Sanqto
home industries telecom operators
Industry page

For telecom operators

Activating a subscriber service for a company linked to the sanctions list is the provision of a service — and it's prohibited. The duty applies to the operator regardless of AML status.

See demo
Works offline
GDPR-aligned
EU / UN / OFAC lists
Auditable reports
Legal status for this industry
The duty not to provide services or funds applies regardless of AML status. Brokerage, advisory, leasing, insurance — each is a "service" within the meaning of Reg. 269/2014.
Reg. 269/2014 · 833/2014 · Polish Act of 13.04.2022
Legal obligation

Does a telecom operator have to run sanction screening?

Yes. Activating a subscriber service, leasing infrastructure or wholesale resale to an entity on the sanctions list is the provision of a service — and it is prohibited.

A telecom service falls within the ban

Regulation (EU) 269/2014 prohibits making funds, economic resources and services available to entities on the EU list. Providing connectivity, data transmission or leasing infrastructure is a service within its meaning. The duty binds the operator regardless of any AML obliged-entity status — the mere fact of providing a service to a listed entity is enough for a breach to occur.

B2B contracts and the corporate client

Mass servicing of individual subscribers carries low risk, but framework agreements and B2B contracts carry significant risk. The client may be a company whose UBO is on the list. Verification before signing a corporate contract should cover both the subscriber and its ownership structure, especially with clients backed by foreign capital.

Wholesale, leasing and infrastructure

The harder area is wholesale resale, roaming and leasing infrastructure — optical fibre or rack space in a data centre. The operator may provide a service to a partner who then serves a listed client, or lease a resource to a company controlled by a listed person. Without verifying the chain of counterparties, the risk stays invisible.

What skipping the check risks

The Act of 13 April 2022 provides for an administrative penalty of up to PLN 20M for breaching the ban. Directive (EU) 2024/1226 requires EU states to criminalise sanctions violations — in Poland it is being transposed by draft bill UC92. Some telecom equipment and services are also covered by the sectoral sanctions under Regulation 833/2014, which creates an additional layer of duties.

This material is educational and does not constitute legal advice. Legal status: May 2026. Basis: Council Regulations (EU) 269/2014 and 833/2014 and the Polish Act of 13 April 2022.

Risk scenarios

What this looks like in your work.

SCENARIO 01

A B2B framework agreement for connectivity

The operator signs a contract for connectivity and data transmission for a company whose UBO is in Annex I of Reg. 269/2014. Providing the service means making it available.

SCENARIO 02

Infrastructure leasing and colocation

Leasing optical fibre or rack space in a data centre to a company controlled by a listed person is making an economic resource available — which is prohibited.

Hot spots

Where the risk is highest.

  • 01
    B2B contracts and framework agreements
  • 02
    Wholesale resale of services and roaming
  • 03
    Infrastructure leasing and colocation
  • 04
    Corporate clients with foreign capital
Tailored workflow

When exactly to screen the customer.

1
Before signing a B2B contract
Screen the subscriber and its UBO
2
When launching a wholesale service
Verify the partner and the end client
3
Periodically for portfolio clients
Weekly monitoring of list changes
Mini-case

"NetLink" operator, 1,800 B2B clients

Deployed in 6 days, subscriber base imported from the billing system via CSV. Round-the-clock portfolio monitoring flags new listings at renewal. Package: Enterprise — from 15 000 EUR one-time.

typical persona
Service-side SMB
1–20 staff · deployed in 7 days
Most-asked questions

Truth first, technology second.

Does this really apply to my industry?
Yes. The ban on making funds available or providing services to listed persons (Art. 2 of Reg. 269/2014) applies to all economic operators — regardless of whether the industry is formally under AML obligations. For sectors like travel or real estate, criminal and administrative liability already exists today.
What if the customer doesn't agree to be screened?
Screening uses data you already hold from the contract or invoice (first name, last name, company name, tax ID, optionally date of birth). It does not require customer consent — it is the business's discharge of a legal obligation (GDPR Art. 6(1)(c)).
What do I do when there's a hit?
The app flags the result red, generates a justified report, and surfaces the procedure: pause the service, freeze funds, notify the FIU within 24 hours. Nothing is reported automatically — the decision sits with you.
Are the reports accepted by the FIU and tax authority?
Each report carries a timestamp, the reference-list version, the operator identifier and a hash of the input file — a format aligned with regulator expectations. Local archival for 5 years (the required retention period).
How often are the lists updated?
Every hour, plus immediately after publication of changes in the Official Journal of the EU. The app pulls reference files itself — it never sends customer data the other way.
Does this integrate with my CRM?
Yes. The Business and Enterprise tiers expose a REST API and ship integrations for popular CRMs (Pipedrive, HubSpot, Salesforce, Bitrix). On Starter you use the manual form.
Where is my data physically?
Wherever you install the app — your machine, your server, your network. There is no "Sanqto cloud" for customer data. Consequence: no data-processing agreements, no third-country transfers.
What's the fine if I don't screen?
Up to PLN 20,000,000 in administrative fines (Art. 15(1)(2) of the Act of 13 Apr 2022) and criminal liability up to 15 years for making funds available. Liability sits with the business — not the customer.
Contact

Book a 20-minute deployment call.

No salesperson, no slide deck. We'll show the install and answer the legal questions.

We reply within 1 business day.
Demo on your data (locally, on your hardware).
30-day trial, no commitments.

By clicking, you consent to being contacted with our offer. Data does not leave the EEA.

See demo