EU 21st Sanctions Package on Russia: Three Scenarios Compliance Teams Should Pre-Stage Before Adoption (June–July 2026)

On 24 April 2026, the day after the Council of the European Union formally adopted the 20th sanctions package on Russia, High Representative Kaja Kallas told reporters in Luxembourg that work on the 21st package would begin immediately, that member states had been invited to put forward proposals on a "rolling basis" rather than wait for another grand bargain, and that previously blocked "red lines" — the maritime services ban above all — would be revisited.[1][2] Pre-coverage in Politico Europe, Reuters, S&P Global Commodity Insights, Euromaidan Press and the Ukrainian outlet ain has since converged on a late-June or early-July 2026 adoption window, with three named focus areas: an expansion of the shadow-fleet vessel list, an additional round of third-country financial-institution and crypto-asset service provider designations, and the long-deferred maritime services ban for vessels carrying Russian crude.[3][4][5][6][7] As of the day this briefing publishes, the legal instrument has not appeared in the Official Journal of the European Union. Every forward-looking claim that follows is hedged and sourced. The purpose of the briefing is not to predict what the 21st package will contain — we cannot — but to walk EU compliance teams through three named scenarios for what it could plausibly contain, the case-patterns those scenarios would activate, and the operational pre-staging that the 30-day implementation window will likely make unavoidable from the moment the Council press release lands.

A stylised composite showing the EU Council building in Brussels overlaid with a calendar marking late June and early July 2026, set against silhouettes of shadow-fleet tankers and crypto-exchange terminal interfaces.
Composite illustration: the EU 21st sanctions package adoption window. Pre-coverage from Politico Europe, Reuters, S&P Global and Euromaidan Press points to late-June or early-July 2026, with shadow-fleet expansion, third-country CASP designations, and a long-deferred maritime services predicate as the most-discussed focus areas. None has been confirmed in legal text as of publication.

TL;DR

The EU's 21st sanctions package on Russia is expected to be adopted in late June or early July 2026, building on the 20th package adopted 23 April 2026.[1][3][4] Pre-coverage points to three focus areas: shadow-fleet vessel-list expansion (with attention on Sovcomflot-successor tankers operating under newly incorporated Hong Kong, UAE and Indian shell-owners), additional third-country CASP and financial-institution designations (with attention on Kazakhstan, Kyrgyzstan, the UAE, Türkiye and Hong Kong), and tightening of the Article 5bb residency and "establishment" test introduced by the 20th package's CASP prohibition. A full maritime services ban for Russian-crude tankers remains G7-conditional and Greece-, Malta- and Cyprus-objected.[8][9] This briefing presents three named scenarios — a "Maritime-First" expansion, a "CASP-Anti-Circumvention" expansion, and a "Financial-Institution Sweep" expansion — with three anonymised case-pattern reconstructions: a Kazakh CASP already routing Russian-counterparty volume, a Hong Kong-flagged Sovcomflot-successor tanker, and a UAE free-zone operator on the OFAC SDN but not yet on the EU OJ. We close with the operational reading every EU CASP, every EU credit institution and every shadow-fleet exposed insurer should pre-stage in the 30-day window between adoption and entry into force, what the package almost certainly will not do, and the limits of this analysis. Nothing here should be read as a confirmed account of the package's contents.

What we know, what we do not, and how confidently we know it

The factual record on the EU 21st package, as it stood at the date of this briefing, is narrow. Kallas's 24 April 2026 statement at the Foreign Affairs Council press conference confirmed the existence of the workstream, the rolling-basis approach, and the intention to revisit blocked measures.[1][2] Sweden's foreign minister Maria Malmer Stenergard called publicly for a 21st package containing "even tougher" measures against Russian energy exports, including a services ban on all ships leaving Russian ports with oil, gas or coal.[10] S&P Global Commodity Insights reported on 24 April 2026 that the European Commission would prepare the 21st package and revisit previously blocked Russia sanctions.[3] Politico Europe reported on or about 11 May 2026 that the package would target the shadow fleet, banks, and firms involved in selling stolen Ukrainian grain.[4] Euromaidan Press and the Ukrainian aggregator ain picked up the Politico reporting and added detail on the maritime services ban's status, identifying Greece, Malta and Cyprus as the principal coastal-state objectors and noting that the post-election change of government in Hungary — the rise of Peter Magyar — had created "new momentum" for measures that Viktor Orban had previously blocked.[4][5][7][11]

Beyond these data points the record is interpretive. Law-firm briefings from Skadden, Mayer Brown, Herbert Smith Freehills Kramer, Latham & Watkins and Morgan Lewis published since the 20th package have offered "outlook" sections that, in substance, extrapolate from the EU's revealed pattern of escalation across the 18th, 19th and 20th packages.[12][13][14][15] The KSE Institute Sanctions Team's 2026 recommendations, the Yermak-McFaul International Working Group on Russian Sanctions outputs, and the Centre for Research on Energy and Clean Air's monthly fossil-fuel tracker have produced policy recommendations that the European Commission has historically converted into package elements with a lag of two to four packages.[16][17][18][19] Chainalysis, TRM Labs and Elliptic have flagged third-country CASP designation risk — Central Asia, the Caucasus, the UAE — as the most likely crypto-side expansion.[20][21][22]

The forward-looking claims in the sections that follow are all derived from this interpretive record. They are not assertions of fact about the 21st package's contents. We use the form "likely", "according to pre-coverage in [outlet]", "if the 21st package follows the 20th's structure" advisedly throughout, and we flag explicit hedges where any particular claim crosses from extrapolation into speculation. The reader who needs a confirmed account should wait for the Council press release and the Official Journal text and read this briefing alongside.

