Cryptoassets & Sanctions Compliance: Key Threats Identified by OFSI

The Office of Financial Sanctions Implementation (OFSI) has published its Cryptoassets Threat Assessment (July 2025), providing a detailed examination of the risks facing UK cryptoasset firms in complying with financial sanctions. This assessment comes at a time of unprecedented sanctions activity following Russia’s invasion of Ukraine, as cryptoassets become an increasingly attractive tool for sanctions evaders and illicit actors.

Since January 2022, just over 7% of all suspected breach reports submitted to OFSI have involved cryptoasset firms, with a sharp increase in reporting from April 2024. OFSI’s analysis highlights that while cryptoasset firms are beginning to report more actively, underreporting remains an issue, often due to delays in identifying designated persons (DPs) or attributing wallet addresses.

The report makes several key judgements. It is almost certain that cryptoasset firms in the UK have underreported breaches since August 2022. Most non-compliance appears to be inadvertent, driven by complex transaction chains, delayed address attribution, and difficulties in identifying indirect exposure to DPs. Russian entities dominate suspected breaches, accounting for over 90% of reports, while Iranian exposure makes up the remainder.

OFSI identifies five significant threats:

1. Underreporting by cryptoasset firms, despite obligations to disclose suspected breaches when encountering DPs.

   
   

2. Exposure to Russian entities, particularly Garantex, a sanctioned exchange used as a conduit for illicit activity and sanctions evasion.

   
   

3. Heightened risk from DPRK-linked hackers and IT workers, who target UK firms to steal assets and launder proceeds using sophisticated techniques including mixing, tumbling, and exploiting decentralised finance (DeFi) protocols.

   
   

4. Ongoing links to Iranian cryptoasset firms with suspected ties to designated entities, exploiting cryptoassets to bypass international sanctions and facilitate foreign trade.

   
   

5. Increasing complexity in typologies used for sanctions evasion, such as nested exchanges, dark web services, privacy coins, and cross-chain bridges, all of which obscure the flow of funds and hinder effective compliance.

The assessment also warns of systemic vulnerabilities in cryptoasset operations. The pseudonymous and global nature of blockchain transactions means cryptoasset firms face risks not only from direct dealings with DPs but also from indirect exposure, such as transactions routed through intermediaries or concealed using anonymity-enhancing technologies.

To strengthen compliance, OFSI recommends that firms adopt a risk-based approach that includes proactive blockchain analysis, monitoring of transaction chains up to five hops deep, timely reporting of suspected breaches, and enhanced due diligence where multiple red flags arise. Red flags include unusual transaction patterns following sanctions announcements, exposure to services without KYC or anti-money laundering controls, and increased reliance on decentralised exchanges.

This report reinforces the imperative for UK cryptoasset firms to remain vigilant and ensure robust controls are in place to meet their financial sanctions obligations. With evolving threats from state-linked actors and innovative methods of sanctions circumvention, firms must invest in compliance capabilities, leverage blockchain analytics, and work closely with regulators to maintain the integrity of the UK financial system.

Read the report here.