.svg)
The latest report from the UK’s sanctions watchdog warns of ongoing non-compliance and potential pathways for abuse such as crypto-assets and Russia’s Swift alternative.
The UK’s Office of Financial Sanctions Implementation (OFSI) has published its latest Financial Services Threat Assessment, revealing significant concerns about compliance with financial sanctions among UK financial services firms.
The report, which covers sanctions threats from February 2022 to the present, highlights widespread non-compliance, the role of professional and non-professional enablers, and the increasing use of alternative payment methods such as crypto-assets.
In the report, OFSI suggests that some UK financial services firms, including non-bank payment service providers (NBPSPs), have failed to report all suspected breaches.
Self-disclosure is encouraged, but the report indicates that identification and reporting vary across the sector and different sanctions regimes.
The assessment also identifies recurring issues such as the improper maintenance of frozen assets and breaches of OFSI licence conditions, stating that these failures affect compliance across all UK sanctions regimes and contribute to non-compliance.
Circumvention risks
OFSI has also warned UK PSPs about potential exposure to institutions using Russia’s alternative financial messaging system, the System for Transfer of Financial Messages (SPFS).
SPFS, which was first launched in 2014, is designed to replace Swift, and OFSI has joined counterparts in the EU and US in suggesting that it may be exploited to circumvent UK financial sanctions.
In the report, OFSI advises financial institutions to assess their exposure to banks linked to this system, and to report any suspected sanctions breaches.
OFSI also warns that since 2023 there has been a sharp rise in the use of professional and non-professional enablers by Russian designated persons (DPs) attempting to evade UK financial sanctions.
It notes that so-called enablers have facilitated payments for maintaining luxury assets such as superyachts and high-value UK properties.
In addition, the report suggests that DPs have increasingly turned to crypto-assets and other alternative payment methods to bypass UK financial sanctions, with OFSI identifying cases where individuals have used such methods to transfer funds illicitly.
According to OFSI, Russian DPs also frequently structure their assets through intermediary jurisdictions, and the threat assessment points out that more than 25 percent of suspected breaches reported to OFSI reference such jurisdictions.
The British Virgin Islands, Switzerland and the United Arab Emirates are among the most commonly cited, but more recent reports have seen increased references to other jurisdictions, including EU member states Luxembourg and Cyprus.
“The change in the countries referenced in OFSI suspected breach reports has likely been driven by several factors, including Russian capital flight to jurisdictions which do not have sanctions on Russia, such as the UAE and Türkiye,” OFSI said.
What this means for payments firms
Payments and e-money firms should consider the line in the report “including non-bank payment service providers (NBPSPs)” a direct call-out.
OFSI’s specific mention of NBPSPs in its report suggests that these firms are particularly vulnerable to sanctions breaches, despite, like their incumbent banking counterparts, playing a key part in enforcing financial sanctions.
NBPSPs may not have the same level of compliance infrastructure as traditional banks, making them more prone to inadvertent or intentional breaches.
In addition, their involvement in cross-border transactions, digital payments and crypto-related transactions places them at higher risk, especially given OFSI’s concerns about alternative payment methods being used to evade sanctions.
NBPSPs are not as integral as banks to the economy yet, and perhaps are not as closely scrutinised.
As a consequence, countries such as Lithuania have already seen payments and e-money firms become an attractive avenue for enablers looking to bypass restrictions and maintain the assets and lifestyles of Russian DPs.
OFSI’s findings suggest that some NBPSPs have facilitated transactions linked to enablers, possibly without sufficient due diligence or effective sanctions screening in place.
By explicitly calling out NBPSPs, OFSI is signalling that these firms must enhance their compliance efforts.
The report highlights that some financial services firms have failed to self-disclose suspected breaches, and the mention of NBPSPs implies they are among those falling short.
This serves as both a warning and a push for NBPSPs to take a more proactive approach in identifying, reporting and preventing sanctions breaches before facing potential regulatory action.
