OFAC Sanctions Impact Checker
Check Wallet Address Sanction Status
Enter a cryptocurrency wallet address to determine if it is on OFAC's sanctioned list. This tool simulates how exchanges screen addresses.
Enter a wallet address above to check its sanction status.
About OFAC Sanctions
Since 2015, OFAC has maintained a cyber-sanctions program targeting Iranian crypto facilitators. By publishing wallet addresses, they enable exchanges to detect and block illicit transactions.
Key Points
- OFAC publishes designated wallet addresses in CSV and JSON formats
- Exchanges use real-time screening to prevent sanctioned transactions
- Violations can lead to civil fines or criminal penalties
- Iranian actors are shifting to privacy coins and decentralized exchanges
Quick Take
- Since 2015 OFAC has built a cyber‑sanctions program that now targets Iranian crypto facilitators.
- Public wallet‑address lists let exchanges block billions of dollars of illicit flows.
- Major platforms (e.g., ShapeShift) have paid hefty settlements for failing to screen Iranian users.
- Iranian actors are shifting to privacy coins, decentralized exchanges, and successor platforms like Grinex.
- Compliance best‑practice: real‑time address screening, AI‑driven transaction monitoring, and continuous jurisdictional risk reviews.
What is the OFAC sanctions regime and why does it matter for crypto?
OFAC is the U.S. Treasury’s Office of Foreign Assets Control that administers and enforces economic and trade sanctions against targeted individuals, entities, and regimes. In April2015 the agency launched a cyber‑related sanctions program, explicitly naming actors who use digital assets for illicit gain. The first crypto‑focused designations appeared in November2018 when two Iranian facilitators of the SamSam ransomware were sanctioned and, for the first time, their Bitcoin addresses were published.
By publishing wallet addresses, OFAC turned the public blockchain into a compliance tool. Exchanges can now automatically flag any transaction that touches a listed address, dramatically raising the cost of moving funds for sanctioned Iranian entities.
How Iranian actors have leveraged cryptocurrency
Iran’s evasion networks have turned crypto into a “shadow banking” lifeline. In September2025 the Treasury announced a $600million network that moved over $100million of oil revenue for the IRGC‑QF and the Ministry of Defense. The scheme stitched together front companies in HongKong, the UAE, and China with a suite of crypto wallets spanning Bitcoin, Ethereum, Tether, and Tron.
One recent designation targeted ArashEstakiAlivand with five specific wallets - two Ethereum addresses (0xe3d35f68383732649669aa990832e017340dbca5, 0x532b77b33a040587e9fd1800088225f99b8b0e8a) and three Tron addresses (TYDUutYN4YLKUPeT7TG27Yyqw6kNVLq9QZ, TRakpsE1mZjCUMNPyozR4BW2ZtJsF7ZWFN, TQ5H49Wz3K57zNHmuXVp6uLzFwitxviABs). These wallets held a diversified portfolio, allowing the network to slip past simple Bitcoin‑only filters.
The use of multiple chains, privacy‑first coins like Monero, and peer‑to‑peer swaps makes detection hard, but the public address lists give regulators a permanent fingerprint to chase.
Exchange compliance: lessons from high‑profile enforcement
When an exchange fails to screen Iranian users, the penalties are steep. ShapeShiftAG settled for $750,000 in September2025 after allowing roughly $12.6million of crypto to flow from sanctioned jurisdictions, including Iran.
Even more agile actors can dodge a freeze. After the U.S. Secret Service shut down Garantex in March2025, its officers launched Grinex, explicitly marketed as a replacement for sanctioned customers. Grinex processed billions of dollars, using a Kyrgyzstani ruble‑backed token (A7A5) to give Iranian users a way back onto the market.
These cases illustrate two compliance imperatives:
- Maintain an up‑to‑date watchlist of OFAC‑designated wallet addresses.
- Implement risk‑based monitoring that flags suspicious patterns even when users hop between chains or privacy coins.
Technical tools that make enforcement possible
Blockchain analytics firms now blend AI, machine learning, and graph‑theoretic models to trace funds across dozens of protocols. A typical workflow looks like this:
- Ingest raw blockchain data (transactions, token transfers, contract calls).
- Apply address‑screening against the OFAC SDN list and newly published sanction addresses.
- Run anomaly detection models to spot rapid address hopping, mixer usage, or clustering with known evasion entities.
- Generate alerts for compliance teams to review and, if needed, freeze the corresponding account.
Because the ecosystem is multi‑jurisdictional, firms also cross‑reference off‑chain data (company registries, sanctions lists from the EU, UK, and UN) to build a richer risk profile.
