Tech & Sourcing @ Morgan Lewis


On March 11, 2022, the UK Financial Conduct Authority (FCA), the Bank of England, and the Office of Financial Sanctions Implementation (OFSI) released a joint statement reiterating that all UK financial services firms, including the cryptoasset sector, are expected to ensure compliance with economic sanctions.

The statement confirms the UK regulators’ position that the sanctions regulations do not differentiate between cryptoassets and other forms of assets, and reiterates that the use of cryptoassets to circumvent economic sanctions was a criminal offence in accordance with Money Laundering Regulations 2017 and regulations made under the Sanctions and Anti-Money Laundering Act 2018.

The statement also sets out steps that firms can take to reduce the risk of sanctions evasion, such as identifying activity that is not in line with the customer profile or is otherwise suspicious and ensuring that this activity is reported quickly, as well as updating internal controls and due diligence to specifically account for cryptoassets.

The statement also includes examples of red flag indicators that may indicate a higher risk of sanctions evasion, such as transactions involving a cryptoasset exchange or custodian wallet provider known to have poor customer due diligence procedures or which is otherwise deemed high risk, or the use of tools designed to obfuscate the location of the customer or the source of cryptoassets. The statement does provide, however, that it is important to consider red flags in the context under which they arise, and what may appear innocuous in isolation may be indicative of sanctions evasion when considered in the broader context in which the transaction sits.

Notification of Sanctions Evasions

If there are any concerns regarding sanctions evasions, whether through the use of cryptoassets or otherwise, the regulators advise firms to consider their obligations to report to the UK Financial Intelligence Unit (UKFIU) at the National Crime Agency under the Proceeds of Crime Act 2002.

The FCA noted that it had contacted all registered crypotasset firms and those with temporary registered status, to confirm the application of sanctions on various entities and individuals.

If a firm knows or has “reasonable cause to suspect” that it is in possession or control of or is otherwise dealing with the funds or economic resources of a designated person under the sanctions, it must:

  • freeze the assets;
  • not deal with the assets or make them available to or for the benefit of the designated person, unless there is an exception in the legislation that the firm can rely on or the firm has a license from the OFSI; and
  • report the designated person to the OFSI (

The statement confirmed that the financial regulators remain “ready to act” in the event of a sanctions breach and that "Both the FCA and the Prudential Regulation Authority will act if they see authorised financial institutions supporting cryptoasset firms operating in the UK illegally."