27 May 2025

EU Sanctions Helpdesk ¦ The First Four Training Modules - Module 2 Law and Guidance

EU Sanctions Law and Guidance: What Compliance Teams Need to Know

EU sanctions are a hybrid of politics and law. For private-sector compliance teams, that duality creates a recurring question: what part of the sanctions framework is mandatory law and what part is acceptable guidance? The EU Sanctions Helpdesk’s Module 2 training on law and guidance provides a clear roadmap that helps practitioners navigate that line and make defensible decisions when transactions touch sanctioned persons, jurisdictions or sectors.

How the EU makes sanctions and why that matters

EU sanctions are adopted under the Common Foreign and Security Policy (CFSP). The process begins with a proposal, typically from the High Representative for Foreign Affairs and Security Policy (HR/VP), and requires a unanimous decision by the Council of the European Union to adopt, amend, lift or renew measures. The Council acts through decisions and regulations; measures are implemented as EU Regulations that are directly applicable in all Member States or as Decisions binding on their addressees. Unanimity at the Council means political considerations shape the contours of the measures, which in turn leads to frequent updates. For compliance teams, that means monitoring and reacting quickly to changes is essential.

Types of EU instruments and other publications

EU law relevant to sanctions includes binding instruments — Regulations, Directives where relevant, and Decisions — as well as a range of non-binding publications such as Commission Opinions, FAQs and guidance notes. The training stresses the fundamental point that only the Court of Justice of the European Union (CJEU) can officially interpret EU law; therefore, Commission and Council guidance are informative but not authoritative legal interpretation. Nonetheless, these materials are practically indispensable: they explain the policy intent, standard definitions and common wordings used across sanction instruments, and they help businesses understand how regulators and NCAs are likely to apply the rules.

Bastian Schwind-Wagner _Follow "EU sanctions combine binding Regulations with non-binding guidance; compliance requires prioritising the Regulation text, consulting Commission/Council and national guidance for interpretation, and seeking NCA or legal advice when uncertainty remains."

Roles and responsibilities across EU bodies and Member States

Responsibility for sanctions is distributed. The European External Action Service (EEAS) and the Council determine policy; the Commission produces guidance and FAQs; Member States implement and enforce measures through their national competent authorities (NCAs). NCAs differ by country and by sanction type — some states assign sanctions enforcement to ministries of foreign affairs, others to finance ministries or specialised agencies — and they produce domestic manuals and FAQs that are often more granular than EU-level guidance. Because authorisations and licences under derogations are issued at the national level, businesses needing a licence must engage with the relevant NCA where the exporter or service provider is established.

Where to look first when a transaction raises questions

The training provides a practical checking order for compliance teams. Start with the EU Sanctions Map and the text of the relevant EU Regulation to determine the legal scope of prohibitions and who the addressees are. Consult Commission and Council guidance and the websites and manuals of NCAs for interpretative materials and licensing procedures. If guidance is still unclear, the EU Sanctions Helpdesk offers support to explain how laws and guidance apply to specific transactions, but it does not provide formal legal interpretation; for binding legal advice, consult a qualified legal practitioner. This layered approach reduces the risk of mistaken compliance decisions and ensures you engage the right authority at the right time.

Understanding exemptions versus derogations

A critical compliance distinction covered in the session is between exemptions and derogations. Exemptions are carve-outs in which the restrictive measure does not apply at all; no licence is required and the permitted activity can proceed without delay. Derogations, by contrast, are exceptions that require prior authorisation from an NCA: the prohibition applies in principle, but the NCA may grant a license in specified circumstances. Examples under the Russia regime show both approaches in practice: trade restrictions commonly contain explicit exemptions for humanitarian or medical goods, while derogations permit certain activities (maritime safety, software updates, consumer communications) subject to national authorisation.

