OFAC started adding crypto wallets to its sanctions list in 2018. From that year, OFAC stepped up enforcement. Mixer protocols were blacklisted, exchanges were shut down, and North Korean hackers' wallets were traced to stop them funding their government. If your business works with digital assets, you have to screen sanctions lists continuously.
The rules are strict. Even accidentally, if you send money to a sanctioned address, it still counts as a violation. Penalties could be millions of dollars, and saying "we didn't know" won't get you off the hook.
Here's how OFAC deals with crypto, and the cases that shaped it.
What Are OFAC Crypto Sanctions?
OFAC is part of the U.S. Treasury. It runs the country's sanctions programs. OFAC's most powerful tool is a blacklist called the SDN List (Specially Designated Nationals and Blocked Persons). If a name is on that list, U.S. companies can't do business with it, and that name's assets have to be frozen.
Crypto sanctions are the same idea, pointed at the blockchain. OFAC started adding crypto wallet addresses to the SDN List in 2018. It began with ones connected to Iranian ransomware operators and North Korean hackers. Nowadays, the SDN List has a whole section for crypto addresses.
The surprising part is that a crypto wallet on the SDN List is treated exactly like a sanctioned bank. If you've made any transfer involving a sanctioned crypto wallet, you've potentially broken the law.
How OFAC Sanctions Apply to Cryptocurrency
In practice, there are three ideas that explain how it works.
The technology doesn't matter. OFAC has made it clear there's no difference between dollars and crypto. Sanctions apply to both. In 2021, OFAC published compliance guidance for the crypto industry. The guidance said the whole industry has to run compliance programs, just like banks.
Liability is strict. This must be remembered. Manual checks aren't enough to protect yourself. Any transaction could put you in a difficult situation.
Even code can be a target. In 2022, OFAC added the Tornado Cash mixer to the SDN List. It sanctioned the smart-contract addresses directly, rather than a company or a person. A court later overturned this. That situation showed something serious. OFAC was ready to sanction the code itself, not just people or companies.
Firms do two things to meet these obligations. Firstly, they screen wallet addresses against the SDN List. Secondly, they track the blockchain to find where the money comes from. Together, these help them catch any transfer linked to a sanctioned address, exchange, or country, whether direct or indirect.
Why Crypto Became an Enforcement Priority
OFAC focuses on how sanctioned actors use crypto.
Government-backed theft. North Korea's Lazarus Group and connected hackers steal billions to fund the government. In 2025 alone, they stole around $2 billion, and through 2026 they accounted for most crypto hacks.
Russian sanctions evasion. After 2022, Russia-linked exchanges and ruble-backed stablecoins became tools to dodge sanctions.
Ransomware. Ransomware crews get paid in crypto. That puts the exchanges and mixers that cash them out right in OFAC's sights.
Mixers and hiding tools. Services built to hide who sent what to whom break the transparency that sanctions need.
Landmark OFAC Crypto Sanctions Cases
A few cases set the rules everyone else now lives under.
Blender.io (May 2022)
The first crypto mixer OFAC ever sanctioned. It was named for laundering funds for North Korea's Lazarus Group.
Tornado Cash (2022, delisted 2025)
This is the biggest and most argued-about case. In August 2022, OFAC sanctioned the Ethereum mixing service, including its smart-contract addresses. It said the service had laundered more than $7 billion since 2019. A lawsuit followed. In November 2024, the Fifth Circuit ruled that immutable smart contracts aren't the "property" of a foreign national, so OFAC had gone past its authority. On March 21, 2025, Treasury removed Tornado Cash from the SDN List. The criminal cases against its developers kept going separately. Delisting the code didn't clear the people behind it.
Sinbad.io (November 2023)
Sanctioned as the successor to Blender.io. It was another go-to laundering tool for Lazarus Group money.
Garantex (2022 to 2025)
A Russian exchange first sanctioned in 2022 for handling illicit and ransomware-linked transactions. International authorities seized its systems and shut it down in March 2025. OFAC then re-sanctioned the surrounding network in August 2025, pointing to over $100 million in illicit transactions.
