Deter, Disrupt, Demonstrate – What the UK Sanctions Strategy tells us (and what it doesn’t)

Last week HM Government released the UK Sanctions Strategy which sets out exactly how sanctions are used to further the Nation’s foreign policy priorities. The Strategy made clear that the existing UK regimes (all 36 of them) are under ongoing review to ensure they’re appropriately targeted. Whilst it was made clear that sanctions can be lifted where appropriate, the consensus was that, as we’re living in an increasingly dangerous and uncertain world, it’s likely that sanctions will become an even more crucial tool globally.  

By using specific case studies, the Strategy provides a much-needed insight into how different sanctions work to achieve a defined goal and brings to life the scale of activity they aim to prevent and/or reduce. The Strategy touches upon the importance of collaboration between the public and private sector and cross-jurisdictional relationships and how crucial these relationships are to ensuring the successful implementation of sanctions. We’ve heard the public-private collaboration message for over 20 years now, with little meaningful change.  

The Strategy heavily infers that the use of sanctions will increase globally but doesn’t outline any practical steps firms can take to stay up to date and maintain effective sanctions compliance. We’re seeing that firms are already struggling to keep pace with the changes to existing regimes. When Russia invaded Ukraine nearly two years ago the sanctions landscape changed overnight. Firm’s relying on third party providers for their sanctions screening tools found that SLAs for amendments to source lists were too long whilst in some cases, the number of possible sanctions matches returned (all requiring manual review and investigation) triggered unforeseen operational strain.  

So, what can firms do? 

1. Understand what sanctions are and why they’re so important (significantly easier thanks to the published Strategy!) 

2. Ensure your risk assessment is sufficiently detailed and insightful into the specific sanctions risks related to your products / services, customers and jurisdictions? This step is the foundation to getting the rest of your framework right. 

3. Get under the bonnet of your controls  

   • What source lists are being used for screening? 

   • What SLAs are in place in relation to updates to these lists? 

   • What ‘fuzzy logic’ threshold is right for your firm? 

4. Make sure everyone is clear on what needs to be done in the event of a possible or true sanctions match 

   • Do you have clear procedures on alert handling including investigation and escalation measures? How do you know that you’re getting consistent outcomes on alert adjudication?  

   • Are there clearly defined responsibilities for teams or individuals executing controls, either wholly or partially? 

   • Is your record keeping up to scratch? Are dispositioning rationales comprehensive and clear? 

   • Is everyone adequately trained on your firm’s sanctions control framework? 

Even though it can feel like a bit of a moving target at times, there is no grey area when it comes to sanctions compliance.  

Drop me a line if you’d like to discuss further and see how Avyse may be able to help you.