Scenario one: maritime-first expansion

The maritime-first scenario, the one most directly aligned with the Kallas statement and the Swedish foreign minister's call, would centre the 21st package on shadow-fleet vessel-list expansion, on additional Sovcomflot-successor and grain-trade designations, and on as much of the long-deferred maritime services ban as the Council can agree against the Greek, Maltese and Cypriot objections.[1][9][10] The shape of this scenario, if it materialises, is foreshadowed by the 20th package's own structure: 46 shadow-fleet tankers listed (bringing the EU cumulative count above 600 vessels, with the EU now having designated approximately two-thirds of Russia's identified shadow-fleet population against OFAC's approximately 40 percent), a transaction ban on a major Russian maritime insurer, and the politically-sealed but practically-deferred services ban awaiting G7 alignment.[8][23]

If the 21st package extends the maritime perimeter, the most plausible additions, drawn from CREA monthly tracker forecasts and KSE Institute analytic notes, are: an additional tranche of shadow-fleet vessel listings (KSE has identified ranges that would close the gap between the EU's roughly 600-vessel cumulative count and the actual operational shadow-fleet population estimated by independent trackers); designations of vessels and front companies associated with the export of stolen Ukrainian grain from temporarily occupied Black Sea and Sea of Azov ports (a category Politico Europe identifies as a stated priority); designations of additional protection-and-indemnity insurers and brokers, ship-management companies, and flag-state registries documented as continuing to provide services to listed shadow-fleet tankers; and a transaction ban or asset-freeze extension reaching the Sovcomflot corporate group and its post-2022 successor structures — including the single-vessel-owner shell entities incorporated in Hong Kong, the UAE and India that have absorbed nominal ownership of vessels previously flagged to Sovcomflot.[18][19][24][25]

The CREA April 2026 monthly analysis put the shadow-fleet share of Russia's seaborne oil exports at 54 percent in April 2026 — the highest share on record — up from 48 percent in March, with sanctioned shadow-fleet tankers responsible for the highest share of Russia's fossil-fuel exports CREA has measured.[18] This trajectory, combined with the 20th package's first listing of Sovcomflot vessels and the European Commission's first explicit reach into shadow-fleet enabler entities, makes the maritime-first scenario the highest-probability of the three discussed here. The full maritime services ban — insurance, port access, ship management, classification — remains G7-conditional and is unlikely to appear in its comprehensive form in the 21st package; what is plausible is a further set of partial extensions and individual designations rather than the bloc-wide services prohibition the Swedish foreign minister has called for.

A horizontal bar chart showing the cumulative count of EU-listed shadow fleet tankers by sanctions package from the 14th (2024) through the projected 21st (2026), overlaid with the CREA-measured shadow-fleet share of Russian seaborne oil exports rising from approximately 35% in late 2024 to 54% in April 2026.
EU cumulative shadow-fleet vessel listings by sanctions package, alongside the CREA-measured shadow-fleet share of Russia's seaborne oil exports. The 20th package brought the EU cumulative count above 600 vessels; the projected 21st-package expansion (dashed range) is interpretive and not confirmed in legal text. Source: Council of the EU press releases, CREA monthly tracker, KSE Institute, our 287-tanker baseline dataset.

Scenario two: CASP anti-circumvention expansion

The CASP anti-circumvention scenario would centre the 21st package on the third-country crypto-asset service provider perimeter, on tightening the Article 5bb "established in Russia" test introduced by the 20th package, and on additional designations of issuance and redemption infrastructure for ruble-pegged stablecoins.[20][21] The Chainalysis, TRM Labs and Elliptic reaction notes to the 20th package were consistent in flagging Central Asia, the Caucasus, the UAE and Hong Kong as the jurisdictions in which the next generation of designations would most plausibly land.[20][21][22] The 20th package's designation of the Kyrgyz exchange Meer (TengriCoin) as a primary trading venue for A7A5 was the EU's first explicit reach into a third-country CASP under the Russia regime; pre-coverage from ain and Euromaidan Press has identified additional designations as one of the discussed priorities for the 21st package.[5][7][22]

