EU says OFAC listings alone do not justify ACCOUNT REFUSAL, although OFAC risk remains decisive for non-US persons.

INTRODUCTION

• On 11 June 2026, the Court of Justice of the European Union delivered its judgment in Case C-81/24 (Jenec).
• The Court ruled that the mere inclusion of an individual on a US OFAC sanctions list is not, by itself, sufficient grounds for an EU bank to refuse to open a basic payment account.

EU law

1. EU law grants legally resident consumers a right to a basic payment account, and this right may only be restricted following an individual, case-by-case assessment of money laundering and terrorist financing (ML/TF) risk.
2. An OFAC listing may be taken into account as one relevant factor in that assessment, but it does not justify an automatic refusal.
3. This judgment is an important clarification of EU law.
4. However, it is critical to understand its limited scope. You are not required to follow the CJEU judgment.

OFAC

1. The ruling
   1. Only addresses obligations under EU law regarding ML/TF risk assessment and the right to a basic payment account.
   2. Does not protect non-US banks (or EU banks with US exposure) from the risk of US secondary sanctions.
2. US secondary sanctions and extraterritorial enforcement risk remain a separate and often decisive factor.
3. The United States can impose sanctions on non-US persons and financial institutions for
   1. Engaging in significant transactions or providing material support to certain Specially Designated Nationals (SDNs), even where there is limited or no direct US nexus.
   2. For legal persons [e.g. BANKS/TCSPS] in jurisdictions such as Jersey, Mauritius and other international financial centres, the most significant exposure typically arises through
      1. USD clearing
      2. Correspondent banking relationships.
      3. Structures And Structuring

COMPLIANCE RISK

• Consequently, compliance teams must continue to treat US secondary sanctions and correspondent banking risk as a separate, material risk that is not removed or reduced by the CJEU ruling.

DUAL ASSESSMENT:

• The recommended approach is therefore a dual assessment:
• Conduct a proper, documented individual ML/TF risk assessment (in line with FATF standards and the spirit of the CJEU judgment),
• Treating US OFAC and similar third-country lists as an important input [HIGHER] rather than an automatic "no".
• Separately and explicitly
• Assess and document the US secondary sanctions and correspondent banking risk.
• In many cases,
• The US risk will remain the deciding factor,
• Even where the ML/TF risk could theoretically be managed.
• This dual approach
• Is consistent with FATF Recommendations,
• Supports financial inclusion where risk can genuinely be managed, and
• Helps reduce the risk of regulatory criticism or reputational damage on either the ML/TF or US sanctions front.

EU Court Rules: Mere Inclusion on a US OFAC Sanctions List Is Not Enough to Refuse a Basic Bank Account

Luxembourg / Brussels – 12 June 2026

• In a significant ruling for banks and consumers across the European Union, the Court of Justice of the European Union (CJEU) has held that a person's inclusion on a US Office of Foreign Assets Control (OFAC) sanctions list, by itself,
• Does not justify a bank's refusal to open a basic payment account.
• The judgment in Case C-81/24 (known as Jenec) arose from a 2022 case in Slovenia.
• A consumer, referred to as "LH", applied to open a PAYMENT ACCOUNT WITH BASIC FEATURES at a Slovenian bank (Nova Kreditna Banka Maribor, later part of the OTP Group).
• The bank refused solely because his name appeared on the US OFAC list.
• The individual
• Had never been convicted of the underlying offence and
• Was not subject to any sanctions imposed by the United Nations, the European Union, or Slovenia.

Key quotes from the judgement

• "The mere inclusion of a customer's name on the OFAC list, or on any other list of that type drawn up by a third country, does not automatically prohibit a bank from establishing a business relationship with that customer."
• "Such a refusal is possible only following an individual assessment, carried out by the bank, of the risk of money laundering and terrorist financing."

