What are sanctions?
Sanctions are coercive policy tools—economic, diplomatic, and legal measures imposed by governments and international bodies to restrict the financial activity, trade, and movement of targeted countries, entities, and individuals. The primary authorities that impose sanctions include OFAC (the Office of Foreign Assets Control within the U.S. Department of the Treasury), the European Union, the United Nations Security Council, and the UK’s Office of Financial Sanctions Implementation (OFSI).
As cryptocurrency has become a significant value transfer mechanism, sanctions have extended to digital assets—covering cryptocurrency wallet addresses, exchange accounts, and smart contract addresses. OFAC maintains a dedicated virtual currency section on the Specially Designated Nationals (SDN) List, and the 2022 designation of Tornado Cash established that autonomous code on a public blockchain can be sanctioned under U.S. law. For financial institutions and crypto exchanges alike, sanctions compliance is a strict legal obligation with severe penalties for non-compliance.
How do sanctions work?
The Sanctioning Mechanism
Sanctions work by prohibiting financial transactions, freezing assets held in or transiting through the sanctioning jurisdiction, blocking trade in specified goods and services, and restricting travel for designated individuals. For financial institutions and businesses, sanctions create a legal compliance obligation: screening customers, counterparties, and transactions against sanctions lists before engaging. Violation—even inadvertent—can result in civil and criminal penalties.
OFAC enforces sanctions on a strict liability basis for civil violations—meaning intent is not required. An organization can face OFAC penalties for processing a transaction involving a sanctioned entity even if it had no knowledge of the sanctions connection. This strict liability standard is the most important compliance risk concept for any organization handling cryptocurrency or traditional financial transactions.
Who Imposes Sanctions?
Sanctions are imposed at three levels. Unilateral programs are maintained by individual countries—the U.S. (OFAC), the EU, and UK (OFSI) each administer independent sanctions regimes with distinct designation lists and legal frameworks. Multilateral sanctions are imposed through UN Security Council resolutions, which are binding on all UN member states. Regional bodies implement sanctions that apply within their jurisdiction.
The U.S. sanctions regime is the most consequential for global financial institutions because of dollar-denominated correspondent banking: any institution processing USD transactions is subject to OFAC jurisdiction regardless of where it is domiciled. This extraterritorial reach means that non-U.S. crypto exchanges, banks, and payment processors must comply with OFAC sanctions if they touch the U.S. dollar system or serve U.S. persons.
Who Gets Sanctioned?
Sanctioned targets fall into three traditional categories: countries and jurisdictions (Cuba, Iran, North Korea, Syria, and Russia programs), entities (companies, organizations, banks, and financial institutions), and individuals (government officials, oligarchs, criminal networks, and terrorist organizations). All three categories are tracked on the SDN List and equivalent lists maintained by the EU, UN, and UK.
For crypto compliance, a critical fourth category has emerged: wallet addresses and smart contract addresses. This category did not exist in sanctions law before 2018, when OFAC first added Bitcoin and Ethereum addresses to the SDN List. Today, OFAC regularly designates cryptocurrency addresses associated with sanctioned individuals, state-sponsored hacking groups, ransomware operators, and designated entities—creating compliance obligations that require blockchain-specific screening tools beyond traditional name-matching systems.
| Sanction Type | Mechanism | Examples |
| Asset Freezes | Prohibit access to funds, assets, and financial services held in or transiting through the sanctioning jurisdiction | Russian oligarch asset freezes post-2022 invasion of Ukraine; Iranian central bank assets |
| Trade Sanctions / Embargoes | Restrict import/export of specified goods, services, or technologies | U.S. embargo on Cuba; arms embargoes on North Korea |
| Financial Sanctions | Block access to financial systems, correspondent banking, or payment rails | Russia’s exclusion from SWIFT; Iranian banking restrictions |
| Travel Bans | Prohibit entry of designated individuals into the sanctioning jurisdiction | EU travel bans on Russian officials |
| Sectoral Sanctions | Target specific economic sectors rather than entire countries | U.S. sectoral sanctions on Russian energy and defense sectors |
| Targeted / Smart Sanctions | Directed at specific individuals or entities rather than entire economies | SDN List designations of specific persons or companies |
| Crypto Sanctions | Designate specific wallet addresses, exchange accounts, or smart contract addresses | OFAC designation of Tornado Cash smart contracts; Lazarus Group bitcoin addresses |
Types of sanctions
The crypto sanctions row is the newest and most technically distinct category. Traditional sanctions screening relies on name-matching against watchlists. Crypto sanctions screening requires matching blockchain wallet addresses against the SDN List—and going further to analyze the transaction graph for indirect exposure to sanctioned addresses. This requires specialized blockchain analytics tools that traditional sanctions screening software cannot provide.