Impact on Iranian crypto users
Major exchanges have adopted geo‑blocking and enhanced KYC to keep Iranian users out. The result is a fragmented market where:
- Iranian traders turn to decentralized exchanges (DEXs) that do not require identity verification.
- Privacy‑focused coins (Monero, Zcash, Verge) see a surge in demand as they are harder to trace.
- Regional platforms in jurisdictions with lax U.S. oversight become attractive, albeit at higher costs and lower liquidity.
While these workarounds keep the flow alive, they also expose users to scams, limited customer support, and volatile pricing.
Future outlook and best‑practice checklist for exchanges
Enforcement will only get tougher. AI‑driven pattern‑recognition, expanded address‑publication, and tighter coordination between U.S. and allied regulators are on the horizon. Exchanges that want to stay on the right side of the law should adopt the following checklist:
| Area | Action Item | Frequency |
|---|---|---|
| Wallet Screening | Integrate real‑time OFAC SDN and designated wallet feeds | Continuous |
| Transaction Monitoring | Deploy AI models to flag address hopping, mixers, and large spikes | Daily review of alerts |
| KYC/AML Policy | Enforce geo‑blocking for Iran, Sudan, Cuba, Syria and validate source of funds | Per onboarding |
| Legal Updates | Subscribe to Treasury releases and update internal watchlists within 24hours | Weekly audit |
| Staff Training | Run quarterly simulations of sanctions‑evasion scenarios | Quarterly |
By treating compliance as a continuous risk‑management process rather than a one‑off check, platforms can reduce the likelihood of costly settlements and protect their reputation.
Frequently Asked Questions
What does OFAC actually sanction on the blockchain?
OFAC designates specific digital‑asset wallet addresses, cryptocurrency tokens, and sometimes entire platforms that are used to move proceeds of sanctioned activities. Once an address appears on the SDN list, any U.S. person or entity must block transactions with that address.
Can Iranian users still trade on major exchanges?
Most large centralized exchanges now enforce geo‑blocking for Iran and apply strict KYC checks. Some users bypass the blocks via VPNs or by moving funds through decentralized exchanges, but those routes carry higher risk and lower liquidity.
How do exchanges know which wallet addresses are sanctioned?
The Treasury publishes CSV and JSON feeds of designated addresses, and many compliance vendors aggregate these feeds into APIs. Enterprises typically ingest the data into real‑time monitoring tools that automatically flag matching transactions.
What are the penalties for violating OFAC crypto sanctions?
Penalties range from civil fines (often in the hundreds of thousands) to criminal prosecution with multi‑million‑dollar penalties. The ShapeShift settlement of $750,000 is a recent example of a civil enforcement action.
Are privacy coins like Monero safe from OFAC enforcement?
Privacy coins are harder to trace, so they are attractive to sanctioned actors. However, many exchanges have delisted them or require additional scrutiny because regulators can still sanction the developers or the coin’s smart‑contract infrastructure.
People Comments
OFAC has effectively weaponized public blockchain data, turning every address into a potential watchlist entry. By publishing wallet hashes, regulators force exchanges to embed compliance deep within their transaction pipelines. This shift raises the cost of illicit transfers for Iranian actors, but also pushes them toward more opaque tools. The overall ecosystem is now a cat‑and‑mouse game of address screening and evasion tactics.
Great summary! 🙌
America needs to stay tough on these sanctions. If crypto platforms let Iran slip through, it hurts our national security. Keep the pressure on every exchange.
From a compliance engineering perspective, the introduction of OFAC‑designated wallet feeds represents a paradigmatic shift in the operational risk matrix for crypto‑centric financial institutions. Prior to 2015, most custodial providers relied on heuristic transaction monitoring that flagged anomalous volume spikes or transaction patterns without any geopolitical contextualization. The 2018 inclusion of specific blockchain addresses into the SDN list fundamentally altered that landscape, compelling firms to incorporate deterministic address‑matching algorithms into their real‑time processing engines.
Two critical technical implications arise. First, the latency requirements of on‑chain data ingestion must now accommodate sub‑second verification cycles; any lag can result in a prohibited transfer slipping through before the watchlist is refreshed. Second, the heterogeneity of blockchain ecosystems-spanning Bitcoin UTXO models, Ethereum's account‑based paradigm, and TRON's delegated proof‑of‑stake-necessitates a polyglot parsing layer that normalizes address formats before they are cross‑referenced against the OFAC feed.
