The latest guidance underlines the fact that financial sanctions regulations do not differentiate between cryptoassets and other forms of assets.
In a joint statement from the Office of Financial Sanctions Implementation (OFSI), the Financial Conduct Authority (FCA) and the Bank of England, businesses have been given additional guidance regarding sanctions evasion. This follows the sweeping sanctions imposed on Russia and Belarus and the fear that attempts may be made to circumvent sanctions using crypto currencies and assets. As a result, the UK financial regulatory authorities repeated their assertion that all UK financial firms must take every possible precaution to ensure that they comply with sanctions, but this time targeted the crypto sector.
A stark warning to all cryptoasset firms Placing cryptoassets firmly in their sights, the joint statement declared: “We are working closely with partners in government and law enforcement both here and abroad, including regulatory authorities, to share intelligence and act to prevent sanctions evasion, including through cryptoassets. We also remain ready to act in the event of sanctions breaches”. The fears are well grounded as there is evidence that sanctioned individuals and entities have already started to use crypto to hide their assets, causing the global Financial Stability Board to closely scrutinise this potential loophole. Calls that digital asset companies are simply not up to the task of complying with sanctions have been met with firm denials. While some in the sector have gone on the defensive and rejected out of hand calls to cut off all Russian users. But the UK financial authorities have underlined the fact that financial sanctions regulations do not differentiate between cryptoassets and other forms of assets. As a result, the use of cryptoassets to circumvent economic sanctions is equally a criminal offence under the Money Laundering Regulations 2017 and regulations made under the Sanctions and Anti-Money Laundering Act 2018. The steps cryptoasset firms must take to ensure they comply with their legal obligations As detailed in the new guidance, the practical steps to reduce the risk of sanctions evasion via crypto currencies or assets include:
Updating business-wide and customer risk assessments to account for changes in the nature and type of sanctions measures
Ensuring that customer onboarding and due diligence processes identify customers who make use of corporate vehicles to obscure ownership or source of funds
Ensuring that customers and their transactions are screened against relevant updated sanctions lists and that effective re-screening is in place to identify activity that may indicate sanctions breaches
Identifying activity that is not in line with the customer profile or is otherwise suspicious and ensuring that these are reported quickly to the nominated officer for timely consideration
Where blockchain analytics solutions are deployed, ensuring that compliance teams understand how these capabilities can be best used to identify transactions linked to higher risk wallet addresses
Engage with public-private partnerships and private-private partnerships to gather insights on the latest typologies and additional controls that might be relevant and share their own best practice examples
The Red Flags that suggest an increased risk of sanctions evasion Every firm should keep a close watch for red flag indicators that suggest an increased risk of sanctions evasion. Any Red flag indicator should always be reviewed in context. As what may seem innocent in isolation, when considered alongside other red flag indicators or contextual information, may be indicative of sanctions evasion. Red Flags may include (but are not limited to) the following:
Customers who are resident in or conducting transactions to or from a jurisdiction which is subject to sanctions, or which is on the UK’s High Risk Third Countries list, or jurisdiction identified as posing an increased risk of illicit financial activity
Any transactions to or from a wallet address associated with a sanctioned entity, or deemed to be high-risk, based on its transaction history or that of associated addresses, or other factors
Transactions involving a cryptoasset exchange or custodian wallet provider known to have poor customer due diligence procedures or which is otherwise deemed high-risk
The use of tools designed to obfuscate the location of the customer (such as an IP address associated with a VPN or proxy) or the source of cryptoassets (such as mixers and tumblers)
Any other red flag indicators where the aim of the illicit actor is to make an illegal transaction appear legitimate
What to do if suspicious activity is detected The FCA has written to all registered cryptoasset firms and those holding temporary registration status and delivered the following forewarning. If any firm has ‘reasonable cause to suspect’ they are in possession, in control of, or dealing with the funds or economic resources of a sanctioned individual, they must adhere to the following: they must freeze them, not deal with them or make them available to the designated person, unless there is an exception in the current legislation or have a license from the OFSI. The regulators also reminded financial institutions to check the FCA register to identify whether any cryptoasset firms they do business with are registered, or to check the equivalent register of the jurisdiction in which the cryptoasset firm is based. Both the FCA and the Prudential Regulation Authority (PRA) have stated that they will act if they see authorised financial institutions supporting cryptoasset firms operating in the UK illegally.
Originally produced by Nick St Clair at Risk Screen