IOM Presentation regarding Proliferation Financing and Targeted Financial Sanctions Risks

The Isle of Man Financial Services Authority has published a presentation highlighting important considerations in relation to Proliferation Financing (PF) and Targeted Financial Sanctions Risks.

The slides and accompanying audio, which can be accessed via the Webinars section of the Authority’s website, cover a range of topics, along with explanations of key terms, best practice for industry, and practical examples.

• https://www.youtube.com/watch?v=TyPWeP6K0yA

The main themes include:

• What are Sanctions?
• Regulatory Responsibilities
• Proliferation Financing
• Targeted Financial Sanctions
• Conducting Risk Assessments
• Your Role and Responsibilities

VIDEO Executive Summary

• This training session by Reginald Borneo (Technical Specialist, Isle of Man Financial Services Authority) provides a clear, practical overview of sanctions compliance, with a strong focus on proliferation financing (PF) and targeted financial sanctions (TFS).

The core message:

• Sanctions risk management is not a standalone “tick-box” exercise or just screening against lists. It must be fully integrated into your business-wide risk assessment, customer due diligence, and overall compliance programme.
• Sanctions are constantly evolving, evasion techniques are becoming more sophisticated, and organisations must adopt a proportionate, risk-based approach tailored to the nature, size, and complexity of their business.
• By the end of the session, participants should understand how to embed sanctions due diligence into business risk, client risk, and technology risk assessments — and why this matters for protecting your firm, your jurisdiction, and international security.

Key Takeaways – Structured by Topic

1. What Are Sanctions?

• FATF definition: Restrictive measures designed to change behaviour (deterrence, prevention, punishment) and protect human rights.
• Two main categories:

• Primary / explicit sanctions – directly target individuals, entities, or countries (e.g., North Korea, Iran, Cuba).
• Secondary / implicit sanctions – target parties connected to the above (created to counter evasion tactics).

• Sanctions rarely operate in isolation — there is frequent overlap (financial + sectoral, financial + targeted, proliferation financing + trade, etc.).

2. Types of Sanctions (and Real-World Examples)

• Financial sanctions → restrictions on financial services and economic resources (North Korea, Iran, Myanmar).
• Sectoral sanctions → target specific industries (e.g., Russian banks, oil & gas, technology).
• Targeted sanctions → hit specific people or entities (Kim Jong-un, Vladimir Putin).
• Trade sanctions → embargoes, import/export bans, quotas.
• Proliferation financing → facilitation of dual-use goods or weapons of mass destruction.
• Travel bans → on named individuals, terrorists, or vessels/aircraft.

3. Proliferation Financing (PF) – The Hidden Risk

• Involves dual-use goods (everyday items that can be repurposed for WMDs, e.g., a simple doorbell button used as a bomb trigger).
• Often a linear yet multi-layered process to hide the end-user or end-use.
• Funds are usually obtained through legitimate means (unlike typical ML).
• High-risk red flags:

• Special economic / customs-free zones.
• Transactions routed through “friendly” countries that lower due diligence.
• Complex loans, shipping, aircraft sales, corporate services to high-risk industries.

• Customer’s customer due diligence is critical — example:

• A firm fined for baby clothing sourced via a sanctioned country through multiple layers of suppliers.

4. Targeted Financial Sanctions (TFS)

• Focus on:

• Specific individuals, entities, or sectors to prevent funding of prohibited activities without causing widespread civilian suffering.

• Common measures:

• Asset freezes, restrictions on financial services, 50%+ ownership rule.

• Real case (Nov 2025):

• UK bank fined £160,000 for processing 24 payments to/from a designated Russian individual because one division used inadequate sanctions screening lists.

• Lesson:

• Screening must use verifiable, up-to-date sanctions lists (not just PEP lists) and be supported by robust due diligence.

5. Risk Assessment – Same Framework as AML/CFT Use the same risk pillars as money laundering and terrorist financing:

• High-risk products/services (wire transfers with poor information, insurance in high-risk jurisdictions, correspondent banking).
• High-risk customers (designated persons, family/associates, Iranian/North Korean nationals, dual-use goods traders).
• High-risk geographies (Iran, North Korea, countries with weak controls or historical ties to proliferation concerns).
• High-risk channels (third parties, intermediaries).
• High-risk technology (cyber risks, software/information transfer).

Key principle:

• The “not my customer” defence does not work.
• You must understand downstream connections and document your questions even when you are not the direct KYC owner.

6. Best Practices & Your Role

• Sanctions due diligence = screening + negative media/open-source intelligence + understanding customer’s customer.
• Screening: automated is now essential (lists change too fast for manual); verify data source and update speed.
• Training must be tailored to your business (small non-profit vs. TCSP handling shipping/aircraft).
• Document everything: risk assessment methodology, processes for freezing/unfreezing assets, internal/external reporting.
• Senior management must approve and oversee the risk-based approach (RBA).
• Stay current — sanctions lists and typologies evolve daily.

Conclusion

• Sanctions compliance is a living, breathing part of your compliance regime. Screening alone is never enough.
• The session reinforces that a robust, proportionate, and well-documented approach — built on proper risk assessment, enhanced due diligence, and continuous staff training — is the only effective way to mitigate proliferation financing and targeted financial sanctions risks.
• In today’s geopolitical climate, failing to keep pace is not just a regulatory risk — it undermines international law, peace, and human rights. As Reginald Borneo emphasised: if you’re not sure, get trained, document your decisions, and never assume “someone else” is handling it.

Practical Next Step Recommendation Review your current sanctions policy against the elements above. Ask:

• Do we truly understand our customers’ customers?
• Is our screening tool fit-for-purpose and properly validated?
• Are our risk assessments proportionate and explainable
• This training is an excellent refresher and practical guide for any financial services or DNFBP professional responsible for compliance in 2026 and beyond.

Reginald Borneo, a Technical Specialist in the Authority’s AML/CFT Supervision Division, said:

• ‘It’s important to note that sanctions due diligence has evolved far beyond name screening.
• Sanctions compliance requires tailored approaches that assess ownership and control relationships, investigate potential fronting arrangements, and scrutinise product end-users and end-uses to effectively navigate the increasingly intricate regulatory landscape.’
• ‘Consideration should be given to the dynamic nature of proliferation financing and sanctions, with a more fluid approach encouraged when assessing the associated elements in your Business, Customer and Technology Risk Assessments (BRA, CRA and TRA).’

CLOSE

The information is intended to assist Island firms and support the Isle of Man Government’s commitment to fulfilling its international obligations regarding:

• Sanctions regimes and denying terrorist groups access to the financial system
• Countering the proliferation of weapons of mass destruction
• Applying effective controls on the export and trade in military equipment, dual-use items, and other methods of facilitating proliferation financing and sanctions breaches.

The Isle of Man implements all United Nations and United Kingdom sanctions regimes, and relevant persons must adhere to the legislative requirements under the AML/CFT Code 2019 as it relates to sanctions.

The Authority’s presentation provides further insight into matters such as due diligence, sources of risk, onboarding processes, sanctions screening, training, and ongoing monitoring in respect of PF and Targeted Financial Sanctions Risks.

 Source