Buried Deep: Book Transfers and Sanctions Evasion – Part One
-
April 23, 2025
-
Buried deep in the plumbing of the global financial system is a type of transaction known as the “book transfer” or “book-to-book transfer.” Though rarely discussed in detail, book transfers raise a special kind of sanctions risk that is difficult to mitigate with standard controls such as transaction filtering and customer screening.
More broadly, book transfers are an underappreciated mechanism for evading sanctions and, thereby, undermining the national security and foreign policy objectives of the U.S. and other countries who levy those sanctions. This article explains what book transfers are, how they can be used to evade sanctions, and why the sanctions risk they pose can be difficult to mitigate.
What Are Book Transfers?
Book transfers are transactions in which funds are moved from one account to another on the books of the same financial institution (e.g., a bank branch). Book transfers are similar to wire transfers in that they are used to move money between accounts. However, unlike wire transfers, they do not require external clearinghouses or messaging systems such as SWIFT or Fedwire. Instead, they occur entirely in-house, on the books of a single financial institution. In some cases, they can be used serially to transfer funds from one financial institution to another.
Because book transfers are largely confined to the books of a single bank, they are treated as domestic transactions and generally exempted from sanctions filtering as per standard industry practice. Though technically domestic, book transfers are often used to facilitate non-domestic, cross-border payments that are subject to filtering. Unlike domestic payments processed through external systems (e.g., ACH in the U.S. and SEPA in Europe), book transfers can involve a variety of currencies, obscure the nature of a payment, and blur the audit trail for a movement of funds. As a result, OFAC-sanctioned parties can avoid filtering systems and other scrutiny by using book transfers to move money.
Sanction Evasion Scenarios
Book transfers can allow OFAC-sanctioned parties to distance themselves from OFAC’s jurisdiction by sending or receiving USD payments across borders, even without a USD account or direct access to the U.S. financial system. To illustrate this risk, consider the following scenarios where books transfers are used to evade sanctions.
The Straw Man Scenario
Figure 1: In this diagram, the Straw is credited with USD through a forex book transfer from the SDN. The Straw then instructs its bank, Foreign Bank 1, to execute a USD payment to a beneficiary in another country. Foreign Bank 1 does this by debiting the Straw’s account, crediting its own internal ledger account, then instructing a USD payment to the beneficiary by wire through the nostro account maintained by its U.S. correspondent. Thus, Foreign Bank 1 completes the payment without mentioning the SDN in its communications with other banks and the SDN avoids detection by sanctions filtering systems.
In the “Straw Man” Scenario, an OFAC-sanctioned party (here, an “SDN”) maintains a foreign currency account outside the U.S. through which it intends to send or receive payments in USD. It knows that any SWIFT messages or other wire transfer instructions containing its name will be detected by transaction filtering systems. Therefore, it arranges for a non-sanctioned affiliate or front company to open a USD account at the same branch. Whenever it wishes to pay a counterparty in USD, it instructs its bank to credit the affiliate’s account in USD by debiting its foreign currency account. This is a purely domestic transaction done by book transfer, so would not be subject to sanctions filtering. After the foreign exchange is complete, the affiliate makes the USD payment on the SDN’s behalf. Because the non-sanctioned affiliate is standing in as the “straw” for the SDN, the payment will not trigger an alert in any filtering systems.
A similar scenario was described in a 2021 OFAC settlement with Union de Banques Arabes et Françaises (“UBAF”).1 According to OFAC, UBAF processed USD payments for sanctioned Syrian financial institutions by using book transfers to move USD between accounts for “two of its clients—one sanctioned Syrian entity and one non-sanctioned client,” then “processed one or more USD transfers on behalf of the non-sanctioned client that cleared through a U.S. bank and whose transaction dates and amounts correlated closely to the related internal transfers reflected on UBAF’s books.”2, 3
The Bulk Funding Scenario
Figure 2: This diagram shows how an SDN can make USD payments directly to an overseas beneficiary without the need for direct access to the U.S. financial system. Here, the SDN and beneficiary each use banks outside the U.S. that maintain USD accounts with one another. In this scenario, the SDN’s bank, Foreign Bank 1, debits the SDN’s account and credits its internal ledger account. It then instructs Foreign Bank 2 to use a book transfer to debit its nostro account and credit the beneficiary’s account for the same amount. If Foreign Bank 1’s USD nostro account balance at Foreign Bank 2 becomes depleted, it can request bulk funding from its USD account at a correspondent bank outside the U.S. None of the underlying activity involving the SDN would be apparent to that correspondent or to any banks in the U.S.
In the “Bulk Funding” scenario, an SDN banking outside the U.S. sends or receives payments in USD using a USD account at a bank with no operations, branches, or accounts in the U.S. The payments are facilitated by book transfers between customer and financial institution accounts, and USD balances are replenished later through separate “bulk funding” transactions involving other banks. Importantly, the payments between the SDN and its counterparties do not directly involve the U.S. financial system because they do not raise an immediate need to exchange foreign currency or clear payments through the U.S.
