Remember: Sanctions Apply to All Companies, Irrespective of Size

Some readers may be new to the world of sanctions and how to comply with laws and regulations issued by sanctioning bodies. You can learn everything you need to know about sanctionssanctions lists, and how to comply with them in this ultimate guide

And let's put this in layperson's terms: If your business uses currencies such as dollarspounds, and euros in your operations (that will be the vast majority of you nodding your head right now), then you must comply with the sanctions lists issued by the big four:

  • The OFAC Sanctions Lists (US)
  • The UN Sanctions Lists (UN)
  • The EU Consolidated List of Sanctions (EU)
  • The HM Treasury Sanctions List (UK)

In addition, it's also important to be aware that sanctioning bodies, such as OFAC, don't care if you're business is a one-person show or a multinational company with hundreds of thousands of employees. If any of them discover sanctions breaches within your startup or SME, they have the legal right to go after you.

Misconception: Sanctions Bodies Only Dish Out Penalties to Large Companies

Regarding sanctions compliance and fines for breaches, most newspaper headlines and industry chatter focus on top-tier penalties. For example, in 2023, British American Tobacco's (BAT) astronomical $635 Million OFAC penalty garnered much attention, as did Microsoft's $3.3 Million fine for sanctions breaches

But the reality is this: Sanctioning regimes also target smaller companies that commit violations.  

And as reported back in March, following the rapid increase in global sanctions due to the Russian invasion of Ukraine, there is increasing scrutiny on sanctions evasion. In March 2023, OFAC recommended that companies initiate rigorous compliance controls (in light of Russia-related sanctions). During the same period, the United States Department of Justice (DOJ) announced that it plans to hire over 25 new prosecutors to punish companies that breach sanctions laws. 

Insights from Sanctions Violations Penalties on Startups & SMEs in 2023

We now know two crucial things. First, startups and SMEs must comply with sanctions laws and regulations too. Second, there is a misconception that sanctioning bodies only target large, well-known companies.

This section will reveal cases where sanctioning bodies issued penalties to smaller (and relatively unknown) businesses. 

And it's important to remember this: We aren't using examples from 20 years ago or even five years ago. The following cases are from the last six months.

Number 1: Murad (May 2023)

Let's begin with a multi-million dollar penalty from just a few months ago (at the time of writing). This is what happened: Murad, a skincare and dietary supplements company based in California, found itself in OFAC's crosshairs for violating sanctions on Iran during 2009 - 2018. The British multinational consumer goods company, Unilever, purchased Murad in 2015, where they subsequently discovered it and voluntarily self-disclosed the violation.

And the penalty? A whopping $3,334,286. But OFAC didn't stop there. They also fined a former senior company executive (referred to as "US Person") $175,000

There are a few learning points from this case that all startups and SMEs should heed.

First, paying poor attention to sanctions compliance could limit interest from investors, especially given the growing importance of environmental, social, and corporate governance (ESG) investing. And second, employees can also get in serious trouble as personal liability for sanctions violations is often applicable.

Recommended reading: 5 Ways Compliance Officers Can Minimize Personal Liability

You can read more about the Murad case here.

Number 2: Poloniex (May 2023)

The next sanctions violations case also comes from just a few months ago. On May 1, 2023, OFAC distributed this press release detailing why they hit a company called Poloniex with a jaw-dropping $7,591,630 fine for multiple sanctions violations.

So what happened? 

To explain simply, Poloniex is a US crypto trading platform that OFAC accuses of 'allowing customers apparently located in sanctioned jurisdictions to engage in online digital asset-related transactions.'

OFAC goes on to state that Poloniex, despite having reason to know their customers' location (based on KYC information and IP address data), transactions involving sanctions jurisdictions totaling more than $15 million passed through their platform.

And what can startups, SMEs, and small businesses learn from this case? A glaringly obvious lesson is that Know Your Customer (KYC) processes (including sanctions screening) are useless if commercial goals override a business's compliance culture.

Developing a solid company compliance culture is crucial for mitigating the risk of breaking sanctions laws. 

How Can Startups and SMEs Comply With Sanctions Regimes

This section will discuss how startups, SMEs, and small businesses can comply with sanctions regimes. And here is some good news: it's much easier than many realize. But how so?

First, let's rewind a bit. A problem with sanctions regulations, laws, and compliance is that various parties often make it over-complicated.

And there are reasons for this. Partly because sanctions compliance is, in fact, extremely complicated - if you are a large, multinational financial institution. The sanctions officer's job in these kinds of organizations is unenviable, given the complications of multiple jurisdictions, thousands of customers, and complex internal systems (often legacy ones) on an international scale. 

However, for smaller companies and organizations, the scope of operations is significantly more manageable. It can be as easy as doing the following:

  • Creating a basic effective Sanctions Screening Process
  • Start screening for your customers and other stakeholders against sanctions lists

That's it. And both of the above points are easy to do.

Creating a sanctions screening process can be as simple as making a checklist or workflow that includes screening customers, suppliers, and other stakeholders against relevant sanctions lists.

And what about beginning the screening process? Getting started can be as straightforward as uploading a CSV file to a global sanctions database. For example, the small package covers 30+ global sanctions lists, global PEP data, and criminal watchlist data for 2000 checks.

How Can Support Your Business With Sanctions Compliance

To learn more about how our sanctions, PEP, and criminal watchlist screening service works and to receive answers to all your queries regarding the API, integrations, and more. Book a free Discovery Call now. 

7-Day Free Trial (No Credit Card Required)

We offer a free 7-day trial (no credit card is required) and will be delighted to walk you through our service. is a highly reliable and cost-effective solution for sanction checking. AI-powered and with an enterprise-grade API with 99.99% uptime are reasons why customers globally trust us with their sanctions screening needs.