Overview

• On July 21, the UK Office for Financial Sanctions Implementation published a threat assessment warning that passive sanctions compliance for crypto firms is no longer acceptable.
• The report identified gaps in self-reporting, breach detection and asset-freezing processes that leave exchanges, wallet providers and ATM operators exposed to violations.
• OFSI highlighted dealings with Russia’s Garantex and its successor Grinex, Iran’s IRGC-linked Nobitex and North Korea–linked hackers behind the February Bybit hack as key state-linked threats.
• Firms are instructed to monitor red flags such as dealings with designated persons or their proxies, abrupt dormant-wallet activity and high-volume microtransactions.
• Since early August, UK crypto firms have begun deploying enhanced due diligence, blockchain analytics and real-time reporting systems to meet OFSI’s new requirements.