In February 2025, the Office of Financial Sanctions Implementation (OFSI) published a Financial Services Threat Assessment Report as part of its ongoing sector-specific assessments of threats to UK financial sanctions compliance. The report focuses on risks related to the UK financial services sector, particularly in the aftermath of Russia’s invasion of Ukraine in February 2022, which led to a significant expansion of financial sanctions. The report outlines key compliance challenges, suspected breaches, and emerging trends, aiming to help UK financial institutions strengthen their compliance frameworks and prevent violations.

Key Judgements

1. Underreporting of Breaches: Some UK financial services firms, especially non-bank payment service providers (NBPSPs), have likely not self-disclosed all suspected breaches to OFSI. Reporting and detection practices vary across the sector and different sanctions regimes.
2. Common Compliance Failures: Most non-compliance cases are attributed to issues such as improper maintenance of frozen assets, failure to adhere to licence conditions, and inaccurate ownership assessments.
3. Increased Role of Enablers: Since 2023, Russian designated persons (DPs) have increasingly relied on both professional and non-professional enablers to circumvent UK financial sanctions.
4. Use of NBPSPs for Payments: Enablers have facilitated transactions through NBPSPs to sustain the lifestyles and assets of Russian DPs, including superyachts and UK residential properties.
5. Fronting Attempts: A small number of enablers have likely tried to falsely claim ownership of frozen assets on behalf of Russian DPs.
6. Cryptoassets as an Evasion Tool: Enablers have almost certainly used alternative payment methods, particularly cryptoassets, to bypass UK financial sanctions.

Threat Overview

Since February 2022, over 75% of UK sanctions designations have been related to Russia. UK banks and NBPSPs have reported the highest number of suspected breaches. The report emphasizes that financial institutions must ensure compliance not only with Russian sanctions but also with other UK sanctions regimes, including those related to Libya, Belarus, Iran, and North Korea (DPRK).

• UK Banks (55%) and NBPSPs (27%) account for the majority of reported breaches.
• Sanctions threats are evolving, requiring continuous vigilance and adaptation.

Strengthening Compliance

The report identifies several common compliance weaknesses that have led to breaches:

1. Improper Maintenance of Frozen Assets
   • Payments have been withdrawn from accounts belonging to Russian DPs due to automatic contract renewals (e.g., insurance policies, property maintenance).
   • Firms must ensure frozen accounts comply with asset freeze prohibitions and OFSI licences.
2. Licence Condition Breaches
   • Transactions have occurred after licence expiry.
   • Some accounts have been used outside of the conditions specified in OFSI licences.
3. Inaccurate Ownership Assessments
   • Failures to recognize that subsidiaries of Russian conglomerates are either sanctioned or majority-owned by a sanctioned individual.
   • Risk of Russian DPs establishing new entities in intermediary countries to avoid sanctions.
4. UK Nexus Misidentifications
   • OFSI has identified instances where firms incorrectly assessed whether transactions had a UK connection (UK nexus).
   • Some firms have also misinterpreted the differences between UK, EU, and US sanctions.
5. Correspondent Banking Risks
   • Financial institutions should monitor their exposure to the Russian System for Transfer of Financial Messages (SPFS), which serves as an alternative to SWIFT.

Russian Designated Persons (DPs) and Enablers

OFSI defines enablers as individuals or entities assisting Russian DPs in violating UK sanctions. They can be:

• Professional Enablers: Wealth managers, legal advisors, and financial service providers.
• Non-Professional Enablers: Family members, close associates, or proxies with personal ties to Russian DPs.

Maintaining Lifestyles and Assets

• Superyachts: Payments for crewing and maintenance have been processed through UK NBPSPs, insurance providers, and banks. Some yachts remain operational despite being frozen.
• UK Residential Properties: Enablers have made payments for security, staffing, and upkeep of properties owned by Russian DPs. Transactions have often involved trusts based in Cyprus and Austria.

Fronting on Behalf of Russian DPs

• Some enablers have falsely claimed ownership of frozen assets.
• These individuals often have limited public profiles, inconsistent name spellings, or recently acquired "golden visa" citizenships.

Use of Cryptoassets for Sanctions Evasion

• Russian DPs have utilized crypto-to-cash exchanges and money laundering networks to move funds.
• The UK-designated cryptocurrency exchange Garantex and dollar-backed stablecoins such as Tether (USDT) have been exploited in these schemes. 

Intermediary Countries

Since February 2022, over 25% of suspected breaches reported to OFSI have involved intermediary jurisdictions, which provide financial secrecy or access to global markets. The most frequently mentioned countries include:

• Austria: Used for enabler activity, non-resident banking, and transactions involving cryptoassets.
• British Virgin Islands (BVI): Used for asset ownership and laundering networks.
• Switzerland: Used for non-resident banking, and processing funds for UK-sanctioned individuals.
• Cyprus: Hosts complex corporate structures and trust arrangements.
• United Arab Emirates (UAE): Seen increased Russian capital flight and company registrations.
• Türkiye: Used for enabler activity and superyacht maintenance.
• Cayman Islands: Used for enabler activity and offshore account payments.