms embargo. If this effort is defeated by a veto, the Trump administration is prepared to exercise all legally available options to extend the embargo.

We face this circumstance because the Obama administration acceded to Iran’s demand that the U.N. embargo end in the fifth year of the deal. It is only one of many restrictions on Iran scheduled to expire over time. President Obama hoped concessions would moderate the regime’s behavior. “Ideally,” he said in 2015, “we would see a situation in which Iran, seeing sanctions reduced, would start . . . re-entering the world community [and] lessening its provocative activities.”

Instead, Iranian provocations accelerated under the nuclear deal. Emboldened by repeated diplomatic wins and flush with cash, the Iranian regime increased its ballistic-missile testing and missile proliferation to terrorist proxies. Iran built out a “Shiite crescent” in Syria, Iraq, Lebanon, Bahrain and Yemen, arming its proxies to the teeth.

The U.S. and partners have used the arms embargo to disrupt Iran’s sending advanced weaponry to terrorists and militants. This diplomatic tool has rallied the international community to interdict and inspect weapons shipments, building global condemnation of Iranian violations.

Among many examples, on Feb. 9, a U.S. Navy ship interdicted a ship attempting to smuggle Iranian weapons to Houthi rebels in Yemen. American sailors found 150 antitank guided missiles, three surface-to-air missiles, and component parts for unmanned explosive boats.

Iran’s President Hassan Rouhani sees a bright future when the embargo lapses. In November 2019, he said: “When the embargo . . . is lifted next year, we can easily buy and sell weapons.” He went on to hail the provision as a “huge political success” for Iran.

Kerry: Agreement on Iran issue only alternative to force ... John Kerry/Wendy Sherman negotiators of JCPOA

The regime plans to upgrade Iran’s aging air force, improve the accuracy of its missiles, and strengthen its ability to strike ships and shoot down aircraft. Iran’s Islamic Revolutionary Guard Corps—a terrorist group with a long history of targeting and killing Americans—could then reverse-engineer technologies in these systems for domestic weapons production and export.

Iranian weapons already put American and allied troops in the region under threat and endanger Israel. Letting the arms embargo expire would make it considerably easier for Iran to ship weapons to its allies in Syria, Hamas in Gaza, and Shiite militias in Iraq.

Mr. Rouhani understands the stakes. Last week he appeared on Iranian television to declare that “Iran will give a crushing response if the arms embargo on Tehran is extended.” This threat is designed to intimidate nations into accepting Iran’s usual violent behavior for fear of something worse.

The Security Council must reject Mr. Rouhani’s extortion. The U.S. will press ahead with diplomacy and build support to extend the embargo. We have drafted a resolution and hope it will pass. Russia’s and China’s interests would be served by a “yes” vote—they have more to gain from Mideast stability than from selling weapons to Iran for its sectarian wars.

If American diplomacy is frustrated by a veto, however, the U.S. retains the right to renew the arms embargo by other means. Security Council Resolution 2231 (2015) lifted most U.N. sanctions but also created a legal mechanism for exclusive use by certain nations to snap sanctions back. The arms embargo is one of these sanctions.

Mr. Obama explained how “snapback” works in 2015: “If Iran violates the agreement over the next decade, all of the sanctions can snap back into place. We won’t need the support of other members of the U.N. Security Council; America can trigger snapback on our own.” As of today, Iran has violated the nuclear deal at least five times.

The Trump administration’s preferred strategy is for the Security Council to extend the arms embargo while the U.S. continues to apply maximum economic pressure and maintains deterrence against Iranian aggression. Nearly 400 House members, an overwhelming bipartisan majority, have signed a letter backing Secretary of State Mike Pompeo’s diplomacy to extend the arms embargo. Iran certainly hasn’t earned the right to have it lifted. One way or another, the U.S. will ensure it remains in place against the violent and revolutionary regime in Tehran.