Licensing practice under financial and trade restrictions

The course highlights typical licensing categories that arise under financial sanctions: accessing funds for basic needs (food, rent, medicines), reasonable fees for legal services, charges for holding frozen funds, and extraordinary expenses that NCAs may allow. Diplomatic and consular activities and necessary non-prohibited cross-border trade are other common licensing grounds. Because procedures and competent authorities vary by Member State, organisations must identify the correct NCA and follow its application process. Failing to secure the appropriate license where required risks enforcement action and significant disruption to business operations.

Guidance sources you should use and how to treat them

Commission FAQs, Opinions, and guidance notes and Council “Sanctions Guidelines” and “Best Practices” are non-binding, but they carry practical weight. Member States’ implementation manuals and FAQs are often the best source for understanding licensing procedures and enforcement expectations in a specific jurisdiction. Use the EU Sanctions Helpdesk as a complementary resource for transaction-specific due diligence support and to help interpret how different instruments interact; however, bear in mind it cannot give definitive legal interpretations. If you are in any doubt about the legal implications, seek legal advice, particularly for high-value or high-risk transactions.

Whistleblowing and reporting tools: enforcement is getting easier

The EU has created an online whistleblower tool to facilitate anonymous reporting of potential sanction breaches and to protect the identity of reporters. That tool makes enforcement more accessible to third parties and increases the reputational risk of non-compliance. Organisations should assume that potential violations may be reported and should have internal procedures to detect, document and remediate issues quickly. Prompt self-reporting to the relevant NCA, when appropriate, and cooperation can mitigate enforcement outcomes.

Takeaways for compliance teams

Compliance teams should adopt a structured, repeatable approach to EU sanctions matters:

monitor regulatory updates,
prioritise primary legal texts (Regulations) for legal obligations,
use Commission and Council guidance to understand intent and standard interpretations, and
consult national guidance for licensing practices.

When a transaction remains uncertain after reviewing Regulations and guidance, engage the NCA or seek formal legal advice rather than proceeding on the assumption that non-binding guidance permits activity.

Finally, document due diligence, maintain records of communications and licences, and prepare internal controls to detect diversion risk, particularly in sensitive sectors such as pharmaceuticals and dual-use goods.

Conclusion

The EU sanctions framework combines binding legal instruments with extensive non-binding guidance produced at EU and national levels. For businesses, that means legal compliance depends on reading the Regulation, following national licensing practices, and treating guidance as essential but not definitive interpretation. The EU Sanctions Helpdesk training module makes the distinction clear and points practitioners to the right sequence of actions — consult the law first, use guidance to interpret implementation, and engage NCAs or legal counsel where uncertainty remains. Continuous monitoring, robust documentation and early engagement with authorities remain the best protections against enforcement risk.

The information in this article is of a general nature and is provided for informational purposes only. If you need legal advice for your individual situation, you should seek the advice of a qualified lawyer.

Did you find any mistakes? Would you like to provide feedback? If so, please contact us!

Dive deeper

EU Sanctions Helpdesk ¦ Begin here: the EU Sanctions Helpdesk’s first four training modules ¦ Link

« EC ¦ EU AI Act & AML/Fraud Detection: Regulatory Clarification

MoF, AED ¦ 2024 Activity Report ¦ Summary Financial Crime »

Bastian Schwind-Wagner _Follow Bastian is a recognized expert in anti-money laundering (AML), countering the financing of terrorism (CFT), compliance, data protection, risk management, and whistleblowing. He has worked for fund management companies for more than 24 years, where he has held senior positions in these areas.

Your registration could not be saved. Please try again.

We have sent you an e-mail to confirm your subscription.

Enter your email address to subscribe to our newsletter

Please enter your email address to register, e.g. abc@xyz.com.

I would like to receive your newsletter and accept the privacy policy.

You can unsubscribe at any time using the link in our newsletter.

We use Brevo as a marketing platform. By submitting the form, you agree that the personal information you provide will be transferred to Brevo for processing in accordance with Brevo's privacy policy.