Lithuania -- Sanctions Compliance Regulatory Overview

Lithuania, as a member state of the European Union (EU), is subject to a robust framework of international sanctions regimes. These sanctions are primarily those imposed by the United Nations (UN) and the European Union. Additionally, due to the global nature of finance and cryptocurrency, U.S. Office of Foreign Assets Control (OFAC) sanctions can have significant extraterritorial implications for Virtual Asset Service Providers (VASPs) operating in Lithuania.

Here's a breakdown of the cryptocurrency sanctions and restrictions applicable in Lithuania:

I. Overarching Sanctions Framework (EU & UN)

A. United Nations (UN) Sanctions

UN sanctions are legally binding on all UN member states, including Lithuania. These sanctions are implemented within the EU through directly applicable Council Regulations. The EU typically transposes UN Security Council resolutions into EU law, making them enforceable across all member states.

B. European Union (EU) Sanctions

The EU implements its own autonomous sanctions regimes, as well as those mandated by the UN. EU sanctions are established through Council Regulations, which are directly applicable and binding in their entirety in all EU member states, without the need for national transposition. This means Lithuanian VASPs must directly comply with all EU sanctions regulations.

Key EU Sanctions Measures Include:

• Asset freezes: Prohibiting the making available of funds and economic resources, directly or indirectly, to designated persons or entities.
• Travel bans: (Less relevant for VASPs, but part of broader regimes).
• Sectoral restrictions: Prohibitions on certain imports/exports, investments, or provision of services (e.g., specific restrictions on crypto-asset services concerning Russia).
• Embargoes: Restrictions on trade with specific countries.

Specific EU Sanctions Relating to Crypto Assets (e.g., against Russia): Following Russia's invasion of Ukraine, the EU has progressively imposed comprehensive restrictions on crypto-asset services for Russian persons and entities. Initially, high-value crypto-asset services were prohibited, which later expanded to include all crypto-asset wallet, account, or custody services to Russian persons or entities, regardless of value.

Legal References (EU):

• Consolidated Financial Sanctions List: This interactive map and database provides details of all persons, groups, and entities subject to EU financial sanctions.
  • URL: https://www.sanctionsmap.eu/
• Council Regulation (EU) No 833/2014 (concerning restrictive measures in view of Russia’s actions destabilising the situation in Ukraine), as amended: This regulation includes the specific prohibitions related to crypto-assets.
  • URL (latest consolidated version): Search EUR-Lex for the latest consolidated version (e.g., by searching for "833/2014").

II. OFAC Sanctions (Extraterritorial Impact)

While OFAC sanctions are U.S. law, they have significant extraterritorial reach, particularly for businesses involved in international transactions or using U.S. financial systems or technologies.

Relevance for Lithuanian VASPs:

• U.S. Nexus: If a Lithuanian VASP handles transactions in USD, has U.S. customers, uses U.S. cloud services, or interacts with U.S. financial institutions, it falls within OFAC's jurisdiction.
• Global Best Practice: Many international financial institutions and businesses, including VASPs, adopt OFAC compliance as a best practice to mitigate risk and maintain access to global financial markets.
• Primary Lists: VASPs are expected to screen against OFAC's Specially Designated Nationals and Blocked Persons (SDN) List and other relevant sanctions lists (e.g., SSI, CAPTA).

Legal References (OFAC):

• SDN List:
  • URL: https://ofac.treasury.gov/specially-designated-nationals-and-blocked-persons-list-sdn-human-readable-lists
• OFAC Sanctions Programs and Country Information:
  • URL: https://ofac.treasury.gov/sanctions-programs-and-country-information

III. Sanctions Compliance Requirements for VASPs in Lithuania

Lithuanian VASPs are subject to comprehensive Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) obligations, which include sanctions compliance. The primary national legal act is the Law on the Prevention of Money Laundering and Terrorist Financing.

Legal Basis (National):

• Lietuvos Respublikos pinigų plovimo ir teroristų finansavimo prevencijos įstatymas (Law of the Republic of Lithuania on the Prevention of Money Laundering and Terrorist Financing). This law transposes the EU Anti-Money Laundering Directives (AMLDs V and VI) into national law.
  • URL (Lithuanian Parliament's Legal Act Register): https://e-tar.lt/portal/legalAct.html?id=TAR.D4200B5B3900 (Please note this link may require navigating the Lithuanian legal database for the most current version).

Key Compliance Requirements for VASPs:

1. Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD):

   • Identifying and verifying the identity of customers and beneficial owners.
   • Understanding the purpose and intended nature of the business relationship.
   • Ongoing monitoring of the business relationship.
   • EDD for high-risk customers, relationships, or transactions, which would include politically exposed persons (PEPs) or those from high-risk geographic areas.