Crypto sanctions: How sanctions apply to cryptocurrency
OFAC’s Extension of Sanctions to Digital Assets
OFAC began adding cryptocurrency addresses to the SDN List in 2018, initially listing Bitcoin and Ethereum addresses associated with Iranian hackers and North Korean state actors. The scope expanded dramatically with the August 2022 designation of Tornado Cash—not just its operators, but the smart contract addresses themselves—establishing that autonomous code on a public blockchain can be designated as a sanctions target under U.S. law.
The Tornado Cash designation created new compliance obligations for any U.S. person or entity whose transactions touched those smart contract addresses, regardless of intent. OFAC’s guidance on virtual currency compliance explicitly states that OFAC may impose civil liability on a strict liability basis—meaning sanctions violations can occur even without knowledge that a counterparty is sanctioned.
OFAC’s 2021 “Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments” further established that companies facilitating ransomware payments to sanctioned entities face OFAC enforcement risk—even when the payment is made under duress during an active cyberattack.
Key Crypto Sanctions Programs
North Korea (DPRK). North Korean state-sponsored hacking units have stolen billions in cryptocurrency through exchange hacks, DeFi exploits, and bridge attacks. Their wallet addresses are extensively listed on the SDN List. Exchanges processing North Korean-linked transactions face the most severe OFAC penalties—North Korea is subject to comprehensive sanctions with no general licenses permitting any financial activity.
Russia. Post-2022 invasion of Ukraine sanctions have focused on preventing Russia from using cryptocurrency to evade financial restrictions. OFAC has designated Russian cryptocurrency exchanges and wallet addresses linked to ransomware operators. Chainalysis has documented Russian attempts to use crypto for sanctions evasion—and demonstrated that the blockchain’s transparency actually makes these attempts more detectable, not less.
Iran. OFAC’s Iran sanctions program has included cryptocurrency exchanges and individuals using digital assets to circumvent financial sanctions. Iranian mining operations and exchange services have been designated on the SDN List.
Ransomware Operators. OFAC has designated specific ransomware groups—including DarkSide (Colonial Pipeline) and Evil Corp—and their cryptocurrency addresses. These designations create compliance obligations for any crypto exchange receiving ransomware proceeds, even when the exchange is unaware of the funds’ origin.
Sanctions Evasion Through Cryptocurrency
Sanctioned entities attempt to use cryptocurrency to evade financial restrictions through several methods: using mixers and privacy coins to obscure transaction history, converting crypto through unregulated exchanges, layering through DeFi protocols, and using nominee accounts to disguise beneficial ownership.
However, cryptocurrency sanctions evasion is more detectable than traditional methods. Public blockchains record every transaction permanently—creating an auditable trail that blockchain analytics can follow across wallets, exchanges, and DeFi protocols. Russia’s attempts to use cryptocurrency to circumvent post-2022 sanctions have been documented and monitored using blockchain analytics, demonstrating that the transparency of blockchain networks is a liability for sanctions evaders, not an advantage.
The persistent chokepoint is the fiat off-ramp. Sanctioned entities must eventually convert cryptocurrency into usable currency through regulated exchanges or banking systems—and that conversion point is where sanctions screening and blockchain analytics create identifiable exposure.
Sanctions compliance for crypto businesses
Who Must Comply with Crypto Sanctions?
Any U.S. person or entity—and any non-U.S. entity processing dollar-denominated transactions—must screen crypto transactions against OFAC’s SDN List. For crypto businesses specifically, this includes: exchanges, VASPs, DeFi protocol front-end operators, custodians, payment processors, stablecoin issuers, and financial institutions with digital asset programs. OFAC has made clear that non-U.S. exchanges facilitating transactions for U.S. customers are subject to OFAC jurisdiction.
Building a Crypto Sanctions Compliance Program
A comprehensive crypto sanctions compliance program requires multiple layers:
SDN List screening: Real-time screening of wallet addresses against OFAC’s SDN List, including newly designated addresses. OFAC updates the SDN List without advance notice; compliance systems must incorporate updates immediately.
Transaction graph analysis: Screening for indirect exposure: funds that have passed through sanctioned addresses several hops back may still carry sanctions risk. Direct address matching alone is insufficient.
Jurisdiction screening: Blocking transactions involving IP addresses, device identifiers, or self-reported locations in comprehensively sanctioned jurisdictions (Cuba, Iran, North Korea, Syria).
Ongoing monitoring: Retroactive risk updates when previously undesignated addresses are added to the SDN List. An address that was compliant yesterday may be sanctioned today.
