Solutions
AcademyAbout us
Request DemoLogin
All
AML Compliance
Digital identity
Crypto Compliance
News
Glossary
About usOur AcademyAutomated & collaborative case managementAll-in-one compliance solutionWeb3 compatibilityCustomer verificationBusiness verificationWallet screeningTransaction Monitoring
Request demoLogin
Croce
AcademyAML Compliance
What Sanctions Compliance Means for Crypto Firms Today
Author
Natalia Latka
Natalia Latka
Head of Regulatory Affairs
Sommaire
IN THIS ARTICLE
Example H2
Example H3
AML Compliance
10/1/2025
.
X
min

What Sanctions Compliance Means for Crypto Firms Today

Natalia Latka
Written by
Natalia Latka
What Sanctions Compliance Means for Crypto Firms Today

Sanctions Origins: Evolution, and Global Impact

Sanctions are one of the most powerful tools governments use to protect national security and uphold international law. At their core, sanctions programs restrict or prohibit financial dealings with specific individuals, entities, countries, or sectors that have been linked to threats such as terrorism, nuclear proliferation, organized crime, corruption, or human rights abuses. 

Sanctions have been part of the international policy toolkit for decades, but their scope and intensity have evolved significantly over time.

In the United States, the Office of Foreign Assets Control has administered sanctions programs since the 1950s, initially targeting hostile states during the Cold War. Over the years, OFAC’s remit expanded to cover individuals, organizations, and entire sectors linked to terrorism, narcotics trafficking, cybercrime, and human rights abuses.

At the multilateral level, the United Nations Security Council has imposed sanctions since the 1960s, often to respond to armed conflicts or nuclear proliferation. Regional bodies such as the European Union later developed their own programs, which sometimes go further than UN measures, reflecting the EU’s broader foreign policy priorities.

The 21st century saw sanctions become a central instrument of international relations. The 9/11 attacks in 2001 accelerated the focus on counter-terrorist financing, while more recent events - from North Korea’s nuclear program to Russia’s invasion of Ukraine - have triggered some of the most expansive and complex sanctions regimes in history.

A New Medium for Sanctions Evasion: Crypto

For decades, sanctions were primarily about restricting access to money and trade through the traditional financial system. Banks, payment providers, and shipping companies were the choke points. But with the rise of crypto assets, a new medium has emerged: one that creates fresh avenues for sanctions evasion.

Crypto can enable sanctions evasion in several ways. 

  • First, it provides a way to store, move, and receive funds outside the banking system. Sanctioned actors can hold value in wallets, transfer it across borders instantly, and cash out through less regulated venues.
  • Second, crypto can be used for cross-border trade settlement. Instead of relying on banks or established payment networks, parties in sanctioned jurisdictions may transact directly in stablecoins or other crypto assets to pay for goods and services.
  • Third, crypto opens the door to building alternative payment networks that bypass the Western-dominated financial infrastructure altogether. Initiatives like the BRICS countries exploring blockchain-based settlement systems illustrate how digital assets could underpin parallel financial channels less vulnerable to U.S. dollar or SWIFT-based sanctions.

This shift does not mean sanctions are obsolete, but it does mean the enforcement landscape is changing. Regulators increasingly expect crypto firms to recognize these risks and act as effective gatekeepers, just as banks have long been required to do.

The Enforcement Arm of Sanctions: Why Institutions Matter

Sanctions programs rely on the private sector as their enforcement arm. In practice, institutions are the gateways: they stand between sanctioned actors and the global financial system. If they allow a prohibited transaction through, the entire regime risks being undermined.

This is why sanctions compliance is both a legal requirement and a strategic safeguard. Institutions that implement robust controls not only protect themselves from regulatory exposure but also reinforce the integrity of the broader financial system and contribute directly to the policy objectives of national and international security. For crypto firms, this responsibility is newer - but no less critical. As gateways to the digital asset economy, they are now expected to play the same role that banks have long played in ensuring sanctions are effective.

