Strengthening the Financial Frontline on Russian Trade Sanctions

The adoption of unprecedented and innovative trade measures in response to Russia’s full-scale illegal invasion of Ukraine in 2022 has called for a ‘whole-of-society’ response, with sanctions spanning sectors from oil and gas to timber to the manufacture of machine tools. Nonetheless, financial institutions (FIs) remain the main focus of sanctions regulators.

The US made its expectations clear in US Executive Order (EO) 14114, issued in December 2023. The Order threatens secondary sanctions against any foreign FI that has ‘conducted or facilitated any significant transaction or transactions, or provided any service, involving Russia’s military-industrial base’. More broadly, joint G7 guidance underscores the critical role FIs play in tackling sanctions circumvention, positioning them ‘on the front line in the fight against illicit finance and Russian sanctions evasion’.

G7 countries believe they can best act against evasion and circumvention through the financial sector for the following reasons:

• Leverage: The dominance of the US dollar (and to a lesser extent the currencies of other G7 countries) in global payments means regulators receive data through the financial infrastructure in their jurisdictions, even when the goods are traded elsewhere.
   
• Compliance maturity: FIs are already tightly regulated and expected to ‘know their customers’. In contrast, manufacturers and traders often lack the necessary controls and knowledge to verify end users. In pursuing new business, they may inadvertently or deliberately ship goods to intermediaries acting on behalf of Russian customers. Governments believe FIs should be able to identify such activity.
   
• Effectiveness: G7 countries believe the threat of secondary sanctions on foreign FIs is focusing minds in non-G7 jurisdictions on the risk of financing circumvention. There are some reports that US EO 14114 restricted Russia’s access to banks in third countries such as the UAE, China and Turkey, due to FIs’ fears of falling under secondary sanctions.

In order to inform policymaking and support public–private collaboration on sanctions, this policy brief seeks to understand how FIs’ compliance systems have adapted in response to post-2022 trade restrictions on Russia. If FIs are to perform this expanded frontline role effectively, what do they need from governments?

Methodology and Structure

Given the lack of specific literature on this issue, this brief relies on interviews to report FIs’ experience of implementing trade sanctions since 2022. Publicly available material is limited, both because of the relatively recent advent of the sanctions and because FIs’ compliance systems are generally not openly disclosed. Therefore, the brief relies on anonymised interviews with more than 20 compliance personnel in banks, financial technology companies (fintechs) and sanctions compliance service providers. This research was also informed by SIFMANet roundtables carried out by the Centre for Finance and Security at RUSI throughout 2024, at which FI participants shared their observations on relevant successes and challenges.

Due to time and logistical constraints, the authors of this brief were only able to conduct a limited number of in-depth, semi-structured interviews. As these contacts were established discreetly using personal and RUSI networks, all the institutions consulted were multinational FIs based in G7 countries. However, the service providers presented examples of the experiences of small and medium-sized FIs, and those located in non-G7 countries.

To capture the experience of FIs, interviews were structured around three primary processes that FIs use to prevent financial crime:

• Know your customer (KYC), customer due diligence (CDD), and ongoing customer activity monitoring. These procedures rely on a combination of self-reported information from customers and public information about their business activities.
   
• Trade finance, including letters of credit extended to businesses. This includes transaction finance, as well as more common products, such as supply chain or receivables financing, which would take place on an ‘open account’ basis.1
   
• Transaction screening and monitoring, which includes any process by which transaction data is matched against typologies of illicit activity, keywords and/or sanctions lists.

In the following sections, first, the overall complexity for FIs of complying with trade sanctions (in comparison to financial sanctions, which are based on lists of entities) is highlighted. Then, key observations for each of the three business processes listed above are relayed. The final two sections focus on the implications of these observations and offer recommendations for how policymakers can adapt regulations and provide greater detail in order to prevent the financing of sanctions circumvention and maximise the effectiveness of FIs.

Trade Sanctions: Difficult and a Lower Priority

Trade sanctions against Russia are designed to ‘disrupt Russia’s military-industrial base supply chains and payment channels’ – a complex strategic goal. Policymakers want it to be difficult for Russia and Russia’s representatives to buy and sell goods or carry out financial transactions. While FIs’ compliance personnel understand this and express commitment to complying with G7 sanctions, there is a limit to how much disruption they (and their boards) are willing to impose on their corporate clients, many of whom have a higher risk tolerance than the FIs.

Interviewees from FIs also expressed frustration with the lack of engagement and detailed guidance regarding expectations of US, UK and EU sanctions authorities for financial compliance programmes. ‘We get a lot of lecturing from regulators about how you should stop trade going to Russia – it’s very bad – but there’s very little guidance on how you might implement a programme on that’, one interviewee said.

