Sanctions Evasion: Definition and Use in Compliance

What is Sanctions Evasion?

Sanctions evasion is the deliberate circumvention of legally imposed restrictions on transactions, assets, or trade by a designated individual, entity, or sovereign. The restrictions being evaded come from multiple authorities: OFAC in the US, the EU Foreign Affairs Council, the UN Security Council, the UK's OFSI, and equivalent bodies in Australia, Canada, and Japan.

The defining feature is active concealment. Accidental non-compliance, such as missing a name match due to transliteration variance, is a compliance failure. Evasion is different. It involves deliberate steps to disguise the sanctioned party's involvement: layering ownership through shell companies, using nominee shareholders to hold assets in the sanctioned party's place, routing payments through intermediaries in non-sanctioned countries, or using cryptocurrency tools to break the on-chain link to a sanctioned wallet.

A concrete example: in September 2022, the US Department of Justice indicted members of a procurement network that routed US-origin electronics to Russian military end-users through Turkish and UAE intermediaries. The sanctioned Russian entities were hidden behind layers of corporate structure. No sanctioned name appeared in the wire transfer records. Every intermediary screened clean.

The scale of post-2022 Russia-related evasion made this typology impossible to ignore. Analysis by the Kyiv School of Economics estimated that over $7.5 billion in dual-use goods entered Russia via third countries in 2022 alone, according to their June 2023 research. That's not a compliance gap. It's structured evasion at industrial scale, and it forced the issue onto every bank's board agenda.

OFAC uses a strict liability standard for most sanctions programs. A financial institution that processes a payment for a sanctioned party hiding behind a corporate structure can face civil penalties even without knowledge of the connection. That changes the risk calculus. Screening against the list is necessary. Knowing who's actually on the other side of the transaction is the harder requirement.

How is Sanctions Evasion Used in Practice?

Compliance teams use the term across four distinct workflows: onboarding, transaction monitoring, periodic review, and SAR filing.

At onboarding, sanctions screening against the OFAC SDN list, EU consolidated list, UN list, and OFSI list is the baseline. It catches named individuals and directly listed entities. It doesn't catch a sanctioned party who incorporated a clean holding company last quarter.

Know Your Business (KYB) fills part of that gap. Analysts map the ownership chain to the natural person level and screen each layer. The OFAC 50 Percent Rule makes this mandatory for US persons: if a sanctioned party owns 50% or more of an entity (directly or indirectly), that entity is treated as sanctioned even without a list entry. Enhanced Due Diligence (EDD) processes for high-risk customers add source-of-funds verification, cross-referencing against adverse media, and third-party registry checks to surface hidden connections.

Transaction monitoring flags evasion-consistent patterns: payments through jurisdictions that became prominent third-country routing hubs after 2022 (UAE, Turkey, Armenia, Georgia, Kyrgyzstan for Russia-related programs), unusual third-party payment instructions where the payer and payee share no obvious business relationship, and invoice amounts inconsistent with market norms.

When a case develops, the Money Laundering Reporting Officer (MLRO) decides whether the evidence supports a Suspicious Activity Report (SAR). A sanctions evasion SAR needs a detailed typology narrative: how the connection to the sanctioned party was established, which transactions are suspected, and what actions the bank has taken (including any account restrictions). Banks that self-report suspected evasion through OFAC's voluntary self-disclosure program receive a 50% reduction in the base civil penalty under OFAC's compliance program guidance.

Sanctions Evasion in Regulatory Context

OFAC is the primary US sanctions enforcement authority, operating under the International Emergency Economic Powers Act and, for some programs, the Trading with the Enemy Act. Its 2019 Framework for OFAC Compliance Commitments established the five components of an adequate sanctions compliance program and defined how willfulness and recklessness factor into civil penalty calculations.

The civil penalty ceiling for a single violation is currently $356,579 or twice the value of the transaction, whichever is higher. Enforcement data shows what systematic failures cost: Binance's 2023 OFAC settlement reached $968 million. Standard Chartered's 2019 combined settlement exceeded $1.1 billion, with the Iran-related sanctions evasion component the largest single driver.

At the multilateral level, the Financial Action Task Force (FATF) addresses sanctions evasion through Recommendation 6 (targeted financial sanctions for terrorism financing and proliferation financing) and Recommendation 7 (UNSC-mandated sanctions). Countries on the FATF Grey List often have documented weaknesses in implementing these recommendations, which makes them attractive routing jurisdictions for evasion schemes. FATF mutual evaluation reports are public documents, and compliance teams use them to calibrate correspondent banking and customer risk by jurisdiction.