If the 21st package follows the 20th's structure on the CASP perimeter, the most plausible additions are: an expansion of the third-country CASP designation list to cover additional exchanges in Kazakhstan and Kyrgyzstan that have advertised Russian-counterparty trading pairs (the Kazakh and Kyrgyz crypto licensing regimes have produced a public population of licensed operators against which the Chainalysis Discovery, TRM Labs Beacon and Elliptic Lens attribution datasets can be cross-referenced); designations targeting UAE free-zone operators — particularly DMCC, ADGM and DIFC entities — that have appeared in OFAC press releases or in the published Reuters, Financial Times and Bloomberg reporting on stablecoin-corridor enabler firms; a tightening of the Article 5bb "established in Russia" test to clarify treatment of entities whose corporate form is in a third country but whose management, principal place of business, treasury operations, or governance footprint is in fact in the Russian Federation; and possible designation of additional ruble-pegged stablecoin issuance and redemption venues beyond the A7A5 / Old Vector / A7 LLC perimeter the 20th package reached.[20][21][22][26]

The probability distribution within this scenario is uneven. Additional third-country CASP designations are high-probability given the EU's revealed preference for incremental, list-based expansion of a previously sectoral measure (the same pattern that emerged across the 19th and 20th packages). Tightening of the establishment test is medium-probability; it is more likely to come through European Commission FAQ guidance under the existing Article 5bb than through new legal text in the 21st package. Designation of additional stablecoin issuance infrastructure is medium-probability and depends substantially on whether the analytics vendors have produced attribution that satisfies the Council's evidentiary threshold. A comprehensive prohibition on non-custodial DEX aggregators and MEV infrastructure operated by Russia-based teams is unlikely in the 21st package — it is one of the harder definitional questions identified in the early law-firm analysis of Article 5bb and will more plausibly be addressed through Commission FAQ guidance over multiple packages.

Scenario three: financial-institution sweep

The financial-institution sweep scenario would centre the 21st package on additional Russian credit-institution transaction bans, on the third-country bank perimeter the 19th package opened and the 20th extended, and on coordination signals between the sanctions regime and the EU Anti-Money Laundering Authority that becomes operationally responsible for direct supervision of high-risk obliged entities on 1 July 2026 — the same window in which the 21st package is expected to be adopted.[27][28] Pre-coverage from Politico Europe, ain and Euromaidan Press has consistently identified additional Russian banks and "financial institutions" as targets, and the 20th package's transaction ban on twenty Russian banks plus additional Belarusian, Kazakh and Kyrgyz institutions provides the structural baseline.[4][5][7][29]

If the 21st package follows the 19th and 20th's pattern on financial institutions, the most plausible additions are: a transaction ban or asset-freeze extension reaching the remaining mid-tier Russian credit institutions not already captured (the perimeter has progressively expanded from the original ten major banks of 2022 through to the twenty-bank transaction ban of the 20th package, with the residual population identified in KSE Institute monitoring); additional third-country bank designations in Kazakhstan, Kyrgyzstan, the UAE and Türkiye where the institution has been documented as supporting Russian-counterparty SPFS or alternative-messaging payment flows; possible reach into payment-system operators and settlement infrastructure beyond the Bank of Russia's SPFS (the EU's preemptive ban on digital ruble transactions reached the Bank of Russia's CBDC infrastructure as of the 20th package; the 21st package could plausibly extend to commercial bank infrastructure that bridges into SPFS); and AMLA-coordination signals making explicit that the sanctions screening obligations and the AML / CFT supervision regime are to be evaluated against an integrated documented analytic record.[16][17][27][29]

The AMLA timing coincidence is operationally significant. AMLA's direct-supervision selection process — the first 40 obliged entities to be designated by 1 July 2027 — is intended to focus on the highest-risk concentrations of cross-border activity, including (by AMLA's stated criteria) entities exposed to high-risk-jurisdiction counterparties.[27] A CASP, payment institution or credit institution whose post-21st-package counterparty list includes designated third-country CASPs and banks will, by AMLA's own selection criteria, be near the front of the queue for the direct-supervision shortlist. The 21st package, even if it makes no explicit AMLA-coordination provision, will likely shape the AMLA selection in this way. A bloc-wide ban on the use of the SWIFT financial-messaging network for the small residual set of non-listed Russian credit institutions is unlikely in the 21st package — it requires unanimity and has been consistently blocked by member states with material trade exposure.

A three-column comparison diagram showing the Maritime-First, CASP Anti-Circumvention and Financial-Institution Sweep scenarios side by side, with each column listing likely additions, probability assessment, and the most exposed compliance populations.
Three named scenarios for the EU 21st sanctions package on Russia. Each column lists the most plausible additions (drawn from published pre-coverage), the relative probability assessment, and the EU compliance populations most exposed. None has been confirmed in legal text as of publication.