Moreover, FIs’ compliance systems have been built at great cost over a long period of time, mostly to respond to regulations against money laundering, terrorist financing and corruption. These systems cannot be quickly changed or adapted to respond to regulators’ new focus on trade. In particular, FIs struggle to implement sanctions that are activity- or sector-based, rather than simply lists of names of individuals and entities. For example, trade sanctions target specific categories of goods, most often referring to their six-digit Harmonized Standard (HS) codes, or to technical specifications of the controlled goods themselves. Financial messaging and payment data rarely includes HS codes or detailed goods descriptions, making it difficult to integrate into existing sanctions compliance systems.

There was also a widely held perception among interviewees that financial sanctions remain a higher focus (and better understood) than trade sanctions for national authorities, which means that there is less incentive to address trade sanctions. Consider the longstanding existence of government agencies focused on financial sanctions implementation, such as the UK’s Office of Financial Sanctions Implementation, compared with their emerging trade-related partners. One participant said they believed that enforcement activity at banks and FIs remained more focused on financial sanctions and that, as a result, ‘when we think of prioritising resources, [trade is] not where we’re focusing’.

Know our Customer … and Their Customers

Interviewees noted that the most important tool they use to identify potential trade sanctions circumvention risks is robust KYC information, in combination with ongoing customer monitoring. Having up-to-date profiles for customers allows banks to segment customers by industry and geographic risk – for example, electronics importers in common circumventions jurisdictions. Within these groupings, interviewees said they could identify potential patterns or transaction typologies posing a higher concern.

Interviewees explained that for new customers it was relatively straightforward to ask more questions in the onboarding process that would allow the FI to understand their potential sanctions risk profile. However, existing customers (the vast majority) were typically onboarded before trade sanctions were introduced against Russia. Therefore, these customers could not be segmented easily using data the FIs already had – they had to either re-run questionnaires for their customers and/or conduct additional CDD.

Once the customers had been segmented into smaller groups, anomalous trading activity could be identified. In some cases, interviewees said that other financial crime typologies were useful. Trade-based money-laundering controls, for example, could detect unusual transaction sizes, or discrepancies between a shipment’s stated value and its volume.

A limitation of this approach, interviewees said, was that segmenting clients into categories allowed them to identify anomalous activity, but generally only after it had occurred. In some cases, interviewees said they conducted a review of certain high-risk sectors on a regular basis (monthly or quarterly at most), which they reviewed for patterns in trading data. However, by that point, any problematic transactions had already taken place. The authors’ observation from prior investigations into evasion networks is that Russian actors operate through many companies, so if one is detected after a period of time, they quickly move to a new company (or may have already moved by the time the activity is identified). ‘It’s not predictive’, one interviewee confirmed.

Interviewees said one institution was working with a technology partner to identify networks of individuals and companies involved in evasion activities, with the aim of identifying others with similar features or characteristics (such as a common address or owner).

This network approach requires expensive technological support, which may not be available to smaller FIs. Nonetheless, where sanctions designations include addresses or phone numbers, FIs may use this information to identify evasion networks. For example, interviewees said it was indicative – and useful – that the US Bureau of Industry and Security (BIS) had recently added ‘high-diversion risk addresses’ in Hong Kong and Turkey to its Entity List, reflecting a similar understanding of the importance of targeting networks, instead of individual companies.

Technical and Data Limitations in Trade Finance

FIs receive more information about their customers’ activities when they provide trade finance for an individual trade transaction. In these cases, sometimes referred to as ‘documentary trade finance’ (such as when they are providing a letter of credit for a particular shipment), an FI may receive details of the counterparties, trade route, goods and sometimes vessels or aircraft involved.

Even when they have this information, however, there are technical limitations. FIs typically receive this information in a PDF of documents showing bills of lading and other documentation. This data usually cannot be fed automatically into screening systems, so members of staff must often manually type it into an electronic system for screening. Many interviewees highlighted that the lack of digital trading information slows the process of compliance.

Guidance often indicates regulators’ perception that because FIs process these transactions before or during shipment, the FI has some leverage over whether the goods move. For example, a BIS guidance from October 2024 focused on steps FIs could take to prevent trade sanctions circumvention. However, interviewees said the expectation that FIs can prevent circumvention by stopping trade pre-settlement was ‘unrealistic’. These transactions are often conducted at short notice and under great time pressure, presenting additional difficulties for compliance while a ship is in a port and needs authorisation from the bank to continue the shipment. Under these conditions, the compliance team must not only review the underlying documentation for the shipment (and screen any data provided), but also identify potential risk indicators of diversion and/or inaccurate information about end users.

