RegRally Insights: Sanctions Essentials – June 2026

EU Adds 23 Individuals and Entities for Involvement in Forced Deportation of Ukrainian Children

The Council of the European Union adopted Council Implementing Regulation (EU) 2026/511, designating 16 individuals and 7 entities in response to the systematic unlawful deportation, forced transfer, and militarisation of Ukrainian children.

The listed parties are subject to asset freeze measures and an EU-wide travel ban. According to estimates, approximately 20,500 Ukrainian children have been deported since 2022.

Key compliance implications:

• immediate update of sanctions screening systems to include all 23 newly listed persons and entities
• application of asset freeze obligations to any funds or economic resources identified
• review of customer and counterparty exposure to Russian state-linked youth, education, or “re-education” structures
• enhanced monitoring for indirect links to designated entities (including intermediaries and affiliated organisations)
• full documentation of screening actions and freezing measures in line with EU sanctions obligations and national supervisory expectations (including guidance from the Bank of Lithuania)

Update sanctions screening systems to include the 23 newly listed parties immediately; review client relationships for connections to Russian state youth organisations; apply asset freeze procedures to any funds of listed parties.

Document all screening actions and asset freeze measures in line with the Bank of Lithuania and the EU Council Regulation 269/2014 implementation guidance.

Source: EU Council | Date: 2026-05-11

The EU Council renewed Syria’s restrictive measures

The EU Council renewed Syria’s restrictive measures targeting former al-Assad regime individuals and entities until 1 June 2027. 7 entities delisted, including the Syrian Ministries of Defence and Interior, to support post-Assad engagement. Economic sanctions were lifted in May 2025; targeted individual asset freezes and travel bans under security grounds remain in force.

Remove the 7 delisted entities from Syria watch lists and re-enable commercial relationships subject to standard due diligence; continue screening for remaining listed individuals until June 2027.

Remind business lines that while economic sanctions on Syria are lifted, individual targeted asset freezes under security grounds remain — do not treat Syria as fully unrestricted.

Source: EU Council | Date: 2026-05-18

The EU Council extended the Russia human rights sanctions regime

The EU Council extended the Russia human rights sanctions regime for another year, until 28 May 2027. The regime targets 72 individuals and 1 entity responsible for serious human rights violations, repression of civil society, and undermining democracy in Russia. Listed parties face asset freezes and EU travel bans; EU persons may not make funds available to them.

Ensure sanctions screening systems reflect the regime extension to 28 May 2027; maintain periodic rescreening of all 73 listed individuals.

Apply ownership-and-control analysis to identify Russia-based entities that may be owned or controlled by listed individuals under Article 2(1)(b) of Regulation (EU) 2024/1485.

Source: EU Council | Date: 2026-05-18

UK Expands Russia Sanctions Regime with 85 New Designations

The UK Government has designated 85 individuals and entities under the Russia (Sanctions) (EU Exit) Regulations 2019, increasing the total number of UK sanctions listings to over 3,045.

The measures are split into two coordinated packages:

• 29 designations linked to the unlawful deportation, transfer, and militarisation of Ukrainian children
• 56 designations targeting the Kremlin-backed Social Design Agency (SDA), including writers, translators, and video producers involved in AI-enabled disinformation operations aimed at undermining support for Ukraine and democratic institutions

The SDA network is identified as a structured information operations ecosystem producing coordinated propaganda content across multiple formats.

Regulatory and compliance implications:
From 1 May 2026, UK crypto-asset service providers are formally required to enforce full sanctions compliance, making these designations immediately relevant for crypto-sector screening obligations.
Key actions for regulated firms:

• update sanctions screening systems to include all 85 newly designated individuals and entities
• ensure real-time screening coverage for crypto-asset transactions and counterparties
• incorporate SDA-linked media, communications, and PR structures into enhanced due diligence frameworks
• review exposure to Russian information warfare and propaganda-linked service providers
• escalate potential matches and maintain audit-ready documentation of all screening decisions

Operational focus:

Firms should treat these designations as high-risk both from a sanctions compliance and reputational perspective, particularly where counterparties are connected to:

• Russian state media or strategic communications
• AI-generated content production or translation services
• influence operations or political messaging infrastructure

These measures reflect an expanding UK sanctions focus beyond traditional military and financial targets, extending explicitly into information warfare and child deportation-related human rights violations.

Source: UK Government | Date: 2026-05-11

UK Strengthens Sanctions Enforcement Framework Through SI 2026/443 Amendments

The Sanctions (EU Exit) (Miscellaneous Amendments) Regulations 2026 (SI 2026/443) entered into force on 13 May 2026, introducing targeted updates across 11 UK sanctions regimes.

The amendments significantly reinforce the UK’s sanctions enforcement architecture, with a particular focus on anti-circumvention risks and operational compliance expectations.

Key regulatory changes:

• Expanded anti-circumvention framework
  Strengthened provisions targeting third-country entities facilitating sanctions evasion, particularly in relation to Russia-related restrictive measures.
• Updated export control and end-use guidance
  Clarification and tightening of sanctions end-use controls, increasing exporters’ expectations to verify downstream use of controlled goods.
• New ECJU export declaration requirements
  Enhanced reporting obligations for export declarations under the Export Control Joint Unit (ECJU) regime.
• Streamlined OFSI penalty regime
  Introduction of simplified fixed penalties for minor technical breaches in sanctions reporting, reflecting a more structured enforcement approach by the Office of Financial Sanctions Implementation (OFSI).