What the 21st package will almost certainly not do

The EU's revealed preferences across nineteen previous Russia sanctions packages place a definable floor and ceiling on what the 21st package can contain. The floor is the package's continuity with the existing regime; the ceiling is the qualified-majority arithmetic of the Council and the unanimity threshold for certain category-defining measures. Five things the 21st package is unlikely to do, with the published basis for each:

  • Impose OFAC-style secondary sanctions. The EU has consistently declined to adopt the US instrument of secondary sanctions — the threat to designate non-EU persons for material support to sanctioned Russian counterparties. The Skadden 2026 outlook and the Mayer Brown and Herbert Smith Freehills Kramer trackers all flag this as a stable EU red line, not a position the 21st package is likely to overturn.[12][13][14]
  • Impose a bloc-wide SWIFT cut for residual Russian credit institutions. Cutting the small residual set of non-listed Russian banks from SWIFT requires unanimity and has been consistently blocked by member states with material trade exposure. The 21st package is more likely to use the existing transaction-ban mechanism on additional named institutions than to reach for the cross-cutting messaging measure.[14][29]
  • Extend personal asset freezes to Russian-citizen dual nationals holding EU residence permits issued after February 2022. The EU's residency-based regime, as documented in the 20th package's CASP carve-outs, is narrowly drafted and the political appetite to broaden it to a citizenship-based regime is absent. The 21st package is more likely to clarify the existing carve-out edges than to broaden the underlying personal-jurisdiction reach.[12][15][30]
  • Impose a comprehensive ban on EU citizens providing professional services inside Russia. The existing prohibitions on EU-provided legal, accounting, tax and management consulting services in Russia carry carve-outs that have proven durable; broadening these in the 21st package would face member-state objection from jurisdictions with significant remaining services exposure.[12][14]
  • Resolve the non-custodial DEX, DEX aggregator and MEV-infrastructure question definitively. The definitional questions about whether Article 5bb's "established in Russia" test reaches non-custodial smart-contract infrastructure deployed to public chains are likely to be addressed through European Commission FAQ guidance over multiple packages rather than through new legal text in the 21st package.[20][22][26]

Methodology: what this briefing is and is not

This briefing is a pre-adoption, scenario-based open-source analysis of the EU 21st sanctions package. We have not seen the legal text; the legal text does not yet exist in public form. We have read, cross-referenced, and synthesised the pre-coverage and analytic record. Where a forward-looking claim is made, it is hedged. Where the published record is in tension, we have flagged the tension. Where a claim crosses from extrapolation into speculation, we have said so explicitly. We have not contacted EU institutions for comment, we have not received any briefing under embargo, and we have not been told what the 21st package will contain.

Source perimeter

  • EU primary sources: Council of the EU press release 284/26 of 23 April 2026 (20th package adoption); the EEAS press conference transcript for Kaja Kallas at the Foreign Affairs Council, 24 April 2026; the Council of the EU sanctions timeline page.[1][2][29]
  • Pre-coverage: S&P Global Commodity Insights, 24 April 2026; Politico Europe, May 2026; Euromaidan Press, 11 May 2026; ain, 11 May 2026; Hromadske aggregation of Politico; Euronews 23 April 2026 (maritime services on hold); Lloyd's List 2026 (EU pursuit of shadow-fleet facilitators).[3][4][5][6][7][8][9][31]
  • Legal analysis: Skadden 2026 outlook; Mayer Brown 20th-package note and monthly Russia/Ukraine updates; Herbert Smith Freehills Kramer sanctions tracker; Latham & Watkins sanctions update; Morgan Lewis 20th-package analysis; Trade Compliance Resource Hub; Baker McKenzie Global Sanctions and Export Controls Blog.[12][13][14][15][32][33][34]
  • Independent tracking: CREA monthly fossil-fuel tracker (March and April 2026); KSE Institute Russian Oil Tracker and Sanctions Team analytics; Yermak-McFaul International Working Group on Russian Sanctions; OpenSanctions consolidated dataset.[16][17][18][19][35]
  • On-chain analysis: Chainalysis 20th-package reaction note; TRM Labs 20th-package note; Elliptic 20th-package note; the published Garantex / Grinex / A7A5 deep-dives from each vendor.[20][21][22]
  • Maritime / shadow-fleet attribution: Lloyd's List; Maritime Executive; Windward 20th-package analysis; the Ukrainian Defence Intelligence (HUR) War Sanctions shadow-fleet dataset; our own 287-tanker briefing and the underlying shadow-fleet dataset.[24][25][36][37]

Case A — Anonymised: the Kazakh CASP already routing Russian-counterparty volume

The first case-pattern reconstruction is anonymised and structural rather than entity-specific. It describes a population of Central Asian crypto-asset service providers that share three features observable in the published Chainalysis, TRM Labs and Elliptic reporting and in the regulatory disclosures of the Astana International Financial Centre (AIFC) and the Kyrgyz crypto-licensing regime: (a) a corporate domicile in a Central Asian jurisdiction that is not currently subject to EU sectoral sanctions; (b) advertised or attributed trading volume in stablecoin pairs against the rouble or against ruble-pegged stables (A7A5 and successors); and (c) a documented or attributed nexus with Russian-resident or Russian-controlled counterparties, whether through KYC residency self-attestation, through corporate-form intermediaries, or through on-chain settlement clusters identified by the analytics vendors.[20][21][22]

For an EU CASP whose inter-CASP transfer flows touch this population, the pre-21st-package status is that the Central Asian counterparty is not on the EU consolidated sanctions list, is not (in the typical case) on the OFAC SDN, and is not directly captured by the Article 5bb "established in Russia" test. The counterparty is, however, captured by the EU Transfer of Funds Regulation's zero-EUR threshold for inter-CASP originator/beneficiary verification, by the EU CASP's MiCA enhanced-due-diligence obligations, and by the AMLR risk-assessment framework as a high-risk-jurisdiction counterparty.[27] The 21st package, if it follows the Meer / TengriCoin precedent of the 20th, would convert a documented analytic risk into a formal listing — bringing the counterparty inside the consolidated sanctions perimeter and requiring the EU CASP to wind down the relationship within the 30-day implementation window.

