Chagri Poyraz is Binance’s Global Head of Sanctions who has over 18 years of experience in compliance, strategy, risk management, and as an intergovernmental liaison. Prior to joining Binance, he worked at Coupang, HSBC, and the United Nations.


I was in London today to speak at the Kharon Global Summit. 

I doubt that this event is on many regular Binance users’ radars, but for those of us working in global risk and compliance, it’s an important annual summit. The event brings together some of the world’s leading voices on the critical issues of sanctions and financial crime and presents a chance to have in-depth discussions about the most recent and relevant challenges.

I was honored to be asked to participate and speak on the topic of sanctions-related risk management along with other key figures from the public and private sector. But, beyond that, I enjoy these kinds of events as they allow me to connect with leaders in the space and gather invaluable insights on the latest developments relevant to our work. 

For example, at the Summit today, we heard from officials dealing with financial crimes and sanctions at the US Department of the Treasury, and the UK Treasury. I also had the opportunity to hear from, and talk with, a number of global compliance officers from banks across the world — including Lloyd’s, Deutsche Bank, Barclays, Royal Bank of Canada, Bank of America, and Dubai Islamic Bank, among others — and exchange valuable observations. 

It’s through events like this that I can ensure the measures we’ve put in place here at Binance are robust and cutting-edge, and that we’re keeping our platform — and our users — protected from sanctions-related risks.

I will undoubtedly take a lot away from my conversations at Kharon. But in the interests of education and transparency, I also want to use this opportunity to share what I presented there with anyone interested. I believe it’s important that all our users have as much insight as possible into what we’re thinking and doing with regard to these important issues.

Compliance For A Sustainable Business

Before getting into specifics, we should recognize that in the grand scheme of things, blockchain and digital assets are gradually becoming more mature. Think of the internet’s early years, when similar questions were asked as they are of crypto now: “Is it safe?”, “Isn’t it just for criminals?”, “Is it a fad?”

As we know now, people didn’t give up on the internet because of its limitations. Instead, governments and companies worked, and continue working together to manage those risks. I believe we’re on the same trajectory today with blockchain and Web3.

In the next three to five years, more than one billion new users will enter the Web3 ecosystem via public blockchains. As it stands, blockchain is still in its early stages. We know that technology is always one step ahead of regulation. What this means is that we need to uphold the highest level of compliance possible given the fast-evolving nature of the space.

We have a responsibility to be alert to the likelihood of increased sanctions exposure and evasion techniques. And as the world’s largest digital asset exchange, Binance intends to be a leader in setting the industry standard for security and compliance. 

This is a priority. 

In the blockchain space, things are developing fast. A simple look back at where regulation once was and where it is today – speaks volumes about how far we’ve come as an ecosystem and an industry.

On November 28, 2018, OFAC, for the very first time, added two bitcoin addresses to its list of Specially Designated Nationals (SDN). For those unfamiliar with the sanctions compliance space, OFAC is the Office of Foreign Assets Control — a financial intelligence and enforcement agency of the US Treasury Department. Its SDN List is a US government sanctions tool used against designated terrorists, officials of certain authoritarian regimes, and international criminals.

Two years later, on December 30, 2020, OFAC undertook its first-ever enforcement action associated with the violation of crypto-related sanctions. This was against BitGo, a U.S. wallet provider, for allowing users from sanctioned jurisdictions to use its platform. This was a major milestone for anyone following sanctions enforcement in the cryptocurrency space.

Since then, there has been a massive uptick in regulatory enforcement, including the US sanctioning of individuals, entities, wallet addresses, and crypto exchanges involved in hacking and other illicit activity. Take, for example, the sanctions against the likes of Garantex, Hydra Market, Blender.io, and Tornado Cash.

Additionally, in a series of recent decisions, the English Courts have confirmed that crypto assets can be frozen and have shown a willingness to order such measures.

