The EU can declare a company a criminal enterprise and the financial industry must then prevent EU citizens from transacting with them.

They will set their DNS servers to drop all incoming connections to X. That can be done in each country. They can use Deep Packet inspection tools and go from there. If the decision is EU wide then they will roll that out.