Unlike other areas of financial crime compliance, where risk is often assessed on a spectrum, sanctions obligations are typically absolute. If a customer or transaction is linked to a sanctioned party, it cannot proceed. Regulators treat breaches as strict liability, meaning that even inadvertent violations can trigger severe penalties, reputational damage, and loss of market access.

Sanctions programs are also dynamic. Lists are updated frequently - sometimes daily - as governments respond to fast-moving geopolitical events. Institutions need systems that can keep pace with these changes and prevent sanctioned actors from exploiting gaps.

Starting with Screening: The Core of an Effective Sanctions Program

At the heart of every effective sanctions program is screening. Financial institutions - including crypto firms - are expected to screen customers, transactions, and counterparties against official sanctions lists. 

These lists, maintained by authorities such as the U.S. Office of Foreign Assets Control, the EU, the United Nations, and many national governments, identify individuals, entities, and addresses that institutions must not deal with.

In practice, sanctions screening in crypto has 3 dimensions:

  • Customer and counterparty screening: checking names, corporate entities, and beneficial owners against sanctions lists during onboarding and throughout the relationship.

  • Wallet and address screening: comparing blockchain addresses against lists published by regulators or flagged by blockchain analytics providers as linked to sanctioned actors.

  • Transaction screening: monitoring transfers in real time to ensure that no funds flow to, from, or through sanctioned entities or jurisdictions.

Effective screening is not just about running names or addresses through a database. Institutions must design their systems to handle challenges such as:

  • Data quality and fuzzy matching: names may be spelled differently across languages and alphabets. Screening tools must catch close matches without overwhelming compliance teams with false positives.

  • List updates: sanctions lists can change daily, and systems must update immediately to capture new designations.

  • Indirect exposure: sanctioned actors may attempt to evade detection by using intermediaries, front companies, or multiple blockchain hops. Institutions must define clear policies on how far their screening goes (for example, how many “hops” away still counts as relevant exposure).

Beyond the List: Attribution in the Blockchain Context

Sanctions lists are the starting point, not the finish line. Authorities like OFAC or the EU may publish specific blockchain addresses tied to sanctioned actors:  for example, wallets used by a ransomware group or a state-sponsored hacking team. But those published addresses are usually just a fraction of the wallets actually controlled by the sanctioned entity. In practice, sanctioned actors operate dozens or even hundreds of wallets, constantly creating new ones to bypass restrictions.

This is where blockchain attribution becomes essential. Attribution is the process of linking wallets and transactions that may not appear on an official list, but are in reality controlled by, or closely associated with, sanctioned parties. For example, if a designated ransomware group cashes out through a new address that is clustered with their known wallets, attribution tools can identify that risk even before regulators update their lists.

For compliance teams, this creates a critical challenge: sanctions obligations are strict liability, meaning that “I didn’t know it was their wallet” is not a defense. Institutions therefore need to choose their blockchain analytics providers carefully. The ability to attribute hidden or associated wallets to known sanctioned entities is what separates a program that truly protects against sanctions evasion from one that only ticks the box of screening against official lists.

In other words, lists tell you where to start; attribution tells you where the risk really is.

Extra Considerations: Timing and Context

Sanctions compliance is not always black and white. One important question is what happens if a firm processes a transaction with a sanctioned entity before the designation was made. Technically, sanctions obligations are forward-looking. For example, the UK’s Office of Financial Sanctions Implementation has clarified in recent guidance that such cases do not automatically create liability.

But that does not mean firms can ignore them. Even if a transaction predates the designation, institutions are expected to:

  • Review the overall context:  assessing whether there were warning signs that should have raised red flags earlier.

  • Inform regulators where appropriate:  filing reports or disclosures to show transparency and cooperation.

  • Strengthen monitoring going forward: ensuring that once the designation is made, no further exposure is possible.

In practice, this means firms should treat these cases as learning moments. They may not carry direct liability, but they are still signals that a compliance framework needs to be agile enough to catch risks as close to real time as possible. Reporting and documenting the handling of such situations is also critical for demonstrating good faith and diligence to supervisors.