Compliance implications for regulated firms:

Financial institutions, exporters, payment providers, and trade finance operators should:

• review internal sanctions policies across all affected regimes (11 in total)
• update anti-circumvention controls, especially for third-country intermediaries and high-risk jurisdictions
• revise export, trade finance, and payment screening procedures in line with new ECJU requirements
• ensure sanctions manuals reflect updated OFSI reporting obligations and penalty structures
• reinforce training for compliance teams on the identification and escalation of technical reporting breaches

Source: UK Government | Date: 2026-05-13

Europol Asset Recovery Operation Highlights Intensified Focus on Cross-Border Crypto Crime

Europol concluded Phase 3 of Project A.S.S.E.T. (19–22 May 2026), an international asset tracing and AML enforcement operation hosted at its headquarters in The Hague. The operation involved more than 40 agencies from 31 countries, including Eurojust, INTERPOL, and the European Public Prosecutor’s Office, as well as private-sector financial institutions and cryptocurrency service providers.

Key operational outcomes:

• identification of bank accounts, cryptocurrency wallets, companies, vehicles, and real estate linked to cross-border criminal activity
• localisation of two suspects and arrest of one individual
• enhanced multi-jurisdictional coordination in tracing and freezing illicit assets

The operation highlights the increasing sophistication of asset recovery efforts, particularly in cases involving digital assets and mixed-asset laundering structures.

Key typologies observeds:

• crypto-wallet layering across multiple jurisdictions
• conversion between digital assets and traditional financial instruments
• use of corporate structures to obscure beneficial ownership
• integration of real estate acquisitions funded through crypto proceeds

Compliance and operational implications:

Financial institutions, EMIs, payment institutions, and crypto-asset service providers should:

• designate formal liaison points for Europol, Eurojust, and EPPO asset recovery and information requests
• strengthen escalation protocols for cross-border AML and asset tracing inquiries
• calibrate transaction monitoring systems to detect multi-layered crypto flows and asset conversion patterns
• enhance typology-based monitoring for real estate-linked crypto laundering schemes
• ensure rapid response capability for law enforcement preservation or freezing requests

Strategic focus:

Project A.S.S.E.T. reinforces a clear enforcement trend: AML investigations are increasingly multi-agency, cross-border, and crypto-integrated, with direct linkage between digital asset flows and traditional asset recovery targets such as real estate and corporate structures.

Institutions operating in crypto, payments, and cross-border financial services should expect continued intensification of coordinated EU and international enforcement activity in this area.

Source: Europol | Date: 2026-05-22

Europol Targets IRGC-Linked Cyber Network Using Crypto-Funded Infrastructure

Europol coordinated a cross-border disruption of thousands of online accounts linked to the Islamic Revolutionary Guard Corps (IRGC), spanning 19 countries and involving hosting infrastructure located in both Russia and the United States.

The operation identified a coordinated digital network using cryptocurrency to finance and sustain online activities, highlighting the growing convergence of state-sponsored cyber operations, sanctions evasion, and the use of digital assets.

The IRGC, designated as a terrorist organisation by the EU since January 2026, was found to be leveraging third-country hosting providers to avoid enforcement actions and maintain operational resilience.

Key typologies identified:

• cryptocurrency-facilitated funding of digital operations
• use of hosting providers in third countries to bypass enforcement restrictions
• cross-border coordination of cyber activity linked to state actors
• integration of sanctions evasion techniques with online influence operations

Compliance and risk implications

Financial institutions, crypto-asset service providers, and digital platforms should:

• enhance sanctions screening to include Iran-linked digital entities, infrastructure providers, and associated wallet activity
• apply enhanced due diligence to customers and counterparties connected to Iranian media, IT, or digital services sectors
• strengthen monitoring of transactions involving hosting providers or infrastructure linked to state-affiliated entities
• incorporate crypto-funded cyber operations as a defined sanctions evasion typology in transaction monitoring systems
• escalate any exposure to IRGC-linked activity for immediate compliance review and reporting

Source: Europol | Date: 2026-05-18

EU Expands Dual Sanctions Framework Targeting Hamas, Palestinian Islamic Jihad, and Extremist Settler Networks

The Council of the European Union has expanded the legal framework for restrictive measures concerning both Hamas and the Palestinian Islamic Jihad (PIJ), as well as extremist Israeli settlers and associated organisations operating in the West Bank.

The extension broadens the EU’s ability to impose targeted restrictive measures in response to activities that undermine security, facilitate violence, or support designated terrorist or extremist structures.

Key measures:

• asset freeze obligations for designated individuals and entities
• travel bans across the EU
• prohibition on making funds or economic resources available, directly or indirectly
• expanded designation scope covering affiliated individuals and supporting organisations

Compliance implications for obliged entities:

• immediately update sanctions screening systems to include newly designated persons and entities
• apply asset freeze procedures without delay for any identified matches
• review exposure to clients or counterparties linked to relevant regional conflict financing risks
• strengthen monitoring of indirect exposure routes, including intermediaries and charitable or informal transfer channels
• ensure real-time screening coverage for all inbound and outbound transactions

Operational expectations:

• documented escalation procedures for potential matches
• clear audit trails of screening and freeze actions
• enhanced due diligence for higher-risk geographic corridors linked to the designated regimes.

Source: EU Council | Date: 2026-05-28