Secondary sanctions have become one of the most significant risks facing global businesses in 2025. These sanctions target not only sanctioned parties but also any company or individual that knowingly supports them. As enforcement expands across sectors and jurisdictions, organizations must understand how secondary sanctions work, why they matter, and what red flags indicate indirect exposure. This article explains the fundamentals of secondary sanctions and outlines key indicators companies should monitor to stay compliant.

{{snippet-guide}}

What Are Secondary Sanctions?

Secondary sanctions are penalties imposed on non-US or non-EU persons who engage in specific activities with sanctioned individuals, entities, or sectors, even if those activities do not involve the sanctioning country directly. These sanctions differ from primary sanctions, which apply to citizens and companies of the issuing country. Secondary sanctions expand the reach of regulators by creating consequences for third parties that support sanctioned actors.

For example, the United States can impose secondary sanctions on a foreign bank that processes payments for a sanctioned Iranian entity, even if the bank has no operations in the United States. These measures can include exclusion from the US financial system, restrictions on correspondent banking, asset freezes, or prohibitions on certain transactions.

Readers can learn more about the difference between primary and secondary sanctions in our detailed guide here. 

Why Secondary Sanctions Are Important in 2025

Secondary sanctions have become increasingly important due to rising geopolitical tensions and the evolution of international financial crime networks. Governments use these tools to pressure third parties that may be enabling sanctioned actors, intentionally or unknowingly. Secondary sanctions are particularly relevant in contexts involving Russia, Iran, North Korea, and Venezuela, where evasion networks frequently rely on intermediaries to access global markets.

‍

Growing Use of Secondary Sanctions by the US and EU

The United States continues to rely heavily on secondary sanctions as part of its national security strategy. OFAC’s Russia- and Iran-related programs include provisions that allow the US to penalize foreign companies for facilitating energy exports, shipping transactions, or access to technology. The EU has also started incorporating more secondary sanctions elements in its recent packages, especially measures aimed at discouraging circumvention in third countries.

As a result, companies operating in Asia, the Middle East, Africa, and Latin America increasingly face indirect regulatory exposure, even if they do not operate in sanctioned jurisdictions directly.

Increased Scrutiny of Cross-Border Transactions

Secondary sanctions expand enforcement beyond geographical borders, making any international business a potential point of scrutiny. Companies involved in trade, payments, logistics, or cryptoassets must ensure that they are not inadvertently supporting sanctioned entities. Regulators have emphasized the importance of identifying indirect linkages through supply chains, beneficial ownership structures, or financial intermediaries.

Financial Institutions Face Heightened Risk

Banks, payment service providers, and fintech companies face elevated risk because secondary sanctions can disrupt access to critical financial infrastructure. For example, a bank that is penalized under US secondary sanctions may be cut off from dollar clearing, correspondent banking, or access to SWIFT. This poses severe operational and reputational consequences.

How Secondary Sanctions Work

Secondary sanctions typically follow a set of criteria that determine when a third party becomes subject to enforcement. These criteria vary depending on the sanctions program, but often involve “knowingly facilitating” a sanctioned transaction.

Identifying Material Support

Material support includes:

• financing
• goods or technology transfer
• logistics assistance
• insurance or re-insurance
• advisory or consulting services
• cryptoasset transactions
• trade-based facilitation
  
  

Regulators interpret material support broadly. Businesses must ensure that their products and services are not used to benefit sanctioned actors.

The Role of Beneficial Ownership and Indirect Links

Secondary sanctions enforcement often focuses on indirect or hidden connections. If a foreign company deals with an entity owned or controlled by a sanctioned person, it may be exposed to secondary sanctions penalties even if it was unaware of the ownership link. Regulators expect companies to perform enhanced due diligence to verify beneficial ownership and control.

Use of Intermediaries and High-Risk Jurisdictions

Evasion networks may route transactions through jurisdictions with limited oversight to disguise connections to sanctioned entities. Secondary sanctions enforcement often targets companies in these intermediary jurisdictions if they knowingly facilitate illicit activity.

Red Flags of Secondary Sanctions Exposure

Identifying red flags is essential to preventing indirect exposure to sanctioned networks. These indicators signal that a transaction, customer, or business arrangement may involve hidden connections to sanctioned actors.

