A routine shipment from the UK to the EU might look harmless: bearings, metal components, all standard freight. But lurking two layers deep might be a sanctioned intermediary, part of a network weaving through third-country shell firms. In 2025, evading sanctions is no longer just about matching names on a blacklist; it merges seamlessly with money-laundering and terrorist-financing risks. As the EU and UK tighten sanctions on Russia, Iran and other regimes, new routes for illicit flows are opening through fragmented supply chains, FinTech’s and shadow logistics. The pace and subtlety of this overlap between sanctions, anti-money laundering (AML) and counter-terrorist financing (CFT) are now moving faster than many compliance programmes have anticipated.

Why Sanctions Evasion Has Changed

Sanctions evasion has now transformed far beyond simple blacklist screening. Under the banner of “Shadow Finance 2.0”, sanctioned actors now leverage secondary fintech providers, crypto-mixer services, embedded-finance platforms and AI-driven mule networks to slip under the radar. A recent Financial Action Task Force (FATF) report observes that intermediaries, virtual assets and covert procurement networks are increasingly employed to circumvent sanctions and export-controls.

Trade-based strategies have likewise evolved. Firms are using informal value-transfer systems, “drop-shipping” via third-party intermediaries and routing dual-use goods (such as AI-use chips) through seemingly innocuous supply-chains. UK and EU companies, especially SMEs embedded in global supply chains, now find themselves part of this risk ecosystem unwittingly. The once-distinct silos of sanctions, AML and CFT are now blending into one complex compliance frontier.

The AML–CFT–Sanctions Convergence

Financial crime compliance is shifting decisively beyond the old “tick-the-list” mindset. In this “Beyond the Blacklist” world, the real question is not only who appears on sanctions schedules, but which patterns scream evasion. A UK logistics firm, for example, might see circular payments for commodity-backed trades routed through a Dubai broker, then on to a freight forwarder in the Caucasus. This behaviour looks remarkably like classic AML layering. Trade analysis shows growing reliance on opaque intermediaries in high-risk corridors across the EU neighbourhood.  At the same time, sanctioned entities linked to state sponsors or armed proxies divert funds to militias and conflict-zone actors, squarely engaging CFT concerns.  With the EU and UK both pushing risk-based regimes and broader economic-security strategies, boards can no longer park sanctions, AML and CFT in separate silos. Convergence is now the operating reality, demanding joined-up data, governance and oversight.

Regulation and Governance: The New Rules of the Game

In the EU, the enforcement of sanctions has entered a new era. The Commission is exploring the creation of a centralised sanctions-authority to standardise penalties and reduce circumvention via third countries. Meanwhile, the proposed Corporate Sustainability Due Diligence Directive (CSDDD) is forcing firms to map end-to-end supply chains, drawing sanctions-risk into sustainability and governance programmes.

In the UK, the Office of Financial Sanctions Implementation (OFSI) opened a fresh consultation in mid-2025 on streamlined civil penalties for financial sanctions breaches. The 2024-25 budget year shows OFSI freezing £37 billion in assets, underscoring the government’s sharper posture. Boards now find themselves accountable not only for AML and CFT but for “economic-security” oversight as part of the evolving “ESG+S” (Security) agenda. Compliance teams must therefore align sanctions, AML and CFT into one governance framework. Failure is no longer an operational glitch but a matter of strategic breakdown.

Case Studies and Emerging Evasion Techniques

The Hidden Architecture of Illicit Flows

1. Micro-Trading Through “Shadow Exporters”
Small EU firms shipping seemingly innocuous goods are increasingly being implicated in layered trade-based sanctions evasion. These goods are routed via third-country hubs such as Turkey or the UAE, then onward to sanctioned jurisdictions like Russia. Payment mismatches, unusual freight patterns and unexpected shell-company involvement trigger AML red flags even before formal sanctions screening kicks in. The overlap is clear: AML systems detect the upstream anomalies, even if sanctions filters initially miss the end-destination link.

2. Embedded Finance Abuse in the UK Fintech Sector
Within the UK’s booming fintech ecosystem, networks linked to sanctioned actors are exploiting smaller providers offering instant payments or FX services. The regulatory focus has traditionally been on sanctions screening, but in many cases anomalies emerge first through AML transaction-monitoring, rather than direct name-list hits. As the UK’s 2025 National Risk Assessment identifies, e-money institutions and payment service providers now present “medium to high” risks of laundering and sanctions evasion through weak controls.

3. Crypto-to-Trade Conversion
The use of stablecoins such as Tether (USDT) to fund trade transactions is a growing frontier. Funds flow from crypto wallets into legitimate-looking commodity shipments, enabling sanctioned actors to integrate value through trade streams that evade traditional screening. As one recent study notes, hybrid schemes combining trade-based money-laundering with crypto settlement are on the rise.

4. “Ghost Fleet” Insurance Laundering
In the maritime domain, ageing tankers flagged to non-transparent jurisdictions are insured via intermediaries in the EU or UK flagged as insurance brokers. These vessels form part of what is being called the “shadow fleet”, enabling illicit oil shipments despite sanctions. The underlying typology, layering through opaque ownership, insurance vehicles and shell companies, is identical to AML/CFT-typologies around beneficial-ownership exposure.

Each of these examples underscores a core imperative for businesses and compliance teams. They must recognise that sanctions evasion no longer lives in a separate silo, it is deeply interwoven with AML and CFT flows. Detection must therefore be anchored in anomalies, not merely list-matches.

When Compliance Collides: The Operational Challenge

In many organisations the sanctions team, AML analysts and trade-compliance unit still occupy wholly separate silos. That separation presents a rich seam for illicit actors. As the pressure mounts for rapid onboarding, accelerated supply-chain deals and instant payments, gaps widen and vulnerabilities surface. According to the Institute for Financial Integrity, a holistic blend of AML/CFT and sanctions functions is essential if firms are to detect the same flows through different lenses. Emerging practice includes fusion teams, cross-screening of trade and payments, entity-resolution AI and shared risk dashboards. Yet the real hurdle is governance. It means aligning leadership, clarifying accountability and building a culture of shared responsibility, not merely buying more tech. It still remains the toughest but most critical part of the puzzle.

Forward Look: What Executives Must Know

Executives should prepare for a regulatory wave as the convergence of sanctions, AML and CFT regimes is rapidly becoming formalised, notably via the new European Anti‑Money Laundering Authority (AMLA) and the upcoming single-rulebook in the EU. Meanwhile, in the UK, “economic security” is emerging as a core corporate pillar, with firms exporting advanced or dual-use components now under enhanced scrutiny.

AI-driven entity-resolution and graph-analytics tools will become standard in detection, but boards must understand their limitations, bias risk and residual governance burdens. Finally, future threats loom. Quantum-safe crypto tools enabling obfuscation, “AI-generated” shell companies and alternative payment corridors bypassing SWIFT are no longer science fiction. The takeaway? The era of standalone sanctions policies is over and the next phase is integrated economic-security resilience.

And what about you…?   

  • Where do silos still exist between your sanctions, AML and trade-compliance functions, and how might illicit actors exploit those gaps?
  • How confident are you that your organisation’s screening and analytics tools (e.g., entity-resolution, network analysis, trade-data cross-checks) can detect emerging hybrid evasion techniques?