top of page

Navigating Sanctions Risk - The OFSI Threat Assessment Report


Lighthouse

How does your Sanctions Compliance Framework Stack up to OFSI’s Inaugural Financial Services Threat Assessment?

In February 2025, the UK's Office of Financial Sanctions Implementation (OFSI) released its inaugural Financial Services Threat Assessment Report. This comprehensive report delves into the evolving threats and vulnerabilities within the UK's financial services sector, particularly in the wake of the extensive sanctions imposed following Russia's invasion of Ukraine in 2022.

At the same time, further information is being revealed in the public sphere from multiple sources as analysis and investigations are being conducted into the steps being taken by state, corporate and individual actors seeking to facilitate sanctions circumvention.

Given the uncertainty that has only increased as a result of the Trump Administration’s approach towards Russia and Ukraine, it is more crucial than ever that organisations have taken all necessary steps to understand their sanctions risk exposure, and how well prepared they are to navigate additional complexity over the coming weeks, months, and years.

For everyone involved in sanctions compliance, understanding and responding to these insights is paramount to safeguarding their institutions against sanctions breaches and associated risks. This article examines the key findings of the OFSI report, explores the emerging techniques used to evade sanctions, and outlines recommended actions to enhance compliance frameworks.

 

Key Judgements from the OFSI Report

The OFSI report presents several critical findings that demand attention from those involved in sanctions compliance at UK financial services firms:

  • Escalation in Enabler Activities: Since 2023, there has been a significant increase in individuals and entities assisting Russian designated persons (DPs) in seeking to evade UK financial sanctions. This escalation highlights the growing sophistication of sanctions evasion tactics and the need for enhanced vigilance to look beyond the surface of a transaction.

  • Utilisation of Non-Bank Payment Service Providers (NBPSPs): Enablers have been channelling funds through NBPSPs to sustain the assets and lifestyles of Russian DPs, including luxury assets such as superyachts and UK real estate. This trend underscores the need for comprehensive monitoring across all payment channels.

  • Obfuscation of Asset Ownership: A subset of enablers has attempted to conceal the true ownership of frozen assets by masquerading as legitimate proprietors. This tactic leverages complex corporate structures and nominee arrangements to obscure beneficial ownership.

  • Adoption of Alternative Payment Mechanisms: There is a high likelihood that enablers are leveraging crypto assets to contravene UK financial sanctions related to Russia (and other regimes). The anonymity and decentralized nature of cryptocurrencies pose significant challenges to traditional compliance controls.

  • Engagement with Intermediary Jurisdictions: Activities indicative of potential sanctions violations have been detected in countries such as the UAE and Türkiye, possibly due to the migration of Russian capital to regions not enforcing sanctions against Russia. This highlights the importance of ongoing and updated geographical risk assessments and enhanced due diligence for transactions involving high-risk jurisdictions.

 

Recommended Actions for Assessing and Strengthening your Sanctions Compliance Framework

To effectively mitigate the identified threats, organisations should review and assess their existing policies, procedures, and controls to ensure they are comprehensive, robust, and capable of addressing the evolving risks of sanctions evasion. It is essential to determine whether these measures are not only in place but are also effective in practice. In doing so, institutions should consider reviewing their approach and updating the procedures in place, depending on the risk profile and operating model of their firm, consider incorporating the following elements:

Enhanced Due Diligence (EDD):

To effectively address the complexity of sanctions landscape and the methods used to disguise and evade sanctions, organisations should review the following areas of their due diligence processes:

  1. Know Your Customer (KYC) Procedures:

    • Review and Update KYC Protocols: Ensure that KYC and due diligence procedures are comprehensive, up-to-date, and tailored to the risk profiles of customers (and the products), particularly those with complex corporate structures or connections to high-risk jurisdictions. This includes enhancing verification processes for beneficial owners, intermediaries, and third-party payers. Consider how procedures can be structured to enable enhanced checks considering certain risk triggers and simplified processes in less risky situations. If you delegate or outsource any of these activities, re-confirm what are those third parties doing, and how are you assuring themselves that it is happening effectively.

