HM Treasury, the Bank of England and the FCA are reminding the crypto sector of their responsibilities under the sanctions regime

On 11 March 2022 HM Treasury published a a reminder UK financial services firms, including the crypto-asset sector, to ensure they play their part in complying with the sanctions.

It is reiterated that financial sanctions do not distinguish between crypto-assets and other assets; reminds companies to be cautious about trying to avoid sanctions; and to assess whether they are dealing with a registered VASP or not.

It also reminds crypto asset companies to update or review their existing systems and controls, including:

• updating business-wide and customer risk assessments to take into account changes in the nature and type of sanctions measures;
• ensuring that client onboarding and due diligence processes identify clients using corporate vehicles to disguise the ownership or source of funds;
• ensuring that clients and their transactions are checked against the relevant updated sanctions lists and that effective re-vetting is in place to identify activities that may indicate a breach of sanctions;
• identifying activities that are inconsistent with the user’s profile or otherwise suspicious and ensuring that they are promptly reported to a designated official for timely consideration;
• ensuring that where blockchain analytics solutions are deployed, compliance teams understand how these capabilities can best be used to identify transactions associated with higher risk wallet addresses; and
• engaging in public-private partnerships and private-private partnerships to gather insights into the latest typologies and additional controls that may be relevant and share their own examples of best practice.

In addition, it lists some red flag indicators that should be taken into context (ie, considered with other red flag indicators or contextual information):

• “a customer who is a resident of or transacts in or from a jurisdiction that is subject to sanctions, or that is on the UK’s list of high-risk third countries for the purposes of combating money laundering and terrorist financing, or any jurisdiction that you have identified as posing an increased risk from illegal financial activities

• transactions to or from a wallet address associated with a sanctioned entity, or a wallet address otherwise considered high risk, based on transaction history or associated addresses, or other factors

• transactions involving cryptoasset exchanges or custodian wallet providers known to have poor due diligence procedures or otherwise considered high risk

• using tools designed to disguise the customer’s location (e.g. IP address connected to a virtual private network or proxy) or the source of cryptoassets (e.g. mixers and mixers)

• other indicators that are usually associated with money laundering in a broader sense. In both situations, the goal of the illegal actor is to make the illegal transaction appear legitimate”.

Firms that also operate in the US should be aware of the red flags issued by FinCEN earlier this month, which we summarize here.

While FinCEN’s update is aimed at US crypto firms, all firms involved in cryptoassets may want to consider it to help assess their risk of sanctions.