Legal development

OFSI publishes first financial sanctions threat assessment report

By Sophie Law

18 February 2025

Share Share
spiral background
Share

    On 13 February 2025, the UK's financial sanctions authority, the Office of Financial Sanctions Implementation (OFSI), published the first in a series of sector-specific assessments of threats and vulnerabilities relating to UK financial sanctions under the Economic Crime Plan 2

    The first report focusses on financial services, in particular banks (both retail and wholesale) and non-bank payment service providers (including neo or challenger banks) (NBPSPs)1 . However, the report is likely to be of interest to compliance professionals across all sectors as it provides an insight into sanctions evasion typologies and areas where there is a higher risk of breaches.

    The report provides information on suspected sanctions breaches and is intended to assist with prioritisation as part of a risk-based approach to compliance. The content of the report is not necessarily a direct reflection of ongoing OFSI investigations or enforcement activity. However, in the absence of published enforcement activity, it provides an insight into the actual or suspected sanctions breaches known to OFSI. 

    Importance of financial services firms

    The report emphasises the importance of financial services firms as the gatekeepers of financial sanctions compliance. Since February 2022, UK financial services firms have made over 65% of all suspected financial sanctions breach reports, of which 80% were reported by UK banks and NBPSPs.

    Sanctions regimes

    Unsurprisingly, Russia accounted for the vast majority (87%) of suspected breach reports in the period covered by the threat assessment2. The report therefore focusses on that regime. However, the lessons for firms apply equally to all the UK's financial sanctions regimes.

    Other suspected breach reports in that period related to the Libya (8%) and Belarus (1%) regimes. The UK's other financial sanctions regimes, including Iran and DPRK, account for around 4% of reports. 

    OFSI's six 'Key Judgements'

    The report contains six 'Key Judgements' made by OFSI:

    1. It is likely that some UK financial services firms have not self-disclosed all suspected breaches to OFSI.
    2. It is highly likely that most non-compliance by UK financial services firms has occurred due to several common issues, including the improper maintenance of frozen assets and licence conditions breaches.
    3. It is almost certain that Russian designated persons (DPs) have turned to new enablers in their attempts to breach UK financial sanctions prohibitions. OFSI has observed significantly increased enabler activity since 2023.
    4. It is highly likely that enablers have made payments through NBPSPs relating to the maintenance of Russian DPs’ lifestyles and assets, including superyachts and UK residential properties.
    5. It is likely a small number of enablers have attempted to front for Russian DPs and claim ownership of frozen assets.
    6. Enablers have almost certainly used alternative payment methods, in particular crypto-assets, to breach UK financial sanctions prohibitions on Russia.

    Four of the six Judgments focus on 'enablers', i.e. individuals or entities providing services or assistance on behalf of or for the benefit of DPs to breach UK financial sanctions. This underscores the UK's focus on sanctions circumvention and evasion.

    We summarise our key take-aways in respect of each of the Judgements below.

    Judgement 1: It is likely that some UK financial services firms have not self-disclosed all suspected breaches to OFSI

    Breach reporting by UK financial services firms is typically timely. However, OFSI has identified some "substantial delays", and some suspected breaches which are not reported by all firms involved.

    OFSI cautions that it monitors suspected breaches on a sector basis to identify patterns of non-compliance, and it proactively investigates suspected breaches which are not self-disclosed.

    The key message is, therefore, report all suspected breaches to OFSI, and do so swiftly.

    Judgement 2: It is highly likely that most non-compliance by UK financial services firms has occurred due to several common issues

    The report identifies common compliance issues:

    • Improper maintenance of frozen assets, both deliberate and inadvertent. As to the latter, OFSI highlights the dangers of automatic payments taken from accounts held by Russian DPs, for example, contracts which renew automatically.
    • Breaches of OFSI licence conditions, including transactions occurring after licence expiry; bank accounts being used other than those specified in specific OFSI licences; and failures to adhere to licence reporting requirements.
    • Inaccurate ownership assessments, namely failures to identify entities which are directly owned by Russian DPs, in particular subsidiaries owned by Russian conglomerates. Firms should also be alert to Russian DPs establishing new subsidiaries in intermediary countries.
    • Inaccurate UK nexus assessments, including failures to identify the involvement of UK nationals or entities in transactions and the incorrect identification of differences between UK, EU and US sanctions on Russia.

    OFSI also encourages firms to remain alert to non-compliance with the Russian correspondent banking restrictions (in Regulation 17A of the Russia Regulations). Firms should assess their exposure to counterparties which have joined the System for Transfer of Financial Messages (SPFS), the Russian alternative to the SWIFT system.

    Judgement 3: It is almost certain that Russian DPs have turned to new enablers in their attempts to breach UK financial sanctions prohibitions

    The wealth management and financial advisory sectors have traditionally been associated with professional enabler activity. However, OFSI has recently seen increased activity by new groups of professional enablers, as well as non-professional enablers such as friends, family and associates of DPs.

