As we venture further into 2024, the landscape of risk and compliance is continuously evolving, presenting new challenges and opportunities for organisations worldwide. From geopolitical shifts to regulatory advancements, staying abreast of emerging trends is crucial for maintaining compliance and mitigating potential risks

To help you plan your compliance strategy here are four key risk and compliance trends you should be aware of in 2024:

Avoiding Indirect Sanctions Will Become Paramount

What are indirect sanctions?

Indirect sanctions refer to strategic measures taken by one country or a coalition of nations to exert pressure on a targeted state, not through direct economic or trade restrictions but by influencing third-party entities. These third parties can encompass private companies, financial institutions, or other nations, thereby creating barriers that hinder the sanctioned country’s economic activities. 

The scope of indirect sanctions extends beyond targeting explicitly named entities in a sanctions regime. Entities that are connected to sanctioned individuals or entities, either through ownership or control, can also fall under the purview of these sanctions. This means that even if a particular company or individual is not explicitly identified in the sanctions, they may still be impacted if they are majority-owned or controlled by a sanctioned entity.  

In essence, indirect sanctions leverage interdependencies and vulnerabilities among third-party actors to amplify their impact, employing a nuanced approach that extends beyond direct punitive measures to exert pressure on targeted nations effectively.


To illustrate, the geopolitical tensions surrounding Russia have led to increased scrutiny and regulatory measures aimed at curbing its influence and activities. Russia is leveraging relationships with partner countries to circumvent restrictions, posing significant compliance risks for organisations operating in these regions.

What should you do?

To navigate this complex situation, organisations must enhance their due diligence processes, monitor geopolitical developments closely, and establish robust compliance frameworks. By proactively identifying potential risks associated with indirect sanctions, companies can mitigate exposure and maintain compliance with international regulations.

One way to counteract the potential repercussions of indirect sanctions is by adopting a proactive approach such as incorporating specific clauses in contracts or drafting side agreements that limit the scope of your goods and services provided to entities facing sanctions. Additionally, it is crucial to educate and notify third parties about any pertinent export controls governing your company’s products or services. This proactive disclosure ensures that all parties involved are aware of compliance requirements, thereby reducing the likelihood of inadvertently facilitating transactions that could violate sanctions regimes.

The Focus on Ultimate Beneficial Ownership (UBO) Will Intensify

What is UBO?

UBO, or Ultimate Beneficial Owner, refers to an individual or entity that ultimately owns or controls a company, trust, or other legal entities and, through this ownership or control, receives the benefits or proceeds from the entity’s activities. Identifying the UBO is crucial for transparency and due diligence purposes, especially in financial and corporate structures, to prevent money laundering, tax evasion, and other illicit activities.  

Regulatory authorities and financial institutions often require entities to disclose their UBOs to ensure compliance with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations, as understanding the ownership structure helps in assessing potential risks associated with financial transactions and activities. 

But why are standard UBO checks becoming insufficient?


The intricate web of ownership concealment means that entities or individuals associated with sanctioned parties might not overtly display their affiliations. This means that while you might think that you are dealing with a non-sanctioned entity, hidden connections or ownership structures could inadvertently expose you to the risks and repercussions associated with sanctioned activities. 

Indirect ownership refers to a situation where an individual or entity holds ownership or control of another entity through intermediary entities or complex corporate structures rather than directly. In this setup, the true ownership or control is obscured by layers of intermediaries, making it challenging to ascertain the ultimate beneficial owner or identify potential connections to sanctioned parties. Sanctioned owners might try to hide their names on ownership documents through complex layers of intermediaries, offshore accounts, or intricate corporate structures designed to obfuscate direct ties.

What should you do?

To effectively mitigate the risk of indirect sanctions arising from complex ownership structures and potential affiliations with sanctioned parties, you should: 

  • Conduct comprehensive checks on all business entities, scrutinising ownership structures and beneficial owners to uncover hidden connections or indirect ties to sanctioned individuals or entities. 
  • Mandate transparency clauses in contracts, ensuring partners disclose any changes that could affect compliance. 
  • Continually assess and monitor risk profiles, especially for entities in high-risk jurisdictions, and maintain updated compliance programs tailored to evolving sanctions regulations. 
  • Educate employees on compliance risks and engage legal and compliance experts specialising in sanctions to guide strategy and implementation. 
  • Utilise advanced technology and data analytics tools for screening and monitoring, enhancing detection capabilities for potential violations or suspicious activities related to indirect ownership and sanctioned affiliations. 

By integrating these proactive measures into your compliance framework, you can significantly reduce exposure to indirect sanctions and ensure adherence to applicable laws and regulations, safeguarding your organisation’s reputation and operational integrity in today’s complex global landscape.

Crypto regulation will tighten to make it easier to identify the “real owners” of crypto assets (Crypto Travel Rule + MiCa)

The rapid growth and adoption of cryptocurrencies have prompted regulators worldwide to implement comprehensive oversight and regulations. In 2024, regulatory scrutiny surrounding crypto assets will focus on identifying the “real owners” of digital assets. The main idea is to share transaction information and details about the sender and receiver so the process of transferring cryptocurrencies becomes more transparent and helps prevent money laundering and illicit activities.

