ARTICLE
19 February 2025

OFSI Publishes First Financial Sanctions Threat Assessment

SJ
Steptoe LLP

Contributor

Steptoe LLP logo
In more than 100 years of practice, Steptoe has earned an international reputation for vigorous representation of clients before governmental agencies, successful advocacy in litigation and arbitration, and creative and practical advice in structuring business transactions. Steptoe has more than 500 lawyers and professional staff across the US, Europe and Asia.
Explore Firm Details
On February 13, 2025, HM Treasury's Office of Financial Sanctions Implementation ("OFSI") published the Financial Services Threat Assessment (the "Assessment"), the first in a series of sector-specific assessments surveying trends in the UK's financial sanctions landscape and identifying threats to compliance.
United States International Law
Alexandra Melia

On February 13, 2025, HM Treasury's Office of Financial Sanctions Implementation ("OFSI") published the Financial Services Threat Assessment(the "Assessment"), the first in a series of sector-specific assessments surveying trends in the UK's financial sanctions landscape and identifying threats to compliance. The Assessment's purpose is to aid businesses in identifying and prioritizing sanctions risks as part of their risk-based sanctions compliance efforts. The Assessment focuses, in particular, on threats to sanctions compliance relating to transactions handled by banks and non-bank payment service providers ("NBPSPs") arising out of the unprecedented expansion of financial sanctions following Russia's invasion of Ukraine in February 2022. However, many of the insights in the Assessment will be of broader relevance to businesses when developing, reviewing, and enhancing their sanctions compliance controls.

Key Trends in Suspected Sanctions Breach Reports

Since February 2022, 87% of the sanctions breach reports OFSI has received from UK financial services firms have related to the UK's Russia sanctions regime. The remaining reports have related to the Belarus, Iran, Libya, and North Korea regimes.

The Assessment also states that slightly over 25% of suspected breach reports submitted to OFSI by UK financial services firms since February 2022 have referenced intermediary jurisdictions used by Russia regime designated persons to structure their interests, including their ownership and control of assets. The jurisdictions that have featured most frequently in suspected breach reports to OFSI are: (i) British Virgin Islands ("BVI"); (ii) Cyprus; (iii) Switzerland; (iv) United Arab Emirates ("UAE"); (v) Guernsey; (vi) Luxembourg; (vii) Austria; and (viii) Türkiye. The Assessment identifies a shifting pattern over time. The BVI, Switzerland, and Cyprus were predominant in reporting during 2022 and 2023, with reports involving Guernsey, Isle of Man, Türkiye, and the UAE increasing over time. By the first quarter of 2024, the Assessment identified the UAE, Luxembourg, Cayman Islands, and Cyprus as the countries most frequently included in the suspected breach reports received by OFSI.

Breach reports received by OFSI have also identified specific activities associated with particular intermediary countries that could be indicators of UK sanctions breaches, including:

  • the provision of non-resident banking (g., Austria, Switzerland, Türkiye);
  • enabler activity (g., Austria, Cayman Islands, Cyprus, Türkiye, UAE);
  • use of complex corporate structures, including trusts or involving offshore companies (g., BVI, Cyprus);
  • the establishment of new companies that appear to be copies of companies recently closed down in other jurisdictions (g., UAE);
  • networks involved in money laundering or the processing of UK designated persons' funds (g., BVI, Switzerland, UAE);
  • involvement in the ownership or transfer of assets (g., BVI, Cyprus, UAE);
  • offshore account payments (g., Cayman Islands);
  • the maintenance and crewing of superyachts owned or controlled by UK designated persons (g., Türkiye); and
  • transactions involving cryptoassets (g., Austria, UAE).

Businesses should consider, among other factors, the involvement of intermediary jurisdictions or any of the foregoing activities, as well as any other warning flags of sanctions breaches, when conducting due diligence and assessing the sanctions risks associated with particular transactions.

The Assessment also indicates that some UK financial services firms, including NBPSPs, are failing to (timely) self-disclose all suspected breaches of UK financial sanctions to OFSI, with approximately 82% of reporting between January 2022 and March 2024 coming from banks and NBPSPs. Only around 4% of reports were made by insurance companies.

Strengthening Financial Sanctions Compliance by UK Financial Services Firms

The Assessment identifies four areas where UK financial services firms may wish to consider strengthening their compliance efforts. First, improper maintenance of frozen assets as a result of insufficient oversight, particularly in connection with debits from accounts held by designated persons in connection with the automatic renewal of insurance policies and other contracts. Second, breaches of specific and general OFSI licensing as a result of transactions occurring after licence expiry, use of bank accounts not specified in the licence, or failure to comply with licence reporting requirements. Third, the identification of entities that are owned by UK designated persons (e.g., subsidiaries owned by Russian conglomerates that are themselves designated, or majority owned by an individual designated person, or Russian banks opening subsidiaries in intermediary countries). Fourth, the identification of UK nationals or entities in transactions that give rise to a UK nexus to enable the proper scrutiny of suspicious transactions (especially where differences exist between UK, US, and EU sanctions targeting a particular person or transaction).

