Are you ready for EBA’s new sanctions requirements?
EBA has published new guidelines that significantly strengthen the requirements for how banks and other financial institutions must implement and follow up on the EU’s restrictive measures and financial sanctions.
In this article, NFR Group highlights the main themes of the guidelines and what they mean in practice for the financial sector. We also provide concrete advice on how banks and other financial institutions can implement sanctions regulations in a structured and risk-based manner within their own organizations.
Are you ready for EBA’s new sanctions requirements?
EBA has published new guidelines that significantly strengthen the requirements for how banks and other financial institutions must implement and follow up on the EU’s restrictive measures and financial sanctions.
In this article, NFR Group highlights the main themes of the guidelines and what they mean in practice for the financial sector. We also provide concrete advice on how banks and other financial institutions can implement sanctions regulations in a structured and risk-based manner within their own organizations.
What are international sanctions?
International sanctions are legally binding or political measures adopted by states, international organizations, or supranational bodies. Their purpose is to uphold principles of international law, promote international peace and security, prevent conflict, and support democracy, the rule of law, and human rights.
Sanctions can be designed in various ways, but within the financial sector, financial and economic sanctions are particularly central. These may include, among other things:
- Asset freeze obligations, which prevent sanctioned individuals and entities from accessing funds and financial assets
- Restrictions on financial transactions and assistance
In addition, there are trade restrictions that limit trade in goods and services, including military equipment, so-called dual-use goods, telecommunications equipment, and luxury goods.
For Norway and Sweden, the implementation of sanctions adopted by the UN Security Council and the EU Council is particularly relevant. In addition, other jurisdictions have their own sanctions regimes with significant global reach, including the United States through the Office of Foreign Assets Control (OFAC) and the United Kingdom through its national sanctions framework.
Sanctions compliance is no longer just a legal issue, but a central part of modern risk management and responsible business governance.
Enforcement of financial sanctions in the EU
In the EU, sanctions regulations are followed up through guidelines issued by the European Banking Authority (EBA) for those parts of the regulatory framework that impose requirements on banks and other financial institutions.
The new EBA guidelines establish common European minimum standards for how financial institutions must design governance arrangements, internal procedures, and control mechanisms to ensure effective compliance with the EU’s restrictive measures/sanctions and national sanctions adopted by Member States.
• EBA Guideline 2024/14: covers governance and compliance requirements for all banks and financial institutions.
• EBA Guideline 2024/15: addresses enhanced requirements for transaction monitoring applicable to all payment service providers and crypto-asset service providers.
Implementation of the EBA guidelines – status in the EU, Sweden, and Norway
EBA GL 2024/14 and 2024/15 apply in the EU from 30 December 2025. It is further expected that the guidelines will be incorporated into the EU anti-money laundering framework, the AML Regulation (EU) 2024/1624, with effect from 10 July 2027.
Sweden: Swedish FSA (Finansinspektionen) has decided to follow the EBA guidelines on restrictive measures from 30 December 2025, in line with other EU countries.
Norway: Norwegian FSA (Finanstilsynet) has not yet confirmed whether GL 2024/14 and 2024/15 will apply in Norway. Norwegian institutions should nevertheless expect increased supervisory expectations regarding governance and controls related to sanctions compliance.
What do EBA’s new guidelines on restrictive measures contain?
EBA’s new guidelines impose extensive requirements on financial institutions’ internal sanctions frameworks, including, among other things:
- Robust, documented internal policies, procedures, and control mechanisms to ensure compliance with restrictive measures
- Comprehensive integration into corporate governance, risk management, and internal control
- Clear definition of roles and responsibilities at all levels of the organization
- Institution-specific risk assessments to identify sanctions risk and the risk of sanctions circumvention
- Effective compliance controls, including monitoring systems, effective screening of customers, beneficial owners, and counterparties against sanctions lists, internal reporting, and documentation
- Transaction monitoring and screening, including analysis of payment patterns to detect and prevent transactions involving listed individuals and entities
- Handling of sanctions hits, asset freezes, and escalation procedures
Taken together, this elevates sanctions of compliance to a more holistic and strategic level within overall corporate governance.
How to ensure effective sanctions compliance in practice
The elements of the EBA guidelines are familiar from the framework applicable to anti-money laundering. We believe that financial institutions will benefit from approaching the EBA’s new sanctions guidelines in the same way they approach AML requirements. Our clear recommendation is therefore to integrate sanctions compliance in line with the model already established for AML processes. This can be achieved through the following eight-step action plan:
- Include sanctions risk in internal policies and institution-specific risk assessments
- Identify which business areas, products, services, and customers are exposed to sanctions and restrictive-measures risk
- Adapt control measures and processes to reduce the risk of breaches or inadvertent circumvention, including screening and transaction monitoring
- Detect and manage exposure, including follow-up of alerts and any asset-freeze obligations
- Document that assessments and controls function effectively in practice
- Clarify sanctions responsibilities and establish escalation procedures to senior management and the board
- Ensure regular employee training to increase awareness and competence
- Establish clear procedures for external reporting to relevant supervisory authorities
A strategic competitive advantage
When implemented correctly, the EBA’s new guidelines deliver not only improved compliance, but also increased operational resilience, reduced regulatory risk, and strengthened trust among customers and authorities. Financial institutions that begin the adaptation process early will be better positioned to meet future requirements – both in the EU and in Norway.
Sanctions compliance is no longer a purely legal issue, but a core element of modern risk management and responsible business conduct.
Our expertise
NFR Group has regulatory experts with a strong knowledge of both anti-money laundering and sanctions regulations. We stay up to date on current requirements and upcoming regulatory changes and have experience and expertise in implementing these requirements efficiently for banks and other financial institutions. Please contact us if you would like to discuss solutions with us.
Need some help to get ready for the EBA's new sanctions requirements?
