Trade- and Payment-Based Evasion: Vessels, Dual-Use, Stripping

If ownership concealment hides the who, this lecture covers hiding the what and the money. Trade-based evasion disguises the goods, the route, or the end-user so a prohibited destination or commodity never appears on the paperwork your screening engine reads. Payment-based evasion disguises the money trail so a sanctioned party or jurisdiction slips through wire screening.

Both work by manipulating the very documents and messages your controls depend on. The maritime sector and dual-use goods come up a lot on this exam, so we'll spend real time there. The lesson throughout: read beneath the surface of the documents.

Maritime trade is a favorite channel for evasion, and OFAC's shipping advisories catalog the tricks. A vessel goes dark by manipulating its Automatic Identification System, the A-I-S transponder, switching it off or spoofing a false position so its true voyage to a sanctioned port disappears from tracking. Cargo gets moved between ships at sea in ship-to-ship transfers, breaking the chain between origin and destination.

Operators hop between flag states, falsify shipping documents, and disguise vessel ownership. The red flags are concrete: A-I-S gaps over a suspicious area, unexplained route deviations, a vessel calling at a port it has no business visiting, and documents that don't reconcile. When a scenario describes a transponder that mysteriously went quiet near an embargoed coast, that's textbook maritime evasion.

Two related trade tricks. Transshipment routes goods through an intermediate country to obscure where they really started or where they're really going, the third country launders the geography. Diversion means the declared end-user on the paperwork isn't the true recipient; goods sold to an innocent-looking buyer are quietly forwarded to a prohibited end-user.

These are especially dangerous with dual-use goods, items with both civilian and military or proliferation uses, like certain electronics, machine tools, or chemicals. This is where sanctions meet export controls and FATF Recommendation seven on proliferation financing, and where frameworks like the Wassenaar Arrangement on export controls become relevant. Red flags include an end-user with no plausible need for the goods, shipment to a transshipment hub, and resistance to end-use questions.

Now the money side. The classic payment-based technique is wire stripping: deliberately removing or altering the names, addresses, or references in a payment message so a sanctioned party or country never reaches the screening filter. Historically, some institutions stripped messages to hush dollar payments past OFAC, and those cases produced enormous penalties.

Related methods include cover payments that hide the underlying parties, layering through chains of intermediary banks, and swapping currencies to break the trail. These defeat real-time screening precisely because the message has been doctored before it arrives. You detect them through message-integrity checks, looking for blanked or vague fields, and through pattern analysis that flags a counterparty whose payments are suspiciously thin on detail.

Every typology in this domain points at a control, so let's connect them. Maritime, transshipment, and dual-use risks are caught by trade screening that looks beyond names to goods, vessels, ports, and declared end-users, and by demanding end-use information. Wire stripping and payment layering are caught by payment screening that reads the full message and tests its integrity, flagging fields that have been blanked or that make no sense.

In every case, the right response to a red flag is the same discipline you learned earlier: resolve the missing detail before you clear the transaction, and escalate when you can't.

Let's fix the trade and payment red flags in memory, because the exam loves to bury them in a long scenario. On the maritime side: an A-I-S transponder that goes dark or spoofs its position near a sensitive coast, unexplained route deviations, and a vessel calling at a port it has no commercial reason to visit. On the goods side: an end-user with no plausible need for the product, vague goods descriptions, and shipment routed through a transshipment hub for no business reason, all classic diversion signals.

On the payment side: messages that are suspiciously thin on detail, fields that have been blanked or genericized, and a counterparty whose wires routinely lack the originator or beneficiary information you'd expect, the fingerprint of stripping. None of these alone proves a breach, but each is a stop-and-resolve signal. That closes the evasion domain, you now know how the other side operates.

Next, we turn to your front-line defense in depth, sanctions due diligence, starting with the risk-based approach and the risk assessment that drives it.