Products

Kharon CoreClearViewGraphCastAPI

Solutions

Forced LaborInvestment RiskMilitary End UsePublic SectorResearch SecuritySanctions and Financial Crimes Compliance

Data

BelarusBIS 50% / Affiliates RuleControlCryptoForced LaborMaritimeMilitary End UseOutbound Investment & OISPRussiaSanctions 50%Sanctioned SecuritiesVenezuela
The Brief

Company

About KharonCareersEventsResourcesPartnerships

ClearViewKnowledge Center

Request
a demo

Products

Kharon Core
ClearView
GraphCast
API

Solutions

Forced Labor
Investment Risk
Military End Use
Public Sector
Research Security
Sanctions and Financial Crimes Compliance

Data

Belarus
BIS 50% / Affiliates Rule
Control
Crypto
Forced Labor
Maritime
Military End Use
Outbound Investment & OISP
Russia
Sanctions 50%
Sanctioned Securities
Venezuela

The Brief

Brief Home

Company

About Kharon
Careers
Events
Resources
Partnerships
Log In
+1 424 320 2977
info@kharon.com

Privacy Policy

Terms of Use

Patents

Copyright ©2026 KHARON

Back to resources
Article

Detecting Iran Exposure: Sanctions, Export Controls, and Terrorist Financing Risk

Export ControlsSanctions
Kharon team

Kharon Staff

Published on Feb 20, 2026·5 min

Iran Kharon Article 2026
With evolving multilateral sanctions on Iran and intensified U.S. pressure, along with continued global scrutiny on terrorist financing, organizations are increasingly vulnerable to regulatory, financial, and reputational risks. This environment is only expected to sharpen as the Trump administration continues its “maximum pressure” strategy into 2026, having sanctioned more than 875 individuals and entities since the relaunch of this campaign in February 2025. Furthermore, the September 2025 "snapback" of U.N. sanctions on Iran effectively reimposed travel bans and global asset freezes on specific individuals and entities and reinstated an arms embargo on Iran, among other measures. The EU went even further than the U.N. measures by imposing additional autonomous restrictions, including asset freezes on the Central Bank of Iran and major Iranian commercial banks, alongside the establishment of notification and authorization mechanisms for funds transfers above certain amounts to Iranian financial institutions.

Iran seeks to evade these restrictions to advance its nuclear program, arm its military, and send funds to proxy groups in the Middle East. To access resources, Iran and its proxies have established sophisticated money transfer and procurement networks, many of which are embedded into standard international commercial activity. Illicit oil smuggling, shadow banking networks, and weapons procurement channels also provide revenue and foreign-produced goods for the Iranian regime.

To effectively mitigate exposure, companies must move beyond traditional due diligence and list-based sanctions screening tools and instead leveragedynamic sanctions data and risk insights that reveal indirect and evolving threats.

Escalating Iran Sanctions: Identifying Hidden Commercial Risk

As the pace of Iran-related sanctions and enforcement actions accelerates in 2026, organizations face a landscape where the primary threat is indirect commercial exposure — risk that is often buried beneath multiple layers of corporate ownership, cross-border intermediaries, and deceptive trade practices.

In response to the Iranian regime’s crackdown on nationwide protests that began in late 2025 and continued into 2026, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a number of senior Iranian officials. To further escalate pressure, the U.S. has also designated companies involved in shadow banking networks as well as shadow fleet vessels and their management firms, some of which notably are registered outside of Iran in countries including the UAE and India. In January, the U.S. sanctioned two digital asset exchanges registered in the U.K. that have processed significant volumes of funds associated with counterparties linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), marking OFAC’s first designation of exchanges for operating in Iran’s financial sector. The U.S. has also used export controls against Iran, with the Commerce Department’s Bureau of Industry and Security (BIS) adding entities outside of Iran to its Entity List in September 2025 for supporting Iran’s military.

Iran-related compliance obligations extend beyond U.S. rules. U.N. restrictions have revived broad prohibitions on arms, finance, and dual-use goods, which are binding to all U.N. Member States. In addition to implementing U.N. sanctions, the EU and U.K. maintain their own Iran sanctions regimes, with recent designations focused on human rights violations. In January, the EU adopted a new package of sanctions related to serious human rights violations in Iran as well as Iran’s continued provision of military support to Russia, and also agreed to officially designate the IRGC as a terrorist organization. The U.K. in turn sanctioned 10 individuals and an organization in early February for their roles in enabling violence against Iranian protestors. Furthermore, the 2025 EU and U.S. sanctions against Mohammad Hossein Shamkhani’s vast shipping empire illustrate how these measures impact global logistics operations: more than 115 vessels and entities tied to Iranian and Russian oil moved through networks in Dubai, Panama, and Singapore.

U.S. restrictions on Iran have been in place in some form or fashion for decades. Besides targeted designations, a patchwork of sectoral sanctions, export controls, and an arms embargo apply. Organizations will need strong and effective due diligence and compliance programs to be able to identify risk beyond listed parties. Altogether, these frameworks require that compliance programs be capable of identifying both direct and indirect risk vectors across jurisdictions.

Evasion and Secondary Sanctions Risk

To inform compliance leaders on best practices and sources of risk, regulators have issued advisories and other guidance highlighting Iranian sanctions evasion schemes, covering topics and sectors such as civil aviation, shipping, and UAV and ballistic missile procurement. Iranian actors routinely rely on front companies, third-country intermediaries, falsified documentation, and opaque ownership structures to acquire restricted goods, technology, and services in violation of sanctions regimes. In August 2025, OFAC sanctioned 18 targets linked to Iran’s efforts to circumvent sanctions and generate revenue through schemes involving shadow banking and payment messaging systems.

