Pathway leading to a lighthouse at dusk.

How EU banks can proactively address sanctions circumvention risk

Authors

4 minute read 07 Apr 2026

Indirect sanctions risks are rising, requiring EU banks to detect indirect exposure and enhance due diligence measures.

In Brief:

  • Sanctions circumvention risk increasingly arises outside sanctioned jurisdictions, requiring banks to assess exposure beyond formal sanctions lists.
  • EU guidance expects banks to apply enhanced due diligence where activities may indirectly facilitate sanctions circumvention, even in non-sanctioned countries.
  • Uzbekistan and Kyrgyzstan show how geographic position, trade links and financial channels can create sanctions risk despite a zero sanctions classification.

Sanctions circumvention refers to practices that undermine the effectiveness of sanctions by disguising links to sanctioned countries or parties, rather than breaching restrictions directly. According to the European Commission, such practices often involve third country routing, intermediaries, complex financial arrangements, or the falsification of trade routes or endusers.

From a banking perspective, circumvention is challenging because:

  • Transactions may appear compliant in isolation, involving nonsanctioned countries and counterparties.
  • Risk often emerges across transaction chains, spanning customer relationships, payments, correspondent banking and trade finance.
  • Circumvention techniques evolve, requiring institutions to reassess risk continuously rather than relying on static classifications.

The Commission therefore emphasizes a risk based approach, under which EU operators are expected to identify and mitigate circumvention risk proportionately, including through enhanced due diligence where relevant.

Moving beyond sanctions lists in country risk assessments

The EU guidance makes clear that sanctions compliance is not limited to listbased screening. Institutions must also consider whether their services could indirectly enable prohibited outcomes, e.g. by facilitating the movement of funds or goods through jurisdictions that may be used to obscure links to sanctioned destinations.

This expectation is particularly relevant for banks operating across complex crossborder networks, where third countries may serve as transit points for financial flows or trade linked to sanctioned jurisdictions.

Uzbekistan and Kyrgyzstan are examples of such circumvention-risk countries.

More on Sanctions

Sanctions circumvention risk driven by structural factors in Uzbekistan

 

Uzbekistan is not subject to international sanctions, yet it presents a potential sanctions circumvention risk due to its regional position and economic connections.

 

Uzbekistan’s geographic location in Central Asia increases the likelihood that it could be used as a routing jurisdiction for transactions or goods linked to sanctioned countries. Its connections with Russia create a risk that transactions routed through Uzbekistan may obscure an underlying sanctions nexus.

 

The EU guidance highlights the use of third countries as a common method to conceal the true origin or destination of goods and funds.

 

While Uzbekistan is not sanctioned, exposure to Uzbek counterparties may warrant enhanced scrutiny, particularly where transaction structures, trade flows or enduse information lack transparency.

 

Elevated circumvention risk despite no country sanctions in Kyrgyzstan

 

Kyrgyzstan is also not sanctioned as a jurisdiction, yet it is identified as presenting a material sanctions circumvention risk as a potential conduit for circumvention.

 

Kyrgyzstan is highlighted as presenting risk due to its potential role in bypassing sanctions related to Russia, despite the absence of countrylevel restrictions.

 

Financial institutions and cryptocurrency related activity in Kyrgyzstan have been associated with sanctions bypassing behavior, demonstrating how alternative financial channels can be leveraged.

 

For EU banks, relationships involving Kyrgyz counterparties, particularly in payment services, correspondent banking or innovative financial products should be assessed through a circumvention risk lens, rather than relying solely on the absence of formal sanctions.  

What does this mean for EU banks?

The examples of Uzbekistan and Kyrgyzstan reinforce a central supervisory expectation that sanctions risk is not binary and does not stop at jurisdictional boundaries.

In practice, this means EU banks should ensure that:

  • Country risk frameworks explicitly capture circumvention risk.
  • Enhanced due diligence is applied proportionately where geography, trade links or transaction patterns increase indirect exposure.
  • Sanctions controls are aligned with AML, correspondent banking and trade finance processes, recognizing that circumvention often exploits gaps between these areas.

Authors

Summary 

The European Commission’s guidance signals a shift toward outcomes focused sanctions compliance, where institutions are expected to demonstrate that they have taken reasonable steps to prevent indirect facilitation of sanctions circumvention. For banks, this requires contextual risk assessment rather than checklist compliance, and sanctions risk must be assessed based on how value moves, not solely on who is listed. These themes will be explored in our upcoming 2026 Nordic Banking Sanctions Survey, which examines how banks across the Nordics structure governance, integrate technology and manage sanctions risks. The survey will also show how banks approach sanctions today, supporting banks as they adapt to an increasingly complex sanctions environment.

About this article

Authors

Related topics
Financial services
Risk
Banking & Capital Markets

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.