Sanctions Tests Bank Compliance Controls

Deutsche Bank’s London branch has been fined £165,000 by the UK’s Office of Financial Sanctions Implementation after processing payments that breached Britain’s Russia sanctions regime. The case underlines how sanctions enforcement is increasingly testing not only banks’ policies, but the operational reliability of their screening systems.

The penalty relates to two payments made in June and July 2022, worth a combined £635,619, to Okko LLC, a Russian app developer and streaming platform operator. Okko was wholly owned by JSC New Opportunities, a company subject to UK sanctions. Deutsche Bank’s London branch reported the issue itself, but the regulator still treated the breach as serious because funds had been made available to an entity covered by the restrictions.

OFSI said Deutsche had relied in part on a third-party provider for sanctions screening at the time, and that the provider did not flag the issue with Okko’s ownership. However, the regulator made clear that outsourcing a screening function does not transfer responsibility for compliance. For banks, that distinction is material: external systems may support due diligence, but accountability remains with the institution processing the transaction.

Deutsche Bank said it had strengthened, and continued to strengthen, its sanctions compliance framework and related processes. The fine follows heightened scrutiny of financial institutions’ exposure to Russia-linked activity since the invasion of Ukraine, with UK authorities maintaining pressure on firms to identify ownership links, indirect control and payment risks.

The unresolved issue is not only whether banks can detect sanctioned names, but whether their systems can keep pace with changing ownership structures and indirect connections. In this case, the amount was modest by institutional standards, but the regulatory message was broader: sanctions compliance depends on control, verification and responsibility, not simply on the presence of screening tools.