How to address the risk of sanctions evasion via cryptoassets

On 11 March 2022 the Office of Financial Sanctions Implementation (part of HM Treasury) (“OFSI”), the UK Financial Conduct Authority and the Bank of England issued a joint statement reiterating that all UK financial services firms are expected to play their part in ensuring that sanctions are complied with.  This includes firms in the cryptoasset sector.

This statement served as a timely reminder that financial sanctions regulations do not differentiate between cryptoassets and other forms of assets.  Therefore, the use of cryptoassets to circumvent economic sanctions is a criminal offence under the Money Laundering Regulations (“MLRs”) and regulations made under the Sanctions and Anti-Money Laundering Act 2018.

What are the legal and regulatory requirements?

The statement initially reminds that:

When dealing with transactions giving rise to concerns about sanctions evasion or money laundering, reporting obligations under the Proceeds of Crime Act 2002 should also be considered; When dealing with a cryptoasset firm, all authorised financial institutions should check with the FCA register to identify whether a cryptoasset firm is registered, or to check the equivalent register in the respective jurisdiction; and If you know, or have reasonable cause to suspect, that you are in possession or control of, or are otherwise dealing with the funds or economic resources of a designated person, you must freeze them and not deal with them unless there is an exemption or you have an OFSI licence, and report them to OFSI.

What additional measures need to be implemented to reduce the risks?

The statement informs that controls developed to identify customers and monitor their transactions under the MLRs can help with compliance, but firms will need to implement additional sanctions controls as appropriate. These can include:

• Updating risk assessments to keep track of the nature and type of sanctions measures;
• Ensuring that customer onboarding and due diligence identify customers who use corporate vehicles to obscure ownership and source of funds;
• Ensuring that all clients are screened against relevant updated sanctions lists and that effective ongoing monitoring is in place; and
• Identifying activity that is not in line with the customer profile.

The statement further emphasises how firms that engage with the technology and use blockchain analytical solutions understand that compliance teams can best use these measures.

What additional red flags could be present?

Finally, the additional red flags that could be present according to the statement are as follows:

• Customers who are located or conducting business to or from a jurisdiction subject to sanctions, or which is on the UK’s High Risk Third Country list;
• Transactions to or from a wallet address associated with a sanctioned entity, or a high risk wallet address;
• Transactions involving a cryptoasset exchange or custodian wallet provider known to have poor customer due diligence procedures or otherwise high risk; and
• The use of tools to obfuscate the location of the customer.  

How can Gherson assist you?

In these constantly changing times, firms that deal with cryptoassets, and additionally have exposure to firms that do, will need to carefully consider all their systems and controls to ensure that they are able to comply with all relevant AML and sanctions regulations.

Gherson’s white-collar crime and regulatory team are able to provide advice and assistance with AML and sanctions compliance, including in situations involving cryptoassets. 

Additionally, the team has recently started a series on the regulation of crypto, with the aim of advising those who work in the compliance of this sector.  In addition, for those who would like advice on relevant issues, including those who have had issues with the FCA registration process, our specialist regulatory and compliance team can guide individuals and companies through the process.

Please do not hesitate to contact us for further advice, send us an e-mail, or alternatively, follow us on Twitter or LinkedIn to stay up-to-date.

The information in this blog is for general information purposes only and does not purport to be comprehensive or to provide legal advice. Whilst every effort is made to ensure the information and law is current as of the date of publication it should be stressed that, due to the passage of time, this does not necessarily reflect the present legal position. Gherson accepts no responsibility for loss which may arise from accessing or reliance on information contained in this blog. For formal advice on the current law please do not hesitate to contact Gherson. Legal advice is only provided pursuant to a written agreement, identified as such, and signed by the client and by or on behalf of Gherson.

©Gherson 2022