OFAC reporting: Blocking and rejecting transactions involving sanctioned parties and reporting blocked transactions to OFAC within specified timeframes.
Sanctions risk assessment: Documented evaluation of the organization’s sanctions exposure based on customer base, geographic footprint, products offered, and transaction types.
OFAC Penalties and Enforcement
OFAC enforces sanctions on a strict liability basis for civil violations—intent is not required. Criminal penalties require knowledge or willful blindness. Civil penalties can reach millions of dollars per violation, and OFAC has imposed penalties exceeding $1 billion in a single enforcement action.
OFAC’s primary mitigating factors in penalty assessments are voluntary self-disclosure and the maintenance of a robust compliance program. Organizations that discover sanctions violations, self-report to OFAC, and demonstrate that they maintain effective sanctions screening and monitoring systems receive significantly reduced penalties compared to those where violations are discovered through enforcement investigations.
For crypto businesses, Binance’s $4.3 billion settlement (2023)—which included OFAC violations for processing transactions for users in sanctioned jurisdictions—illustrates the scale of enforcement risk. The settlement demonstrated that OFAC treats crypto exchanges with the same severity as traditional financial institutions when sanctions compliance obligations are not met.
Real-world examples of sanctions in action
Traditional Sanctions Programs
Cuba: The U.S. embargo on Cuba, in effect since 1962, is the longest-running comprehensive sanctions program. It prohibits virtually all trade and financial transactions between U.S. persons and Cuba and serves as the canonical reference example for comprehensive sanctions.
North Korea: UN Security Council sanctions, supplemented by unilateral U.S., EU, and UK programs, restrict North Korea’s access to the global financial system in response to its nuclear weapons and ballistic missile development programs. These represent the most comprehensive multilateral sanctions regime currently in effect.
Russia Post-2022: The sanctions imposed following Russia’s invasion of Ukraine represent the most significant sanctions expansion in decades: exclusion from SWIFT, unprecedented asset freezes on the Russian central bank and oligarchs, and broad sectoral sanctions on energy, technology, and financial services. Cryptocurrency has been used in attempts at sanctions evasion, but blockchain analytics have documented and monitored these attempts.
Crypto Sanctions Enforcement: Tornado Cash (2022)
OFAC’s August 2022 designation of Tornado Cash is the most consequential crypto sanctions precedent. OFAC designated not just Tornado Cash’s operators but the smart contract addresses themselves—establishing that autonomous code on a public blockchain can be sanctioned under U.S. law. The designation covered over $7 billion in cryptocurrency processed through the mixer, including funds stolen by North Korean hackers.
The compliance implications were immediate: all U.S. persons were prohibited from interacting with the designated smart contract addresses, regardless of intent or the purpose of the transaction. Developers associated with Tornado Cash were arrested in Europe. Subsequent legal challenges tested the boundaries of OFAC’s authority over decentralized protocols, but the core precedent—that smart contract addresses can be sanctioned—has reshaped crypto compliance globally.
Crypto Sanctions Enforcement: Ransomware Operators
OFAC’s designations of ransomware groups—specifically DarkSide (responsible for the Colonial Pipeline attack) and Evil Corp—created direct sanctions compliance obligations for crypto exchanges receiving ransomware proceeds. These designations list specific cryptocurrency wallet addresses on the SDN List, meaning any exchange that processes a deposit from a designated ransomware address faces OFAC liability.
The ransomware designations illustrate how crypto sanctions operate in practice: not just targeting state actors, but individual criminal operators whose cryptocurrency addresses create compliance obligations for the entire ecosystem of exchanges, custodians, and payment processors.
Risks and common misconceptions about crypto sanctions
“Crypto transactions can’t be sanctioned because they’re decentralized.” OFAC’s Tornado Cash designation settled this. Decentralized protocols are not immune to sanctions enforcement. Smart contract addresses can be designated, front-end interfaces can be taken down, developers can be arrested, and U.S. persons remain legally prohibited from interacting with designated addresses regardless of technical architecture.
“Only direct transactions with sanctioned addresses create compliance risk.” OFAC’s strict liability standard creates risk from indirect exposure as well. Funds that passed through a sanctioned address several hops back may create compliance exposure depending on the facts and circumstances. Transaction graph analysis—not just direct address matching—is required for comprehensive sanctions screening. Blockchain analytics provides the depth of analysis that simple watchlist matching cannot.
“KYC alone satisfies crypto sanctions compliance obligations.” KYC establishes who a customer is at onboarding—it does not screen the cryptocurrency being deposited for sanctions exposure. A customer who passes KYC can subsequently deposit funds that passed through sanctioned addresses. Transaction-level wallet screening and ongoing monitoring are required in addition to KYC to maintain a compliant sanctions program.
