We are excited to launch our "Sanctions in Focus" series, featuring five concise posts that explore the challenges firms face in navigating the ever-evolving landscape of sanction management. This series will provide insights on how to strengthen your current sanction protocols, redefine your operational model, and implement cutting-edge technology to streamline and enhance labour-intensive sanction operations.
AI is undeniably becoming a pivotal component in the sanction's ecosystem. It has reshaped sanctions compliance, acting both as a critical ally and a complex challenge in sanctions enforcement. When deployed correctly, AI serves as a capability enhancer - scaling detection efforts, uncovering hidden connections, and enabling proactive risk mitigation. However, as Christopher Burgess explains, its complexity also introduces new forms of regulatory and operational exposure, making it both a strategic asset and a source of emerging risk.
Sanctions – Then and Now
Historically, sanctions screening has been largely static, relying on exact name matches and predefined rule-based logic. These legacy systems, common across financial institutions, were designed for structured datasets and exact-match logic. They offered consistency but lacked ingenuity and flexibility. Misspellings, transliterations, and aliases often slipped through, while legitimate activity frequently triggered false positives, often overwhelming compliance teams.
Legacy systems, common across financial institutions, were designed for structured datasets and exact-match logic.
The last decade, especially post-covid, has brought a step change. With the increased integration of machine learning and natural language processing, institutions can now screen non-transliterated content, prioritise and better manage alerts, and adjust risk models in real time based on evolving threats. These tools enable the detection of patterns that traditional systems missed: complex client structures, indirect ownership ties, or sanctioned entities obscured through layers of legal and geographical shielding.
AI and Proactive Transaction Monitoring
These advancements have already delivered substantial benefits. By improving transaction monitoring, identifying shared ownership between entities, and spotting suspicious activity patterns, AI systems have uncovered sanctions evasion tactics linked to North Korean maritime networks, Iranian front companies operating through third-country intermediaries, and crypto wallets tied to ransomware groups targeted by OFAC. These new capabilities have shifted the compliance model from reactive monitoring to proactive interdiction.
These new capabilities have shifted the compliance model from reactive monitoring to proactive interdiction.
However, these advancements also bring new risks. Given that breaches of UK financial sanctions can lead to strict liability civil penalties - where firms can be fined even without intent or knowledge - compliance systems must be both effective and defensible. Firms cannot rely solely on AI-driven sanctions detection without clear auditability and explainability. While AI can scale detection and reveal hidden risks, models based on machine learning, particularly deep learning, often make decisions in ways that are difficult to interrogate. In a strict liability regime, the inability to explain how a sanctions breach was missed - or why a system failed to flag a connection - could leave firms dangerously exposed. Regulators such as OFSI now expect firms to demonstrate that AI systems are thoroughly tested, governed, and continuously validated. Human oversight remains critical to ensure that AI tools support, rather than substitute, responsible sanctions compliance.
Firms cannot rely solely on AI-driven sanctions detection without clear auditability and explainability.
Sanctions - What’s Next?
Recent enforcement actions underscore these risks. In one case, a major European financial institution faced penalties when its AI screening model failed to flag transactions involving a sanctioned Russian logistics company. The system deprioritised the transactions based on historical trade patterns, without factoring in current geopolitical developments. This highlights a key flaw in AI models: they need continuous oversight and updates to remain effective, particularly given
False positives remain another operational challenge. While AI can reduce these when properly tuned, many systems still generate upwards of 90% false alerts, particularly when applied to legacy data. Without proper contextual risk assessment and implementation, AI can escalate rather than resolve issues.
What’s needed next is becoming increasingly clear. AI should be leveraged as an enhancement within a broader, human-led risk framework. Institutions must invest in model governance, cross-departmental oversight, and regular testing to expose blind spots and stay ahead of evolving evasion tactics.
AI is not a one-size-fits-all solution for sanctions compliance. However, when deployed correctly, with clear governance and structure, it can significantly improve a firm’s ability to detect, deter, and defend against sanctions breaches.
AI is not a one-size-fits-all solution for sanctions compliance. However, when deployed correctly, with clear governance and structure, it can significantly improve a firm’s ability to detect, deter, and defend against sanctions breaches. In an environment of increasingly sophisticated financial crime, the strategic use of AI may prove to be a defining factor in regulatory resilience.
Over Projective Group
Projective Group is opgericht in 2006 en is een toonaangevende change specialist voor de financiële dienstverlening.
We worden binnen de sector erkend als een provider van complete oplossingen, die samenwerkt met klanten in de financiële dienstverlening om oplossingen te bieden die zowel holistisch als pragmatisch zijn. We hebben ons ontwikkeld tot een betrouwbare partner voor bedrijven die willen gedijen en bloeien in een steeds veranderend landschap van financiële dienstverlening.
At Projective Group, we understand that today's sanctions landscape demands more than just operational compliance - it demands strategic foresight and resilience. We work with our data management practice to support AI implementations.
Our specialist teams, deeply experienced across Financial Crime, Customer Due Diligence, and Sanctions, are ready to rapidly mobilise, whether for BAU support, ad-hoc remediation, or complex implementation projects. We also bring deep expertise in developing and strengthening risk and control frameworks, conducting maturity assessments, and designing actionable improvement roadmaps. Whether your organisation needs to enhance its horizon scanning capabilities, build resilience into sanctions compliance, or future-proof controls against a fast-evolving regulatory environment, Projective Group offers the expertise, agility, and insight to help you stay ahead.