UNSC 1267: What It Requires and Who It Applies To

What is UNSC 1267?

UN Security Council Resolution 1267 is a binding Chapter VII resolution adopted on 15 October 1999. The Security Council passed it to pressure Afghanistan's Taliban regime into surrendering Osama bin Laden for his alleged role in the 1998 US embassy bombings in Nairobi and Dar es Salaam. It created the sanctions committee that would become one of the most consequential financial crime enforcement tools in history.

The regime has been amended repeatedly. Resolution 1390 (2002) extended it to Al-Qaeda globally, decoupling the obligations from Afghan territory. Resolution 1989 (2011) split the framework in two: a separate 1988 Taliban list and the 1267/1989 Al-Qaeda Sanctions List. Resolution 2253 (2015) added the Islamic State of Iraq and the Levant (ISIL, also known as ISIS or Da'esh) and its affiliates, affiliates, and splinter groups. Resolution 2368 (2017) clarified that ISIL-K, Jabhat al-Nusra, and similar derivative groups fall within scope. The regime is now formally the "ISIL (Da'esh) and Al-Qaeda Sanctions regime," though practitioners still call it "1267" for short.

The 1267 Committee, a subsidiary body of the Security Council, maintains the Consolidated Sanctions List. As of 2024, the list contains over 700 individuals and entities. Every UN member state is legally bound by Chapter VII of the UN Charter to implement three measures: asset freeze, travel ban, and arms embargo. No domestic enabling legislation is required before compliance; the obligation is direct and immediate upon listing. The UNSC 1267 Analytical Support and Sanctions Monitoring Team, established by Resolution 1526 (2004), monitors implementation and publishes detailed reports on compliance gaps. Its 2023 findings documented persistent screening failures across multiple jurisdictions, particularly in non-bank financial sectors.

Who does UNSC 1267 apply to?

The obligations bind all 193 UN member states, which means every financial institution operating under any of those jurisdictions must comply. The practical scope is wide:

• Commercial banks and universal banks: Any institution with deposit accounts, wire transfer services, or lending relationships
• Investment banks and broker-dealers: Securities, derivatives, and asset management dealings
• Insurance companies: Premium payments, policy payouts, and claims linked to listed persons
• Money service businesses (MSBs): Remittance operators, currency exchange, and check cashers
• Non-bank payment institutions: Payment processors and e-money issuers
• Pension funds and investment managers: Asset freeze applies to managed accounts, not just institutional holdings
• Trade finance providers: Letters of credit, guarantees, and structured trade instruments involving listed counterparties
• Cryptocurrency exchanges and virtual asset service providers (VASPs): UNSC Resolution 2462 (2019) and FATF Rec 15 explicitly extend 1267 obligations to virtual assets and wallet-level transactions
• Corporate treasuries: Companies with direct financial dealings, such as trade settlement, involving sanctioned entities
• Designated non-financial businesses and professions (DNFBPs): Law firms, accountants, real estate agents, and trust and company service providers, where national implementing law extends the freeze obligation

There are no size thresholds. A credit union with two branches carries the same screening obligation as a global custodian bank. The obligation runs from the moment of listing, not from when your compliance team refreshes the list. That distinction has cost institutions millions in OFAC civil money penalties.

Jurisdictional scope is genuinely global. Chapter VII of the UN Charter makes these resolutions binding on all member states regardless of domestic legal tradition. Implementation quality varies, but the legal obligation does not.

What does UNSC 1267 require?

The three core measures apply immediately and without exception to every individual or entity on the Consolidated Sanctions List:

1. Asset freeze: Freeze all funds, financial assets, and economic resources owned or controlled by listed persons or entities. "Control" is interpreted broadly. A 50% ownership stake triggers the freeze, but so does effective control through nominees, shells, or undisclosed beneficial ownership structures. The OFAC 50% Rule has become the de facto operational standard that many national authorities reference for interpreting "control."

2. Travel ban: Prevent entry into or transit through national territory by listed individuals. Financial institutions aren't direct enforcers here, but border agency data shared with FIUs can generate secondary screening obligations.

3. Arms embargo: Prohibit the direct or indirect supply, sale, or transfer of arms and related material to listed persons and entities. For trade finance banks, this means reviewing cargo descriptions and end-user certificates on letters of credit.

