Financial sanctions, Cyber
UK financial sanctions are in place for persons, entities or bodies involved in certain cyber activity.This page contains the current list of designated targets.
Documents
Details
The Cyber (Sanctions) (EU Exit) Regulations 2020 ensure sanctions aimed at furthering the prevention of certain cyber activity are implemented effectively after the UK leaves the EU.
Context
The Cyber (Sanctions) (EU Exit) Regulations 2020 put in place sanctions measures aimed at furthering the prevention of cyber activity which:
- undermines, or is intended to undermine, the integrity, prosperity or security of the UK or a country other than the UK
- directly or indirectly causes, or is intended to cause, economic loss to, or prejudice to the commercial interests of, those affected by the activity
- undermines, or is intended to undermine, the independence or effective functioning of an international organisation, or a non-governmental organisation or forum whose mandate or purposes relate to the governance of international sport or the internet
- otherwise affects a significant number of persons in an indiscriminate manner
Ransomware and Sanctions
- making or facilitating a ransomware payment risks exposing those involved to civil or criminal penalties where such payments are made to individuals or entities subject to financial sanctions, known as designated persons.
- OFSI, in partnership with other HM Government (HMG) organisations, has published guidance on sanctions and ransomware, which includes information on the impact of ransomware payments, cyber resilience, and HMG’s approach to enforcement. For more information, please see the guidance on ransomware and sanctions.
UK regulations
- The Cyber (Sanctions) (EU Exit) Regulations 2020
- The Sanctions (EU Exit) (Miscellaneous Amendments) (No. 4) Regulations 2020
- The Cyber-Attacks (Asset-Freezing) Regulations 2019
EU Regulations (applicable prior to 11:00pm, 31 December 2020)
Updates to this page
Last updated
-
HM Treasury Notice, Cyber, 08/10/2024 added
-
HM Treasury notice, Cyber, 01/10/2024
-
HM Treasury notice, Cyber, 07/05/2024 added.
-
HM Treasury notice, Cyber, 25/03/2024 added.
-
HM Treasury Notice Cyber, 23/01/2024 added.
-
HM Treasury Notice, Cyber, 07/12/2023 added
-
HM Treasury Notice, Cyber, 07/09/2023 added.
-
HM Treasury Notice, Cyber, 06/04/2023 added
-
HM Treasury Notice, Cyber, 10/02/2023 added
-
HM Treasury Notice, Cyber, 09/02/2023 added Ransomware and Sanctions notice amendment
-
Updated with Latest HM Treasury Notice, Cyber, 05/07/2022
-
Updated with 'HM Treasury Notice, Cyber, 27/05/2022'
-
Updated with: Latest HM Treasury Notice, Cyber, 24/03/2022
-
Updated with 'Latest HM Treasury Notice, Cyber, 18/03/2022'.
-
Updated with 'Latest HM Treasury Notice, Cyber, 15/03/2022'.
-
Updated to reflect regime coming into force under the Sanctions Act
-
Updated with 'Latest HM Treasury notice, 24/11/2020, Cyber-Attacks (Reg 2020/1744)’
-
Updated with 'Latest HM Treasury notice, 23/10/2020, Cyber-Attacks (Reg 2020/1536)’
-
Updated with 'Latest HM Treasury notice, 31/07/2020, Cyber-Attacks (Reg 2020/1125)'
-
First published.