Episode 234

20th March – 22nd March 2026

Sanctions

OFAC Removes Multiple Russia‑Linked Individuals and Firms from Sanctions List

OFAC has delisted several Russia‑linked individuals and entities previously designated under Executive Order 14024, removing multiple aliases of Evgeniya Sergeyevna Tyurikova as well as associated Turkish and UAE‑based companies and individuals. The update reflects administrative removals rather than new enforcement actions, but it still carries financial crime significance: these changes alter the risk landscape for compliance teams monitoring secondary‑sanctions exposure, beneficial‑ownership structures, and cross‑border commercial activity involving Russia‑connected networks. The removals also demonstrate the fluidity of sanctions‑screening obligations, requiring firms to update controls promptly to avoid false positives and maintain accurate financial‑crime risk assessments.

OFSI Issues New General Licence for Kazakh Oil Transactions

On 19th March 2026, OFSI issued General Licence INT/2026/9247168, permitting specified activity connected to the supply, purchase, transportation, or delivery of Kazakh oil, and anyone seeking to rely on it should review the full licence text to understand the scope of permissions and applicable conditions.

Fraud

EU and African Investigators Tighten Cross‑Border Defences Against Fraud and Illicit Trade

The African‑European Investigation Forum convened by the European Anti-Fraud Office (OLAF) demonstrated the growing financial‑crime risks facing both regions, highlighting procurement fraud in EU‑funded development projects, customs‑related revenue fraud, and transnational illicit trade in cigarettes, waste, and medicines. With fraud schemes increasingly spanning jurisdictions and exploiting weak control environments, OLAF and 29 African partner authorities committed to deeper intelligence‑sharing, joint investigative practices, and operational cooperation better to protect EU financial interests and disrupt cross‑border criminal networks. The forum emphasised that stronger investigative partnerships are essential to safeguarding public funds and countering the sophisticated financial and trade‑based fraud mechanisms affecting both continents.

Bribery and Corruption

DOJ Declines to Prosecute Balt SAS in Foreign Bribery Case; Two Individuals Indicted

The US Department of Justice has resolved its foreign bribery investigation into French medical‑device company Balt SAS, declining prosecution after the company voluntarily self‑disclosed misconduct, cooperated fully, and remediated failures, agreeing to pay $1.2 million in disgorgement. The case involved alleged bribes paid to a senior physician at a French state‑owned hospital to secure purchases of Balt products. In a parallel action, French prosecutors also reached a coordinated resolution with Balt. Separately, a US federal grand jury indicted two individuals, namely David Ferrera and Marc Tilman, for allegedly orchestrating the years‑long bribery scheme using sham consulting agreements, fake invoices, and concealed payments.

Market Abuse

ECJ Sets Landmark Precedent: Insider List Notifications Qualify as "Inside Information" Even Without Stated Reasons

In a significant ruling for European financial markets, the Court of Justice of the European Union has determined that a simple notification regarding a person's inclusion on an insider list can constitute "inside information," even if the specific reasons for that inclusion are not disclosed. The case, Finansinspektionen v Carnegie Investment Bank AB, involved an email sent by the Swedish video game developer Starbreeze to Carnegie, stating that its CEO and primary shareholder, BAK, had been placed on an insider list and was prohibited from selling shares. The Court clarified that while merely being on a list may be neutral, the addition of a sales prohibition implies the existence of adverse circumstances that a "reasonable investor" would likely use to guide their investment decisions.

Crucially, the ECJ held that information does not need to be factually 100% correct to be classified as "inside" information; if a communication appears credible at the time of disclosure and offers an unfair economic advantage, it remains subject to market abuse regulations. This holds true even if, as in this case, the email was sent five minutes before the insider list was officially opened. This ruling effectively broadens the definition of "precise nature" information, signalling to legal and compliance professionals that even technically incomplete or slightly premature disclosures can trigger the prohibition against insider dealing if they place the recipient in a more favourable position than the rest of the market.

Other Financial Crime

Tech‑Driven Criminal Ecosystem Fuels Surge in UK Financial Crime, NCA Warns

The National Crime Agency’s 2026 Strategic Assessment highlights a sharp escalation in financially motivated organised crime, driven by technology which accelerates drug trafficking, cyber‑attacks, online fraud, and global money‑laundering networks. Criminal groups are increasingly converging across markets, using crypto to finance drug supply chains, industrialised scam centres to steal savings at scale, and sophisticated concealment and smuggling methods to evade border controls. The NCA highlights that financial crime now sits at the centre of a single, interconnected criminal ecosystem, with laundering networks serving organised crime, hostile states, and terrorist actors alike, demanding a more unified national law‑enforcement response. The Strategic Assessment can be accessed here.

Cybercrime

US Justice Department Seizes Four Iranian-Linked Domains Used for Cyberattacks and Violent Threat Campaigns

The US Justice Department announced the court‑authorised seizure of four websites used by Iran’s Ministry of Intelligence and Security (MOIS) to conduct cyber‑enabled psychological operations, including claiming responsibility for hacks, publishing stolen sensitive data, and issuing violent threats against journalists, dissidents, and Israeli individuals. The domains — Justicehomeland[.]org, Handala‑Hack[.]to, Karmabelow80[.]org, and Handala‑Redwanted[.]to — supported a coordinated MOIS playbook involving destructive malware attacks, doxxing, intimidation, and propaganda, including a March 2026 cyberattack on a US medical technology firm and the release of personal information about nearly 200 Israeli military‑affiliated individuals. Investigators also uncovered emails threatening dissidents with cartel‑linked violence and bounties on their lives. US officials emphasised that dismantling Iran’s cyberwarfare infrastructure remains a national security priority, with the FBI continuing investigations and the State Department offering rewards for information on foreign‑government‑backed cyber threats.