Another issue is that goods declared in shipping documentation may not be specific enough to identify whether or not they are subject to Russia sanctions. Interviewees often referred to categories of common industrial equipment such as ball bearings and pipes, some sizes or specifications of which are restricted, while others are not. They said this lack of granularity forces compliance to make a ‘go/no-go’ decision with high stakes for their customer relationships, based on limited information. Several interviewees said the approach had improved after FIs had included staff with pre-2022 experience in export control compliance into their sanctions compliance teams.

But the main reason interviewees from FIs challenged regulators’ expectations is that these individual trade transactions are only a fraction of all global trade finance – 20% of all trade finance transactions. The other 80% are open account transactions, such as supply chain finance, which are usually settled after a shipment has been completed, and for which the FI receives little or no information about the goods and/or their trade routes. The trade-based money-laundering and proliferation risks this poses have been comprehensively reported by the US Government Accountability Office and by a May 2024 RUSI report.

Interviewees from smaller banks in northern Europe said they requested full documentation of trade transactions, even for open account transactions that had already been shipped. But interviewees from large international banks and other FIs said they did not have sufficient resources to undertake this detailed retrospective analysis.

Similarly, interviewees from a few FIs said they had considered stopping or limiting open account transactions for certain customers in high-risk industries. Most FI interviewees said they had not reconsidered their open account provision and had no plans to do so. One FI interviewee said that the pressure to obtain documents from clients to support trades meant that the FI preferred to use open account financing for trade through higher-risk jurisdictions, reviewing trade details after the transaction ‘because we can be certain that it has happened and there will be documents’.

Transaction Screening of Little Use

All interviewees said that screening was of limited use in detecting trade sanctions violations. As noted earlier, trade sanctions refer to product names and HS codes, but neither can be integrated into transaction screening in a way that helps an FI understand its sanctions risks.

As reported by RUSI and others, cross-border customer transactions often use SWIFT payment message types that have limited information requirements (such as MT103). As a result, few payment messages refer to the goods underlying financial transfers, and if they do, it is not with sufficient specificity to know whether the goods are subject to sanctions. For example, a payment may simply say ‘pipes’, but not the diameter or end user. Payment messages also do not refer to HS codes. Further, if a customer is seeking to evade sanctions, they will be even less likely to use precise narrative.

As a result, all FI interviewees said they relied instead on profiling customers and monitoring their activity, rather than using any trade-specific screening functionality.

Monitoring Customer Activity

Given the limitations of trade finance and screening, the most effective approach to identifying potential circumvention for FIs is understanding their customers’ profiles and activities. To do this, compliance teams segment business sectors to develop an understanding of how typical trading activity differs from higher-risk activity in different industries.

For this approach to be the most effective, FIs need to have better-quality information on hand to segment their customer populations, and ongoing typologies of evasion techniques. The FAQs published by the US Office of Foreign Assets Control (OFAC) and the EU were viewed positively by interviewees, but EU-based interviewees wanted further guidance from their regulators. (Some said they regularly referred to the OFAC FAQs to obtain greater guidance on trade sanctions interpretation, because EU FAQs were far less detailed.)

Among interviewees from the most proactive compliance departments, there was a hunger for more information on circumvention activities – and, in particular, for greater information on how the connected financial flows related to trade routes. Many banks were following and sometimes using information from open source information projects such as the Open Source Centre, and public reporting on Russian military supply chains.

But such customer segmentation is also inherently subjective, and not all FIs approached this task with similar rigour. For example, some interviewees said that this was the most effective approach, but also that they lacked resources to carry out these tasks. Two interviewees from FI compliance departments said they had sought to segment their customers’ activity in this way, but had been criticised by management when they raised questions about certain trading activity.

Variations between institutions were perceived by interviewees to depend on personal or institutional commitment to restricting Russian access to military–industrial supply chains, rather than on a perception of threat from enforcement. For example, representatives interviewed from some smaller banks in northern and eastern Europe noted that they had adopted strict protocols, seeking underlying documentation for any payments above a certain value threshold, but were aware of other banks in the same country that took a less rigorous approach.

Recommendations

The following recommendations, directed at a range of stakeholders, focus on improvements that might support FI compliance with trade sanctions implementation, derived from observations made in this brief and by interviewees.