The operational reading for the EU CASP is that the work is the same on either side of the 21st-package adoption: pull the inter-CASP transfer history; map each counterparty CASP's establishment, regulatory licensing, and beneficial-ownership chain; cross-reference against the consolidated EU and OFAC records and against the analytics-vendor attribution datasets; and document the file. The methodology page we maintain at CASP Under MiCA walks the regulated-entity perimeter; the OFAC 50-Percent Rule methodology page walks the ownership-chain test that captures the Russian-principal-through-Central-Asian-vehicle pattern. The work product is the documented basis for the EU CASP's decision to continue, restrict or wind down the counterparty relationship.

Case B — Anonymised: the Hong Kong-flagged Sovcomflot-successor tanker

The second case-pattern reconstruction is also anonymised and addresses the Sovcomflot-successor population whose corporate ownership has transferred from the listed Russian state-owned shipping conglomerate to newly incorporated single-vessel-owner shell entities in Hong Kong, the UAE and (in some cases) India.[24][25][37] The pattern, documented in Lloyd's List, Maritime Executive, Windward and Fleetleaks reporting, has a stable structure: a vessel previously flagged Russian and operated under Sovcomflot management is transferred (sometimes through interim trades to Indian or UAE intermediaries) to a Hong Kong-incorporated single-vessel-owner company, often with a registered office in a serviced-office facility, often with shared directors across a population of similar single-vessel entities, often with no public AIS history pre-transfer.[24][25][37] The vessel continues to lift Urals crude from Russian Black Sea, Baltic or Arctic ports; the off-take and on-take patterns, where AIS data is reliable, continue to match the pre-transfer trade lanes.

For an EU compliance team — whether a credit institution underwriting the trade finance, a protection-and-indemnity insurer providing cover, a chartering desk providing a vessel, or a port authority granting berth — the pre-21st-package status of this vessel population is uneven. Where the vessel itself appears on the EU OJ shadow-fleet list (now above 600 vessels cumulative) the position is clear. Where the vessel does not, the Article 3a / 3g maritime provisions, the existing Sovcomflot designation, the EU 50-Percent ownership rule, and the published analytic record interact in a way that requires documented assessment rather than a single screening result. The 20th package's reach into a maritime insurer was the EU's first explicit enabler-tier extension; the 21st package, if it follows that pattern, would plausibly extend further into the P&I insurer, broker, ship-management and registry population.[8][23][24]

The operational reading for the EU exposed party is to maintain a per-vessel documentation file that tracks: the vessel's IMO number and the named registry (matched against the EU consolidated list); the ownership chain back to the most recent identifiable principal (matched against the EU consolidated list and the Sovcomflot ownership tree); the management company, the technical management company, the classification society, and the flag state (each matched against the consolidated list and the published enabler-entity record); the AIS history including gaps, spoofing patterns and STS-transfer locations; and the documented basis for the EU exposed party's decision. Our internal Shadow Fleet IMO Lookup tool produces the per-vessel snapshot against the cumulative EU listed population; the underlying shadow-fleet tankers dataset is the comparison perimeter. The methodology approach is the one our 287-tanker briefing documented at length.

A network diagram showing a single Aframax tanker's ownership transfer from Sovcomflot through an Indian intermediate buyer to a Hong Kong-incorporated single-vessel shell company, with the management company in the UAE, the classification society in a non-IACS registry, and the flag state in a flag-of-convenience jurisdiction, against a backdrop of the Black Sea trade route.
Reconstructed ownership-and-management architecture of a Sovcomflot-successor tanker. The single-vessel-owner shell pattern in Hong Kong, the UAE and India has been documented across Lloyd's List, Maritime Executive, Windward and the GUR War Sanctions dataset. The 20th package's first reach into maritime insurers signals the enabler-tier extension the 21st package may further expand.

Case C — Anonymised: the UAE free-zone operator on OFAC SDN but not yet on EU OJ

The third case-pattern reconstruction addresses the gap between the OFAC SDN and the EU consolidated sanctions list that opens whenever the US designates a third-country enabler — typically a UAE free-zone trading or financial-services entity — and the EU has not (yet) mirror-listed. The gap is structural: the OFAC and EU designation processes operate on different cadences, against different evidentiary thresholds, and produce different perimeter coverages. The published record of this gap is consistent across the 2024 and 2025 OFAC actions against UAE-incorporated enabler entities — B-Crypto, the Tashkent and Almaty-corridor operators, the Hayat Tahrir al-Sham crypto-bridge cases, the more recent August 2025 actions on the A7 LLC / Old Vector cluster — many of which carried partial EU mirror-listings in the subsequent EU package but produced an interim window in which an EU CASP, bank or counterparty would screen the UAE entity against the EU list, get a clean result, and continue the relationship while the OFAC SDN flag was already live.[20][21][26][38]