    • Deep-Dive Risk Assessments: Conduct enhanced risk assessments for high-risk clients, product or transaction types, including politically exposed persons (PEPs), particular goods and services, deal structures and entities linked to sanctioned countries. Are you able to utilise advanced data analytics and open-source intelligence (OSINT) tools to better uncover hidden affiliations and control structures.

  2. Beneficial Ownership Verification:

    • Strengthen Identification Procedures: Confirm that beneficial ownership information is accurate, comprehensive, and up to date. Organisations should require detailed ownership disclosures, especially for entities operating in complex or layered structures. Consider how this occurs in delegated authority and outsourced scenarios, and how you are able to have confidence in the third-party processes.

    • Cross-Verification Techniques: Implement cross-verification techniques using multiple independent sources to validate ownership information and reduce reliance on self-reported data.

Transaction Monitoring and Screening:

To detect and prevent sophisticated evasion techniques, organisations should ensure they have processes for:

  1. Real-Time Monitoring Systems:

    • Implement Advanced Monitoring Systems: Higher risk businesses and business lines should be using real-time monitoring systems that are equipped with machine learning algorithms to detect suspicious transactions, including the use of crypto-assets, intermediary jurisdictions, and high-risk payment patterns.

    • Behavioural Pattern Analysis: Enhance monitoring capabilities with behavioural analytics to identify anomalies that deviate from normal customer activity, enabling early detection of potential evasion tactics. Look to analyse and monitor the behaviours of higher risk enablers and intermediaries whose business model or reputation may be structured to support higher risk customers and transactions.

  2. Review and Update Sanctions Screening & Screening Governance:

    • Automated Sanctions List Updates: Integrate automated updates of global sanctions lists from OFSI, OFAC, EU, and UN, ensuring screening tools are accurate and up to date. This includes capturing variations in spelling, aliases, and other identifiers used in sanctions evasion schemes.

    • Comprehensive Screening: Implement enhanced screening protocols that encompass all counterparties involved in transactions, including intermediaries, facilitators, and ultimate beneficiaries. How is this achieved amongst delegated authorities and third-party outsourcing arrangements, what mechanisms and protocols are in place to provide assurance over the approach and effectiveness of the screening activities undertaken by others on your behalf.

    • Screening Governance: How is the screening framework structured to ensure clear roles and responsibilities are maintained, and how is the framework overseen and assured. When and how is it reviewed for completeness and accuracy, when and how are screening list and system updates implemented in a timely manner. How are screening rules adapted to ensure effectiveness and efficiency, and how is the system and its output reported on to ensure senior management awareness. How are internal governance frameworks translated to delegated authority and outsource arrangements for consistency and accountability.

Risk-Based Approach:

To ensure proportional and effective risk management, organisations should consider the approach that they take towards financial crime risk assessment, and the structure that they use to fully understand the risks that they are exposed to, from both a top down and a bottom-up approach. It is essential to ensure that there is both a holistic overall assessment and a targeted approach to more exposed areas, allowing for greater understanding and controls which can be deployed efficiently and effectively, including:

  1. Financial Crime Risk Assessment Process

    • Enterprise-Wide Risk Assessments: Conduct comprehensive risk assessments of the entire business operation, considering factors such as customer type, geographical exposure, transaction types, and products, as well as regulatory exposure, geo-political vulnerability, and considering methods of distribution and servicing of the business.

    • Business Planning and Strategy: What are the strategic goals of the business over the coming months and years: will it be targeting specific growth areas or markets; will it be closing or retreating from others, opening up distribution via delegation or accepting digital currencies; is it preparing for listing or sale? How will the business be reaching its growth and cost targets; will these create additional financial crime risk exposure and how will the business ensure that its financial crime compliance framework continues to adapt and evolve to the changing risks and profiles.

  2. Customer Risk Profiling:

    • Dynamic Risk Scoring Models: Develop dynamic risk scoring models that adjust customer risk ratings based on real-time data and changes in geopolitical risk factors. Regularly recalibrate models to reflect the latest threat landscapes, enforcement actions, regulatory guidance and publications (e.g. Dear CEO letters).

