Anti-Financial Crime & Financial Crime Compliance
Regulatory Intelligence Leadership | Insight | Network

aml, Banking, Financial Crime, Russia

OPINION: Why banks need guidance on Russian sabotage financing

Russian President Vladimir Putin gestures during a joint news conference with German Chancellor Olaf Scholz in Moscow, Russia February 15, 2022. Sputnik/Sergey Guneev/Pool via REUTERS

By Matthew McGlynn

“Russia is scaling up its daily hybrid activity against the UK and Europe, stretching from the seabed to cyberspace — relentlessly targeting critical infrastructure, democratic processes, supply chains and public trust.”

This is the stark assessment of the head of Anne Keast-Butler, Director of GCHQ, the UK’s intelligence and security agency. Starker still is the lack of advice from Western governments to businesses on what they are supposed to do about it.

Paling in comparison to the wealth of government interventions on “traditional” money laundering and terrorist financing, there have been no alerts, typology advisories or National Risk Assessments on this pressing threat.

This gap would be forgivable if it were a theoretical risk for compliance teams. But the risk is tangible. The most comprehensive public analysis of Russian sabotage financing to date comes from RUSI’s Centre for Finance and Security, drawing on an expert workshop it convened.

The paper documented how Russian intelligence services are funding low-level sabotage operations across Europe through a mixture of methods including cryptocurrency, cash, and transfers routed through bank accounts.

That last point deserves emphasis. In documented cases, payments passed through ordinary accounts held by individuals with no obvious criminal profile i.e. people whose profile would not, in isolation, trigger enhanced scrutiny. The regulated sector is processing sabotage finance but compliance teams are not being equipped with how to tackle it.

A glaring gap in public guidance

The comparison with the emergence of past threats is damning.

After 9/11, the international community moved rapidly. FATF overhauled its Forty Recommendations with Eight Special Recommendations in the very next month of October 2001.

It worked intensively with member states to develop typology papers, red flag indicators, and public-private guidance that gave compliance teams a framework for identifying and reporting suspected terrorist finance. It was imperfect, but the direction was unambiguous: governments recognised that the private sector needed tools, and they provided them.

After Russia’s full-scale invasion of Ukraine in February 2022, the response was similarly muscular. The REPO task force – the multilateral mechanism led by G7 members to trace and freeze Russian elite assets – demonstrated that international architecture could be constructed quickly when the political will existed.

Public advisories followed from REPO and its member states on sanctions evasion with guidance for compliance teams on specific red flags and methodologies.

Sabotage finance has received none of that treatment. The UK’s 2025 National Risk Assessment – the foundational document for risk-based compliance across its regulated sector – does not identify sabotage finance as a distinct threat category. FATF has issued no typology paper.

There is no dedicated Amber Alert from the UK’s National Economic Crime Centre or its European equivalents. The RUSI paper remains the most substantive public guidance available but this cannot stand in for the authorities whose job this is.

Why the gap on Russian sabotage financing matters

The structure of sabotage finance makes the typology challenge acute. Transaction values are low, often in a mixture of payment methods and with counterparties who can appear entirely clean. There is no obvious predicate offence visible at the point of transaction.

For a compliance officer working within a risk-based framework calibrated for conventional criminal finance, the signals are close to invisible. The model that underpins most transaction monitoring was designed to catch criminals evading the state with their dirty money. Not foreign intelligence services hiding sabotage payments.

The threat is structurally different, and the tools, guidance and reporting mechanisms have not kept pace. Even when a compliance officer suspects sabotage finance, there is a structural reporting gap: sabotage finance doesn’t fit neatly into existing AML offences so there is currently no way to specifically flag it specifically within SAR/STR protocols.

What needs to happen

The ask is not complicated, but it requires political will to prioritise it.

FATF should commission a dedicated typologies paper on sabotage finance, working with MONEYVAL member states that have the richest operational data like Ukraine, Poland and the Baltic states to document methodologies, transaction patterns, and red flag indicators in a form that compliance teams can use. The post-9/11 CTF typologies work is the model. The timeline should be months, not years.

AMLA should ensure sabotage finance features prominently in its emerging guidelines on transaction monitoring and business-wide risk assessment. Without explicit supranational guidance, member states risk fragmenting implementation.

National FIUs and economic crime units should issue specific alert notices on sabotage financing methodologies and transaction patterns, drawing on prosecuted cases and operational intelligence. Compliance teams need the kind of granular, actionable indicators they receive on sanctions evasion or trade-based money laundering.

None of this is beyond the capacity of existing institutions. What it requires is a recognition that sabotage finance is a distinct financial crime threat that deserves dedicated treatment. It is certainly not something the private sector can be expected to manage on the basis of a single think-tank paper.

Security chiefs are warning that Russia’s hybrid campaign is intensifying. The regulated sector is already part of the battlefield. It is time to give compliance teams the tools to defend themselves.

  • Matthew McGlynn is an independent illicit finance consultant. He led the UK’s work to tackle Russian illicit finance in the UK and works with RUSI’s Centre for Finance and Security.
AML Intelligence
We hope you enjoyed reading this article

If you would like unlimited access to AML Intelligence premium articles, newsletter delivered twice a week, access to our Global Bank Fines and Penalties database, free access to Boardroom Series events and much more, select one of our subscription options and become a subscriber!