Now they Want a Trump Crimes Commission

Posted on August 19, 2020August 19, 2020 by Denise Simon

Yup, both Congressman Eric Swalwell and Joy Reid of MSNBC are calling for a post Trump presidency Crimes Commission. Be careful what you ask for considering the work being done by AG Barr, John Durham and John Bash, not to mention the work of Senators Graham and Johnson. Timing is everything is Washington DC….lots to still be revealed. This comes on the heels of the Senate Intelligence (bi-partisan) report on Russia and the Trump campaign. Betcha, as Joy Reid refers to it, she hardly read it at all.

You gotta wonder if Reid or Swalwell have even considered ALL the crimes of the Obama administration or just a few of the Biden family clan….those from say Iraq or Ukraine or China.

How about this –>

The “U.S.-China Strong” group was founded to continue two Obama-era initiatives known as “100,000 Strong” and “1,000,000 Strong,” both of which sought to increase the number of Americans studying in China and introduce China-focused curricula into American schools.

The programs were promoted by the Obama-Biden administration despite valid concerns over Chinese Communist Party (CCP) sanctioned espionage, intellectual property theft, and propaganda.

Repeatedly praised by then-Vice President Biden, the initiative is no longer able to tap into U.S. tax dollars and now collaborates with a host of CCP-linked – and in some cases wholly-owned – entities including the Bank of China and Confucius Institutes. More here.

Joe Biden to Authoritarian Chinese President: U.S. Only ... source

But read on…

The Blaze reports: MSNBC host Joy Reid floated the idea of a potential future Biden administration establishing a “Trump Crimes Commission” to investigate President Donald Trump’s actions while in office — and perhaps even during his campaign, Mediaite reported.

Such a move would be unprecedented in American politics, as it is a longstanding norm that successors do not use their authority to investigate former political opponents.

Reid, an outspoken Trump critic, made the suggestion Tuesday night while discussing the final release of the bipartisan Senate report on Russian interference in the 2016 election with former Obama deputy national security adviser Ben Rhodes.

“It strikes me in just reading through this that Paul Manafort did to the United States what he had previously done to Ukraine,” Reid said. “He had messed with their elections in the past in order to put a [Russian President Vladimir] Putin puppet in charge. And now you have a president who is ruminating apparently on meeting with Vladimir Putin in New York, has talked about putting him back in the G7, and seems to be doing everything — you know, if there was a Christmas list that Vladimir Putin would have put together, it couldn’t have gotten any better than what Donald Trump is doing.

Reid is not the first to float such an idea. Journalist Andrew Feinberg and MSNBC legal analyst Glenn Kirschner have also called for a crimes commission to be empaneled, along with Democratic Rep. Eric Swalwell of California.

I don’t say this lightly: when we escape this Trump hell, America needs a Presidential Crimes Commission. It should be made up of independent prosecutors who look at those who enabled a corrupt president. Example 1: Sabotaging the mail to win an election. #SaveThePostOffice

— Rep. Eric Swalwell (@RepSwalwell) August 14, 2020

Rhodes, in response to Reid’s prompting, essentially agreed with the proposition but with a few caveats about how it would look and how it should be executed.

“There is no question in my mind, Joy, that there has to be an accountability process if Joe Biden wins, to protect the integrity of our democracy,” he said. “It’s not about getting revenge. It’s not about going after political opponents. That’s what Donald Trump does. It’s about sending a message that if you collude with, facilitate, coordinate with a foreign adversary and hacking private materials and releasing them that there are going to be consequences.”

He added: “We cannot just say we’re going to turn the page. We have to deal with this as a country. And so I really think it’s essential that we have some accountability process if Joe Biden wins the election.”

Hat tip to NSA FBI for Cracking Drovorub

Posted on August 14, 2020August 14, 2020 by Denise Simon

The National Security Agency and the FBI are jointly exposing malware that they say Russian military hackers use in cyber-espionage operations.

Hackers working for Russia’s General Staff Main Intelligence Directorate’s 85th Main Special Service Center, military unit 26165, use the malware, which the Russians themselves call “Drovorub,” to target Linux systems, the NSA and FBI said Thursday in a detailed report.