  3. Product and Service Risk Assessment:

    • Review Product Risk Profiles: Re-evaluate the risks associated with specific products and services, particularly those susceptible to misuse for or linked to common sanctions evasion priorities such as global trade, energy transport and extractive industries, trade in hard to trace assets, and consider non-bank financial products, cryptocurrencies, and trade finance instruments. How can the organisation focus it’s controls to be relevant and effective for the specific products and markets it is providing and servicing.

    • Vulnerability Assessments: Conduct detailed vulnerability assessments on high-risk products and services and seek to design and implement coordinated controls that are effective in mitigating misuse for sanctions evasion.

Staff Training and Awareness:

To build an informed and vigilant workforce, organisations should focus on:

  1. Regular Training Programs:

    • Tailored Training Programs: Develop and deliver training programs tailored to the organisation for employees at all levels to ensure relevant and effective training for the roles that people are completing, including where relevant, a focus on the latest sanctions regulations, evasion techniques, and internal reporting procedures. This should include scenario-based training for high-risk roles.

    • Periodic Testing and Assessments: Implement periodic testing and knowledge assessments to evaluate employee understanding of sanctions compliance requirements and reinforce learning.

  2. Cultivating a Compliance Culture:

    • Leadership Engagement: Foster a corporate culture that emphasises ethical business practices, accountability, and a proactive approach to compliance, driven by leadership engagement and clear communication of compliance expectations.

    • Whistleblower Protection: Encourage employees to report suspicious activities without fear of reprisal by establishing robust whistleblower protection mechanisms and clear reporting channels.

Collaboration and Information Sharing:

To enhance resilience through collective intelligence, organisations should:

  1. Engage with Industry Bodies and Specialist Advisory Groups

    • Proactive Industry Engagement: Seek out and utilise the many industry advisory groups available in your specific sector. Other organisations will be facing many of the same challenges and will be looking to or have already addressed the problems you are facing.

    • Several industries have specialist Sanctions Advisory Groups, who can provide invaluable guidance and support to entities who are seeking to better understand the risks that they are facing and the approaches that are available to organisations to help them implement and manage a sanctions compliance framework.

  2. Engage with Regulatory Bodies:

    • Proactive Regulatory Engagement: Establish and maintain open communication channels with regulatory authorities such as OFSI, OTSI and the FCA to stay informed of emerging threats, enforcement actions, and compliance expectations. OFSI and OTSI continue to position themselves as approachable, responsive and desiring a positive relationship with businesses.

    • Participation in Regulatory Initiatives: Actively participate in regulatory initiatives, industry consultations, and public-private partnerships to contribute to the development of effective sanctions policies and practices.

  3. Comprehensive Regulatory Reporting and Disclosures:

    • Streamlined Reporting Processes: Ensure that processes supporting regulatory reporting and disclosures are complete, accurate, and timely. This includes sanctions reporting, proceeds of crime disclosures, and other relevant regulatory requirements.

    • Training on Disclosure Requirements: Train staff to understand the requirements and importance of comprehensive and effective disclosures, ensuring that reports are meaningful and comply with regulatory expectations. This includes understanding the contents of a comprehensive and useful disclosure.

 

Conclusion

The OFSI's Financial Services Threat Assessment Report serves as a crucial resource for financial institutions aiming to fortify their defences against sanctions evasion. The growing complexity and sophistication of evasion techniques necessitate a proactive and adaptive approach to compliance.

The report, together with other recent publications continues to emphasise the importance of having in place a living and coordinated sanctions compliance framework, that is kept under constant review and can adapt and evolve to the changing internal and external environment. By continuously assessing and enhancing existing policies, procedures, and controls, organisations can better navigate the challenges of the current sanctions landscape, effectively mitigate associated risks, and uphold the integrity of the financial system.

If you would like to discuss any aspect of your own organisation’s approach to sanctions compliance or know more about the various industry advisory groups that exist to help firms navigate compliance in this complex area, please do speak with the author.

 
Andrew Roberts

Andrew Roberts

Managing Director and Founder

Connect with Andrew:

LinkedIn logo - Andrew Roberts profile





Our online tool combines the simplicity of a technology-led solution with the knowledge and expertise our team have built over many years helping firms manage their financial crime risks. Start your assessment now...

bottom of page