How to use the consolidated sanctions list

What is the consolidated sanctions list?

The consolidated list is a list of financial sanctions targets in the United Kingdom. If you are doing business with an individual or company associated with a person on this list, even if it is just a target match, you must report it to the Office of Financial Sanctions Implementation (OFSI). The guidance given in this blog has been taken from VinciWorks’ e-learning course on sanctions regulations

What is a target match?

A target match occurs when the individual in question matches information that is included on the consolidated list. This means there is either a name match, close name match, similar date of birth, or other information that may lead you to conclude the individual and person on the list are the same. When in doubt, you can contact the OFSI for assistance.

Identifying types of sanctions and using the consolidated sanctions list

Properly understanding sanctions laws is necessary to protect yourself, your business and your reputation. There are heavy penalties associated with breaking sanctions and not reporting any suspicions, even if it does not directly involve you. Listed below are important types of sanctions to be aware of in order to follow laws and appropriately use the consolidated sanctions list.

  • Sanctions on people
  • Sanctions on countries
  • Sanctions on financial conduct
  • Sanctions on commodities
  • Sanctions on import / export controls

Reporting matches

EU regulations require natural and legal persons, entities and bodies to supply OFSI as soon as practicable with any information that would ‘facilitate compliance’ with the regulations. Any information provided will only be used for the purposes for which it was provided or received. This requirement applies to natural and legal persons, entities and bodies in the UK or under UK jurisdiction and not just to credit or financial institutions or to individuals working for them.

A relevant institution or relevant business or profession that fails to comply with its reporting obligations, as set out in the relevant legislation, will be committing an offence, which may result in a criminal prosecution or a monetary penalty.

Your obligation to report to OFSI is in addition to any other non-financial sanctions reporting obligations you may have. These could include reporting required by your regulator (if you have one) or submitting Suspicious Activity Reports (SARs) to the National Crime Agency (NCA) under the Proceeds of Crime Act 2002.

In some cases, you may have specific obligations to report under section 19 of the Terrorism Act 2000. Reporting to your regulator or submitting a SAR does not meet your reporting obligations under financial sanctions

Download a Sanctions policy template

To help organisations conduct proper due diligence regarding sanctions as well as any suspicions,  VinciWorks has created a free sanctions policy template that can easily be edited to suit your organisation, industry and staff, as well as remain up-to-date with the latest sanctions brought on countries.

Download sanctions policy template

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.