The EU's response to Russia's 2022 invasion produced the most legally aggressive European sanctions package in modern history. EU Regulation 2022/394 and subsequent packages introduced criminal liability for sanctions circumvention at the member-state level for the first time. The European Commission's restrictive measures guidance (May 2023) specifically targeted transit of dual-use goods through third countries and introduced a "no re-export to Russia" contractual clause requirement for EU exporters.

For export-related evasion, the US Bureau of Industry and Security (BIS) runs a parallel regime through the Entity List. Banks and exporters must screen against both OFAC lists and BIS designations, which cover parties not always on the SDN list.

Common Challenges and How to Address Them

The biggest gap in most programs is beneficial ownership. A sanctioned party doesn't typically appear as a director. They appear as the Ultimate Beneficial Owner of a BVI company that owns a Cyprus entity that owns a UAE holding company. Each layer looks clean individually. KYB tools that stop at the first corporate layer miss this entirely.

Deep UBO resolution means tracing every ownership chain to the natural person level and screening each person against all relevant lists. The EU's 5th Anti-Money Laundering Directive required member states to establish public beneficial ownership registries for exactly this reason. Those registries are useful starting points, but accuracy varies by country, update compliance rates are inconsistent, and several have faced legal challenges on privacy grounds. They're necessary but not sufficient.

Name transliteration is a persistent technical problem. A Russian national on the SDN list may romanize into 12 different Latin-script variants. Fuzzy matching techniques, including Levenshtein distance and phonetic matching, catch variants that exact-match screening misses. But they increase false positives. The tradeoff is real: a recall-optimized approach generates more alerts, which takes analyst time. Most institutions tune thresholds based on the risk profile of the customer segment.

Cryptocurrency evasion has added a distinct operational challenge. Sanctioned entities, including Lazarus Group (North Korea) and designated Russian individuals, have used cryptocurrency mixers and chain hopping to move restricted assets. OFAC designated Tornado Cash in August 2022, the first time open-source software received an OFAC designation. Compliance teams at virtual asset service providers now use blockchain analytics to screen wallet addresses for exposure to sanctioned entities, mixing services, and high-risk exchange clusters.

Network analysis is the most effective tool for layered corporate evasion. Graph-based analysis maps relationships between entities, individuals, addresses, and transactions, surfacing connections that linear name screening misses. We've seen banks reduce evasion-related false negatives significantly by adding network-based relationship scoring alongside traditional list matching.

Related Terms and Concepts

Sanctions evasion connects to a cluster of compliance concepts that overlap in practice.

Sanctions screening is the first line of detection. It's a necessary control but catches only the simplest cases, where a designated name appears directly in a record. Evasion, by definition, defeats basic screening.

Proliferation financing is a specific subtype of sanctions evasion risk. Entities tied to weapons programs, particularly North Korean and Iranian state-linked networks, use evasion techniques to acquire controlled materials and transfer value in support of weapons development. FATF Recommendation 7 addresses this as a separate regime from counter-financing of terrorism under Recommendation 6.

Trade-based money laundering (TBML) overlaps directly with sanctions evasion. Misinvoicing, phantom shipments, and commodity misrepresentation are techniques used both to move value for sanctioned parties and to launder proceeds. The same investigation often uncovers both offenses simultaneously.

Secondary sanctions expand the risk perimeter beyond direct dealings. A European bank that processes a payment for a non-US entity doing business with an Iranian SDN can face OFAC secondary sanctions action even without a US person or US dollar in the transaction. This concern has driven substantial de-risking in correspondent banking relationships, particularly in the Middle East and Central Asia.

Correspondent banking is itself a major evasion vector. Nested correspondent account structures allow a respondent bank to move funds through a correspondent's name, obscuring the ultimate originator. SWIFT's sanctions screening guidelines address this directly, requiring correspondent banks to screen originators and beneficiaries throughout the payment chain.

Understanding sanctions evasion requires familiarity with asset freezing as the mechanism being defeated, and sectoral sanctions as a program type where prohibitions are narrower but evasion is equally prosecuted. The DOJ's Task Force KleptoCapture, established in March 2022, produced over 40 criminal cases focused on sanctions evasion and asset concealment within its first two years, making it the most active US enforcement initiative targeting evasion in the modern era.