Unusual or Opaque Corporate Structures

Companies should investigate businesses that:

• have complex ownership structures with multiple layers
• are registered in jurisdictions known for secrecy or weak corporate registry requirements
• use nominee directors or bearer shares
• frequently change ownership or registered address
  
  

Opaque structures often hide sanctioned individuals who control or benefit from the entity. Regulators expect companies to verify beneficial ownership using reliable, independent sources.

Counterparties Located in High-Risk Jurisdictions

Transactions involving jurisdictions used as transshipment hubs or sanctions evasion corridors require enhanced scrutiny. Public datasets from the EU and UN reflect increased re-export activity through:

• Central Asia
• the Caucasus region
• the Middle East
• parts of East Africa
  
  

Companies must examine whether goods, payments, or services could be diverted from these regions to sanctioned destinations.

Payments Routed Through Multiple Intermediaries

Complex payment chains, especially through lesser-known financial institutions, can indicate attempts to avoid detection. Red flags include:

• payments routed through several banks without clear commercial justification
• repeated use of correspondent banks in high-risk jurisdictions
• funds that originate from or terminate in countries with weak AML supervision

Financial institutions must monitor for inconsistent transaction patterns and evaluate whether payment corridors align with the customer’s profile.

Transactions Inconsistent With Business Activity

Secondary sanctions risks increase when transactions do not match the customer’s expected behavior. This includes:

• sudden changes in trade volumes
• new trade routes with no historical pattern
• purchases of goods beyond the customer’s apparent capabilities
• unusually high-value deals involving inexperienced traders

These inconsistencies may indicate that the customer is acting as a front for a sanctioned party.

Use of Cryptoassets to Facilitate Transactions

Cryptoassets introduce new opportunities for evasion. Red flags include:

• use of privacy coins
• transactions passing through mixing services
• wallets associated with sanctions lists or previously identified ransomware groups
• rapid movement of funds across multiple blockchains

Regulators increasingly expect companies to integrate blockchain analytics into transaction monitoring systems.

Practical Steps to Avoid Secondary Sanctions Exposure

Understanding red flags is not enough. Companies must implement compliance programs capable of detecting and preventing indirect exposure.

Implement Automated Sanctions Screening

Automated sanctions screening reduces the risk of missing new designations or indirect ownership links. Advanced platforms integrate:

• global sanctions lists
• beneficial ownership data
• trade data
• transaction patterns
• adverse media
• network analysis
  
  

Automation helps organizations identify hidden risks that manual screening cannot detect.

Conduct Enhanced Due Diligence (EDD) on High-Risk Customers

EDD should include:

• verification of beneficial ownership
• checking multiple corporate registries
• assessing economic substance
• reviewing shipping records and supply chain activity
• evaluating customer transaction behavior

High-risk cases may require independent verification of documentation or site visits.

Monitor Trade Flows and Supply Chains

Organizations engaged in manufacturing, logistics, or global trade should track supply chain movements carefully. This includes:

• checking end-use certificates
• monitoring trade corridors
• verifying re-export restrictions
• reviewing distributor arrangements
  
  

Supply chain risk assessments must consider the possibility of diversion.

Use Risk-Based Transaction Monitoring

Transaction monitoring should incorporate:

• geography risk scoring
• customer behavior analytics
• detection of unusual payment routing
• integration with sanctions screening
• alerts triggered by deviations from expected patterns

This helps companies identify transactions that may indicate material support for sanctioned parties.

Maintain Documentation and Audit Trails

Regulators require companies to demonstrate the rationale behind their compliance decisions. Comprehensive documentation protects organizations during investigations, audits, or enforcement reviews.

Conclusion

Secondary sanctions represent a significant risk for any business involved in international trade, finance, or cross-border services. These measures target not only sanctioned actors but also third parties that support them directly or indirectly. Understanding the mechanics of secondary sanctions and recognizing red flags such as opaque ownership, high-risk jurisdictions, unusual transaction patterns, and crypto-related activity is essential for maintaining compliance. 

As enforcement expands in 2025, companies must strengthen due diligence, automate screening, and maintain robust monitoring systems to avoid indirect exposure.

sanctions.io is a highly reliable and cost-effective solution for real-time screening. AI-powered and with an enterprise-grade API with 99.99% uptime are reasons why customers globally trust us with their compliance efforts and sanctions screening needs.

‍

To learn more about how our sanctions, PEP, and criminal watchlist screening service can support your organisation's compliance program: Book a free Discovery Call.

We also encourage you to take advantage of our free 7-day trial to get started with your sanctions and AML screening (no credit card is required).

‍