A Week of Sanctions: how should firms respond?

It has been a fast-moving week for the world and the main pillar of the international response in relation to the Ukraine Russian crisis has been the imposition of strict sanctions against Russian and Russian-linked businesses and individuals by jurisdictions around the world. The UK Government has been particularly active in this respect. All of this means that financial services companies must, as a priority, screen customers and third parties to ensure their sanctions compliance is up to date.

What are sanctions?

Let’s start with the UK’s Sanctions List. It is the source which prescribes which people, entities and ships are designated or specified under regulations made under the Sanctions and Anti-Money Laundering Act 2018 – and why. It is updated regularly and maintained on the government’s website.

In the UK, HM Treasury implements and enforces financial sanctions through the Office of Financial Sanctions Implementation (OFSI). OFSI maintains two lists of those subject to financial sanctions:

• The Consolidated List of Asset Freeze Targets. This lists all asset freeze targets listed under UK autonomous financial sanctions legislations and UN sanctions; and
• The list of persons named in relation to financial and investment restrictions, which is a separate list of those subject to specific capital market restrictions.

There are different sanctions regimes at different levels of government. The United Nations (UN) puts in place sanctions that its member states are required to implement into their own country lists. The US sanctions regime has also been changed dramatically in response to the Russian government’s invasion of Ukraine. The US administers its sanctions programmes through the Office of Foreign Assets Control (OFAC).

Why are shifting sanctions a challenge for financial firms?

Regulators expect companies to screen their clients and third parties against sanctions lists, and firms face punishments if they are found to be in breach. But there are two challenges to firms’ efforts to comply with sanctions requirements:

1. The frequency of changes
   Sanctions listings are under constant review with new names of individuals and entities being uploaded regularly – just look at the changes in the last week alone. So, when sanctions screening is being undertaken, it must be done against the backdrop of the most up-to-date listing. If you are using the UK’s list from just one week ago, it’s already out of date!
2. The need for Beneficial Ownership and KYC information
   If a person or entity is designated to be sanctioned, their name will be recorded on the Consolidated List. An asset freeze and some financial services restrictions will apply to entities that are owned or controlled, directly or indirectly, by a designated person. Those entities may not be designated in their own right, so their names may not appear on the Consolidated List. Yet those entities are similarly subject to financial sanctions. This emphasises the importance of holding up-to-date and accurate beneficial ownership records along with appropriately detailed Know-Your-Customer information, in order that this particular risk can be evaluated.

What should companies do to avoid a sanctions breach?

If your screening uncovers an individual or entity matching all the information on the Consolidated List, you should immediately notify OFSI. Your next steps depend on the specific sanctions that have been applied.

While sanctions regimes and obligations are complicated and vary between situations, we have identified eight steps which should help companies to address and mitigate the risks:

• Ensure sanctions listings used for screening are up-to-date. There is always a possibility that an entity, individual or bank may have been added to a sanctions listing in the last few days.
• Consider using several sources to screen for sanctioned parties – not just one list – for maximum coverage and more effective screening.
• Understand transactions thoroughly, which will help you to identify and screen potential touchpoints that typically involve sanctioned entities.
• Sign up to the mailing lists of government departments who issue regular e-alerts with updates like new sanctions announcements. For example, OFSI notifies its subscribers by email whenever a new notice is published – you can sign up here.
• Ensure you understand the specifics and impacts of any given sanction which appears to be in place against a party in your screening, performing detailed analysis on its provisions if necessary.
• Be extra vigilant about the risk of persons or entities impacted by sanctions trying to circumvent the restriction by routing payments through other parent or subsidiary entities.
• Increase your sanctions monitoring during times of high alert, like we are experiencing now. While some firms would normally screen for sanctions on a weekly basis, these checks should be executed daily.
• If you do come across suspicious activity, don’t forget your ongoing reporting obligations to the UK’s Financial Intelligence Unit, the National Crime Agency. This should be the case even at moments when the sanctions landscape is shifting rapidly.

Even when a normalisation of global relations returns, companies should not relax their focus on the risk of sanctions as this typically leads to many entities and individuals being removed from sanctions lists. If you would like more information on sanctions and would like to speak with me or one of the financial crime team, please get in touch.