CySEC circular on US sanctions

On 11 November 2021, the Cyprus Securities and Exchange Commission (CySEC) issued Circular 475 reminding firms of the practical implications of the latest sanctions administered by the Office of Foreign Assets Control (OFAC) in the United States. CySEC also expressly referred to OFAC’s new Cyber related Designations and Designations Updates.

Circular 475 is a reminder to firms, more specifically ‘Obliged Entities’ (ie institutions caught by the EU AML regime) and including Crypto Asset Services Providers (CASPs) to have appropriate policies and procedures in place to ensure compliance with a risk based approach, which is now strictly mandated under the pan-EU client onboarding process.

Circular 475 also reminds the industry that CySEC is the competent authority for firms under its regulatory remit as regards compliance with the mandatory EU and UN sanctions and restrictive measures. Importantly however, CySEC does reiterate that sanctions or restrictive measures imposed individually by third countries (including the US or now the UK) are not enforceable in Cyprus or the EU, but it is nevertheless expected that firms falling under CySEC’s supervision will consider their relevance for the purpose of determining risk assessments and proportionate action, including refraining from engaging with affected persons.

CySEC’s Circular 475 can be found here.

Our recent blog post on CySEC’s Policy Statement for CASPs can be found here.

A link to OFAC’s sanctions landing page is available here.