For an EU exposed party transacting with a UAE entity that is on the OFAC SDN but not on the EU OJ, the position is interpretively complex. The US designation creates secondary-sanctions exposure for the EU party only if the EU party transacts through US-dollar correspondent banking or otherwise enters US jurisdiction; the EU's own consolidated sanctions list does not capture the entity directly; the EU 50-Percent ownership rule may capture the entity indirectly through Russian-principal ownership chains; the FATF and EU high-risk-jurisdiction designations of the UAE bear on the EU party's AMLR obligations; and the entity may move from "OFAC-only" to "EU-and-OFAC" status when the next package adopts. The 21st package's CASP anti-circumvention expansion scenario would specifically close this gap on the third-country CASP perimeter; whether it closes the gap on the broader trading-entity perimeter depends on the package's reach.[26][38]

The operational reading for the EU exposed party is to treat the OFAC-only status as a high-risk indicator on its face and to construct the analytic file as if the EU mirror-listing were imminent. Our OFAC General License diff tracker produces the side-by-side view of authorisation changes around US designations; the OFAC General License methodology page walks the wind-down authorisation analysis the OFAC-only status typically requires. The companion analysis on the indirect-ownership-rule architecture sits in our 50-Percent Rule briefing.

The 30-day implementation window: what to pre-stage now

The 20th package's 30-day implementation window between Council adoption (23 April 2026) and Article 5bb entry into force (24 May 2026) demonstrated, at industry scale, that thirty days is operationally tight for AML / sanctions transaction-monitoring re-tuning, model-risk-management validation, and counterparty documentation. The 21st package, if adopted on the late-June or early-July 2026 timetable suggested by the pre-coverage, will produce the same 30-day pressure in roughly the same window in which AMLA assumes operational responsibility for direct supervision of high-risk obliged entities.[27][28] The compliance teams that pre-stage during the window between this briefing's publication and the Council's formal adoption will have the operational margin that the 20th-package experience showed teams that waited for the Council press release did not.

The pre-staging falls into four work-streams, each producing a defensible documentary record that survives the package adoption regardless of which scenario materialises.

For every EU CASP, OTC desk and DeFi onramp: inventory inter-CASP transfer counterparties from the last 180 days by counterparty CASP's establishment jurisdiction; segment the inventory into three exposure bands (high: Central Asian, Caucasus, UAE, Türkiye, Hong Kong counterparties with attributed Russian-counterparty trading; medium: same jurisdictions without attributed Russian nexus; low: EU-domiciled and other-OECD counterparties); map each high-band counterparty's regulatory licensing, ultimate beneficial ownership chain, and on-chain attribution against the Chainalysis Discovery, TRM Labs Beacon and Elliptic Lens datasets that your provider licences; produce the per-counterparty file. Treat the result as the work product the regulator will ask to see in a Day-30 enforcement review.

For every EU credit institution with Russia-corridor exposure: review the residual SPFS and alternative-messaging payment-flow population for counterparty bank establishment; cross-reference the 19th and 20th packages' third-country bank designation perimeter (Belarusian, Kazakh, Kyrgyz, Türkmen institutions captured to date) against the institution's correspondent and counterparty banking population; pre-stage wind-down documentation for the population the 21st package's financial-institution sweep scenario would most plausibly add; produce the per-counterparty exposure file; ensure AMLA-readiness on the broader sanctions-and-AML integrated documentation expected once direct supervision begins.[27]

For every EU shadow-fleet exposed party — insurers, brokers, charterers, port authorities: maintain the per-vessel IMO file as documented in Case B above; cross-reference the vessel population against the EU cumulative shadow-fleet listed perimeter, against the CREA April 2026 attributed population, against the Ukrainian HUR War Sanctions dataset, and against the Lloyd's List, Maritime Executive and Fleetleaks reporting; pre-stage decision documentation for the enabler-tier extension the 21st package may further reach into.[18][24][25][36][37]

For all three populations: ensure board-level visibility on the pre-staging activity; ensure the analytic record is reviewable, dated, and produced before the Council press release lands; ensure the operational risk framework reflects the post-21st-package compliance perimeter as a planning baseline rather than as a reactive position.

A Gantt-style chart showing the 30-day implementation window from expected Council adoption in late June or early July 2026 to entry into force in late July or early August, overlaid against the AMLA direct-supervision transition starting 1 July 2026, and the four work-streams of CASP inventory, credit-institution review, shadow-fleet per-vessel file, and board documentation.
The 30-day implementation window for the expected EU 21st sanctions package, overlaid against the AMLA direct-supervision transition starting 1 July 2026 and the four pre-staging work-streams every exposed EU compliance team should run before the Council press release lands. Sources: Council of the EU pattern from 18th, 19th and 20th packages; AMLA regulation and EBA transition documentation; our own engagement experience.