The Court's Clear Message

• The CJEU confirmed that every consumer legally resident in the EU has a right to open and use a payment account with basic features under the Payment Accounts Directive (Directive 2014/92/EU).
• This right can only be restricted where opening the account would breach anti-money laundering and counter-terrorist financing (AML/CFT) rules (primarily Directive (EU) 2015/849 – the 4th AML Directive).
• Crucially, the Court stated:
• "The mere inclusion of a customer's name on the OFAC list, or on any other list of that type drawn up by a third country,
• Does not automatically prohibit a bank from establishing a business relationship with that customer."
• However, the listing can be taken into account as one relevant factor during an individual, case-by-case assessment of money laundering and terrorist financing risk.
• Even then, refusal is only lawful if the bank can demonstrate that it cannot effectively manage the risk through measures proportionate to its nature and size.
• The limited functionality of basic accounts (no overdraft, restricted to essential payment services) inherently lowers the ML/TF risk, the Court noted.

Why This Ruling Matters

• This decision reinforces the risk-based approach at the heart of EU (and global) AML/CFT rules.
• It prevents blanket, automatic de-risking based solely on foreign sanctions lists and protects financial inclusion as a core objective of the Payment Accounts Directive.
• Banks can no longer cite "he's on the OFAC list" as a complete justification.
• They must now show they have genuinely assessed the specific risks and concluded that adequate mitigation is impossible.

Analysis for Compliance Officers in Non-US Jurisdictions (e.g. Jersey, Mauritius and elsewhere outside the US)

• Although this is an EU ruling interpreting EU Directives, it carries significant persuasive weight and practical implications for compliance professionals in international financial centres such as Jersey and Mauritius, as well as elsewhere outside the US.
• The judgment does not bind these jurisdictions, but they operate under FATF-aligned risk-based frameworks and face similar pressures from US correspondent banks and OFAC exposure.

1. Scope: Not Legally Binding, But Highly Relevant

• Jersey (Crown Dependency) primarily implements UK sanctions regimes and has its own robust AML/CFT framework under the Proceeds of Crime (Jersey) Law 1999 and related regulations. It does not have an identical "right to a basic bank account" statute, but consumer protection and fair-treatment expectations still exist.
• Mauritius follows FATF standards through its Financial Intelligence and Anti-Money Laundering Act and related regulations. It actively courts international business while maintaining strong correspondent banking relationships (especially USD clearing).
• The CJEU's reasoning aligns closely with the FATF Recommendations (particularly R.1 on the risk-based approach and R.10 on customer due diligence). Refusing based on a single data point (a foreign list) without an individual assessment is inconsistent with the risk-based approach both Jersey and Mauritius regulators expect.

2. Key Takeaways for Your AML/CFT Programme

OFAC screening remains essential — but its weight must be calibrated:

• OFAC hits should trigger enhanced due diligence (EDD), not automatic rejection.
• Assess the nature and basis of the designation. Was it for serious criminality with credible evidence, or a broader/older listing without local equivalent (e.g. no UN/EU/UK/Jersey/Mauritius sanctions)?
• The Court explicitly noted the absence of conviction or local sanctions as relevant context.
• For basic or low-risk products (everyday current accounts, basic payment services), the inherent risk is lower — exactly as the CJEU highlighted.
• Document why the account's limited features reduce ML/TF exposure.

Document the individual risk assessment rigorously:

• What specific ML/TF risks does this customer pose?
• What mitigating controls can be applied (transaction monitoring rules, source of funds/wealth checks, periodic reviews, limits)?
• If refusing: clearly articulate why the risk cannot be managed proportionately. Vague references to "OFAC listing" will no longer suffice and could expose the firm to regulatory criticism or complaints.

3. Practical Realities in Jersey & Mauritius (Including US Secondary Sanctions Risk)

• Even where local law permits the relationship after a proper risk assessment, commercial and correspondent banking realities often push banks toward caution.

US secondary sanctions and extraterritorial risk remain a separate and often decisive factor.

• The CJEU ruling only addresses obligations under EU law regarding ML/TF risk assessment and the right to a basic payment account.
• It does not protect non-US banks (or EU banks with US exposure) from US secondary sanctions risk.

