3 min read

UK Sanctions: Red Alert seeks to remind financial institutions of 'critical role'

Read more

By Mathew Wale and Gareth Hall Mathew Wale & Gareth Hall


Published 15 December 2023


On 6 December 2023, the National Crime Agency ("NCA") issued – in conjunction with the Office of Financial Sanctions Implementation ("OFSI") - a 'Red Alert' aimed principally at UK financial institutions and the regulated sector as a whole.

The 'Red Alert' recognises the 'critical role' the financial sector plays in the procurement process when processing transactions in relation to underlying trade activity and attempts to bolster compliance by reminding entities of their role and capabilities in detecting attempts to circumvent UK sanctions, currently imposed on Russia following the invasion of Ukraine in early 2022. The alert, which can be found on the National Crime Agency website1, warns of the threat of Russia using complex supply chains to attempt such circumvention by trying to procure goods through intermediary countries and provides a list of indicators for the financial sector to be aware of when conducting due diligence on the transactions they process.

The indicators include:

  1. Transactions related to payments for goods on the Common High Priority list – which is a list of Western items deemed critical to Russia's military development - from a company incorporated after 24 February 2022 and based in known diversionary destinations.
  2. A customer who lacks or refuses to provide details on banks, shippers, or third parties, including about end users, intended end-use, or company ownership.
  3. Transactions involving smaller value payments, all from the same end user’s foreign bank account, to multiple, similar suppliers of Common High Priority list items.
  4. A customer that significantly overpays for a Common High Priority list item, compared to known market prices.
  5. Purchases under a letter of credit that are consigned to the issuing bank, not to the actual end user. In addition, supporting documents, such as a commercial invoice, do not list the actual end-user.
  6. Transactions involving entities with little to no web presence, such as a website or a domain based email account.
  7. Transactions involving customers with phone numbers with country codes that do not match the destination country.
  8. The item or service (commodity, software, service or technology) does not fit the purchaser’s line of business.
  9. The customer’s name or its address is similar to one of the parties on the OFSI consolidated list.
  10. Transactions involve a purported civil end-user, but research indicates customers with counterparties with connections with the military, such as an address that is a military facility or is co-located with military facilities in a country of concern.
  11. Transactions involving companies that are physically co-located, or have shared ownership, with an entity on the OFSI consolidated list.
  12. Transactions that use open accounts/open lines of credit when the payment services are conducted in conjunction with known diversionary destinations.
  13. Transactions involving a last-minute change in payment routing that was previously scheduled from a country of concern, but now routed through a different country or company.
  14. Transactions involving payments being made from entities located at known transhipment points or involve atypical shipping routes to reach a destination.

Increased and multilateral efforts to 'bolster compliance'

This red alert is the third issued in 18 months, with the others focussing on evasion typologies generally and the over-the-counter gold market respectively. As alluded to above, this most recent alert seeks to support the efforts this year by the UK, alongside G7 partners, to develop the Common High Priority items list2 in order to support the financial sector and other businesses to identify potentially suspicious transactions. Due to the critical nature of the items on this list to Russia's military efforts, they are considered high risk in terms of attempts to circumvent UK sanctions and it is for this reason that businesses are being encouraged to increase their efforts to detect instances where they may form part of the trade sitting behind transactions being processed.

For financial institutions – review and augmentation of systems?

While many of these 'indicators' will already form part of – or be anticipated by – sophisticated compliance systems and controls, some may be less obvious and may require compliance functions, financial crime, AML specialists within financial institutions and in-house legal teams to augment or at least review their current approach to sanctions compliance. Where – through such review or augmentations – sanctions exposure is identified, careful consideration should be given to investigating the same, considering any appropriate reporting obligations.




Key Contacts