OFAC has issued sanctions against entities since the program’s beginning. These entities are responsible for, are complicit in, or have participated in malicious cyber enabled activities, and they have provided technological and material support to cyber actors targeting U.S. organizations. When OFAC issues sanctions, the designated person’s property and interests are blocked, and the U.S. person is not allowed to participate in transactions with the sanctioned entity.
For organizations that are not private companies, the amendments are effective for fiscal years beginning after Dec. 15, 2019, and interim periods within. The amendments are effective for a private company for fiscal years beginning after Dec. 15, 2020, and interim periods within fiscal years beginning after Dec. 15, 2021. Early adoption is permitted, and retrospective application to the earliest period presented is required.