Title: Guidance for OTSI Licence Applications: Sanctioned Activities in Services and Goods

This guidance is for applications submitted to OTSI seeking licences to carry out sanctioned activity related to both services and goods. It sets out the framework and expectations that organisations must meet to obtain, maintain, and operate under licences that enable compliant activity within sanctioned regimes.

Scope and purpose
– The guidance applies to organisations and individuals seeking licences from OTSI to engage in activities that are restricted or controlled by sanctions authorities. This includes transactions involving services, goods, and related activities such as intermediaries, logistics, or facilitating actions that could fall within a sanctioned remit.
– The aim is to promote compliance, reduce risk to national security and international obligations, and provide clarity about the licensing process, criteria, and ongoing responsibilities for licence holders.

Who should use this guidance
– Entities (companies, partnerships, sole traders) and other organisations planning to undertake sanctioned activities that require an OTSI licence.
– Individuals and entities seeking to vary, renew, suspend, or cancel licences, or to understand the conditions that may apply to sanctioned activity.
– Compliance teams, legal counsel, and senior management responsible for regulatory adherence and risk management.

Key principles guiding the licensing process
– Proportionality: Processes should be fit-for-purpose, reflecting the risk profile of the activity and the entity.
– Transparency and accountability: Clear criteria, consistent decision-making, and reasonable opportunities to provide additional information.
– Risk-based approach: Emphasis on due diligence, end-use/end-user controls, and ongoing monitoring.
– Continuous improvement: Regular updates to the guidance to reflect changes in sanctions regimes, risk factors, and industry developments.

Eligibility and scope
– Activities requiring an OTSI licence typically include the sale, transfer, or provision of services or goods that are subject to sanctions controls, as well as any assistance or facilitation related to such activities.
– Applicants should assess whether their planned activities fall within the licensing remit. If in doubt, seek early guidance from OTSI to avoid delays.
– Licences may be time-bound and subject to conditions that reflect the nature of the activity, risk level, and controls implemented by the organisation.

Pre-application considerations
– Conduct a preliminary risk assessment to identify potential sanctions-related exposures, including geographic exposure, end-use and end-user risk, and supply chain complexity.
– Review existing compliance programmes (sanctions screening, know-your-customer/due diligence, training, record-keeping) to ensure they are robust and up-to-date.
– Clarify the intended end-use and end-user and document any third-party intermediaries or agents involved in the activity.
– Prepare a clear governance structure for licence compliance, including assignment of responsibilities to senior management and the compliance function.

Documentation and evidence typically required
– Legal and corporate information: registration details, ownership structure, key officers, and any relevant regulatory registrations.
– Description of the sanctioned activity: scope, geographic reach, product/service categories, and the business rationale for undertaking the activity.
– End-use and end-user information: identification and risk profiles of customers, partners, and intermediaries; documentation of end-use controls.
– Due diligence and screening policies: policies and processes for customer due diligence, enhanced due diligence for high-risk entities, and sanctions screening results.
– Risk management and controls: internal controls, AML/CFT measures, data protection, cyber security, and incident response plans.
– Supply chain mapping: description of critical suppliers and partners, with risk assessments and escalation procedures.
– Compliance history: past licences, enforcement actions (if any), and corrective action plans.
– Training and culture: staff training records on sanctions compliance and what constitutes prohibited activity.
– Record-keeping and reporting: policies for retention of records, audit trails, and reporting mechanisms for potential sanctions concerns.
– Financial information (where relevant): sources of funds and evidence that transactions are legitimate and permitted under the licence regime.

The application process and timelines
– Submission: Applications should be complete and accompany all required documentation. Incomplete submissions may slow processing.
– Validation and screening: OTSI will validate the information and perform risk-based screening, including checks on end-users, goods, and intermediaries.
– Information requests: If additional information is needed, respond promptly with the requested materials to avoid delays.
– Evaluation: Applications are assessed against regulatory criteria, including risk assessment, end-use controls, and compliance capabilities.
– Decision timelines: Processing times vary with complexity and risk. Applicants should factor potential extensions for supplementary data or clarifications.
– Licence grant or refusal: If granted, licences will include terms, conditions, and any reporting or monitoring requirements. If refused, applicants may be advised on potential avenues for appeal or revision.