Limitations of this investigation

Six categories of fact are not visible from open sources at the date of this briefing, and an honest account of the uncertainty:

  • The legal text of the 21st package itself. The package has not been adopted at publication. Every forward-looking claim in this briefing is hedged. The actual text, when it appears in the Official Journal, may differ substantially from the published pre-coverage.
  • The G7 maritime-services-ban coordination state. Whether the maritime services ban moves from the EU's "agreed in principle, deferred in practice" position to operational reality depends substantially on G7 coordination that is not publicly visible.[8][9]
  • The Council's qualified-majority arithmetic post-Hungarian election. The pre-coverage from ain and Euromaidan Press references a post-election change of government in Hungary creating new momentum on previously blocked measures.[5][7][11] Whether that momentum translates into Council votes on specific 21st-package measures is interpretive; we have not verified the underlying arithmetic.
  • The European Commission FAQ pipeline. The Commission's FAQ guidance on the 20th package's Article 5bb has not yet been published in full; the 21st package's reach into the non-custodial DEX, MEV-infrastructure and dual-national edge-case questions will depend substantially on Commission interpretive guidance that is not visible in advance of publication.[20][21][22]
  • The analytics-vendor attribution datasets. Chainalysis Discovery, TRM Labs Beacon and Elliptic Lens are commercial products with non-public attribution coverage. Our characterisations rely on the vendors' published reporting; the underlying cluster attribution that the vendors have produced for in-scope third-country CASPs and stablecoin issuers is partially visible to subscribers and not visible to open-source investigators.
  • AMLA's selection criteria for the first 40 obliged entities. AMLA's stated criteria for direct-supervision selection emphasise high-risk-jurisdiction exposure, but the specific weights, thresholds and methodology have not been published in full. The interaction between the 21st-package designation perimeter and the AMLA selection is foreseeable in direction but not in detail.[27]

Closing note

The Council's 24 April 2026 statement that the 21st package's work would proceed on a rolling basis rather than wait for another grand bargain was, on its face, a procedural observation about Brussels working methods. It was also, in substance, a statement about how the EU sanctions regime against Russia is converging towards a continuous-update model in which the difference between one "package" and the next is one of vehicle rather than of policy direction. The 20th package's Article 5bb sectoral CASP prohibition was the bloc's recognition that list-based work alone cannot keep pace with the Garantex-to-Grinex pattern; the 21st package, on every published indication, will be the bloc's next attempt to close the perimeter the 20th package left open. The work for the EU CASP, credit institution, insurer and port authority — the work documented in Cases A, B and C above — is the same on either side of the package adoption: reconstruct the counterparty's pattern of life from open sources, reconstruct its ownership chain from public registries and on-chain attribution, verify its establishment against the relevant test, and document the file.

What this briefing cannot do is tell the EU compliance team which counterparties will be on the 21st-package list when the Council press release lands. What it can do is identify the populations from which the list will most plausibly be drawn, the pre-staging that will produce the operational margin the 20th-package experience showed was scarce, and the analytic record that will be reviewable by both the sanctions regulator and the incoming AMLA direct-supervision regime. The package is coming; the work is the same; the margin is in the pre-staging. This briefing will be updated to reflect the actual legal text when it is published.

Companion investigations: The maritime channel for Russian export-revenue capture is mapped in Russia's Shadow Fleet: 287 Sanctioned Tankers. The crypto channel under the EU 20th package's CASP ban is mapped in EU Crypto Sanctions on Russia: The CASP Ban, Decoded. The banking channel and the post-Cyprus exodus is mapped in Cyprus to UAE: The 18.4B Russian Deposit Exodus. The corporate-ownership architecture under all three is examined in The OFAC 50-Percent-Rule Loopholes.

Methodology references: CASP under MiCA plain-English explainer · OFAC 50-Percent Rule · OFAC General Licenses. Pair with our Shadow Fleet IMO Lookup for per-vessel screening and the OFAC GL Diff Tracker for authorisation-change comparisons. The underlying Russia shadow-fleet tankers dataset is the per-vessel comparison perimeter.

Methodology disclosure

This briefing relies exclusively on public sources: the Council of the EU press release on the 20th package; the EEAS press conference transcript for the 24 April 2026 Foreign Affairs Council; pre-coverage by S&P Global Commodity Insights, Politico Europe, Euromaidan Press, ain, Hromadske, Euronews, Lloyd's List, Maritime Executive, GreekReporter and the Financial Times; legal analysis by Skadden, Mayer Brown, Herbert Smith Freehills Kramer, Latham & Watkins, Morgan Lewis, the Trade Compliance Resource Hub and Baker McKenzie; on-chain analysis by Chainalysis, TRM Labs and Elliptic; the CREA monthly fossil-fuel tracker; the KSE Institute Russian Oil Tracker and Sanctions Team outputs; the Yermak-McFaul International Working Group documentation; the Ukrainian HUR War Sanctions shadow-fleet dataset; and OpenSanctions. Where a forward-looking claim was made we hedged it. Where the published record was in tension we flagged the tension. Where a claim crossed from extrapolation into speculation we said so explicitly. We have not contacted EU institutions for comment, have received no briefing under embargo, and have not been told what the 21st package will contain.