Recent OFAC Crypto Actions (2025-2026)
Crypto enforcement picked up sharply in 2025 and 2026. Most of it focused on Russian evasion networks and North Korean revenue.
Garantex's successor and the A7A5 network (August 2025). OFAC, together with the UK's OFSI, sanctioned Grinex. Grinex was an exchange built by former Garantex staff to dodge sanctions. They also sanctioned A7A5, a Russian ruble-backed stablecoin used to move money beyond Western reach. Garantex had reportedly shifted customer funds and access to the new platform. The EU followed with a transaction ban on A7A5 in its 19th sanctions package in October 2025.
Zservers (February 2025). OFAC sanctioned this Russia-based "bulletproof" hosting provider and two of its administrators. They gave infrastructure to LockBit ransomware affiliates. It shows crypto sanctions reach the support system, not just the wallets.
North Korean IT-worker networks (March 2026). On March 12, 2026, OFAC sanctioned six people and two entities tied to North Korea's IT-worker fraud schemes. These schemes funneled close to $800 million into the regime in 2024. The scheme grew from operatives quietly landing remote crypto jobs to actors posing as recruiters at Web3 and AI firms to steal credentials and source code.
The pattern is steady. OFAC is going after the networks, successors, and enablers around sanctioned crypto activity, not just single addresses. And it's doing it alongside allied regulators.
What OFAC Crypto Sanctions Mean for Your Business
If you handle digital assets in any form, the takeaways are direct.
You have to screen counterparties and wallet addresses against the SDN List, including its crypto entries. You need to spot when a transaction touches a sanctioned address, exchange, or country. Indirect exposure counts too. Because liability is strict, "we didn't know" won't stop a violation. And the cost is real. Civil penalties run into the millions, and the worst cases bring criminal charges.
In practice, a strong program covers a few things.
- Real-time wallet and counterparty screening against the SDN List and OFAC's crypto identifiers, kept current as the list changes.
- Blockchain transaction monitoring to trace fund flows and catch indirect exposure to sanctioned addresses, mixers, or high-risk exchanges.
- Jurisdictional controls that block users and transactions tied to fully sanctioned regions.
- Risk-based onboarding and ongoing due diligence, sized to your product's real exposure.
- Documentation and audit trails that show a reasonable, risk-based effort. This is the thing OFAC weighs most if it ever reviews you.
How Often Does OFAC Update Its Crypto Sanctions?
There's no set schedule. OFAC adds, changes, and removes SDN entries, crypto addresses included, on a rolling basis. Sometimes it happens several times a week, as new intelligence and politics demand. A new address can show up with no warning. That's exactly why occasional spot-checks fall short, and why continuous screening against a live list matters.
Frequently Asked Questions
Are crypto addresses really on the OFAC SDN List? Yes. Since 2018, OFAC has published wallet addresses on SDN entries, and it keeps a dedicated crypto section of the list.
Can I be penalized for unknowingly transacting with a sanctioned wallet? Yes. OFAC enforces civil penalties on a strict-liability basis, so a violation can happen without knowledge or intent.
Is Tornado Cash still sanctioned? No. OFAC delisted Tornado Cash on March 21, 2025, after the Fifth Circuit's ruling. Related criminal cases against individuals continued.
Who has to comply with OFAC crypto sanctions? U.S. people and companies, and really any business with U.S. touchpoints. That includes exchanges, custodians, payment firms, and financial institutions with crypto exposure.
Staying Ahead of OFAC Crypto Sanctions
OFAC crypto sanctions have gone from experiment to fixture. The list keeps growing. The targets keep getting smarter. And strict liability leaves little room for mistakes. The workable answer is automation. Continuous sanctions screening, real-time list updates, and blockchain-aware transaction monitoring, built into your everyday compliance flow.
Sanction Scanner screens customers and wallet addresses against OFAC's SDN List and global sanctions data in real time. Its transaction monitoring is built to catch the indirect exposure manual checks miss.
This article is for informational purposes only and is not legal advice. Sanctions designations change often, so always check OFAC's official resources and qualified counsel for decisions affecting your obligations.
