Apple has been fined £390,000 for breaching UK Russia sanctions. It’s a landmark moment, and a reminder that sanctions exposure doesn’t require intent. Here’s what businesses across all sectors need to know.
Most businesses associate sanctions fines with large financial institutions or high-risk sectors. The news that Apple Distribution International (ADI), the European and Middle East arm of one of the world’s most recognisable companies, has been fined £390,000 by the UK’s Office of Financial Sanctions Implementation (OFSI) is a useful reminder that sanctions risk doesn’t discriminate by size, sector, or intent. That includes property professionals, solicitors, and anyone involved in the conveyancing process.
According to OFSI’s official penalty notice, Apple made payments totalling over £645,000 to Okko, a Russian streaming service, in June and July 2022. By that point, Okko’s parent company, JSC New Opportunities, had been placed under UK financial sanctions. Apple voluntarily disclosed the payments, there was no suggestion of deliberate wrongdoing, and the fine was resolved through settlement. Apple’s own statement noted that it had proactively reported the payments and was working to strengthen its compliance protocols. Even so, the fine stands.
The case carries an important message for businesses using UK-based banks or financial infrastructure: you can be found in breach of UK sanctions even if your company is headquartered outside the UK.
OFSI enforcement is growing, and here’s what the data shows
The Apple case doesn’t sit in isolation. According to OFSI’s Annual Review 2024-25, published by HM Treasury in October 2025, the volume and intensity of UK sanctions enforcement has increased significantly over recent years.
According to the Government’s OFSI Annual Review 2024-25:
- There were 240 active cases under investigation as of April 2025
- Total frozen assets reported to OFSI reached £37bn, up from £24.4bn the year before
- 57 enforcement actions were taken, covering penalties, warnings and referrals
- Of those 240 active cases, 151 were identified through proactive intelligence rather than self-reporting, up from 108 the year before
That last point is significant. OFSI is no longer waiting for businesses to come to them, they are actively monitoring.
According to the same report, the financial services and legal sectors generated the highest number of suspected breaches recorded in 2024-25, with the majority of cases relating to Russia sanctions. For law firms and property businesses handling client transactions, that’s a direct signal that sanctions compliance needs to be front of mind, not an afterthought.
Recent cases that have also come to light
The last twelve months have seen a series of penalties issued by OFSI across different sectors and company sizes. These are the enforcement actions published on the GOV.UK financial sanctions enforcement register, which was last updated January 2026:
Svarog Shipping and Trading Company Ltd, £5,000 (May 2025)
The first-ever OFSI penalty for an information offence. The company failed to respond to a statutory Request for Information within the required timeframe under the Russia (Sanctions) (EU Exit) Regulations 2019.
Markom Management Ltd, £300,000 (July 2025)
A UK company instructed Gazprombank to transfer the equivalent of £416,590 to a designated person. No voluntary disclosure discount was applied. OFSI cited the company’s lack of any sanctions risk policies as an aggravating factor.
Vanquis Bank Ltd, Disclosure notice (September 2025)
Failed to restrict a designated person’s account for eight days despite receiving advance notice from OFSI. No monetary penalty was imposed, given early self-reporting and low-value transactions, but the disclosure is a public record.
Colorcon Ltd, £152,750 (September 2025)
A pharmaceuticals supplier was fined for making funds available to designated persons in breach of UK Russia sanctions. The breach was reported four months after discovery, which limited the voluntary disclosure discount applied.
Bank of Scotland plc, £160,000 (January 2026)
Processed 24 payments totalling over £77,000 to and from a designated person’s account. Shortcomings in sanctions screening, including failure to detect name transliteration variants, were identified as a root cause. The fine was reduced by 50% for prompt self-reporting.
Apple Distribution International, £390,000 (March 2026)
Payments made to a Russian streaming service whose parent had been designated under UK sanctions. Proactively disclosed. Fine resolved through settlement. A non-UK company held to account for using UK financial infrastructure.
A pattern has emerged, and it’s worth understanding
In most of these cases when reviewed, it’s fairly evident that there was no deliberate attempt to circumvent sanctions. Most breaches were largely technical: ownership structures changed quickly, screening systems didn’t catch name variations, or notifications weren’t acted upon fast enough.
It’s a clear warning sign that if your compliance is not robust enough, you could be caught out. OFSI has made clear in its Annual Review 2024-25 that it is moving towards a more proactive, intelligence-led enforcement model, and that breaches will be pursued proportionately regardless of whether they were intentional.
In February 2026, OFSI published updated enforcement guidance following a government consultation. Key changes include a new Early Account Scheme offering up to 20% penalty reductions, a Settlement Scheme adding a further 20% discount, and a revised voluntary disclosure discount now capped at 30%, reduced from the previous 50%.
OFSI is also seeking to double the maximum civil penalty to £2 million (or 100% of breach value), subject to parliamentary approval. Source: OFSI Enforcement and Monetary Penalties Guidance, GOV.UK, February 2026.
The practical effect of these changes is that the window to benefit from reduced penalties is narrowing. Self-reporting early, cooperating fully with investigations, and being able to demonstrate robust compliance controls at the time of a breach all matter, and they matter more now than they did twelve months ago.
What this means for your business
Sanctions checks are a legal requirement for all UK businesses, not just those in regulated sectors. Under UK financial sanctions law, every business is prohibited from dealing with, or making funds available to, a designated person, regardless of whether you operate in financial services, property, legal, or any other sector.
For conveyancers and solicitors in particular, sanctions screening should be part of every client onboarding process. Accepting funds from, or facilitating transactions involving, a designated person, even unknowingly, can result in a fine. The same applies to estate agents and letting agents handling client money.
The Apple case highlights three practical lessons that any compliance team should take away:
- First, ownership structures around sanctioned entities can change rapidly. Okko’s connection to a sanctioned parent emerged in the same month the payments were made. Your screening needs to be current, not a one-off check at onboarding.
- Second, using UK banking infrastructure creates UK sanctions liability, even for overseas companies.
- Third, voluntary disclosure matters enormously. It was cited as a significant mitigating factor in the Apple fine, and in the Bank of Scotland case contributed to a 50% reduction in penalty.
How Credas can help
Credas runs real-time PEPs and sanctions screening as part of every AML check, with access to international sanctions databases including the newly adopted single UK Sanctions List. Our platform flags matches automatically, supports ongoing monitoring so you’re alerted when a client’s status changes, and gives your team a clear audit trail to demonstrate compliance should you ever need it.
Whether you’re onboarding a new client, reviewing an existing relationship, or trying to get a clearer picture of your overall sanctions exposure, we can help you manage it efficiently, without adding friction to your customer journey.
