New EU Sanctions Guidance Note: Important Background
Let's quickly look at the background first. And it's straightforward to understand: At the crux is the 2022 Russian invasion of Ukraine.
As most readers know, the EU has slapped Russia with ten rounds of sanctions at a record pace. This article is not here to assess how effective EU sanctions have been against Russia - that's a different question altogether.
But there is a lingering question about how well the sanctions are working. After all, Brussels has observed a notable increase in the export of EU-made goods (strictly prohibited in EU-Russia trade) to nations in Russia's vicinity or with political affiliations close to the Kremlin.
We don't need to spell out where those products pop out at the end of their journey. And connecting the dots, the new EU sanctions guidance attempts to address this obvious circumvention problem.
The press release announcing the guidance mentions Russia six times (Belarus also appears). And it begins by stating that since the invasion, the EU has "imposed unprecedented restrictive measures" against Russia. With that context, the announcement continues: "Russia has deployed various and increasingly elaborate schemes and techniques to circumvent these measures."
So, in a nutshell, this is what the new guidance is all about:
Making it difficult for Russia to evade EU sanctions by getting operators to do the best sanctions compliance job they can.
An 'operator' is any company or organization operating in the EU's jurisdiction. The press release delivers two crucial messages.
The first one is ethical in nature - the EU support for Ukraine is steadfast, and the practical guidance is to help operators support that objective. The second message is legal, reminding operators: "Under EU law, EU operators have an obligation to carry out due diligence when trading with third countries to ensure that their business partners are not circumventing EU sanctions."
So, with all that said, let's now examine the key highlights from the new guidance.
The Importance of Regular Risk Assessments Is Front and Center
If your company or organization operates within the EU and last performed a sanctions risk assessment a while ago - now is the time to complete a new one.
Buy why so? That's because the latest EU sanctions guidance strongly emphasizes the importance of conducting regular risk assessments to keep up with Russia's attempts to circumvent sanctions (see page 4 of the guidance) in a volatile and changing situation.
And the reality is this: If you want to keep your business sanctions compliant - and avoid potential financial penalties and reputational damage for non-compliance - then performing them often is what the EU expects.
In fact, the guidance even says operators should conduct a strategic risk assessment and complete the following steps:
- Identify sanctions circumvention threats and vulnerabilities specific to your operations
- Perform a risk analysis
- Put together mitigation measures
- Implement the mitigation measures
- Regularly update
And the bottom line is this: For organizations who feel their EU sanctions compliance risk assessments have been gathering a bit of dust - the European Commission is firmly nudging them to give it some attention.
The New Guidance Doubles-Down on Enhanced Due Diligence
The next key takeaway from the EU's new sanctions guidance regards Enhanced Due Diligence (EDD). And here is a heads-up: The level of detail is granular.
Essentially, the European Commission is saying that you can't only have your risk assessment processes in order. But you also need robust EDD procedures to deal with stakeholders (such as customers) identified as higher risk.
But here is an important point: A one-size-fits-all solution for solving EDD requirements does not exist. And the European Commission's guidance recognizes that different models are uniquely created depending on factors such as the nature of the business, geographic location, and operating sectors.
However, the report doubles down on good practices that all companies and organizations must embrace - especially in the era of increased sanctions evasion by Russia.
So what are they?
The guidance lists more than 20 questions that sanctions compliance teams should ask themselves. It's a lot - and we aren't going to list them in the article (the questions begin on page 6 in the report).
But here are some insights drawn from the questions:
- Discovering if direct and indirect stakeholders are under EU sanctions is a priority
- Understanding direct and indirect stakeholders' ownership structures (and when they changed) is increasingly important.
- Understanding the level of effort your direct and indirect stakeholders put into sanctions compliance is crucial
The EDD section also examines money flows, goods routes, third-county circumvention typologies, and more. For example, a special mention of the increased risk associated with correspondence banking in the finance sector is provided.
Recommended reading from the blog: What is Enhanced Due Diligence (EDD)?
The EU Has 12 Red Flags To Spot Sanctions Circumvention
The final key takeaway from the new sanctions guidance is this: If any direct or indirect stakeholder is red-flagged in checks for possible sanctions circumvention, then deeper screening is necessary.
The EU has its own set of 12 red flags to help guide operators. In this article, we won't list them. And many will already be part of your organization's sanctions compliance policy.
But are you sure?
If the European Commission feels the necessity to publish all 12 in detail, not everyone will likely be incorporating all of them.
It's highly recommended that businesses and organizations carefully review the EU's sanctions guidance (they are on page 9) to familiarize themselves with these indicators and, if they haven't already, incorporate them into their processes.
The new EU sanctions guidance published in September 2023 is a long-awaited and vital contribution to the ongoing development of standards within the region - especially in the era of elevated sanctions against Russia.
The European Commission makes three things crystal clear for businesses and organizations operating in the EU:
- Make sure your risk assessments are up to scratch
- EDD is getting more granular, its scope is expanding, and it requires careful attention
- Your internal sanctions circumvention red flags should align with the EU's
How sanctions.io Helps With EU Sanctions Compliance
sanctions.io is a highly reliable and cost-effective solution for sanction checking worldwide - including the Consolidated List of Sanctions of the EU's common foreign and security policy (CFSP).
AI-powered and with an enterprise-grade API with 99.99% uptime are reasons why customers globally trust us with their sanctions screening needs.
To learn more about how our sanctions, PEP, and criminal watchlist screening service can support your organization's compliance program:
7-Day Free Trial (No Credit Card Required)
We offer a free 7-day trial (no credit card is required) and will be delighted to walk you through our service.