Organizations must also consider secondary sanctions risk when engaging with counterparties connected to Iran, whereby the U.S. Treasury Department may sanction foreign entities – including those with no U.S. nexus – if they are found to have engaged in significant transactions involving Specially Designated Nationals (SDNs) or prohibited Iranian sectors.

The stakes are high. Violating these measures carries significant legal consequences, from civil penalties and criminal liability to reputational harm.

Export Controls

Export control regimes impose another layer of restrictions on Iran. Under the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR), most U.S.-origin goods, technology, and services, including drones, semiconductors, and oilfield equipment, generally require a license before export to Iran. Risks also extend beyond physical shipments, as dual-use software exports and intangible technology transfers can trigger violations. Screening for denied parties and high-risk end users is essential to avoid inadvertently supporting Iran's proliferation or military objectives.

Recent U.S. enforcement underscores how compliance gaps can emerge even in well-resourced organizations. In December 2024, OFAC settled with C.H. Robinson International, a major U.S.-based logistics company, for $257,690 after an internal audit uncovered 82 sanctions violations by five foreign subsidiaries the company had acquired between 2016 and 2019. The violations - which involved freight brokerage and transportation services connected to Iranian- and Cuban-origin goods - were unintentional, stemming from delays in integrating the acquired subsidiaries' systems into C.H. Robinson's compliance platform. For more than three years, those subsidiaries operated with inadequate sanctions screening. The statutory maximum penalty exceeded $28 million; OFAC reduced it significantly because the company self-reported, cooperated, and took prompt remedial action. 

A strong compliance program integrates Iran-related export controls compliance measures into trade management processes - and ensures that screening capabilities keep pace with organizational changes such as acquisitions, new market entry, and evolving regulatory requirements.

Terrorist Financing

Aside from Iran’s procurement efforts for its nuclear program, missile development, and UAV production, its state apparatus has a deeply intertwined relationship with designated terrorist organizations; as a result, both proliferation financing and terrorist financing represent critical compliance concerns for the private sector.

Iran’s Islamic Revolutionary Guard Corps (IRGC) and its regional proxy groups — including the U.S.-designated foreign terrorist organizations Ansarallah (better known as the Houthis), Hamas, and Hezbollah, among others — can exploit legitimate commercial channels to finance their operations. These organizations rely on a mix of regional banks, money services businesses, crypto currencies, and informal value transfer systems (such as hawala) to move funds across jurisdictions. Sophisticated shadow banking networks composed of exchange houses and front companies may be situated in international commercial hubs to obscure the Iranian nexus and integrate illicit revenue into the legitimate financial system.
  • Banks and financial institutions must conduct enhanced due diligence and monitoring for red flags indicating indirect IRGC, Houthi, Hamas, or Hezbollah ties and ensure that they are not maintaining financial relationships with or providing services to parties that knowingly facilitate significant transactions for these groups.
  • Corporates, particularly those operating in the logistics, technology, and manufacturing sectors, should take steps to verify that customers or other counterparties are not acting as fronts for or diverting goods to sanctioned Iranian actors.
  • Investors and asset managers should conduct thorough due diligence on counterparties, fund structures, and acquisition targets to identify indirect Iranian nexus - particularly in cross-border transactions, joint ventures, and private equity deals where layered ownership structures may obscure connections to sanctioned actors.
At the international level, the Financial Action Task Force (FATF) sets international standards and best practices on countering terrorist financing that national regulators expect financial institutions to follow. Iran remains on the FATF blacklist, indicating heightened terrorist financing risks associated with the country. Private organizations are primarily responsible for identifying and reporting suspicious activity under anti-money laundering and combating the financing of terrorism (AML/CFT) rules, including filing suspicious activity reports (SARs).
To go deeper, read Kharon’s recent white paper on AML/CFT modernization.

Challenges and Barriers to Iran Compliance Programs

Building and maintaining an effective Iran compliance program is not without obstacles. Challenges and barriers include:
  • Difficulty in identifying indirect exposure: Complex ownership structures and procurement networks obscure illicit Iranian links.
  • Data limitations: Traditional, list-based sanctions screening can be inadequate for due diligence since it does not capture nuanced affiliations.
  • Global enforcement variability: Differing U.S., EU, U.K., and U.N. rules create inconsistency and uncertainty.  
  • Cost and resource burdens: Comprehensive due diligence requires specialized expertise and data. Teams must monitor multiple, overlapping, and frequently updated sanctions programs and regulations across numerous jurisdictions.

Using Kharon to Enable Advanced Iran Risk Detection

To navigate the high-stakes world of detecting Iran exposure, organizations must adopt a risk-based compliance program design that moves beyond basic name matching and conventional tools. Kharon enables this through an intelligence-first approach that delivers the data and network mapping necessary for comprehensive third-party risk management and continuous monitoring.

Kharon’s Iran intelligence capabilities, including deep ownership data and sophisticated network mapping, allow organizations to strengthen their sanctions and export controls compliance by integrating contextualized data into customer and counterparty screening, account opening procedures, and transaction monitoring processes.

By incorporating Kharon’s Iran data, organizations can stay ahead of risk stemming from layered ownership structures and sophisticated evasion tactics.
Iran-related compliance requires more than avoiding direct transactions; it requires visibility into the hidden networks and complex ownership structures that sustain Iran’s global reach. Organizations that rely on outdated tools or surface-level screening risk costly violations and reputational damage.

Your compliance program needs to be proactive, intelligence-led, and comprehensive to successfully mitigate risks across sanctions, export controls, and terrorist financing.

Kharon provides the foundational, verified insights to move your organization toward a proactive, intelligence-led framework for Iran sanctions compliance.

Request a demo today »

Subscribe to the Kharon Readbook for weekly insights in your inbox.