“Sanctions only apply to U.S. companies.” Any institution processing U.S. dollar-denominated transactions—including foreign banks, exchanges, and payment processors—is subject to OFAC jurisdiction through correspondent banking relationships. Non-U.S. exchanges serving U.S. customers have been the subject of OFAC enforcement actions. The extraterritorial reach of U.S. sanctions is one of the most consequential features of the regulatory framework for global crypto businesses.
How Chainalysis helps organizations meet crypto sanctions compliance obligations
Chainalysis KYT (Know Your Transaction) provides real-time transaction monitoring that screens incoming and outgoing transactions against OFAC’s SDN List—including designated cryptocurrency addresses—generates alerts for sanctions exposure, and maintains the audit trail that demonstrates an effective compliance program to regulators. KYT updates automatically when OFAC adds new addresses to the SDN List, ensuring zero-gap coverage.
Chainalysis Address Screening enables pre-transaction screening of counterparty wallet addresses for sanctions exposure before a transaction is accepted. Address Screening is the first gate in a layered sanctions compliance program—identifying direct and indirect connections to sanctioned addresses across 27+ blockchains and 40 million+ assets before funds enter the platform.
Chainalysis Reactor provides the investigative platform for law enforcement and compliance teams to trace funds from sanctioned addresses through the transaction graph, identify indirect exposure, and build the evidence packages required for OFAC reporting and law enforcement cooperation. Reactor’s methodology has been accepted under the Daubert standard in U.S. federal proceedings.
Chainalysis Data Solutions (DS) provides the attribution database underlying sanctions screening—continuously updated with newly designated addresses, entity clustering, and behavioral intelligence on sanctions evaders. Chainalysis Data ensures that sanctions screening covers not just the addresses explicitly listed on the SDN List but also the broader clusters of addresses controlled by sanctioned entities.
Frequently asked questions about sanctions
Q: What are sanctions?
A: Sanctions are economic, diplomatic, and legal measures imposed by governments and international bodies—including OFAC, the EU, and the UN Security Council—to restrict the financial activity, trade, and movement of targeted countries, entities, and individuals. Sanctions are used to advance foreign policy objectives, combat terrorism, prevent nuclear proliferation, and respond to human rights abuses.
Q: What are crypto sanctions?
A: Crypto sanctions are designations that extend traditional sanctions enforcement to cryptocurrency wallet addresses, exchange accounts, and smart contract addresses. OFAC maintains cryptocurrency addresses on the SDN List, and any U.S. person or entity is prohibited from transacting with designated addresses. The 2022 Tornado Cash designation established that decentralized smart contracts can be sanctioned under U.S. law.
Q: How do crypto sanctions work in practice?
A: Crypto exchanges and VASPs must screen every incoming and outgoing transaction against OFAC’s SDN List, including designated wallet addresses. Screening requires blockchain analytics tools that can identify not just direct transactions with sanctioned addresses but also indirect exposure through the transaction graph. Transactions involving sanctioned addresses must be blocked, and blocked transactions must be reported to OFAC.
Q: Can Russia bypass sanctions with crypto?
A: Russian attempts to use cryptocurrency for sanctions evasion have been documented but are largely detectable. Public blockchains record every transaction permanently, and blockchain analytics tools can trace fund flows from Russian-linked addresses through mixers, DeFi protocols, and exchanges. The transparency of blockchain networks makes large-scale sanctions evasion through crypto more visible—not less—than traditional methods.
Q: What happens if a crypto exchange violates OFAC sanctions?
A: OFAC enforces sanctions on a strict liability basis for civil violations, meaning intent is not required. Penalties can reach millions of dollars per violation. Binance’s $4.3 billion settlement included OFAC violations. OFAC considers voluntary self-disclosure and the existence of a robust compliance program as primary mitigating factors in penalty assessments.
Q: What is the difference between sanctions screening and AML compliance?
A: Sanctions screening checks transactions and counterparties against designated lists (OFAC SDN, EU, UN) to ensure compliance with sanctions laws. AML compliance is the broader framework that includes sanctions screening, KYC, transaction monitoring, SAR filing, and independent auditing. Sanctions screening is a component of AML compliance, but the two serve different legal obligations with different enforcement regimes.
Crypto sanctions compliance requires more than a name-matching database. Chainalysis gives exchanges, financial institutions, and VASPs the real-time wallet screening and transaction monitoring needed to meet OFAC obligations across 1,000+ blockchain networks—with automatic SDN List updates and the audit trail regulators expect. Request a demo to see how Chainalysis can power your sanctions compliance program.
Learn how Chainalysis KYT monitors for OFAC exposure in real time