Change, Innovation, And Divergence In Applying Sanctions

As we review the current regulatory landscape, it’s important to note that different jurisdictions and regulatory bodies can take somewhat diverging paths when addressing digital assets. Consider the following snapshots from around the world:

  • In October 2021, OFAC published sanctions compliance guidance for private operators in the virtual currency industry. The guidance includes recommendations on conducting risk assessments, sanctions screening clients, using geolocation tools to monitor customers’ locations, and using transaction monitoring tools.

  • In the United Arab Emirates, Dubai authorities are setting up the world’s first authority solely focusing on virtual assets. 

  • Switzerland has integrated one of the most mature regulatory frameworks for digital assets, allowing market participants to gain certainty on the legal and regulatory treatment of their projects and intended activities.

  • The EU Markets in Crypto-Assets Regulation (MiCA) is the first cross-jurisdictional regulatory and supervisory framework for crypto-assets. It was originally introduced in 2020 as a response to a global stablecoin initiative. MiCA is expected to enter into force in 2024, subject to its ratification.

As can be seen even from this brief overview, the speed of action, approaches adopted, services and products covered, and even the definitions and terminology used remain heavily fragmented. The industry has long raised concerns over the lack of standardization and urgency in decision-making underpinning digital assets policy and regulations.

Best Practices and Innovative Solutions

While some regulatory uncertainty around digital assets persists, here at Binance we recognize that crypto companies have the same obligations to comply with global sanctions rules as any other entity. This is a journey that requires continuous improvement. Here are some of the important steps we currently take to ensure compliance, starting with onboarding, through to monitoring, account reporting, and geo-fencing: 

  1. Onboarding

    • Name screening against the Refinitv-WorldCheck and Dow Jones databases to determine sanctions designation status.

    • For client onboarding, the completion of a Sanctions Exposure Questionnaire to identify potential for sanctions-risk exposure.

    • The IP location of a new user is tagged at the point of onboarding.

  2. Monitoring

    • Daily Name Screening of our customer database against the Refinitv-WorldCheck database for new matches (WorldCheck adds new names of designated persons as they are issued by the relevant sanctions regulators).

    • On-chain transaction monitoring to detect customers’ access to or use of prohibited domains, which includes sanctioned sites. 

    • Monitoring changes in customer IP addresses, including the use of IP addresses of sanctioned countries.

  3. Account freezing, blocking, and reporting

    • Procedures to immediately block, reject, and freeze any transaction (inward or outward) involving SSCs or Designated Persons.

  4. Geo-fencing

    • We can go further by not only knowing who our customer is, but where they are. These are the steps we currently undertake, or are in the process of implementing:

    • Geofencing is central to our sanctions-control program and, as a minimum, requires the use of domain name and IP address data to better pinpoint where our users are, combined with the use of blockchain intelligence to spot patterns that might be indicative of sanctions evasion.

    • More advanced geofencing configurations include the use of GPS coordinates, WiFi triangulation, and cellular data to help manage the risks of IP proxies and VPNs.

Ultimately, we’re committed to taking a global approach. 

When it comes to our sanctions-related risk management, we globally apply the regulations and sanctions outlined by both national governments, such as the US, UK, and Canada, and multinational organizations, such as the UN and the EU. 

Building trust by demonstrating our commitment to compliance is key to sustainability — both for us as a business, and for the wider community and industry. 

Preparing For The Future

If 2022 taught us anything about sanctions, it’s that it is a dynamic area where change can happen overnight. A key tip to keep on top of it is to adopt an approach of proactive horizon scanning. While it can be hard to predict exactly what will happen next, it’s important to look at what’s already happening in the world and project where the focus is likely to shift soon. 

While 2022 saw bustling activity on the global sanctions front, 2023 is likely to continue the trend. This is the time for organizations to prepare themselves by developing their people, taking advantage of emerging technological solutions, and preparing for the future.

As for Binance, we are eager to work with partners around the world, including the many incredible leaders at today’s Kharon Summit, to continue advancing meaningful improvement in sanctions-related risk management. 

Further Reading