At the FINTRAIL conference, one of the topics that caught my extra attention was focused on trade sanctions and how dramatically the landscape has changed in recent years. The panel discussion made clear that while trade sanctions themselves are not new, the scale, speed and complexity of enforcement and evasion have shifted significantly since 2022. For anyone working in financial crime, compliance or risk, this is becoming a central challenge, even though it used to be a specialist issue sitting at the edge of financial services.
Trade sanctions are not new. Financial institutions, exporters and governments have worked around embargoes and restrictions for decades. What has changed since 2022 is the scale, speed and complexity of the challenge. Following Russia’s invasion of Ukraine, sanctions moved from being a relatively defined compliance issue into something far more dynamic, wide-ranging and operationally demanding. As one speaker noted, it is important to understand behaviour, routes, goods, counterparties, ownership structures, documentation, professional services and the wider geopolitical context.
From a Screening Exercise to a Behavioural Risk Problem
Before 2022, many firms treated sanctions as largely a name-screening exercise: identify designated persons, stop prohibited transactions and maintain basic controls. Today, that approach feels far too narrow. The sanctions architecture around Russia in particular has expanded rapidly, both in volume and in sophistication. Goods once assumed to be low-risk now demand closer attention. The discussion made clear that this is not just about weapons systems or obvious military components. It can involve dual-use goods, luxury items, electronics, camera equipment, shipping documentation and products that move through entirely ordinary commercial and payment channels. A transaction may appear routine on its face, yet further scrutiny may reveal an implausible trade route, inconsistent documentation or counterparties sitting in jurisdictions frequently linked to trans-shipment risk.
There has been a shift from static controls to behavioural thinking. Panellists returned repeatedly to the idea that financial institutions cannot rely solely on whether a name matches a sanctions list. The real challenge lies in spotting anomalies: unusual trade corridors, sudden increases in transactions through high-risk hubs, misaligned goods descriptions, requests for urgent processing without sufficient documentation, or payment activity that does not make sense in light of the customer’s known business model. This is a much harder task. It requires judgement, pattern recognition and curiosity, not just rule execution.
Why Trade Sanctions Are So Difficult to Detect in Practice
The panel offered a useful reminder that trade sanctions sit inside an extremely complex chain. Financial institutions may see only one point in that chain, often through a payment, whereas the actual movement of goods involves many more actors: importers, exporters, vessel owners, agents, freight forwarders, insurers, logistics providers, and intermediary counterparties across multiple jurisdictions.
That means the bank or payment provider is often working with only a partial snapshot. A payment may arrive before goods move, long after goods move, or at one stage in a much wider chain of activity. Documentation standards differ between the countries, and ownership structures in shipping can be layered and opaque. Goods descriptions can be vague, inaccurate or deliberately misleading. And even where a firm has strong traditional screening in place, it may still have no direct visibility into what is actually inside a container, who the true end user is, or whether upstream and downstream parties present sanctions risk.
This makes trade sanctions feel, for many firms, like searching for a needle in a haystack. That phrase came up directly in the audience poll, and it is not difficult to understand why. Smaller payment service providers and electronic money institutions may not have dedicated sanctions teams at all. In many cases, sanctions responsibilities sit alongside broader anti-financial crime or fraud functions, leaving trade risk underdeveloped or deprioritised.
And yet the expectation is rising. The discussion made clear that firms can no longer assume trade sanctions are someone else’s problem simply because they do not offer formal trade finance. If a firm is facilitating cross-border transactions, it is already part of the wider control environment.
What This Means for Financial Institutions
This discussion felt highly relevant to the UKFin+ agenda, particularly the themes around RegTech, resilience and compliance. Trade sanctions are a clear example of a wicked problem in financial services: fast-moving, internationally connected, highly dependent on technology and data, and shaped by legal, political and operational uncertainty all at once.
From a UKFin+ perspective, the challenge is how financial systems remain resilient as risks evolve faster than traditional controls. The panel highlighted a tension many firms now face: being expected to identify increasingly complex sanctions-evasion patterns while still operating with fragmented data, inconsistent guidance, and control environments never designed for this level of complexity.
That is exactly where collaborative research becomes valuable. Financial institutions need better ways to detect suspicious trade-related behaviours without generating unmanageable false positives. They also need to understand where responsibility begins and ends. Banks are not customs authorities, but they are still expected to play a critical gatekeeping role. The result is a growing compliance burden, with firms trying to interpret expectations that are still not always clearly defined. What the session exposed was not a lack of willingness, but a lack of clarity. Again and again, panellists called for clearer guidance, more proportionate expectations, and stronger alignment among regulators, government, financial institutions, and the corporate sector.
The Real Risk Is Not Only Non-Compliance but False Confidence
Perhaps the most striking insight from the discussion was that the greatest danger may not be simply missing a sanctions breach. It may be assuming that traditional controls are doing more than they really are. The panel strongly felt that firms must move away from passive compliance. Screening alone is not enough. Having a policy is not enough. Even having sophisticated technology is not enough if the people reviewing alerts do not understand what they are looking for. The repeated emphasis on skills, awareness and curiosity felt important. A firm can invest in tools, but if its teams are not trained to spot implausible trade behaviour, the controls will still fall short.
One of the more balanced themes was the need for proportionate and informed responses. Firms should not be expected to catch everything. But they should be able to demonstrate that they understand their exposure, have assessed where the key risks lie, and have built defensible controls adapted to the realities of their business model. That feels like a mature and realistic message. In a world where sanctions regimes are expanding and diverging, and where geopolitics now shape compliance almost in real time, resilience will depend less on perfection and more on preparedness.
If the last few years have shown anything, it is that sanctions risk is no longer slow-moving or predictable. It is adaptive, international and increasingly embedded in ordinary trade and payment flows. Detecting it will require not only stronger controls, but better thinking about how those controls should work in the first place.