What are Financial Sanctions?

Financial sanctions are essentially restrictive measures imposed on financial resources and services for individuals, entities and bodies that engage in criminal activities. Financial sanctions were implemented to help achieve the UK’s foreign policy and national security objectives, including the prevention of terrorist financing. These sanctions are also designed to maintain confidence in the integrity of the UK’s financial service sector. All businesses must understand the various procedures and responsibilities involved with financial sanctions, as they’re only effective if they’re properly implemented.

All UK and non-UK individuals, businesses and charities need to comply with financial sanctions if they carry out activities within the UK’s territory and are established under UK law and operating overseas. This means that UK citizens need to comply with financial sanctions wherever they are in the world.

What is OFSI?

The Office of Financial Sanctions Implementation (OFSI), which is a part of HM Treasury, is the UK’s authority for implementing financial sanctions. OFSI is responsible for regulating financial sanctions, using their enforcement powers to ensure all businesses and entities comply. OFSI also publishes a consolidated financial sanctions list, which helps firms screen and identify designated persons subject to UK, EU and UN financial sanctions. Information on the consolidated list includes aliases, date of birth, passport details, nationality, last known address, employment or government role. To spread the word about financial sanctions, they also speak at financial crime, financial services, foreign policy and other industry events and meetings. This kind of interactive engagement with the compliance community provides them with the opportunity to respond to any concerns regarding financial sanctions.

Types of financial sanctions

If the individual or entity you are dealing with matches all the information on the consolidated list, this is likely to be a target match. In this situation, the business is legally obliged to freeze the funds or economic resources that it controls and report to HMT’s Asset Freezing Unit. All businesses, organisations and individuals are under obligation to report information about sanctions breaches to the OFSI.

As well as asset freezes, your business might have to impose restrictions on financial markets and services, which apply to named individuals, entities and bodies, or to entire sectors. Examples of such restrictions include investment bans and limitations on access to capital markets. In some cases, the firm may have to cease all business of a specified type with a specific person, group, sector territory or country.

The most common types of financial sanctions include:

Asset freezes: If you have reason to suspect that you’re dealing with a designated person you must ‘freeze’ them. This means ceasing to deal with them and report them to OFSI.
Restrictions on financial markets and services: These can apply to named individuals, entities and bodies, to specified groups or to entire sectors. Examples of these include investment bans and restrictions on access to capital markets. Businesses might also be required to notify or seek authorisation before certain payments are made or received.
Directions to cease all business: These directions will specify the type of business and apply to a specific person, group, sector or country.

Why do we have financial sanctions?

The main objective of financial sanctions is to keep our country safe. This is achieved as follows:

  • By increasing the costs associated with a particular regime, financial sanctions are designed to force the individuals within the regime into changing their behaviour.
  • The sanctions also work to constrain a target by denying them access to key resources needed to continue their offending behaviour, including the financing of terrorism or nuclear proliferation.
  • Financial sanctions are also used to signal disapproval. This stigmatises and potentially isolates a regime or individual. This is also a way of sending broader political messages nationally or internationally.
  • Finally, financial sanctions are used to protect the value of assets that have been misappropriated from a country.

By complying with OFSI, companies ensure that they’re conducting legitimate business both in the UK and abroad. Upholding the financial sanctions regime is also an essential component of protecting our country. By adhering to the obligations, firms are doing their part to avoid substantial fines and more significantly, to protect our country from potential harm.

Sanctions screenings

It’s against the law for firms to provide funds or carry out transactions for designated persons on the consolidated financial sanctions list. To ensure that your business activities are safe and legal, you must implement sanctions screenings whenever you take on new customers. Screening helps businesses to identify sanctioned individuals and organisations, which means they can make appropriately compliant risk decisions.

There are two main screening controls that most businesses will use: transaction screening and customer screening. Transaction screening identifies transactions involving targeted individuals or entities, whereas customer screening (also known as name screening) recognises targeted individuals or entities during the lifecycle of the customer relationship with the company. Both screenings are designed to form a robust set of controls for identifying sanctions targets.

OFSI publishes the consolidated list to help businesses and individuals comply with financial sanctions. The list includes all designated persons subject to financial sanctions under EU and UK legislation, as well as those subject to UN sanctions which are implemented through EU regulations. The list is also updated within one working day for all new UN, EU and UK listings coming into force in the UK, and within three working days for all other amendments. This means it’s almost always up to date, so businesses can be sure that their screenings are accurate and reliable.

There are some limitations to consider for the screening system. For example, many different people can share the same or similar details. Human error also might cause slight differences, for example, spelling mistakes or incomplete data. To accommodate this, screening software includes ‘fuzzy matching’. To ensure that matches are as accurate as possible, firms must calibrate the system in line with the risk profile of their business. Companies should also use human intervention to assess which results are false positives. This means investigating potential matches to determine whether they’re fuzzy or true matches. Other information on the list, such as date of birth and nationality, can be used to eliminate or confirm a potential match. The decision-making process must be documented in writing.

What happens if you ignore financial sanctions?

Financial sanctions are designed to help achieve the UK’s foreign policy and national security objectives. They’re implemented to control the risks of terrorist financing, whilst also maintaining confidence in the integrity of the UK’s financial service sector. However, financial sanctions are only effective if they’re properly implemented by the relevant businesses. Failure to comply with financial sanctions has serious consequences, both legal and ethical.

Breaches of financial sanctions are criminal offences. OFSI has the power to impose criminal convictions (with sentences of up to 7 years) or monetary penalties.Under the Policing and Crime Act 2017 (the 2017 Act), HM Treasury has enforcement powers to impose monetary penalties for breaches of financial sanctions. Breaches of financial sanctions are criminal offences, and you could be sentenced to up to seven years in prison. The monetary penalties regime created by the 2017 Act provides an alternative to criminal prosecution for breaches of financial sanctions legislation. However, the fines are severe, with companies paying up to £1 million or 50% of the estimated value of the funds or resources.

If your business becomes associated with an irresponsible approach to financial sanctions, you’re also risking significant reputational damage. This often results in your business losing shareholder, which can lead to diminished sales. However, perhaps more importantly, failure to comply with these regulations means you’re ignoring a serious ethical responsibility. The main purpose of financial sanctions is to keep our country safe. By adhering to the obligations, firms are doing their part to protect our country from potential harm.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.