The hackers, also known as APT28 or Fancy Bear, allegedly hacked the Democratic National Committee in 2016 and frequently target defense, government, and aerospace entities. The Russian military agency is also known as the GRU.

FBI e NSA descobrem novo malware Linux chamado Drovorub ...

While the alert does not include specific details about Drovorub victims, U.S. officials did say they published the alert Thursday to raise awareness about state-sponsored Russian hacking and possible defense sector vulnerabilities. The disclosure comes just months before American voters will conduct a presidential election.

“Information in this Cybersecurity Advisory is being disclosed publicly to assist National Security System owners and the public to counter the capabilities of the GRU, an organization which continues to threaten the United States and U.S. allies as part of its rogue behavior, including their interference in the 2016 U.S. Presidential Election,” the NSA and FBI said in the report.

The U.S. intelligence community has assessed that multiple foreign governments may “seek to compromise our election infrastructure.” It was not clear if the Russian hackers were using Drovorub malware in any ongoing interference efforts related to the 2020 presidential elections.

The NSA and FBI urged national security personnel, including the U.S. Department of Defense, to be on the alert for Drovorub attacks.

“The malware represents a threat because Linux systems are used pervasively throughout National Security Systems, Department of Defense, and the Defense Industrial Base,” the statement said. “All stakeholders should take action as appropriate.”

The announcement comes nearly one year after the NSA stood up a new cybersecurity directorate aimed at sharing more adversary threat intelligence with the public, and in recent weeks the NSA has worked to expose a spate of Russian campaigns, including Russian hackers’ efforts to target coronavirus research.

Senior Vice President of Intelligence at CrowdStrike, Adam Meyers, told CyberScoop the release shows these hackers are not easily deterred.

“Most importantly it demonstrates that FANCY BEAR has more tools and capabilities that are still being identified. This actor didn’t pack up and go home, they still have tricks up their sleeve,” Meyers told CyberScoop, adding that the news should raise alarm bells about Linux security. “Another important take away is that Linux is an area that organizations need to keep in mind from a malware perspective, many have not invested in similar security tools for this platform as they have for user platforms.”

Attacks employing Drovorub may be linked with previous Russian military efforts against connected devices, according to the NSA and the FBI. An APT28 attack that Microsoft security researchers identified last year against devices such as an office printer or a VOIP phone, for instance, was linked with an IP address that has also been used to access the Drovorub command and control IP address, the NSA and FBI said.

In such attacks, the hackers appeared interested in exploiting so-called internet of things devices in order to gain access to broader networks, other insecure accounts, and sensitive data, according to Microsoft.

The joint NSA and FBI release also has the effect of alerting the Russian government that U.S. officials are capable of tracking some of their work. The 780th Military Intelligence Brigade, which currently works with the Pentagon’s offensive cyber arm, Cyber Command, tweeted information out about the malware, and tagged a state-funded media outlet, RT, to flag the news for them.

The Drovorub malware consists of several components, the NSA and the FBI said, including an implant, a kernel module rootlet, a file transfer tool, and an attacker-controlled command and control server.

“When deployed on a victim machine, the Drovorub implant (client) provides the capability for direct communications with actor-controlled C2 infrastructure; file download and upload capabilities; execution of arbitrary commands as ‘root’; and port forwarding of network traffic to other hosts on the network,” the NSA and FBI said.

More detail for zdnet:

“Technical details released today by the NSA and FBI on APT28’s Drovorub toolset are highly valuable to cyber defenders across the United States.”

To prevent attacks, the agency recommends that US organizations update any Linux system to a version running kernel version 3.7 or later, “in order to take full advantage of kernel signing enforcement,” a security feature that would prevent APT28 hackers from installing Drovorub’s rootkit.

The joint security alert [PDF] contains guidance for running Volatility, probing for file hiding behavior, Snort rules, and Yara rules — all helpful for deploying proper detection measures.