This scenario was described in a 2019 OFAC settlement involving British Arab Commercial Bank (“BACB”).4 According to the settlement details, BACB facilitated USD payments on behalf of sanctioned Sudanese parties by opening a USD nostro account at another bank outside the U.S., which OFAC referred to as “Bank B.”5 When the Sudanese parties wished to send or receive USD payments to their counterparties in the country where Bank B was located, BACB would facilitate this using book transfers to and from its USD nostro account at Bank B, which would then use book transfers to credit or debit the relevant counterparties for whom it maintained accounts.6
As described by OFAC, these book transfers did not require direct access to the U.S. financial system. Instead, BACB periodically replenished its USD nostro account at Bank B through “bulk funding” transfers initiated by other banks outside the U.S. with which it maintained correspondent relationships.7 Those correspondents then accessed the U.S. financial system to move USD to BACB’s nostro account at Bank B. Though not specified in the settlement details, it is likely that transaction filtering systems would not have detected this activity because (i) book transfers are rarely filtered, and (ii) the bulk funding transactions appeared to be innocuous, non-commercial USD transfers between financial institutions.8
Blind Spots
There are many other scenarios and variations in which book transfers can and have been used to evade OFAC sanctions. Customer screening and due diligence are perhaps the most effective controls in mitigating this risk, but they can still leave blind spots. In the two scenarios above, the illicit activity would not have been possible if the banks involved had prohibited the sanctioned customers from opening accounts in the first place or used a screening system to detect customers who became sanctioned after their accounts were opened.
However, it would still be fairly simple for a sanctioned party to avoid this control by opening a secondary account at another bank in the same country, thereby adding a degree of separation from the conduit account. For example, in the “Straw Man” Scenario, the straw could open an account at a different bank located in the same country but with weaker sanctions controls. Whenever the sanctioned party wished to transfer money to or from the straw, it could do this using local or book transfers between its bank and the straw’s bank. These book transfers would not be filtered and could be processed rapidly, provided each bank maintained a nostro account at the other. One or both banks might have no U.S. presence or accounts whatsoever, further concealing the activity. The sanctioned party could also choose to open its account in a country where it is not sanctioned and its business is welcome.
Figure 3: The setup here is similar to that in Figure 1 except the SDN and Straw now use accounts at different banks. This allows the SDN to continue sending (or receiving) payments through the Straw in case the Straw’s bank refuses to open an account for the SDN, or if the SDN simply wishes to add a layer of concealment to the payment circuitry.
Another blind spot comes from the difficulty in distinguishing between book transfers used to process customer payments from those used by a bank for its own non-commercial purposes. While customer payments processed through external clearinghouses must follow specific formatting standards that make them simple to identify and interpret, book transfers are usually formatted the same regardless of whether they relate to a customer payment or purely bank-to-bank transaction such as a forex hedge or treasury movement. Consequently, when a regulator, auditor, or third-party reviewer attempts to examine book transfers, it can be tedious and time consuming to isolate those involving the bank’s customers. Moreover, since many banks use their own proprietary systems to process book transfers, the resulting records are often saved in an idiosyncratic format, with database tables and fields that make them difficult to analyze and force reliance on a small group of the bank’s own technical experts. All of this makes it difficult to follow the audit trail of a given transaction and identify broader patterns in the data.
This analysis begs two key questions:
- What are regulatory expectations when it comes to the sanctions risk posed by book transfers?
- What policies and procedures can banks adopt to meet those expectations?
Both will be addressed in the forthcoming second part of this article.
Footnotes:
1: “OFAC Enters Into $8,572,500 Settlement with Union de Banques Arabes et Francaises for Apparent Violations of Syria-Related Sanctions Program,” U.S. Department of the Treasury, Office of Foreign Assets Control (January 4, 2021).
2: Id.
3: According to OFAC, UBAF demonstrated a “knowledge of OFAC sanctions laws” but “incorrectly believed that avoiding direct USD clearing on behalf of sanctioned parties was sufficient” to avoid its jurisdiction. While UBAF “voluntarily self-disclosed” these apparent violations, the settlement raises uncomfortable questions about how many violations occur each day that are intentional, not disclosed, or both.
4: “British Arab Commercial Bank plc Settles Potential Liability for Apparent Violations of the Sudanese Sanctions Regulations,” U.S. Department of the Treasury, Office of Foreign Assets Control (September 17, 2019).
5: Id.
6: “Settlement Agreement: COMPL-2015-212138,” U.S. Department of the Treasury, Office of Foreign Assets Control (September 3, 2019).
7: Id. These correspondents are referred to in the settlement agreement as “Bank E” and “Bank F.”
8: Unlike UBAF, BACB “did not voluntarily self-disclose” these sanctions violations, according to the settlement with OFAC. In OFAC’s view, this constituted an “egregious case” in which book transfers and bulk funding transactions were used “to circumvent and evade U.S. sanctions regulations.”
Related Insights
Related Information
Published
April 23, 2025
Key Contacts
Managing Director