    OFSI identifies three categories of 'enabler' activity:

    • Making payments to maintain DPs’ lifestyles and assets (see Judgement 4);
    • Fronting on behalf of DPs to claim ownership or control of frozen assets (see Judgement 5); and
    • Other money laundering to provide DPs with liquidity, including by using alternative payment methods such as crypto-assets (see Judgement 6).

    Judgement 4: It is highly likely that enablers have made payments through NBPSPs relating to the maintenance of Russian DPs’ lifestyles and assets

    Most enabler activity since 2022 relates to the maintenance of Russian DPs’ lifestyles and assets, including superyachts, properties and school fees. This activity has been carried out by professional enablers (small companies providing services related to ultra-high-net-worth lifestyles with longstanding relationships with DPs) and non-professional enablers (family members and associates).

    The report includes a number of 'red flags' which firms should be alert to, particularly new or unexplained payments to and from those associated with DPs.

    OFSI pays particular attention in the report to payments related to superyachts and UK residential properties, including the continued servicing/maintenance of those assets by enablers. The report contains two case studies which demonstrate the potential issues in these areas. The complex ownership and transaction structures in those examples highlight the due diligence challenges faced by financial services firms. However, the report makes clear OFSI's expectation that financial services firms identify sanctions issues in these scenarios. 

    Judgement 5: It is likely a small number of enablers have attempted to front for Russian DPs and claim ownership of frozen assets

    This involves, for example, an enabler presenting themselves as a legitimate businessperson who is apparently unconnected to a Russian DP claiming to be the owner of frozen assets. This occurs most often where the ownership or control of frozen assets by a Russian DP is unclear, including as a result of insolvency or complex corporate structures. Such enablers will usually have some pre-existing link with the Russian DP.

    The report includes a number of 'red flags' which firms should be alert to, as well as a case study. Again, the complexity of the fact pattern in the case study highlights the very real challenges for firm's due diligence processes. 

    Judgement 6: Enablers have almost certainly used alternative payment methods to breach UK financial sanctions prohibitions on Russia

    The report highlights the link between sanctions non-compliance and money-laundering. It refers to the exposure of a Russian money laundering network in December 2024 (Operation Destabilise) as an example of this. OFSI warns firms to be alert to attempts at money-laundering on behalf of Russian DPs, including high-value transactions involving crypto-assets. 

    Involvement of Intermediary Countries 

    Just over 25% of suspected breach reports from financial services firms have involved intermediary jurisdictions. Interestingly, the report highlights how the prevalence of particular jurisdictions has changed since 2022:

    • Overall, the British Virgin Islands (BVI); Cyprus; Switzerland; United Arab Emirates (UAE); Guernsey; Luxembourg; Austria; and Turkey feature most often.
    • In 2022, the BVI, Switzerland, and Cyprus were referenced most often. 
    • In 2023, there was an increase in reports involving the Isle of Man, Turkey, the UAE, and Guernsey, as well as continued references to the BVI, Cyprus, and Switzerland.
    • In Q1 2024, the UAE featured most, followed by Luxembourg, the Cayman Islands and Cyprus.

    The report contains a list of the specific 'high risk' activities in each jurisdiction. Firms should consider the involvement of intermediary jurisdictions, in particular those referred to above, as part of their due diligence processes.

    The risks arising from involvement of third countries is not limited to financial sanctions, however. Recent guidance published by the Office of Trade Sanctions Implementation (OTSI) on Russian sanctions evasion includes a list of third countries which pose a higher risk of trade sanctions evasion. Compliance professionals should consider both lists for their due diligence processes.

    What should firms do next?

    Whilst much of the report will not be surprising, it offers a valuable insight into the types of suspected breaches which are being reported to OFSI, and how such breaches can arise. Although the report is aimed at the financial services sector, those insights are also likely to be valuable to firms outside the sector.

    Compliance professionals should review the report carefully in order to assess whether their firm's sanctions systems and controls are attuned to the threats and vulnerabilities identified, and make any necessary adjustments.

    OFSI encourages UK financial services firms to conduct lookback exercises to identify any past suspected breaches which might not have been reported, where relevant and proportionate. If a firm identifies any such cases, it should make a report to OFSI. Given the value OFSI places on self-reporting, doing so is likely to lead to a better outcome for the firm than if the breach is discovered by OFSI independently.

    Authors: Tom Cummins, Partner; Andris Ivanovs, Counsel; Sophie Law, Senior Associate

     

    Footnotes

    1. The report does not cover crypto-asset firms, including crypto-asset exchanges.
    2. It covers information reviewed by OFSI from between January 2022 and March 2024.

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.

    Key Contacts