Some interesting details we gathered from the 45-page-long security alert:

The name Drovorub is the name that APT28 uses for the malware, and not one assigned by the NSA or FBI.
The name comes from drovo [дрово], which translates to “firewood”, or “wood” and rub [руб], which translates to “to fell”, or “to chop.”
The FBI and NSA said they were able to link Drovorub to APT28 after the Russian hackers reused servers across different operations. For example, the two agencies claim Drovorub connected to a C&C server that was previously used in the past for APT28 operations targeting IoT devices in the spring of 2019. The IP address had been previously documented by Microsoft.

Warnings of Ransomware Affecting Elections

Posted on August 13, 2020August 13, 2020 by Denise Simon

According to an intelligence report issued by the Department of Homeland Security, one of the top 2020 election security concerns is ransomware. A report entitled “Cybercriminals and Criminal Hackers Capable of Disrupting Election Infrastructure”, echos concerns CISA head Chris Krebs articulate at the Black Hat security conference in early August.

Department of Homeland Security fears 'ransomware' attacks ... source

The FBI and Department of Homeland Security have issued advisories to local governments, including recommendations for preventing attacks.

“From the standpoint of confidence in the system, I think it is much easier to disrupt a network and prevent it from operating than it is to change votes,” Adam Hickey, a Justice Department deputy assistant attorney general, said in an interview.

US officials state that election interference will not be tolerated. They are proactively working with social media companies, among other groups, to help safeguard the elections.

In addition, the US Department of State’s “Rewards for Justice” program is offering a 10M to anyone who can provide information about foreign interference. The Department of State has reached out to targeted individuals in Iran soliciting information.

US officials are interested in identifying individuals who aim to disrupt campaigns, meddle with election infrastructure, and who pose threats to election officials. This is the third major “Rewards for Justice” initiative this year. More here.

***

“We’re seeing state and local entities targeted with ransomware on a near daily basis,” said Geoff Hale, a top election security official with Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Steps taken to improve security of voter registration systems after the 2016 election could help governments fend off election-related ransomware attacks. They’ve also acted to ensure they can recover quickly in the event of an attack.

Colorado, for example, stores redundant versions of its voter registration data at two separate secure locations so officials can easily shift operations. Backups are regular so the system can be quickly rebuilt if needed.

Even so, ransomware is an added concern for local election officials already confronting staffing and budget constraints while preparing for a shift from in-person voting to absentee balloting because of the pandemic.

In West Virginia, state officials are more concerned about the cyberthreat confronting its 55 county election offices than a direct attack on the statewide voter registration system. One click from a county employee falling victim to a spearphishing attack could grant a hacker access to the county network and eventually to election systems.

“I’m more worried that those people who are working extra hours and working more days, the temporary staff that may be brought in to help process the paperwork, that all this may create a certain malaise or fatigue when they are using tools like email,” said David Tackett, chief information officer for the secretary of state.

In states that rely heavily on in-person voting and use electronic systems to check in voters, a well-timed attack particularly during early voting could prevent officials from immediately verifying a voter’s eligibility, making paper backups critical.

For states conducting elections entirely by mail, including Colorado, an attack near Election Day may have little effect on voting because ballots are sent early to all voters, with few votes cast in-person. But it could disrupt vote-tallying, forcing officials to process ballots by hand.

In many states, local officials will face an influx of new ballot requests. That means they’ll need constant access to voter data as they handle these requests. An attack could cause major disruptions.

Hickey said he was unaware of ransomware attacks directly targeting election infrastructure. But local election offices are often connected to larger county networks and not properly insulated or protected.

A criminal targeting a county or state “may not even know what parts of the network they got into,” Hickey said. But as the malware creeps along and spreads, “what gets bricked is the entire network — and that includes but is not limited to election infrastructure.”

Even if election infrastructure isn’t directly targeted, there would likely be immediate assumptions it was, said Ron Bushar of the FireEye cybersecurity company.

A February advisory issued by the FBI and obtained by The Associated Press recommends local governments separate election-related systems from county and state systems to ensure they aren’t affected in an unrelated attack.