Beyond those three headline measures, financial institutions carry additional operational obligations:

4. Continuous screening: Screen all customers, beneficial owners, and transaction counterparties against the Consolidated Sanctions List at onboarding and on an ongoing basis. The FATF risk-based approach (Rec 1) lets you calibrate monitoring frequency to customer risk, but 1267 imposes a hard floor: no listed person may hold an unfrozen account regardless of a "low risk" classification.

5. No prior notice: Financial institutions must freeze without alerting the customer. Pre-notification is itself a sanctions violation in most jurisdictions.

6. Reporting to national authorities: Report all matches to the competent national authority, typically the financial intelligence unit or national sanctions office, within timeframes set by domestic implementing legislation. In the US, a suspected OFAC SDN match typically requires notification within 10 business days. In the UK, the Office of Financial Sanctions Implementation (OFSI) must be notified promptly under the Sanctions and Anti-Money Laundering Act 2018.

7. Record retention: Maintain records of all screening results, hits, and disposition decisions. Most jurisdictions require a minimum of five years. Under FATF Rec 11, records must be sufficient to reconstruct individual transactions and support any subsequent investigation or prosecution.

8. Humanitarian exemptions: Maintain a process to apply for limited exemptions (basic living expenses, legal fees) on behalf of listed individuals via the national competent authority, which routes requests to the 1267 Committee's Ombudsperson.

What evidence do regulators expect?

On examination day, OCC examiners, FCA supervisors, MAS inspectors, and their peers want proof the screening program is actually working, not just documented. The checklist:

• Written sanctions policy: A policy naming UNSC 1267 and its national implementing legislation (e.g., 31 CFR Part 594 in the US, the UK SAMLA 2018, EU Regulation 881/2002), with a clear owner at CCO or BSA/AML Officer level, board-approved, and reviewed within the last 12 months.

• Screening system configuration evidence: Documentation showing the Consolidated Sanctions List is loaded, that updates are applied on a defined schedule (regulators expect same-day for new UNSC designations), and that fuzzy-match thresholds are calibrated and documented.

• Onboarding screening logs: Timestamped records showing every new customer and beneficial owner screened at account opening, including the list version queried.

• Ongoing screening logs: Evidence of periodic rescreening of existing customers, especially within 24 hours of a new designation. Automated alert logs for newly listed persons against your existing book are a strong indicator of program maturity.

• True-hit disposition files: For every potential match, a documented disposition showing who reviewed it, what evidence was gathered to confirm or clear it, what action was taken, and when it was reported to the competent authority.

• Training records: Annual completion records for all relevant staff, with sanctions-specific curriculum content, not just a generic AML module.

• Independent testing results: A recent internal audit or third-party review of the screening program, including any deficiencies and remediation timelines.

• Correspondent due diligence files: For banks with correspondent relationships, evidence that counterparty sanctions screening programs were assessed. FATF Rec 13 requires this, and examiners will ask for it.

Common failure modes

These are the patterns that actually generate enforcement citations, drawn from published regulatory findings and settlement documents:

• Stale list loading: The institution loads the Consolidated Sanctions List but doesn't automate updates. Designations are added without warning. A 24-to-48-hour gap between a new UNSC designation and a screening update is enough to process a prohibited transaction in a high-volume environment.

• Inadequate fuzzy matching: Name-matching configured with thresholds too strict to catch transliteration variants. Al-Qaeda and ISIL operatives routinely travel under multiple name spellings. OFAC's own SDN entries list dozens of aliases per individual; ignoring them is a program gap.

• Beneficial ownership blind spots: Screening the named account holder but not the Ultimate Beneficial Owner (UBO). The 2019 Standard Chartered OFAC enforcement action, which produced a $639 million OFAC settlement (part of a $1.1 billion total resolution), included failures to identify beneficial owners linked to sanctioned parties and jurisdictions.

• Failure to freeze immediately: Alerting a customer before freezing the account, or delaying the freeze pending "internal confirmation." The obligation is immediate upon identifying a match. Any delay is a violation under most national implementing frameworks.

• Correspondent channel exposure: Processing transactions for downstream correspondent banks whose customers include listed entities, without adequate screening of SWIFT message fields. MT103 originator fields often carry insufficient information to detect 1267 matches; enhanced correspondent monitoring is the answer.