Key points for compliance teams:

• US primary sanctions mainly apply to US persons.
• However, secondary sanctions allow the US to take action against non-US persons and banks for engaging in "significant transactions" or providing material support to certain SDNs — even with limited or no direct US nexus.
• The most common exposure for banks in Jersey, Mauritius and similar centres comes through USD clearing.
• Most USD transactions are ultimately cleared through US financial institutions. OFAC can view processing (or facilitating) transactions involving an OFAC SDN as causing a US person to violate sanctions.
• OFAC has increasingly designated or penalised non-US financial institutions (including banks in Europe, Switzerland, the Middle East and Asia) for sanctions-related activity.
• Losing access to USD correspondent banking or being added to the SDN list yourself is often far more damaging than a local regulatory fine.
• Reputational risk with US correspondent banks is also very real — many US banks apply their own strict OFAC policies and will terminate relationships where they perceive unacceptable exposure.

Recommended approach:

• Maintain robust OFAC screening as part of your risk-rating methodology.
• Create clear internal guidance distinguishing between:
• Automatic prohibitions (UN/EU/UK/Jersey/Mauritius sanctions — follow local law strictly).
• Risk factors (OFAC and other third-country lists — feed into EDD and risk rating, but do not automatically trigger refusal).
• Conduct two distinct assessments and document both:

1. ML/TF risk (individual assessment per FATF / local rules / CJEU principles).
2. US secondary sanctions and correspondent banking risk.

• For higher-risk customers on OFAC lists where you decide to proceed, implement enhanced ongoing monitoring and consider whether the relationship fits your overall risk appetite (including US exposure).
• Review your customer acceptance and exit policies to ensure they require genuine individual assessment rather than pure list-based rules.

In practice, many banks in Jersey, Mauritius, and similar jurisdictions still conclude that US secondary sanctions and correspondent banking risk cannot be adequately mitigated and therefore decline or heavily restrict the relationship — even after completing a positive ML/TF risk assessment.

4. Opportunity, Not Just Risk

• This judgment encourages a more nuanced, evidence-based compliance culture.
• It pushes firms away from blunt "tick-box" de-risking toward genuine risk management — which is ultimately what regulators in Jersey (Jersey Financial Services Commission) and Mauritius (Financial Services Commission / Bank of Mauritius) expect under their risk-based supervisory models.

Firms that update their policies now to reflect this balanced approach (including proper documentation of both ML/TF and US sanctions risk) will be better positioned for:

• Regulatory examinations
• Correspondent bank due diligence questionnaires
• Potential future litigation or customer complaints

Bottom line for compliance officers outside the US/EU:

• You are not required to follow the CJEU judgment, but you would be wise to align with its spirit on the ML/TF side.
• At the same time, you must continue to treat US secondary sanctions and correspondent banking risk as a separate, material risk that is not removed by the ruling.
• Treat US OFAC (and similar third-country lists) as an important input into a documented, individual ML/TF risk assessment — never as an automatic "no" — while also explicitly assessing and documenting US sanctions exposure. In many cases, the US risk will remain the deciding factor.
• This dual approach is consistent with FATF standards, supports financial inclusion where risk can genuinely be managed, and reduces the risk of regulatory or reputational issues on either side.

Disclaimer

This article is for informational purposes only and does not constitute legal advice. Compliance policies should be reviewed with qualified local counsel and in light of your specific regulatory obligations and risk appetite.

Sources

1. Official CJEU Press Release (Best Primary Source)

Direct PDF link: https://curia.europa.eu/site/upload/docs/application/pdf/2026-06/cp260084en.pdf

Full verbatim text

PRESS RELEASE No 84/26 = Luxembourg, 11 June 2026 = Judgment of the Court in Case C-81/24 | [Jenec]

Banking services: inclusion on a United States sanctions list is not sufficient, on its own, for a refusal to open an account

Such a refusal is possible only following an individual assessment by the bank of the risk of money laundering and terrorist financing.

In 2022, a Slovenian bank refused to open a basic payment account for a consumer because he was on a sanctions list maintained by the US Office of Foreign Assets Control (OFAC). The Bank, in so doing, intended to fulfil the obligations set out in Slovenian legislation on the prevention of money laundering and terrorist financing.

However, that consumer has never been convicted of the criminal offence giving rise to his inclusion on the OFAC list. He is likewise not subject to any sanction imposed by the United Nations, the European Union or Slovenia. He therefore brought an action before the Slovenian courts to compel the bank to open such an account for him.