Two pivotal regulatory frameworks driving this evolution are the Crypto Travel Rule and the Markets in Crypto-Assets Regulation (MiCa).

What is the Crypto Travel Rule?

The Crypto Travel Rule mandates that virtual asset service providers, such as exchanges and wallet providers, must collect and share specific information about the originators and beneficiaries of cryptocurrency transactions beyond a certain threshold. That threshold differs from country to country, and whereas in many regions is equivalent to USD 1,000, in the United States, at the time of writing, is USD 3,000.

The Travel Rule is a regulatory framework initiated by the money laundering and anti-terrorist financing watchdog Financial Action Task Force (FATF). Essentially, this rule seeks to emulate the traditional financial sector’s funds transfer protocols, ensuring that entities handling digital assets maintain records and disclose pertinent details to counterparties and regulatory authorities. 

By enforcing the Crypto Travel Rule, regulators aim to curtail illicit activities like money laundering, terrorist financing, and other financial crimes facilitated by anonymous cryptocurrency transactions.

What does MiCa stand for?

The European Union’s Markets in Crypto-Assets Regulation (MiCa) introduces a comprehensive regulatory framework tailored to the unique characteristics and challenges of the crypto market. MiCa aims to establish clear guidelines and standards for crypto-asset issuers, service providers, and trading platforms, fostering greater investor protection, market integrity, and financial stability. 

Crucially, MiCa emphasises the need for robust Know Your Customer (KYC) and Anti-Money Laundering (AML) practices, ensuring that entities within the crypto ecosystem adhere to stringent due diligence measures to verify the “real owners” of crypto assets.

What does that mean for you?

In 2024, the Crypto Travel Rule and MiCa regulatory frameworks will push individuals and businesses operating within the cryptocurrency sector into a more stringent and transparent environment. If you are a crypto investor or user, expect enhanced verification processes and compliance requirements when conducting transactions or interacting with platforms. 

Exchanges and wallet providers will likely implement more rigorous KYC and AML procedures, potentially leading to longer transaction times and increased scrutiny.  Additionally, be prepared for changes in transaction thresholds and reporting requirements, varying by jurisdiction, which may impact your crypto-related activities and investment strategies. Overall, these regulations aim to bolster transparency, security, and accountability, and organisations operating in the crypto space must adapt to evolving regulations, implement robust compliance programs, and collaborate with regulators to foster a secure and compliant ecosystem.

Bulgaria and Romania PEP lists in the light of Schengen entry and Greylist FTCA

Schengen entry

Bulgarian PEP lists will become increasingly important for companies across Europe. The same applies to Romania, another EU member state that is entering the Schengen area together with Bulgaria. The countries will become part of the Schengen community commencing from March 1, 2024. 

The FTCA Greylist update

As of 27 October 2023, the Financial Action Task Force (FATF) has added Bulgaria to its “grey list” which refers to jurisdictions under increased monitoring that are actively working with the FATF to address deficiencies in their regimes to counter money laundering, terrorist financing, and proliferation financing. This means that Bulgaria is committed to swiftly resolving the identified deficiencies within agreed timeframes. 

Being on the FATF grey list could have several implications for businesses operating in or with Bulgaria. 

  • Increased Scrutiny: Bulgarian organisations could face increased cross-border scrutiny. This means that international transactions involving Bulgarian entities might be subject to additional checks, which could slow down business operations.
  • Regulatory Changes: To get off the grey list, Bulgaria will need to address the deficiencies identified by the FATF. This could lead to changes in Bulgaria’s regulatory environment, which companies doing business in Bulgaria would need to comply with.
  • AML/CFT Measures: Businesses will need to ensure they have robust anti-money laundering (AML) and combating the financing of terrorism (CFT) measures in place to comply with increased regulations and scrutiny.

What does this mean for you?

Bulgaria and Romania joining the Schengen Area means that both people and businesses will benefit from this transition, as streamlined travel and trade will have advantages that will extend to both individuals and businesses alike. Bulgaria getting added to the FATF’s Greylist signals significant developments in the country’s regulatory landscape. These initiatives aim to strengthen Bulgaria’s compliance with international standards, combat financial crimes, and enhance transparency within its financial system which will make it a safer destination for doing business. 

How Can You Stay Compliant in 2024?

As we progress through 2024, staying informed, proactive, and adaptable will be essential for success in the ever-changing risk and compliance landscape. We at A Data Pro can guide you through these intricate regulatory mazes with our expertise and comprehensive solutions. 

Our tailored services are designed to address the specific challenges posed by evolving international sanctions, ownership complexities, and cryptocurrency regulations. Our team of seasoned professionals is committed to providing you with actionable insights, innovative solutions, and unparalleled support.

Check out our Risk Intelligence solutions, including Due Diligence reports, Sanctions Lists, Adverse Media Screening, PEPs, SOEs Lists and Databases, or contact us by filling in the form below.

Do not leave compliance to chance!

Get In Touch!