• No retrospective screening after new designations: When the 1267 Committee adds a name, institutions must screen the existing customer base, not just new applications. Most programs that catch hits at onboarding miss the retrospective pass entirely.

• Thin false-positive documentation: Clearing a match as a false positive without recording the specific evidence, analysis, and approver. Even if the underlying decision was correct, inadequate documentation looks indistinguishable from a deliberate bypass during an examination.

Penalties for non-compliance

The penalty structure varies by jurisdiction because each UN member state implements UNSC 1267 through domestic law. The enforcement outcomes are real.

United States: OFAC administers the SDN list, which incorporates UNSC 1267 designations. Civil penalties can reach the greater of $368,136 per violation or twice the transaction value, adjusted annually for inflation. Criminal penalties under 50 U.S.C. § 1705 for willful violations go up to $1 million per count and 20 years imprisonment. BNP Paribas paid $8.9 billion in 2014, the largest sanctions enforcement action in history, for processing transactions involving sanctioned countries through US dollar clearing. Commerzbank paid $1.45 billion in 2015 for similar conduct. Société Générale paid $1.34 billion in 2018.

United Kingdom: OFSI can impose civil monetary penalties up to the greater of £1 million or 50% of the breach value. The Sanctions and Anti-Money Laundering Act 2018 also enables criminal prosecution for willful violations.

European Union: EU Regulation 881/2002 implements UNSC 1267 against Al-Qaeda directly. Penalty floors are currently set by member states, which produces inconsistency. The incoming EU AMLR will harmonize minimum enforcement standards across the bloc.

Singapore: MAS Notice 626 requires adherence to UN sanctions. Breach of the United Nations Act (Chapter 339A) carries penalties up to S$500,000 per contravention for legal entities.

Reputational consequences often exceed the fines. Correspondent banking relationships are typically terminated when a sanctions failure becomes public. For smaller institutions, that is a potential existential outcome.

Related regulations and frameworks

UNSC 1267 sits at the top of a layered sanctions architecture. Understanding the connections matters because gaps at one layer expose you at another.

FATF Recommendation 6: FATF's targeted financial sanctions recommendation requires all member jurisdictions to implement UNSC 1267 and UNSC Resolution 1373 (counter-terrorism financing) without delay. FATF mutual evaluations explicitly test 1267 compliance as part of Technical Compliance Criterion R.6. A weak rating here affects a country's overall FATF standing.

UNSC Resolution 1373 (2001): Adopted immediately after 9/11, Resolution 1373 is a companion instrument requiring states to criminalize terrorist financing and freeze terrorist assets even without a UNSC listing. Where 1267 is list-driven, 1373 is principle-driven. Both apply simultaneously. Most national AML laws, including the US Bank Secrecy Act and the UK Money Laundering Regulations 2017, implement both frameworks.

OFAC SDN List: The US OFAC SDN list incorporates UNSC 1267 designations alongside US-unilateral additions. For US institutions and non-US institutions that clear US dollars, OFAC SDN screening is the practical implementation vehicle for 1267. The two lists are not identical; gaps between them create exposure.

EU Regulation 881/2002: The EU's direct implementation of 1267, applicable in all member states without domestic transposition. The EU AMLR coming into full effect will strengthen enforcement coordination around it. The FATF Rec 10 (Customer Due Diligence) framework provides the operational foundation on which sanctions screening sits.

Virtual assets: Resolution 2462 (2019) explicitly extends 1267 obligations to cryptocurrency and virtual assets, consistent with FATF Rec 15. VASPs must screen wallet addresses and counterparties against the Consolidated List. National regulators in Singapore, the UK, and the EU have all confirmed this interpretation in their VASP licensing guidance.

How FluxForce supports UNSC 1267 compliance

FluxForce's AI agents run continuous screening against the UNSC Consolidated Sanctions List and all major national implementing lists, including OFAC SDN, UK OFSI, and EU Regulation 881/2002. New designations trigger immediate rescreening of existing customers without manual intervention. Every match produces a full evidence package: the matched record, the confidence score, the decision audit trail, and the reporting timestamp. For compliance teams carrying the daily weight of sanctions screening, that's the Regulatory Compliance Automation that actually reduces exposure. Request a demo to see it in your environment.