For Financial Regulators: Clearer Expectation Setting

Some interviewees claimed that they still lacked information on regulators’ specific expectations for banks on policing circumvention. As one interviewee said, ‘we’re not the FBI looking to find bad actors and report them’. Currently, no regulations or rules require FIs to detect and prevent circumvention – despite greater FI compliance requirements implemented in the EU and the US. Interviewees stated that FIs therefore seek further clarification on how far they should go to proactively identify circumvention typologies.

For example, based on publicly available reports, an interviewee from a bank had identified a customer who was probably engaged in sanctions evasion. However, the bank’s own transactions did not include any indicators of sanctions evasion; transactions relating to the evasion were likely to have been processed by another bank (perhaps in a jurisdiction without sanctions). The customer was not sanctioned or on the BIS Entity List. Would the bank be expected to report or offboard this client? And on what legal basis?

There are financial inclusion implications for overly restrictive requirements on FIs. For example, banks may decide that a certain country or region is too high risk and stop providing correspondent banking services. Interviewees from FIs seek further information on how to balance vigilant sanctions compliance with financial inclusion concerns.

Publishing more information on enforcement and investigations provides FIs with valuable insights into regulators’ expectations. Similarly, FIs would benefit from thematic reviews of risks in trade finance and specifically on trade sanctions – the UK Financial Conduct Authority’s most recent trade finance thematic review was published in 2013.

For Sanctions/Law Enforcement: Publish Enforcement Details

Due to data privacy and other limitations, the sanctions enforcement announcements from most EU member states provide little actionable information that FIs can use to further detect customers or networks of concern. All FI interviewees wanted more information on enforcement activities – if not names of entities, then more details on the evasion and circumvention activities that gave rise to the investigation.

For Sanctions/Law Enforcement: Designations and Typologies

FIs rely on screening tools to identify transactions with entities of concern, and FI interviewees viewed the BIS, OFAC and EU designations of numerous intermediary companies as a positive development that allowed them to ensure they were not trading with these entities.

The interviewees agreed this ‘listification’ approach would be even more effective if authorities ensured consistency across EU/UK/US sanctions regimes, and then explained typologies or other indicators that led to these entities’ inclusion, so that they could be used to identify other customers with similar characteristics.

For Sanctions/Law Enforcement: Public–Private and Intra-Industry Collaboration

Most interviewees lamented the fact that they were expected to take on a law enforcement role of screening for illicit activity, but were restricted to their own datasets, which were inevitably limited. Interviewees said they would like to have better platforms to get real-time data from the government and/or other FI industry participants about evasion trends emerging across the financial industry.

While interviewees recognised that data sharing is inherently sensitive and presents potential competition and other legal issues, they said there is a greater need for real-time or dynamic information on specific evasion trends and risks.

For Preparing Sanctions Designations: Align Trade (and Other) Sanctions Regimes

Interviewees also expressed frustration about the lack of alignment between various trade sanctions regimes. As one interviewee noted, ‘there’s just enough discrepancy that it’s difficult to execute’. The Common High Priority Items List was viewed as a positive development, and interviewees believed it is important to pursue further alignment among G7 countries’ sanctions – both on trade and more widely.

For SWIFT: Add Message Requirements

Although amending SWIFT requirements is a multilateral (and therefore slower) process, some interviewees suggested that SWIFT should mandate certain fields in MT202 and MT100-series SWIFT messages that are currently optional (such as the F70 remittance information field). Ideally, this would include mandatory structured data such as Standard Industrial Classification codes and/or HS codes for goods. This would allow banks to implement more automated controls for certain combinations of industry, customer and goods risks.

Individual FIs need not wait for a multilateral SWIFT resolution. They should consider refusing transactions without more complete beneficiary information, or without more descriptions of goods in currently optional fields.

Several interviewees noted that some European banks continue to obscure originating bank and/or customer information, despite the 2020 update to SWIFT standards designed to prevent this. This 2020 standard required MT103 and other payment messages to include a Unique End-to-end Transaction Reference that included originating bank information. Correspondent banking institutions should therefore continue to be vigilant about this issue, and SWIFT and/or national regulators may consider if restrictions or investigations are required.

Conclusion

Leveraging the G7 financial system remains an important tool for preventing sanctions circumvention, but it is important for policymakers to understand – and address – the technical and practical implementation obstacles faced by the financial sector. As Russia’s war in Ukraine enters its third year, addressing these issues will help empower the FI community to play the ‘frontline’ role they expect, and will support the policy objective of restricting the resourcing of the Russian military.

This Policy Brief was made possible by the financial support of the National Endowment for Democracy.

© 2025 The Royal United Services Institute for Defence and Security Studies

The views expressed in this Policy Brief are the authors’, and do not represent those of RUSI or any other institution. For terms of use, see Website Ts&Cs of Use.