Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates

European Court of Justice: An OFAC Listing Alone Does Not Justify Refusing a Bank Account

Skadden Publication / White Collar Defense and Investigations

Michael Albrecht vom Kolke Jonathan Benson Eytan J. Fisch Ryan D. Junck Margot Sève Ondrej Chvosta Jason Williamson Cyrus Yazdanpanah

Executive Summary

  • What’s new: On 11 June 2026, the Court of Justice of the European Union held that a bank established in the European Union may not refuse to open a payment account with basic features for a consumer (i.e., an individual acting in their personal capacity) solely because the consumer appears on a sanctions list maintained by a third country, including the U.S. Office of Foreign Assets Control (OFAC).1
  • Why it matters: A third-country sanctions listing may be taken into account as one factor in a bank’s individual money laundering and terrorist financing risk assessment. Relying on the listing alone would effectively outsource the decision to the designating country and does not, on its own, provide a sufficient basis under EU law.
  • What to do next: EU financial institutions may want to review their onboarding and de-risking procedures to ensure that decisions affecting OFAC-listed customers are based on a documented, individual assessment and that the assessment is appropriately recorded.

__________

Background

In 2017 a Slovenian bank blocked a payment initiated by a consumer after inputting his personal data into the payment system. The bank explained that it had adopted stricter measures to fulfil its obligations under Slovenian Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) legislation, including compliance with the U.S. Office of Foreign Assets Control restrictions, and the consumer appeared on an OFAC list.

Subsequently in 2022, the bank refused to open a payment account with basic features for the consumer, stating the banking system did not allow such an account to be opened. The consumer had never been convicted of the offense underlying his OFAC listing, and he was not subject to any sanction imposed by the United Nations, the European Union or Slovenia. He brought an action to compel the bank to open the account, and the Slovenian court referred the matter to the Court of Justice of the European Union (CJEU), asking whether the refusal was justified under EU law and whether the presumption of innocence under Article 48 of the Charter of Fundamental Rights was engaged.

The Judgment

The judgment is based on two instruments: the Payment Accounts Directive,2 under which any consumer legally resident in the EU has the right to open there and access a payment account3 with basic features, and the Anti-Money Laundering Directive.4 The court confirmed that this right of access applies subject to compliance with AML/CFT rules. Notably, the Payment Accounts Directive defines a “consumer” as “any natural person who is acting for purposes which are outside his trade, business, craft or profession,” which materially limits the scope of the decision.

The court held that the inclusion of a customer’s name on the OFAC list, or on any comparable list drawn up by a third country, does not automatically prohibit a bank from establishing a business relationship. Such a listing may, however, constitute one of the relevant factors that the bank must take into account in its individual assessment of the money laundering and terrorist financing risk associated with the customer.

The court further observed that, following a specific assessment, a bank may conclude that it cannot effectively manage that risk through measures proportionate to its nature and size, even where the intended business relationship is limited to the opening of a payment account with basic features. The judgment therefore requires a documented, individual AML/CFT risk assessment as the basis for any refusal. The court also noted that the nature of a payment account with basic features, which has limited uses, reduces the risk of money laundering or terrorist financing connected with the opening of such an account.

Similarities With the Court’s Bank Melli Case

The approach is similar to the court’s reasoning in Bank Melli Iran v. Telekom Deutschland, its first ruling on the EU Blocking Statute, which prohibits EU operators from complying with specified U.S. sanctions instruments.5 In that case, the court held that, where evidence indicates that an EU operator terminated a relationship with an OFAC-listed counterparty in order to comply with sanctions instruments subject to the EU Blocking Statute, EU member state courts may require the operator to demonstrate that the termination rested on legitimate grounds independent of the relevant U.S. sanctions.

Both the Bank Melli case and Case C-81/24 therefore take the approach that an EU institution that declines, restricts or terminates a relationship with a customer who is sanctioned in the U.S. but not by the EU should base and document its decision on grounds that are permissible under EU law. A U.S. designation may inform the decision, but that designation on its own is unlikely to provide a sufficient basis.

Whereas the Bank Melli case applies only in the context of compliance with the EU Blocking Statute (and therefore only with respect to the U.S. sanctions instruments specified therein), the scope of Case C-81/24 is broader in that it applies to any third-country sanctions instruments. However, Case-C-81/24 is also narrower in that it only applies in the context of the specified bank services provided to a consumer.

Considerations for Financial Institutions

EU financial institutions should consider the following:

  • Third-country designations as a risk factor. EU institutions can continue to incorporate OFAC and comparable listings into AML/CFT risk assessment as one factor among several risk metrics.
  • Individual, documented assessment. Before an EU institution refuses to onboard or terminates a relationship, EU courts requires the institution to consider conducting and recording a case-specific risk assessment calibrated to the relevant product’s risk profile, including the reduced risk associated with basic payment accounts.
  • Competing obligations. If an EU institution onboards a person subject to U.S. sanctions, the institution will want to ensure it has appropriate controls in place to mitigate U.S. sanctions risk exposure. The financial institution will also need to be mindful of prohibitions under the EU Blocking Statute,6 which targets and restricts EU operators’ ability to comply with specified U.S. sanctions programs.
  • Governance and recordkeeping. EU financial institutions that review screening logic, escalation procedures and documentation standards position themselves well to substantiate decisions if examined by regulators, courts or counterparties.

_______________

1 Court of Justice of the European Union, judgment of 11 June 2026, Case C-81/24, Jenec (the case name is fictitious).

2 Directive 2014/92/EU of 23 July 2014 on the comparability of fees related to payment accounts, payment account switching and access to payment accounts with basic features.

3 The account must be with a credit institution located in the territory of an EU member state.

4 Directive (EU) 2015/849 of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing.

5 Court of Justice of the European Union, judgment of 21 December 2021, Case C-124/20, Bank Melli Iran v. Telekom Deutschland GmbH.

6 Council Regulation (EC) No 2271/96 of 22 November 1996 protecting against the effects of the extraterritorial application of legislation adopted by a third country.

This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.

BACK TO TOP