EU Sanctions Helpdesk ¦ The First Four Training Modules - Module 3 Targets and Lists

EU Sanctions: Targets, Lists and the Practical Challenges for SMEs

EU sanctions are political instruments intended to change or deter behavior and to help maintain or restore international peace and security. They come in different forms — asset freezes, trade and other restrictions, and financial measures — and are designed to apply pressure on targeted governments, entities, individuals, sectors or groups. For small and medium-sized enterprises (SMEs) in the EU, understanding how sanctions work, whose activities are caught and how to operationalize compliance is essential to avoid severe legal, financial and reputational consequences.

What the EU regime covers and who must comply

EU sanctions apply across three main dimensions: territory, nationality and activity. They apply on EU territory, to EU nationals and to entities such as ships and aircraft under EU member state jurisdiction. They also apply to business activities carried out within the EU. Importantly for corporate groups, EU parent companies can have obligations and exposure arising from the actions of non-EU subsidiaries. SMEs must therefore think beyond their immediate legal domicile: EU nationality of owners, the location of the business activity, and group structures can all trigger obligations under EU measures.

Who can be targeted and how lists work

Targets of EU measures may include states, corporate entities, individuals, sectors and groups. The EU publishes a Consolidated Financial Sanctions List that aggregates designated persons and entities subject to asset freezes and financial restrictions. Member states additionally maintain national lists, and some private operators maintain screening lists tied to third-country measures, notably those of the United States.

The Consolidated Financial Sanctions List is a central starting point for compliance screening, but it does not always capture every person or entity whose interests are affected by EU measures. National lists and sector- or jurisdiction-specific lists used by private operators can add relevant names. SMEs should not assume that the consolidated list alone is exhaustive.

Bastian Schwind-Wagner_Follow "EU sanctions can reach beyond listed names to cover entities owned or controlled by designated persons, so SMEs must screen for ownership and control, not only names. Early due diligence, clear escalation paths and use of the EU Sanctions Helpdesk reduce legal and commercial risk."

Direct and indirect designation: why ownership and control matter

Sanctions reach beyond names listed explicitly. Designated targets are those named on sanctions lists — these are “directly” designated. But the blocking and restrictive effects of EU measures extend to assets and economic resources “belonging to, owned, held or controlled by” listed persons, and they forbid making funds and economic resources available, directly or indirectly, to or for the benefit of designated persons. That creates the familiar two-tier compliance problem: a relatively small set of listed entities and a potentially much larger set of indirectly impacted parties through ownership or control links.

Ownership rules are straightforward in principle: possession of 50% or more of proprietary rights or majority interest in an entity typically means that entity is subject to the same restrictions as the listed owner. Aggregation of holdings (when multiple listed persons together meet the threshold) is also relevant. In practice, ownership can be structured, obscured or spread across jurisdictions, so accurate beneficial ownership information is vital. Control can be less obvious than share percentages. The Council of the EU has provided non-exhaustive indicators of control that matter for sanctions:

• the ability to appoint or remove a majority of leadership bodies,
• alone control of a majority of voting rights,
• exercise of dominant influence de jure or de facto,
• exclusive use of assets,
• management on a unified basis (with consolidated accounts), and
• joint or several assumption of financial liabilities or guarantees.

Contractual arrangements, veto rights, management agreements or de facto decision-making power may create control even where ownership is below 50%. The EU examines substance over form: who actually makes decisions, who bears financial risk, and who uses the assets.

Practical scenarios SMEs must consider

Several practical scenarios are common for SMEs and require careful analysis.

Acquisitions can change the nationality or status of a company: if a non‑EU target is acquired by a foreign buyer, questions arise about whether a formerly EU firm now falls outside EU jurisdiction for certain measures — and whether EU blocking statutes or local rules still apply.

Cross-border supply arrangements can trigger exposure to third-country secondary sanctions (for example, U.S. secondary sanctions) while the EU takes a different legal stance, including through the EU Blocking Statute, which rejects extra‑territorial application of third‑country laws and may provide for recovery of damages caused in the EU. These intersecting rules create complex compliance choices for SMEs operating on international supply chains.

Another recurring practical issue is the downstream exposure created by new ownership links. If an SME is owned in whole or in part by a listed person, or if its management is controlled by such a person, the SME’s funds and services may be frozen or become prohibited. Likewise, being an indirect supplier to or intermediary for a sanctioned person can make continuing contractual relationships legally risky. SMEs need early and transparent screening and due diligence to detect these risks before they crystallize.

Due diligence, screening and record-keeping obligations

Effective sanctions compliance for SMEs rests on consistent screening, tailored due diligence, and well-documented decision processes. Screening should cover the EU Consolidated Financial Sanctions List, relevant national lists, and, where relevant, third‑country listings that affect business partners or markets. Due diligence must go beyond name-matching to understand ownership chains, control relationships and ultimate beneficial owners. When ownership or control is unclear, contractual warranties, disclosure requirements, and specific clauses allowing termination for sanctions risk can be important mitigation tools.

Record-keeping is crucial: documenting searches, internal analyses of ownership/control, decisions to proceed or to block transactions, and any notifications to competent authorities will support defensible compliance in the event of inquiries or enforcement. SMEs should also build internal escalation paths so that compliance issues quickly reach senior management or legal counsel.

Extra-territoriality tensions and the EU Blocking Statute

A complicating factor for European businesses is the interaction between EU law and extra‑territorial measures adopted by third countries. The EU does not recognize the extra‑territorial application of third-country laws and considers such application contrary to international law. The EU Blocking Statute is a legal tool that addresses the effects of third-country sanctions by prohibiting compliance with certain foreign extraterritorial measures in the EU, and by allowing EU operators to recover damages caused by such measures. Yet the Blocking Statute does not remove the commercial and practical pressures companies face when third countries threaten secondary sanctions — for example, loss of access to major markets or banking services. SMEs must therefore balance legal positions against operational realities and may need legal advice when foreign measures intersect with EU obligations.

Training, awareness and where SMEs can get help

SMEs do not have to navigate this landscape alone. The EU Sanctions Helpdesk provides resources aimed at raising awareness, offering sanctions due-diligence and compliance support, and running training events. Regular training, subscribing to updates, and using helpdesk services or external legal counsel are practical first steps. Companies should ensure staff responsible for commercial contracts, compliance, finance and procurement are trained to recognize sanctions risk and know how to escalate issues.

Conclusions and recommended first steps for SMEs

Sanctions compliance is a dynamic and complex area where legal definitions and commercial facts interact closely. For SMEs, the immediate practical steps are:

• integrate sanctions screening into onboarding and transaction processes;
• map ownership and control for existing and prospective counterparties;
• document decisions and maintain records of searches and due diligence; and
• seek guidance from specialized resources such as the EU Sanctions Helpdesk or external counsel when risks are identified.

Understanding that sanctions can apply directly and indirectly — through ownership or de facto control — is essential to avoid unintended breaches. Regular updates and tailored training will help SMEs remain compliant while continuing to trade and grow within the constraints of an increasingly interconnected regulatory environment.

Dive deeper

• EU Sanctions Helpdesk ¦ Begin here: the EU Sanctions Helpdesk’s first four training modules ¦ Link