In a world of evolving sanctions, the high seas have become a prime battleground. As countries like Iran, Russia, and Venezuela continue to rely on oil exports in the face of international restrictions, a growing network of illicit maritime activity, known as the “Dark Fleet” has emerged to help them evade enforcement. This network is enabled by deceptive shipping practices, fake documentation, under-the-radar insurance providers, and outdated compliance processes. In this blog, we break down recent developments in maritime sanctions enforcement, key takeaways from regulator guidance, and practical steps financial institutions can take to stay ahead of this ever-changing threat.
The Rise of the Dark Fleet
Sanctions against oil-exporting regimes aren’t new, but their evasion tactics have become increasingly sophisticated. A major development has been the emergence of the “Dark Fleet,” a collection of roughly 1,300 tankers that operate outside traditional regulatory visibility. These ships are often tied to sanctioned states and are used to transport Iranian, Russian, and Venezuelan oil to buyers willing to look the other way. Historically, when ships engaged in sanctions evasion, they simply turned off their AIS (Automatic Identification System) transponders to go dark. Now, techniques have become more deceptive. The latest tactic is “spoofing” which is manipulating AIS signals to make a vessel appear somewhere it’s not. For instance, a ship might appear to be in Dubai while it’s actually loading oil in Iran. OFAC and global enforcement bodies are increasingly focused on these practices and not just targeting vessels, but also the broader ecosystem that enables them.OFAC’s April 2025 Maritime Guidance: What’s New?
The April 2025 OFAC advisory builds on previous guidance (notably from 2019 and 2020) and reflects a more refined understanding of the maritime sanctions evasion landscape. Here are the key takeaways:1. Spoofing is Now a Core Compliance Expectation
Previously, spoofing was something OFAC expected firms to address only when obvious. The new guidance elevates spoofing detection to a baseline requirement. Institutions are now expected to actively look for signs of spoofed AIS data, not just gaps in transmission.2. Not All Ship-to-Ship Transfers Are Suspicious—But Some Are
Earlier advisories broadly flagged STS (ship-to-ship) transfers as red flags. Now, OFAC acknowledges that STS is a standard part of legitimate oil trade. However, when used deceptively (especially in high-risk regions like the Gulf or near Malaysia), they’re a clear risk signal.3. Guidance Is Shifting From Best Practices to Expectations
What was once “good to do” is becoming “must do.” OFAC’s guidance now operates more like a regulatory checklist. If a bank processes a transaction involving a sanctioned entity and the red flags were detectable based on the advisory, enforcement action is far more likely.Financial Institution Risks in Maritime Sanctions Evasion
Financial institutions are most exposed through trade finance and cross-border payments. For example, a sanctioned vessel may load Iranian oil while spoofing its location, then deliver it to China 30 days later. If your institution is involved in issuing a letter of credit, handling payments, or processing shipping documents related to that shipment, you could be at risk. OFAC now expects FIs to screen not just for sanctioned vessels, but also for vessels with high-risk profiles—including spoofers and those flagged by third-party intelligence providers. This means institutions need:- Advanced sanctions screening tools (e.g., Alessa)
- Reliable access to vessel ownership and IMO data
- Behavioral tracking systems that flag spoofing and suspicious STS transfers
Tools and Techniques to Detect Maritime Sanctions Evasion
- Vessel Screening by IMO Number
- Vessel Tracking Software
- Watchlists and Red Flag Databases
- Documentation Review and Training
The Role of Data and Entity Resolution
To stay ahead, many institutions are treating vessels like corporate entities. That means building data profiles that include:- Ultimate beneficial ownership (UBO)
- Behavioral history (e.g., spoofing patterns)
- Fleet associations (vessels managed by the same company or sailing in coordinated networks)
Compliance Challenges: Sanctions, Enforcement, and Real-Time Risk
It’s important to understand that maritime sanctions enforcement doesn’t just involve OFAC civil penalties. Today’s strategy increasingly includes:- Real-time designations: OFAC may sanction a vessel as it sets sail with sanctioned cargo.
- Port operator enforcement: Ports receiving illicit shipments risk penalties.
- Criminal asset forfeiture: DOJ may seize sanctioned cargo, leaving traders or financiers with sudden losses.
Best Practices for Financial Institutions
Given OFAC’s expectations and the risks outlined, financial institutions should consider the following best practices:- Screen Every Vessel Involved in a Transaction
- Adopt Vessel Tracking and STS Monitoring Tools
- Review Documentation Rigorously
- Stay Updated on Red Flags
- Escalate High-Risk Jurisdictions and Patterns
The Final Layer: Training
Detection tools are vital, but without training, they’re incomplete. As bad actors evolve their techniques, from spoofing AIS to forging bills of lading, it is up to compliance professionals to adapt quickly. Training programs should include:- Case studies of fraudulent documentation
- Examples of spoofing tactics
- Reviews of known Dark Fleet patterns
- Regulatory interpretations of OFAC’s latest guidance