2. Sanctioned Entity Screening Obligations:

   • VASPs must screen all clients (individuals and entities), beneficial owners, and, where feasible, counter-parties and transaction details against all applicable sanctions lists (EU Consolidated List, OFAC SDN/SSI lists, and any other relevant lists).
   • Screening must occur:
     • Before establishing a business relationship.
     • Before conducting a one-off transaction.
     • On an ongoing basis throughout the business relationship.
     • Before initiating or completing a transaction.
   • This includes checking names, aliases, dates of birth, addresses, and other identifying information. For crypto, this can extend to identifying wallet addresses associated with sanctioned entities if such information is publicly available or provided by intelligence.

3. Risk Assessment:

   • Developing and maintaining a comprehensive risk assessment that identifies and evaluates money laundering, terrorist financing, and sanctions risks associated with their business model, services, customers, geographic areas of operation, and transaction types (including crypto-assets).

4. Transaction Monitoring:

   • Monitoring transactions for unusual patterns, amounts, or destinations that could indicate sanctions evasion, money laundering, or terrorist financing. This includes monitoring crypto-asset flows.

5. Reporting Obligations:

   • Suspicious Transaction Reports (STRs) / Suspicious Activity Reports (SARs): Obligation to report any suspicious activities or transactions to the Financial Crime Investigation Service (FCIS) (FNTT).
   • Blocking/Freezing of Assets: Immediate obligation to block/freeze assets belonging to designated persons or entities and report this action to the FCIS. Providing any services or making funds/economic resources available to sanctioned parties is prohibited.

6. Internal Controls and Training:

   • Implementing robust internal policies, procedures, and controls to manage and mitigate identified risks.
   • Providing regular training to employees on AML/CTF and sanctions compliance obligations.

IV. Geographic Restrictions

Geographic restrictions are inherent to the sanctions regimes themselves. VASPs must not facilitate transactions with, or provide services to, individuals or entities located in or associated with sanctioned jurisdictions.

Examples of Restricted Geographies (subject to specific sanctions regimes):

• Russia and Belarus: Extensive restrictions, including on crypto-asset services for Russian persons/entities.
• Crimea, Sevastopol, and non-government controlled areas of Ukraine (Donetsk, Luhansk, Kherson, Zaporizhzhia): Restrictions on trade, investment, and financial services.
• North Korea (DPRK), Iran, Syria, Venezuela, Cuba: Various comprehensive and sectoral sanctions.

For crypto, this means not providing wallet, account, or custody services, or facilitating any transactions where the counterparty or beneficial owner is located in or acting on behalf of a sanctioned jurisdiction or person.

V. Penalties for Violations

Violations of sanctions and AML/CTF laws in Lithuania can lead to severe administrative and criminal penalties.

Legal Basis (National):

• Lietuvos Respublikos pinigų plovimo ir teroristų finansavimo prevencijos įstatymas (Law on the Prevention of Money Laundering and Terrorist Financing).
• Lietuvos Respublikos baudžiamasis kodeksas (Criminal Code of the Republic of Lithuania).
  • URL (Criminal Code): https://e-tar.lt/portal/legalAct.html?id=TAR.A860CD6933F8

Penalties Include:

• Administrative Fines: Significant financial penalties imposed by supervisory authorities (e.g., Bank of Lithuania, FCIS). Fines can be substantial, often up to €1,000,000 or a percentage of the company's annual turnover (e.g., up to 10% for serious breaches), or even higher in specific cases.
• Criminal Liability: For serious breaches, especially those involving terrorist financing, proliferation financing, or significant money laundering, individuals (including management and beneficial owners) can face imprisonment.
• Withdrawal of Authorization/Registration: VASPs can have their registration or authorization to operate revoked.
• Reputational Damage: Significant harm to the VASP's reputation, leading to loss of customers and business partners.

VI. Country-Specific Sanctions Lists for Crypto

Lithuania does not maintain a separate "crypto-specific" sanctions list. Instead, Lithuanian VASPs are required to comply with:

1. The EU Consolidated Financial Sanctions List.
2. Relevant OFAC sanctions lists (e.g., SDN List) if they have a U.S. nexus or as a best practice for global operations.
3. Any other relevant UN Security Council sanctions lists (which are typically integrated into EU law).

The national authorities, primarily the Bank of Lithuania and the FCIS, provide guidance and enforce the application of these existing sanctions lists within the crypto-asset sector.

VII. Key Regulatory and Supervisory Bodies

• Financial Crime Investigation Service (FNTT - Finansinių nusikaltimų tyrimo tarnyba): The primary national authority for investigating financial crimes, including money laundering, terrorist financing, and violations of sanctions.
  • URL: https://www.fntt.lt/
• Bank of Lithuania (Lietuvos bankas): Acts as the supervisory authority for AML/CTF compliance for financial institutions, including VASPs registered in Lithuania. It issues guidelines and oversees adherence to the legal framework.
  • URL: https://www.lb.lt/

Disclaimer: This information is for general informational purposes only and does not constitute legal advice. VASPs operating in Lithuania should seek independent legal counsel to ensure full compliance with all applicable sanctions and AML/CTF regulations, which are subject to frequent changes.