Extra Considerations: Indirect Exposure and “Hops”

Sanction risk is not always about direct exposure. A wallet may never appear on an official sanctions list, but if the funds it holds originated from a designated person and passed through intermediaries, the exposure remains. This is what regulators call indirect exposure. On blockchains, this often plays out as a series of “hops” - transactions that move funds step by step from a sanctioned wallet into the broader ecosystem.

We define a hop as a single transaction between two addresses. One hop is obvious: a designated wallet sends directly to your customer. But what about two, three, or five hops later? Sanction exposure does not magically disappear as the number of hops increases. The taint persists, it simply becomes harder to detect.

To address this, UK OFSI recommends that UK cryptoasset firms screen at least 3–5 hops back in transaction history, or until the cryptoassets reach a regulated service provider. This reflects the reality that sanctioned entities often use mixers, chain-hopping, or DeFi protocols precisely to add distance and obscure links. Importantly, OFSI also stresses that firms should take a risk-based approach: considering the number of hops, the type of counterparties involved, and whether behavioural patterns suggest sanctions evasion.

The practical implication is clear: compliance teams cannot stop at screening for direct matches. They must ensure their blockchain analytics tools are capable of tracing exposure across multiple layers, and that their internal policies define how far they go. 

The Moving Target: Constantly Rotating Wallets in Sanctions Compliance

One of the biggest challenges in sanctions compliance for crypto is that sanctioned actors rarely stand still. Some entities, such as the Russian exchange Garantex, are known to rotate their wallets constantly, sometimes daily, even minute by minute. This makes traditional screening nearly impossible: by the time a new address appears on an official sanctions list or even in a provider’s risk database, it may already have been abandoned.

The result is a dangerous gap. A firm may process a transaction in good faith, only to discover after the fact that the wallet belonged to a sanctioned party. In a world of strict liability, that “too late” discovery does not shield the firm from regulatory consequences.

This is why the techniques and speed of blockchain analytics providers become decisive. It is not enough for a vendor to simply store a list of known addresses. Effective sanctions compliance in crypto requires providers that can:

  • Cluster and attribute wallets quickly, linking new addresses to sanctioned entities as soon as patterns emerge.

  • Detect behavioral signatures, such as rotation techniques or laundering patterns, that signal when a new wallet likely belongs to a sanctioned actor.

  • Update systems in near real time, so institutions are not left exposed while waiting for static lists to catch up.

In short, the risk is not just that sanctioned actors exist, but that they move faster than traditional controls. Firms choosing blockchain analytics solutions need to look closely at the responsiveness and methodology of their providers, because speed and accuracy determine whether sanctions monitoring is truly protective - or merely reactive.

When Sanctioned Funds Arrive Uninvited: Managing Freezes in Crypto

One of the unique challenges in crypto sanctions compliance is that firms cannot always prevent sanctioned funds from arriving. Unlike banks, which can reject a payment before it lands, blockchain transactions are push-based: once broadcast, they settle on-chain regardless of whether the recipient wants them. This means that crypto firms may find themselves in possession of assets linked to a designated person without ever having consented to the transaction.

In such cases, the expectation is clear. The funds must be frozen, not returned to the sender or made available to the recipient. Authorities require that designated assets be restricted immediately and reported, even if the firm had no control over the inflow. Customers must not be able to move, withdraw, or otherwise benefit from those funds until a license or exemption is obtained.

Freezing, however, is only part of the obligation. Firms also need to ensure they report the exposure promptly to the relevant authority. This means notifying competent authority, and if the firm is part of the regulated sector, also filing a Suspicious Activity Report with the FIU. These expectations apply in many jurisdictions, where failure to report can be treated as a breach in itself, regardless of whether the underlying inflow was intentional.