Moreover, the compliance stack must reconcile the immutable nature of blockchain data with the mutable status of sanctions designations. An address that is clean today may become sanctioned tomorrow, requiring retroactive transaction review and potential remediation actions such as forced token freezes or sweeping to a controlled cold wallet. This operational overhead is non‑trivial and drives up both direct costs (licensing for analytics platforms, API bandwidth) and indirect costs (legal counsel, audit preparation).
In practice, the most effective architectures adopt a microservices approach: a dedicated “Sanctions Service” subscribes to the Treasury’s CSV/JSON publications, validates payload integrity, and publishes a normalized, versioned feed to downstream risk engines. Those risk engines, often powered by graph‑theoretic clustering and machine‑learning anomaly detection, then flag any transaction that either directly touches a designated address or exhibits suspicious address‑hopping behavior indicative of evasion.
Regulatory expectations have also evolved. The FinCEN‑OFAC joint guidance now emphasizes “continuous monitoring” rather than periodic checks, and audits increasingly scrutinize the provenance of the watchlist integration code. Failure to demonstrate a robust, auditable pipeline can result in civil penalties that dwarf the cost of compliance tooling, as evidenced by the $750,000 ShapeShift settlement.
Finally, there is a strategic dimension: as Iranian actors migrate toward privacy‑centric coins (Monero, Zcash) and decentralized exchanges, the efficacy of address‑based sanctions wanes. This compels the compliance community to explore heuristic‑based risk scoring that evaluates transaction metadata, network topology, and off‑chain entity relationships. In short, OFAC’s address publication strategy has catalyzed a multi‑layered transformation in crypto compliance, blending deterministic watchlist checks with adaptive analytics to stay ahead of increasingly sophisticated evasion techniques.
Exactly! 🎯 The layered approach you described is why we’re seeing more AI‑driven monitoring tools popping up. It’s not just about a static list anymore.
When you think about the drama of a sanctioned wallet trying to slip through a busy exchange, it feels like a heist movie. The good news is that modern analytics platforms can spot that “heist” within seconds, freezing the assets before the bad guys even get a chance to cash out. It’s a high‑stakes game of cat‑and‑mouse, and the cat just got a lot sharper.
We can’t let foreign adversaries use crypto to fund hostile activities. OFAC’s crackdown is essential and every platform should double‑down on screening. No excuses.
Honestly, this whole OFAC list feels like a Band-Aid. It catches the low‑hanging fruit but pushes sophisticated actors deeper into the shadows. The real problem isn’t the list; it’s the lack of global coordination.
True, the list helps, but we also need better education for compliance teams. Many smaller exchanges still rely on manual checks, which is risky.
From a cultural perspective, it’s interesting how sanctions have become part of the crypto narrative. Communities that value financial freedom see this as an overreach, while regulators view it as a necessary safeguard. The tension fuels both innovation and controversy.
Totally vibe with that. It's a clash of ideals.
Let’s remember that a lot of the crypto community sees sanctions as a test of resilience. The fact that Iranian actors are moving to privacy coins shows they’re adapting, and the ecosystem is forced to innovate in AML tools. It’s a wild ride, but progress is happening.
All this talk about sanctions just proves crypto’s staying power. If anything, it shows the tech can’t be stopped.
Maybe sanctions are just a distraction from the real issues.
In accordance with the prevailing regulatory frameworks, it is imperative that custodial entities implement continuous, automated screening protocols that reference the most recent OFAC‑designated wallet enumerations. Failure to adhere to such procedural mandates may culminate in substantial pecuniary liabilities, as exemplified by precedent settlements. Consequently, a systematic, auditable workflow must be instituted, encompassing real‑time ingestion of Treasury feeds, cross‑chain address normalization, and integration with anomaly detection subsystems.
IF YOU'RE GONNA IGNORE THE LIST, YOU'RE GONNA GET BUSTED. THAT'S JUST HOW IT ROLLS.
hey guys, i think we should also look at off‑chain data like company registrations. that can help spot hidden links to sanctioned entities, not just the on‑chain addresses.
Spot on! Mixing on‑chain analytics with off‑chain intel creates a more holistic risk profile. It's like adding a second layer of defense that catches what pure blockchain scans miss.
Indeed;;; the synergy between on‑chain and off‑chain datasets;;; amplifies detection capabilities;;; and reduces false‑positives.
Honestly, OFAC's approach is too simplistic; it assumes a static list can keep up with dynamic crypto tactics.
Agreed; the list is a starting point, but the real work lies in continuous monitoring, pattern analysis, and cross‑jurisdiction collaboration.