FBI Raids Cleveland and Miami Optima Mgmt Offices

Posted on August 4, 2020August 4, 2020 by Denise Simon

CLEVELAND, Ohio — The FBI on Tuesday raided the Cleveland offices of a company with ties to a Ukrainian oligarch that owns several downtown buildings.

Fderal Bureau of Investigation's evidence response team removes boxes of evidence and computer hard drives from the Cleveland offices of Optima Management Group, August 4, 2020, at the One Cleveland Center building. John Kuntz, cleveland.com

FBI spokeswoman Vicki Anderson said agents searched the offices of Optima Management Group in One Cleveland Center at East 9th Street and St. Clair Avenue. A spokesman for the IRS also said his agency’s investigators were present.

Optima is a conglomerate of companies across the United States that has interests in real estate in Cleveland, including One Cleveland Center, the 55 Public Square building and the Westin Cleveland Downtown. Its offices are visible from an entrance and windows on the side of One Cleveland Center, and on Tuesday multiple agents were seen carrying and moving computers, boxes and other items both inside the office and later as they loaded materials into a van.

Anderson said agents also executed search warrants at an office in Miami.

Federal authorities in Cleveland have been conducting a wide-ranging probe involving Ukrainian oligarch Igor Kolomoisky that has been ongoing for quite some time. Kolomoisky is a principal of the Privat Group, a large Ukrainian business company, and principals of the company are also part of Optima.

Ukraine Billionaire Igor Kolomoisky Investigated For Money ... source

Optima had a much larger presence in Cleveland about a decade ago when it bought several buildings under the leadership of executive Chaim Schochet. Its presence in Northeast Ohio has dwindled in recent years.

Optima also controlled Warren Steel Holdings, a mill northwest of Youngstown that closed in 2016.

Kolomoisky and a fellow Ukrainian billionaire formed PrivatBank in the early 1990s. It became one of the Ukraine’s key financial institutions, according to Forbes. The Ukrainian government nationalized the bank in 2016 after an investigation suggested there was large-scale fraud over a decade-long period, Forbes reported.

The financial news outlet places Kolomoisky’s net worth at about $1 billion. He remains a complicated political figure in his home country. He is a former governor of Ukraine’s Dnipropetrovsk region.

Published reports said that Kolomoisky had refused to set up a meeting with President Donald Trump’s ally Rudy Giuliani and Ukrainian President Volodymyr Zelensky in an attempt to dig up dirt against Democratic presidential nominee Joe Biden last year.

Kolomoisky’s attorney Michael Sullivan declined comment.

The Daily Beast reported that the U.S. Attorney’s Office in northern Ohio and FBI are involved in a wide-ranging probe that involves Ihor Kolomoisky and whether he committed financial crimes, including money laundering. It bases the assertion on three people briefed on the investigation and said the investigation has been under way for some time. The financial news outlet places Kolomoisky net worth at about $1.2 billion. The Daily Beast, citing The Financial Times, said he lives in Tel Aviv and remains a complicated political figure in his home country. He is a former governor of Ukraine’s Dnipropetrovsk region.

***

Just last year, the relationship between the Ukrainian president and the oligarch became a source of controversy when it was revealed that two US business partners running the infamous back-channel campaign in Ukraine to dig up dirt on Joe Biden went to Kolomoisky to set up a meeting between Zelensky and Rudy Giuliani. The meeting ended abruptly when the oligarch refused.

Kolomoisky returned to his native country last year after spending two years in self-imposed exile in the wake of a government takeover of PrivatBank, which he cofounded in the 1990s.

A subsequent investigation by Ukraine regulators found a $5.5 billion shortfall in PrivatBank’s ledgers from what they called “a large-scale and coordinated fraud” that involved the bank’s major shareholders, Kolomoisky and fellow Ukrainian billionaire Gennadiy Bogolyubov. To keep the bank from collapse, the government tapped into taxpayer funds to plug the hole.