Sources and further reading

  1. Russia's war of aggression against Ukraine: 20th round of stern EU sanctions. Council of the EU press release 284/26, 23 April 2026.
  2. Foreign Affairs Council: Press conference by High Representative Kaja Kallas. European External Action Service, 24 April 2026.
  3. EU to revisit blocked Russia sanctions, prepare 21st package: EC. S&P Global Commodity Insights, 24 April 2026.
  4. EU's 21st Russia sanctions package will target the shadow fleet, banks, and firms selling stolen Ukrainian grain — Politico. Euromaidan Press, 11 May 2026.
  5. EU prepares 21st sanctions package against Russia. Shadow fleet and banks in focus. ain, 11 May 2026.
  6. Finance and the shadow fleet. The EU is preparing the 21st package of sanctions against Russia. online.ua, May 2026.
  7. EU prepares 21st Russia sanctions package targeting shadow fleet, banks and stolen grain trade — Politico. Hromadske, May 2026.
  8. EU agrees fresh sanctions on Russia but leaves maritime services ban on hold. Euronews, 23 April 2026.
  9. Greece, Cyprus, Malta Block Tougher Maritime Restrictions in EU's 20th Russia Sanctions. GreekReporter, May 2026.
  10. EU adopts 20th sanctions package against Russia. Government of Sweden press release, April 2026 (Stenergard 21st-package call).
  11. EU prepares new sanctions package targeting Russia's shadow fleet. NV / New Voice of Ukraine, May 2026.
  12. The Sanctions Puzzle: 10 Key Areas To Watch in 2026 and Beyond. Skadden, November 2025.
  13. EU Adopts 20th Package Against Russia and Parallel Sanctions on Belarus. Mayer Brown, 24 April 2026.
  14. Sanctions Tracker: EU's 20th sanctions package targets energy revenues, the shadow fleet and financial circumvention. Herbert Smith Freehills Kramer, May 2026.
  15. EU Adopts 20th Russia Sanctions Package. Skadden, 5 May 2026.
  16. KSE Institute Sanctions Team. Kyiv School of Economics.
  17. Strengthening Sanctions Against the Russian Federation. KSE Sanctions / Yermak-McFaul Working Group.
  18. April 2026 — Monthly analysis of Russian fossil fuel exports and sanctions. Centre for Research on Energy and Clean Air (CREA).
  19. Russian Oil Tracker — April 2026. KSE Institute.
  20. EU's 20th Russia Sanctions Package. Chainalysis, April 2026.
  21. EU Adopts 20th Sanctions Package on Russia. TRM Labs, April 2026.
  22. The EU's 20th sanctions package targets the architecture of crypto sanctions evasion. Elliptic, April 2026.
  23. 19th package of sanctions against Russia: EU targets Russian energy, third-country banks and crypto providers. Council of the EU, 23 October 2025.
  24. EU sanctions plan will complete Russia's shift into the shadow fleet. Lloyd's List.
  25. EU Details Its First Sanctions Targeting Specific Ships and Sovcomflot. Maritime Executive.
  26. EU's largest measures against Russia yet include escalation of crypto sanctions evasion. CoinDesk, 27 April 2026.
  27. 20th package of sanctions against Russia — AMLA, AMLR and integrated supervision. EU Sanctions Compliance Helpdesk.
  28. European Banking Authority — AMLA mandate transfer and direct-supervision selection criteria. EBA (transition completed January 2026; AMLA operational 1 July 2026).
  29. Timeline — EU sanctions against Russia. Council of the EU.
  30. Council extends economic sanctions for a further 6 months. Council of the EU, 22 December 2025.
  31. EU pursuit of shadow fleet facilitators could result in flag hopping surge. Lloyd's List.
  32. Sanctions Update: EU and UK Tighten Restrictions on Russian Oil. Latham & Watkins.
  33. EU Adopts 20th Sanctions Package Against Russia, Expands Anti-Circumvention Efforts. Morgan Lewis, May 2026.
  34. EU's 20th Sanctions Package on Russia. Trade Compliance Resource Hub, 24 April 2026.
  35. OpenSanctions consolidated sanctions dataset.
  36. Shadow Fleet — War & Sanctions. Ukrainian Defence Intelligence (HUR).
  37. 178 Sanctioned Oil Tankers Renamed to Evade Detection. Fleetleaks, 2026.
  38. Treasury Designates Russian Companies Supporting Sanctions Evasion Through Virtual Asset Services. U.S. Department of the Treasury press release JY2204 (B-Crypto / Rosbank, third-country enabler architecture).

Need pre-staged 21st-package readiness for your EU CASP, credit institution, or shadow-fleet exposed operation?

We build per-counterparty exposure inventories that cross-reference inter-CASP transfer histories, third-country financial-institution correspondent relationships, shadow-fleet per-vessel files and corporate-establishment evidence against the existing EU consolidated list, the OFAC SDN, the 50-Percent ownership tests, and the published Chainalysis, TRM Labs, Elliptic and Lloyd's List attribution. Outputs are written to be usable by compliance, legal and audit counterparties and to survive Day-30 enforcement review. Pair with our Sanctions Compliance and CIS Intelligence services for third-country chain-tracing work.

Request an Investigation