Download for quick reference
Why are sanctions imposed?
Australia established a thematic autonomous sanctions framework in relation to significant cyber incidents on 21 December 2021. Unlike a country-specific autonomous sanctions framework, a thematic autonomous sanctions framework applies to sanctionable conduct wherever it occurs in the world.
Under the framework, the Minister for Foreign Affairs may designate a person or entity for targeted financial sanctions and declare a person for a travel ban if the Minister is satisfied the person or entity:
- has caused, or attempted to cause, a significant cyber incident;
- has assisted with causing, or with attempting to cause, a significant cyber incident; or
- has otherwise been complicit in causing, or in attempting to cause, a significant cyber incident.
A 'cyber incident' is a cyber-enabled event (or a group of related cyber events) that results in, or seeks to cause, harm to Australia or another country or countries. This may include events that result in harm to individuals, businesses, economies or governments.
The application of the framework will be reserved for the most egregious situations of international concern. Before making a designation or declaration under the framework, the Minister for Foreign Affairs must obtain the agreement in writing of the Attorney‑General and consult such other Ministers as the Minister for Foreign Affairs considers appropriate.
What is prohibited by the significant cyber sanctions framework?
The significant cyber incidents sanctions framework imposes the following sanctions measures:
| Measure | UNSC | Autonomous |
|---|---|---|
| restrictions on providing assets to designated persons or entities |
- |
✓ |
| restrictions on dealing with the assets of designated persons or entities |
- |
✓ |
| travel bans on declared persons |
- |
✓ |
Restrictions on providing assets to designated persons or entities
Restrictions on dealing with the assets of designated persons or entities (requirement to freeze assets)
It is prohibited to directly or indirectly make an asset available to, or for the benefit of, a designated person or entity.
It is also prohibited to use or deal with an asset, or allow or facilitate another person to use or deal with an asset owned or controlled by a designated person or entity (the assets are 'frozen’ and cannot be used or dealt with). The prohibition on 'dealing’ with assets includes using, selling or moving assets
An 'asset' includes an asset or property of any kind, whether tangible or intangible, movable or immovable.
Go to the Consolidated List to search the names of designated persons and entities.
If you become aware that you are holding an asset of a designated person or entity, you are required to freeze (hold) that asset and notify the AFP as soon as possible.
Travel bans
All declared persons are prohibited from transiting through or entering Australia.
Sanctions Permits
The Minister for Foreign Affairs may grant a sanctions permit to allow an activity that would otherwise be prohibited under the framework provided the activity meets specific criteria.
The table below provides a general guide to relevant criteria. You should get your own legal advice if you think your proposed activity is affected by sanctions and may meet the criteria for a permit. Go to Sanctions Permits for information on permits, including how to apply.
| Measure | Criteria | Reference |
|---|---|---|
|
Restrictions on providing assets to designated persons or entities and Restrictions on dealing with the assets of designated persons or entities |
The Foreign Minister is satisfied that it would be in the national interest to grant a permit and the activity is a:
|
Regulations 6A, 14, 15, 18 and 20 of the Autonomous Sanctions Regulations 2011 Autonomous Sanctions (Designated Persons and Entities and Declared Persons – Thematic Sanctions) List 2022 Regulations 11A and 11B of the Customs (Prohibited Exports) Regulations 1958 |
Relevant legislation
The relevant legislation for the significant cyber sanctions framework includes the following: