Skip to content
You can now search across every topic, entity and event.What's new
European Tech Sovereignty
17MAY

US hits Iran defence procurement ring

4 min read
14:28UTC

OFAC designated eight people and five companies on 29 May for impersonating US firms to smuggle bug-detecting hardware to Iran's military, the same week Trump withheld his signature from the war-ending deal.

TechnologyDeveloping
Key takeaway

Treasury signed coercion against Iran's defence supply chain the same week it withheld the war-ending deal.

OFAC, the US Treasury's Office of Foreign Assets Control, designated eight people and five companies on 29 May for a scheme that impersonated American small businesses to defraud US technology vendors and supply Iran's military. 1 The target was a procurement ring run for SAIRAN, Iran's state-owned military-electronics manufacturer that operates procurement under the SAAFTA trading name, a firm controlled by MODAFL, Iran's Ministry of Defence and Armed Forces Logistics. The goods were spectrum analysers and non-linear junction detectors: the equipment a counter-surveillance unit uses to sweep a room for hidden microphones.

Ali Majd Sepehr set up domains posing as real US companies and tricked dozens of American IT vendors into shipping hardware, then re-routed it through two Dubai fronts, Green Light Computer Co LLC and Al Kawther Neon LLC, into Iran. 2 A Rome-based dual Iranian-Italian national, Saeid Zahedi, ran the money through a US financial account to pay for domain registration. That US account and the vendor fraud move the case from sanctions evasion, an administrative matter, into wire fraud, a federal crime. The FBI Los Angeles field office and the Commerce Department co-ordinated the action, and the State Department posted a $15 million Rewards for Justice bounty on IRGC financial networks. 3

This was OFAC's third distinct Iran track in two weeks. Previous rounds hit the Persian Gulf Strait Authority and more than 50 shipping entities , and the Hengli refinery licence lapsed without guidance . This one reaches the defence-electronics supply chain instead. The non-linear junction detectors named are TSCM-grade tools, the kit a service uses to find listening devices, suggesting MODAFL is hardening internal security after losing senior commanders to strikes inside a single week. A mid-tier procurement designation reads as routine Treasury housekeeping on its own. Paired with Bessent's sanctions threat against Oman the same week, it reads as a maximum-pressure pattern timed to the unsigned memorandum.

Deep Analysis

In plain English

Iran's military wanted specialised scanning equipment that can detect hidden microphones and surveillance bugs. US export law bans selling that equipment to Iran, so a network of people set up fake websites pretending to be American businesses, tricked real US technology companies into shipping the hardware, then rerouted it through Dubai into Iran. America's Treasury Department (OFAC, its sanctions bureau) named eight people and five companies involved in the scheme on 29 May. One of them, Saeid Zahedi, lived in Italy but used a US bank account to pay for the fake domain names, which gives American courts the right to prosecute him under federal wire-fraud law. The FBI's Los Angeles field office is leading the criminal investigation. The US government also offered $15 million to anyone who provides information on IRGC financial networks.

Deep Analysis
Root Causes

MODAFL's requirement for Western-manufactured spectrum analysers and non-linear junction detectors reflects a gap Iran's domestic defence industry cannot close. Spectrum analysers from US vendors (Keysight, Tektronix) operate at sensitivities and frequency ranges that Chinese and Russian equivalents do not match for counter-surveillance applications. SAIRAN's procurement need is therefore structurally locked to Western supply chains, which creates the vulnerability OFAC exploited.

The use of identity impersonation rather than traditional front-company purchase orders reflects a specific adaptation to tightened post-2019 Know Your Customer requirements on US IT vendors.

OFAC's 2019 advisory warned vendors about Iranian end-users; SAIRAN's response was to impersonate the US vendors themselves rather than create new intermediary entities. Saeid Zahedi's Italy-based US-account use is the residual Western financial-system footprint that conventional procurement through UAE fronts alone would have avoided.

What could happen next?
  • Risk

    Federal wire-fraud charges against Saeid Zahedi create extradition exposure for dual nationals with EU residency inside OFAC networks, potentially deterring European-based nodes in future procurement rings.

  • Precedent

    OFAC's simultaneous use of sanctions designation and criminal referral for the same network sets a template for parallel-track enforcement against Iranian procurement rings that US allies may follow.

First Reported In

Update #112 · Treasury opens a second Iran sanctions front

US Department of the Treasury· 30 May 2026
Read original
Different Perspectives
United States (Google/Alphabet)
United States (Google/Alphabet)
Alphabet lost its final Android appeal on 2 July with no further court to hear it, a result its Computer and Communications Industry Association allies frame as precedent, not deterrence, since the €4.1bn fine changed nothing about Google's Play Store terms across eight years of litigation.
UK Department for Science, Innovation and Technology
UK Department for Science, Innovation and Technology
DSIT opened its £96m second Sovereign AI wave on 3 July, switching from April's equity stakes to fixed-price contracts because Britain has no domestic hyperscaler or Bpifrance-style lender to fund capacity another way. It is betting on buying outcomes it controls alone rather than joining an EU-wide framework.
German federal government
German federal government
Berlin backed both German deliverables this week, Infineon's fab and Aleph Alpha's merger, but is finding one far harder to close than the other. It wants enforceable protective rights inside Cohere's cap table before the merger closes, a legal instrument the Bundeskartellamt has no filing to review yet.
European Commission
European Commission
The Commission banked a clean CJEU win on the eight-year Android case on 2 July, removing Google's last comparator argument before President von der Leyen rules on the far larger DMA self-preferencing fine due 27 July. Brussels treats Infineon's early Dresden delivery as proof the Chips Act mechanism works, at the node Europe already led.
Bruegel (EU industry sceptics)
Bruegel (EU industry sceptics)
Bruegel economist Mario Mariniello argued the EU sovereignty package mimics US and Chinese strategy while EU cloud providers hold roughly 15% of their home market; using nationality as a proxy for security without fixing the underlying capital and energy gaps that drive the dependency creates €86bn of migration cost without the security benefit it is sold as delivering.
France
France
France published a joint sovereignty definition with Germany at VivaTech and mobilised €13bn under Tibi Phase 3, placing SAP's partnership with Mistral as the working proof that a German enterprise-software giant running a French sovereign model inside public administration is what digital sovereignty looks like in practice.