Evaluation criteria and licensing conditions
– Legal and regulatory compliance: Demonstrated ability to comply with applicable sanctions regimes and related laws.
– Risk management: Effective risk assessment, controls for end-use and end-user, and ongoing monitoring mechanisms.
– End-use/end-user controls: Adequate measures to prevent diversion, misuse, or unauthorised transfers.
– Due diligence capability: Robust customer and supplier due diligence processes, with tiered risk-based approaches.
– Governance and accountability: Clear ownership of sanctions compliance at senior levels and access to adequate resources.
– Proportionality of controls: Licence conditions should reflect the level of risk posed by the activity.
– Reporting and record-keeping: Requirements for timely reporting of concerns and maintenance of auditable records.

Licence conditions and ongoing obligations
– Usage restrictions: Specific activities allowed under the licence, prohibited actions, and geographic or end-use limitations.
– Monitoring and reporting: Regular reporting obligations, including any suspicious activity indicators, and compliance reviews as required.
– Audits and inspections: Rights for OTSI to conduct audits or request information to verify compliance.
– Training and awareness: Ongoing training requirements for staff involved in sanctioned activities.
– Changes and variations: Process for requesting licence variations, suspensions, or revocation in response to changes in risk or business activities.
– Renewal and expiry: Timelines and criteria for licence renewal, including demonstrations of continued compliance.

Variations, renewals, and enforcement
– If business needs evolve, applicants may apply for variations to the licence, subject to OTSI approval and updated risk assessments.
– Renewal should be sought in advance of expiry, with evidence of sustained compliance and updated controls where needed.
– Non-compliance can lead to licence suspension, variation, or revocation, and may carry penalties or other regulatory actions.

Compliance programme expectations
– Sanctions screening: Ongoing checks against updated lists and real-time monitoring of counterparties.
– Due diligence: Comprehensive and demonstrable due diligence across customers, suppliers, and end-users.
– Training: Regular, role-appropriate sanctions compliance training for staff.
– Record-keeping: Systematic, auditable record-keeping to support verification and reporting.
– Incident response: Clear procedures to respond to suspected breaches, including escalation and remedial actions.
– Data protection: Adequate safeguards for sensitive information in line with data protection laws.

Common pitfalls and practical tips
– Incomplete information: Ensure all sections are fully completed and supported with evidence.
– Ambiguity about end-use: Provide precise, verifiable information about the intended end-use and end-users.
– Weak or missing due diligence evidence: Attach up-to-date policies, screening results, and audit evidence.
– Inadequate risk assessment: Include a structured risk assessment with identified mitigations and monitoring plans.
– Insufficient governance: Demonstrate clear responsibility at senior management level for sanctions compliance.

Support and contacts
– OTSI publishes guidance and contacts to assist applicants. If you are unsure about whether your activity requires a licence or what documentation is required, seek early guidance to avoid delays.
– Use official channels for submissions and correspondence, and reference your application or licence number in communications.

Conclusion
– Undertaking sanctioned activity requires rigorous compliance, transparent governance, and a proactive approach to risk management. By carefully preparing your submission, aligning with the principles outlined in this guidance, and maintaining robust ongoing controls, organisations can navigate the licensing process more efficiently and operate within the bounds of the law.

If you would like, I can tailor this draft to fit a specific industry sector, provide a checklist you can reuse for submissions, or adjust the tone for a formal government-facing blog versus an industry-focused publication.

April 23, 2026 at 12:26PM
OTSI 如何评估贸易制裁许可证的申请
https://www.gov.uk/guidance/how-otsi-assesses-application-for-trade-sanctions-licences
本指南适用于提交给 OTSI 的申请，旨在寻求许可以开展与服务及货物相关的受制裁活动。

阅读更多中文内容： 面向OTSI许可申请的实务指南：服务与货物相关的制裁性活动许可