The key point is that crypto’s technical design does not excuse firms from sanctions obligations. Regulators expect institutions to have procedures, tooling, and case management processes in place to identify, restrict, and report sanctioned funds - even if those funds arrive uninvited. In this way, frozen funds management becomes a litmus test of whether a firm’s sanctions program is truly operational, or merely a paper exercise.

Smart Contracts & On-Chain Policy Enforcement: A Different Angle

The dynamic changes somewhat when crypto transactions are mediated by smart contracts rather than direct wallet-to-wallet transfers. In traditional wallet-based inflows, once a transaction is broadcast to the blockchain, it cannot be stopped - the funds will settle, whether the firm wants them or not. But when access to assets or services is governed by a smart contract, there is scope to build in control logic that can act as a sanctions safeguard.

For example, protocols can use proxy contracts or gating mechanisms to block sanctioned addresses from interacting in the first place. We have already seen some DeFi projects implement wallet-blocking functionality, drawing on sanctions screening lists or blockchain analytics data. In these cases, the “freeze” happens not after the inflow, but at the access layer:  preventing the sanctioned party from using or moving assets through the contract at all.

In short, smart contracts can provide a first line of automated defense, reducing the risk of sanctioned inflows reaching the system. 

From Noise to Insight with ComPilot: The Power of Holistic View in Sanctions Compliance

Sanctions compliance in crypto is not just about matching names on a list or flagging a suspicious wallet. It is about weaving together a complex set of signals - designations, transaction or behavioural patterns - into a framework that is both actionable and defensible. That requires context, and context only comes when data and processes are connected.

This is where ComPilot makes a difference. By aggregating multiple tools and data sources into a single, interconnected workflow, ComPilot gives compliance teams a holistic view of the customer relationship and their interactions across the ecosystem. Onboarding checks, sanctions screening results, wallet screening, transaction monitoring, and case management no longer sit in silos - they are part of one integrated system.

The benefit is twofold. 

  • First, it enables actionable decision-making: firms can see not only that an address is flagged, but also how it connects to the broader customer profile, historic activity, and how those actions and interactions are localized in time in relation to designations.
  • Second, it provides a clear audit trail: showing regulators exactly how sanctions risks were identified, assessed, escalated, and resolved.

And ComPilot goes further. Beyond providing context and auditability, we also enable on-chain policy enforcement - allowing firms to embed sanctions logic directly into smart contract interactions, without the need to redeploy underlying contracts. This gives compliance teams a powerful way to operationalize sanctions controls at the access layer, ensuring that prohibited activity is blocked before it can take root.

In an environment where strict liability and global security threats leave little margin for error, this kind of holistic view is what transforms sanctions compliance from a reactive burden into a proactive safeguard. 

With ComPilot, firms can not only meet regulatory expectations but demonstrate with confidence that their sanctions program is effective, integrated, and proactive.

👉 If you want to know whether your sanctions compliance program is truly effective, don’t hesitate to reach out to our team.

Author
Natalia Latka
Head of Regulatory Affairs
These articles might interest you
Show more
Arrow
Tokenization and Trust: Embedded Compliance as the Catalyst for Adoption
AML Compliance
Tokenization and Trust: Embedded Compliance as the Catalyst for Adoption
10/2/2025
Written by
Natalia Latka
What Sanctions Compliance Means for Crypto Firms Today
AML Compliance
What Sanctions Compliance Means for Crypto Firms Today
10/1/2025
Written by
Natalia Latka
From Compliance as Part of the System to Compliance as the System
AML Compliance
From Compliance as Part of the System to Compliance as the System
9/30/2025
Written by
Natalia Latka
Follow our product development exclusively on
ComPilot is ISO 27001 certified. Learn more
You can verify the validity of our ISO certificate by checking our certificate number (259166) via this link
about
About usContact usAcademyPrivacyCookie policyJob Applicants Privacy Notice
solutions
Automated & collaborative case managementAll-in-one compliance solutionWeb3 compatibilityCustomer verificationBusiness verificationWallet screeningTransaction monitoring
Developers
DocumentationGithub