Kolomoisky’s attempt to wrest control of PrivatBank has also stirred unrest, especially among lenders like the International Monetary Fund, prompting a vote by Ukraine’s parliament last week aimed at stopping Kolomoisky from taking back the bank.

With the ongoing US grand jury investigation, federal agents have traveled multiple times to Ukraine — including in February — where they met with Riaboshapka and investigators from the National Anti-Corruption Bureau of Ukraine to discuss the case against the 57-year-old oligarch and his partner, BuzzFeed News has learned. In an interview, Artem Sytnyk, director of the anti-corruption bureau, said he’s cooperating with the FBI in an “ongoing investigation,” but declined to give details because of a confidentiality agreement with the FBI. The Justice Department’s international money laundering and kleptocracy team took part in the trip.

For more than a year, federal agents have tracked millions of dollars that were wired into the US from companies owned by Kolomoisky and Bogolyubov to snatch up properties — including four skyscrapers in downtown Cleveland — in a spending spree that began around 2008 and lasted for the next five years, according to court records and a source familiar with the investigation.

In all, $622.8 million was funneled to the companies that were used to buy the real estate, according to the suit.

In addition to Ohio, purchases include a sprawling Motorola factory in Illinois that was shuttered, a 31-story skyscraper in downtown Louisville, and an iconic office complex in Dallas that was once the headquarters of Mary Kay Cosmetics.

Money also went to buy at least a dozen steel and ferroalloys plants across the country — including facilities in Ohio, Kentucky, West Virginia, Illinois, and Michigan — that collectively became major suppliers to the North American steel industry.

The lawsuit claims that many of the purchases were carried out with the help of three Miami investors described as “trusted lieutenants”: Mordechai Korf and Uriel Laber, who held ownership stakes in the real estate, and Korf’s brother-in-law, Chaim Schochet, an executive who ran the properties. At least two of the Cleveland skyscrapers have since been sold, records show.

In a forensic audit done for Ukraine’s top regulatory agency, analysts found 95% of the bank’s corporate lending had been to “parties related to former shareholders and their affiliates.”

Marc Kasowitz, a New York attorney for the Miami investors, said the accusations in the lawsuit “will be shown to be complete fabrications when the evidence in this case comes out.” Kasowitz represented President Trump in the Justice Department’s probe into Russian interference in the 2016 election. “Our clients have earned a well-deserved reputation for honesty and high integrity over the past 20+ years and this lawsuit is nothing more than a fictional orchestrated political attack on an investor in our clients’ businesses.”

Valeria Gontareva, former chair of the National Bank of Ukraine, the nation’s chief regulator, said the level of fraud on the institution was larger than any crime ever perpetrated on a Ukrainian bank. “We called it an expanding universe,” said Gontareva, now a senior policy fellow at the London School of Economics.

Kateryna Rozhkova, first deputy governor of the nation’s regulatory agency, told BuzzFeed News that when the losses were first discovered, “we were simply freaked out and didn’t know what we should do about it.”

The government ordered a sweeping audit of the bank’s finances by Kroll Inc., the New York–based corporate investigative firm, which alleged the scheme was set up to “disguise the origin and destination of loan funds” with the help of employees in the bank, regulators said.

The larger issue looming in Ukraine is whether Zelensky will allow the National Anti-Corruption Bureau to work with the FBI and carry out its own inquiry and whether the country will extradite Kolomoisky if he is indicted in the US, according to Roman Groysman, a former Florida prosecutor who once lived in Ukraine.

“Is [President Zelensky] going to pressure the National Anti-Corruption Bureau and the prosecutor general to thwart the possibility of extradition — that’s the question,” said Groysman. “Or is he going to remain neutral and let them do their jobs? That’s the best thing he could do.”

He said NABU was set up at the request of the IMF with the help of the US and European Union to investigate corruption in Ukraine. It’s supposed to be impervious to political pressure.

“If it’s finally allowed to operate as an independent investigative agency and do what it was supposed to do without undue political interference, then maybe that’s a signal. If not, then it’s going to be the same thing we have always seen.” More here.