ASK MAT – JCOA Sanctions Event: OFSI Apple Ireland Fine – Extraterritorial Sanctions Risk No Longer Only USA?

ASK MAT – JCOA Sanctions Event: OFSI Apple Ireland Fine – Extraterritorial Sanctions Risk No Longer Only USA?

I am asking this question because, at a recent JCOA Sanctions event, after a question about USA risk (e.g. OFAC), a question from the floor asked whether the recent OFSI fine of an Irish company shows the risk is now closer to home.

I would like to learn more.

MAT SAYS

• Yes – the recent OFSI fine on Apple Distribution International Limited (ADI) clearly demonstrates that extraterritorial (or extra-jurisdictional) sanctions enforcement risk is no longer something that “only sits with the USA” (e.g. OFAC).
• UK sanctions now bite hard too.

Comsure Posted News About Them In April And March

• Published: 14 April 2026 = Title: UK Fines Apple’s Irish Subsidiary £390k for Paying Sanctioned Russian Streaming Service
• Direct link: https://www.comsuregroup.com/news/uk-fines-apple-s-irish-subsidiary-390k-for-paying-sanctioned-russian-streaming-service/
• Published: 31 March 2026 = Title: Beware the UK nexus as UK-OFSI fines an Irish subsidiary of Apple for Russia Sanctions Breach
• Direct link: https://www.comsuregroup.com/news/beware-the-uk-nexus-as-uk-ofsi-fines-an-irish-subsidiary-of-apple-for-russia-sanctions-breach/

Here are the key facts (OFSI penalty published 30 March 2026):

• On 19 March 2026, the UK’s Office of Financial Sanctions Implementation (OFSI) imposed a £390,000 civil monetary penalty on Apple Distribution International Limited (ADI)
• ADI is Apple’s Irish-incorporated subsidiary (based in Cork) that handles App Store and developer payments for Europe, the Middle East and Africa.
• The breach involved two payments in June/July 2022 totalling £635,618.75 made to Okko LLC, a Russian streaming service that was wholly owned by JSC New Opportunities (a UK-designated person under the Russia sanctions regime at the time).
• ADI instructed the payments from funds held in a UK-based bank account that it controlled.
• OFSI determined that ADI’s failure to cancel the instructions (an omission) amounted to conduct in the UK by a non-UK person.
• This was treated as a breach of Regulation 12 of the Russia (Sanctions) (EU Exit) Regulations 2019 (prohibition on making funds available to a person owned/controlled by a designated person).
• No penalty or breach finding was imposed on the US parent company, Apple Inc.
• ADI voluntarily disclosed the issue (plus some earlier similar payments) in October 2022.
• The case was settled under OFSI’s brand-new settlement framework (introduced only days earlier), which reduced the penalty from a baseline of £600,000 (35% discount for disclosure and cooperation).
• This was OFSI’s first-ever use of this mechanism.

Why this shows sanctions risk beyond the USA OFSI’s own penalty notice is explicit on jurisdiction:

• “UK financial sanctions apply to any conduct in the UK and to all UK persons (including legal entities established under UK law) anywhere in the world.
• That includes non-UK firms using UK financial institutions to conduct payments, even if the non-UK firm directly manages the account from outside the UK.”
• This is the classic “UK nexus” – here, simply routing payments through a UK bank created enforceable UK sanctions exposure for an Irish company.
• Compliance alerts and law firms have already flagged this case as a clear warning that global businesses must treat UK sanctions as a separate compliance obligation alongside US ones.

Important nuance (not identical to US extraterritoriality)

• US OFAC is often more aggressive with secondary sanctions and can reach non-US persons with minimal or no direct US nexus (especially via USD clearing).
• UK sanctions still formally require a UK nexus (conduct in the UK or by a UK person anywhere).
• However, in practice, any use of UK banks, sterling clearing, or other UK connections can trigger OFSI enforcement – exactly what happened here.
• The UK has been steadily tightening enforcement (strict liability since 2022, higher penalties, new settlement framework, more designations). This high-profile Apple case is a public signal that OFSI is willing and able to act against major multinationals.

Bottom line

• Sanctions compliance risk has always been multi-jurisdictional, but this case makes it crystal clear in 2026 that you cannot assume it is “only a US problem.”
• Any company (US, Irish, or otherwise) that touches the UK financial system or has other UK connections now faces real, enforceable UK sanctions exposure on top of OFAC/EU risks.
• Firms' compliance programmes must screen ownership/control rigorously and monitor all relevant payment flows.

WWW sources

1. Official OFSI Public Penalty Notice (PDF) – https://assets.publishing.service.gov.uk/media/69ca1da04321776215360a1c/ADI_Public_Penalty_Notice.pdf
2. GOV.UK – Imposition of monetary penalty: Apple Distribution International Limited – https://www.gov.uk/government/publications/imposition-of-monetary-penalty-apple-distribution-international-limited
3. Comsure Group News Article (full case summary) – https://www.comsuregroup.com/news/uk-fines-apple-s-irish-subsidiary-390k-for-paying-sanctioned-russian-streaming-service/
4. Crowell & Moring Client Alert – https://www.crowell.com/en/insights/client-alerts/ofsi-imposes-pound390000-penalty-on-apple-subsidiary-for-russian-sanctions-breaches-key-compliance-takeaways
5. The Guardian – https://www.theguardian.com/technology/2026/mar/30/apple-subsidiary-fine-uk-government-sanctions-russia
6. Steptoe International Compliance Blog – https://www.steptoe.com/en/news-publications/international-compliance-blog/ofsi-makes-first-use-of-new-settlement-mechanism-in-apple-distribution-international-limited-enforcement-action.html
7. Reuters – https://www.reuters.com/world/uk/uk-fines-apple-subsidiary-516000-over-russia-sanctions-breach-2026-03-30/
8. Irish Times – https://www.irishtimes.com/business/2026/03/30/uk-fines-cork-based-apple-subsidiary-for-breaching-russian-sanctions/
9. Politico Europe – https://www.politico.eu/article/apple-subsidiary-fined-390k-for-russian-sanctions-breaches/
10. Practical Law / Thomson Reuters – https://uk.practicallaw.thomsonreuters.com/w-049-8358