OFSI rewrites the sanctions rulebook for crypto remittances

On 26 May, the Office of Financial Sanctions Implementation updated General Licence INT/2024/4761108 - the personal remittances licence sitting under the Russia (Sanctions) (EU Exit) Regulations 2019 - to introduce a formal definition of cryptoasset and a new reporting requirement for anyone using cryptoassets to make or receive a payment under the licence (HM Treasury). The licence itself permits use of the retail banking services of a designated credit or financial institution, subject to conditions, where payments are for personal use (HM Treasury). The change is technical in form and strategic in effect.

A definitional shift with operational consequences

The new definition - "a cryptographically secured digital representation of value or contractual rights that uses a form of distributed ledger technology and can be transferred, stored or traded electronically" - pulls cryptoassets squarely inside the architecture of a mainstream sanctions licence rather than treating them as a parallel regime (HM Treasury). For compliance leaders, that matters because general licences are typically operated by frontline staff in retail and payments functions, not by specialist sanctions teams. The reporting obligation added at paragraph 5A means firms cannot simply rely on the licence as a passive permission; they must now build a record-keeping and notification path specifically for crypto-denominated personal remittances (HM Treasury).

The stakeholder map just got more crowded

The change lands at the same time the FCA and Bank of England have set out a shared vision for tokenisation in UK wholesale markets, including views on prudential treatment, tokenised collateral and settlement instruments (Bank of England). Sarah Breeden, deputy governor for financial stability at the Bank of England, framed the next phase as "moving from pilots to production to support financial stability and sustainable growth" (Bank of England). The OFSI move is the unglamorous counterpart to that ambition: as tokenised value moves through regulated rails, sanctions enforcement has to follow it. Senior leaders who have been treating digital assets as a strategy question now have a compliance question attached, and the two cannot be resolved by separate committees.

What banks and payment firms need to reconcile

The practical issue is reconciliation. A designated credit or financial institution providing retail services under the licence will now need to identify whether the counterparty payment involves cryptoassets, capture the data required by paragraph 5A, and route it through sanctions reporting workflows that were largely designed for fiat (HM Treasury). That requires coordination between sanctions, financial crime, and the digital asset functions that many firms have been building in parallel. It also raises a board-level question about which executive owns the risk. In most institutions, the answer today is unclear - and OFSI has just made clarity more urgent.

Positioning, not just compliance

For scale-ups in the FCA's newly expanded Scale-up Unit, now open to solo-regulated firms from 20 May to 22 June 2026, the OFSI update is a reminder that growth pathways come with sanctions obligations that mature quickly (FCA). For incumbents, it is a test of whether crypto governance has genuinely been integrated into financial crime frameworks or merely bolted on. Firms that can demonstrate a single, coherent reporting spine across fiat and crypto sanctions exposure will have a credibility advantage when the next licence amendment lands - and on current trajectory, it will.

The quiet update tells senior leaders something loud: sanctions policy is now a digital-asset policy, and the two compliance worlds need one set of controls.