Use of Enablers by Designated Persons

The Assessment identifies significantly increased usage of new enablers by UK designated persons since 2023. OFSI has identified the involvement of enablers with varying levels of culpability in sanctions breaches, ranging from complicity, to willful blindness, and those that are unwittingly involved in sanctions breaches. While professional enablers associated with wealth management and financial advisory services remain active, OFSI has observed an increase in new types of professional enablers such as small companies providing services related to ultra-high-net-worth lifestyles that have relationships with designated persons that likely predate designation.

A growth in the activity of non-professional enablers associated with designated persons such as family members (particularly children, spouses, ex-spouses, or relatives in-law), business associates, or other proxies has also been discerned by OFSI. While sharing the aims of professional enablers, the Assessment notes that non-professional enablers often employ less sophisticated methods to achieve their goals.

OFSI has also identified the following three categories of enabler activity from the suspected breach reports it has received:

  • making payments to maintain a designated person's lifestyle and assets;
  • fronting on behalf of a designated person to claim ownership or control over frozen assets; and
  • involvement in money laundering to provide designated persons with liquidity, including through the use of alternative payment methods such as cryptoassets.

Maintaining Lifestyles and Assets

The Assessment identifies an increased use of professional and non-professional enablers by designated persons to make payments to maintain their lifestyle or assets, including payments relating to superyachts, concierge and personal security services, property management services, school fees, and high value goods. Businesses should be alert to the following warning flags, which could potentially indicate the involvement of an enabler in a transaction:

  • a new person makes payments to meet an obligation previously met by a designated person;
  • individuals associated with a designated person receive funds of significant value without adequate explanation;
  • frequent payments are made between companies owned or controlled by a designated person;
  • attempts to deposit large sums of cash are made without adequate explanation;
  • cryptoasset to fiat transactions (or vice-versa) are undertaken involving a designated person's family members or associates; or
  • family members of a designated person who are additional cardholders on a purchasing card regularly use the card for personal expenses and overseas travel.

Areas responsible for persistent reports to OFSI of suspected sanctions breaches under the UK's Russia sanctions regime are payments related to superyachts (e.g., payments to yacht crew / staff for the continued crewing and maintenance of the vessel) and UK residential properties believed to be owned or controlled by designated persons. These payments are most often associated with professional enablers and the use of opaque ownership and control structures.

Fronting

The Assessment identifies a trend of professional enablers attempting to front on behalf of designated persons to claim ownership of their frozen assets, which are often of significant value. OFSI has observed the deployment of this strategy by enablers presenting as a legitimate businessperson unconnected to a designated person who claim to be the owner of the particular frozen asset, especially when the ownership or control of the asset is unclear as a result of insolvency, complex corporate structures, or where significant liquidity is involved. These enablers often are likely to have established links to the designated person or country targeted by sanctions, which they may seek to conceal.

OFSI has identified the following warning flags in relation to persons acting as a front for designated persons, which businesses should consider as triggers for enhanced due diligence:

  • individuals with limited public profiles, including those with little relevant professional experience;
  • inconsistencies in the spelling of names or transliterations;
  • recently acquired citizenship outside the country targeted by sanctions, including from countries operating so-called "golden visa" schemes; or
  • frequent or unexplained changes of name or declared location of operation.

Use of Alternative Payment Methods

The use of alternative payment methods by enablers is identified in the Assessment as a potential means of breaching UK financial sanctions. Building on the findings of Operation Destabilise, the National Crime Agency's recent Russian money laundering investigation, OFSI identifies the exchange of high value cryptoassets for fiat (and vice-versa) as a potential warning flag that financial services businesses should be attuned to.

Conclusion

The Assessment provides additional clarity to businesses on some of the typologies currently evident in suspected UK financial sanctions breaches, as well as the warning flags that OFSI expects businesses to be alert to in designing and implementing their sanctions compliance programmes. While the guidance is primarily targeted at UK financial institutions, much of the Assessment has broader applicability to businesses whose activities expose them to sanctions risk. Companies that are required to comply with UK sanctions should review their existing financial sanctions compliance programme in light of the Assessment to identify any necessary enhancements to policies, procedures, and controls. For more information on these developments and their implications, contact the author of this post,Alexandra Melia, in Steptoe's Economic Sanctionsteam in London.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Alexandra Melia
Alexandra Melia
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More