The Slovenian court referred the case to the Court of Justice. It wishes to know, inter alia, whether the bank's refusal was justified under EU law.

In response, the Court first states that any consumer legally residing in the European Union has the right to open and use a payment account with basic features. However, that right is subject to compliance with the rules relating to the prevention of money laundering and the countering of terrorism.

The mere inclusion of a customer's name on the OFAC list, or on any other such list compiled by a third country, does not automatically prohibit a bank from establishing a business relationship with that customer. That inclusion may nevertheless constitute one of the relevant factors which the bank is required to take into account during an individual assessment of the risk of money laundering and terrorist financing.

Even though the limited uses of a payment account with basic features reduce that risk, it cannot be ruled out that, following a specific assessment, the bank may find that it is unable to manage effectively, through measures proportionate to its nature and size, the risk of money laundering or terrorist financing connected with a business relationship with a person included on such a list.

Only in such a case could the refusal to open such an account be justified under EU law.

NOTE: A reference for a preliminary ruling allows the courts and tribunals of the Member States, in disputes which have been brought before them, to refer questions to the Court of Justice about the interpretation of EU law or the validity of an EU act. The Court of Justice does not decide the dispute itself. It is for the national court or tribunal to dispose of the case in accordance with the Court's decision, which is similarly binding on other national courts or tribunals before which a similar issue is raised.

Unofficial document for media use, not binding on the Court of Justice.

Key quotes you can copy directly:

"The mere inclusion of a customer's name on the OFAC list, or on any other list of that type drawn up by a third country, does not automatically prohibit a bank from establishing a business relationship with that customer."

"Such a refusal is possible only following an individual assessment, carried out by the bank, of the risk of money laundering and terrorist financing."

2. Original Source You Shared (SMB.gov.mt)

Direct link: https://smb.gov.mt/latest-news/judgment-of-the-court-in-case-c-81-24-the-inclusion-of-a-consumer-on-a-us-sanctions-list-is-not-enough-to-warrant-a-refusal-to-open-a-bank-account/

3. Reuters Article (Good journalistic summary)

Direct link: https://www.reuters.com/business/finance/being-us-sanctions-list-not-sufficient-refuse-eu-bank-account-court-rules-2026-06-11/

Key excerpt

"Inclusion on a United States sanctions list is not sufficient on its own for a refusal to open a bank account in the European Union, the Court of Justice of the European Union ruled on Thursday. In 2022, a Slovenian bank… refused to open a basic account for a consumer named only as LH, who was included on a sanctions list by the U.S. Office of Foreign Assets Control (OFAC)… That consumer was not convicted of the criminal offence that led to his inclusion on the OFAC list and is not subject to sanctions imposed by the United Nations, the European Union or Slovenia…"

4. Additional Good Secondary Source (EU Law Live)

Direct link: https://eulawlive.com/court-of-justice-inclusion-on-us-sanctions-list-is-not-in-itself-sufficient-for-refusal-to-open-basic-payment-account/

Judgment of the Court in Case C-81/24 – The inclusion of a consumer on a US sanctions list is not enough to warrant a refusal to open a bank account. Posted on June 11, 2026, PRESS RELEASE No 84/26

A bank may refuse to open a basic payment account only after a case-by-case assessment of money laundering and terrorist financing risks.

In this case, a Slovenian bank relied on a customer's inclusion on the US OFAC list, despite the customer not being on EU/UN sanctions, to decide not to allow the customer to open a payment account with basic features. The Court held that EU residents have a right to a basic account. This right may be restricted to comply with AML/CFT requirements. Being on an OFAC list alone does not justify refusal. It can, however, be considered a factor in the bank's assessment of the consumer to determine whether it is too risky to allow the consumer to open a payment account. From that point, the refusal is lawful if the bank cannot adequately manage the assessed risk.

Posted in Posts - Latest News.

https://smb.gov.mt/latest-news/judgment-of-the-court-in-case-c-81-24-the-inclusion-of-a-consumer-on-a-us-sanctions-list-is-not-enough-to-warrant-a-refusal-to-open-a-bank-account/