EU vs OFAC Sanctions: The Differences Every Compliance Officer Should Know
EU and U.S. sanctions overlap heavily but enforce differently. Here's how to read both lists and avoid common compliance gaps.
European Union sanctions and U.S. OFAC sanctions cover many of the same regimes — Russia, Iran, North Korea, Syria, and counter-terrorism — but the way they are issued, structured, and enforced differs in ways that matter operationally.
EU sanctions are issued through Council Regulations and CFSP (Common Foreign and Security Policy) Decisions. They apply to EU persons and legal entities, anyone within EU territory, and to economic activity carried out in whole or in part within the EU. OFAC sanctions, by contrast, hinge on U.S. jurisdiction: U.S. persons, U.S.-incorporated entities, transactions in U.S. dollars cleared through U.S. banks, and (for secondary sanctions) certain non-U.S. actors dealing with sanctioned counterparties.
Practically, a person can be designated by the EU but not by OFAC, or vice versa. The EU's Consolidated List is published as an XML feed by the European External Action Service and contains roughly 3,000+ active listings at any given time. OFAC's SDN list is larger — typically 12,000+ records — because it includes more specific identifiers like aliases, vessels, and crypto wallets per entity.
For compliance teams, the safe approach is to screen against both, treat each designation independently in your audit trail, and document the legal basis (Council Regulation number for EU, Executive Order or statute for OFAC). A unified search interface that shows OFAC, EU, UK and UN matches side-by-side dramatically reduces the chance of missing a designation that exists in one regime but not another.