Sanctions Screening: Definition and Use in Compliance

**

What is Sanctions Screening?

Sanctions screening is the process of comparing customers, transactions, and business counterparties against government-maintained watchlists to determine whether any proposed financial activity involves a prohibited person, entity, or jurisdiction. The check runs before account opening, before payment execution, and periodically throughout the customer relationship.

The lists that matter most are the U.S. Treasury's Specially Designated Nationals List (SDN) maintained by OFAC, the UN Security Council Consolidated List, the EU Consolidated Financial Sanctions List, and the UK OFSI Consolidated List. Banks with cross-border activity typically screen against 15 to 40 distinct lists simultaneously, including country-specific lists from EU member states, Japan's METI list, and Australia's DFAT Consolidated List.

The comparison isn't simple exact-match. Fuzzy matching algorithms handle transliterations, spelling variants, nicknames, and aliases. A sanctioned individual whose name transliterates differently from Arabic or Cyrillic scripts should still generate a match, even if they spelled it differently on a bank form. Matching thresholds set too low to avoid false positives are one of the most common program weaknesses examiners flag.

When the system finds a potential match, a human analyst reviews it. If confirmed, the institution must block or freeze the relevant transaction or funds, report to the appropriate authority (OFAC in the U.S., OFSI in the UK, the national Financial Intelligence Unit elsewhere), and document the decision in a tamper-proof record.

The stakes are real. OFAC's enforcement history includes a $968 million penalty against Binance in 2023 and multiple nine-figure settlements with major international banks. Most violations weren't deliberate evasion. They were process failures: stale list versions, inadequate name-matching, or failure to screen at payment initiation rather than only at onboarding.

How is Sanctions Screening Used in Practice?

The screening workflow runs at three distinct points: customer onboarding, ongoing periodic monitoring, and real-time transaction processing.

At onboarding, the engine compares customer-provided name, date of birth, address, and document identifiers against the active list database. A potential match pauses the flow and routes the case to a sanctions analyst. The analyst reviews secondary identifiers (date of birth, nationality, document numbers) to determine whether it's a genuine hit or a false positive from a common name or transliteration variant. Institutions that include date of birth as a mandatory matching field alongside name reduce their false positive volume substantially. We've seen banks cut frivolous alert volume by 50% or more from this one data quality change alone.

Ongoing monitoring runs on a schedule, typically nightly. This matters because OFAC publishes SDN list updates multiple times per week. A bank whose customer is designated on a Monday needs to freeze their account before Tuesday's transaction, not catch the designation in the next monthly batch run.

Real-time transaction screening creates speed pressure. Wire transfers, ACH payments, and instant payment instructions all pass through the screening engine before settlement. Transaction monitoring flags behavioral anomalies; sanctions screening flags identity matches. The two systems are separate but often share alert queues in practice.

Many programs screen Politically Exposed Persons (PEPs) in the same pass, since the tooling overlaps. A customer who is both a PEP and newly sanctioned (as occurred with several Russian officials after February 2022) creates a combined alert that routes to Enhanced Due Diligence (EDD) review. All decisions feed into case management systems with timestamps and disposition logic documented for examiner access.

Sanctions Screening in Regulatory Context

Sanctions screening obligations exist at three levels: domestic law, multilateral frameworks, and industry guidance.

In the United States, the primary legal authority is the International Emergency Economic Powers Act (IEEPA) and the Trading with the Enemy Act (TWEA), both administered by OFAC. The Bank Secrecy Act and USA PATRIOT Act layer on additional obligations enforced jointly by FinCEN and the federal banking regulators. OFAC's jurisdiction extends beyond U.S. institutions: foreign banks that clear dollar transactions through U.S. correspondent accounts fall under U.S. sanctions law for those specific transactions.

In the EU, Council regulations implement UN-mandated sanctions alongside autonomous EU measures. The EU's own sanctions lists expanded significantly after February 2022; by mid-2023 the consolidated EU list covered over 1,700 individuals and 250 entities connected to Russia, according to the European Commission Sanctions Map.

Globally, the Financial Action Task Force (FATF) sets the standard in Recommendation 6, which requires all countries to implement targeted financial sanctions without delay for UN Security Council resolutions on terrorism and proliferation financing. "Without delay" means within hours, not the next business day.

In the UK, the Economic Crime (Transparency and Enforcement) Act 2022 introduced strict liability for sanctions violations. Intent is no longer relevant if the breach occurred. For institutions operating across jurisdictions, the most demanding standard becomes the effective compliance floor.

For correspondent banking specifically, the Wolfsberg Group's Sanctions Screening Guidance (updated 2019) provides the clearest industry benchmark on list coverage, matching thresholds, and documentation requirements. OCC, Federal Reserve, and FCA examiners reference it directly in examination findings.

Common Challenges and How to Address Them

Every compliance team running sanctions screening deals with three core problems: false positives, coverage gaps, and speed.

False positives are the dominant operational cost. Banks screen against millions of list entries across dozens of lists, and common names, transliteration variants, and aliases generate constant noise. Adding birth date, nationality, and secondary identifiers to the matching algorithm cuts the false positive rate meaningfully. The tradeoff is real: lower sensitivity reduces false positives but increases the risk of missing a genuine hit. Threshold calibration is an annual exercise tied to risk appetite, not a one-time implementation decision.

Coverage gaps emerge when institutions don't screen all relevant lists, update their databases too infrequently, or miss certain entity types. Corporate customers present a specific challenge under OFAC's 50 Percent Rule: a company owned 50% or more by a designated person is treated as sanctioned itself, even without appearing on any list by name. Screening must therefore trace through corporate ownership to the Ultimate Beneficial Owner (UBO) level. Missing this check is one of the most common sanctions violations in trade finance, where multi-party transactions create multiple exposure points.

Speed is a growing constraint. FedNow and the Faster Payments Service process payments in under a second, and the screening engine must return a decision within the same window. Manual review in the payment flow is impossible at that speed. The practical answer is pre-screening: check the beneficiary at payment template creation or account setup so the real-time check is a lightweight re-validation against a pre-cleared record rather than a full list comparison.

A program running on incomplete customer data or a two-week-old list version creates compliance exposure even if the institution can show it "runs screening." Regulators look at the quality and coverage of the program, not just its existence.

Related Terms and Concepts

Sanctions screening connects to a set of overlapping financial crime controls, and the distinctions matter operationally.

Adverse media screening checks news and public records for negative coverage of customers or counterparties. It doesn't rely on government lists, so it can surface reputational risk before any formal designation. Many institutions run sanctions and adverse media screening in the same periodic review cycle, though the disposition logic and legal obligations differ.

Restricted Party Screening (RPS) is a broader term common in trade finance and export control contexts. It includes SDN screening but also covers denied party lists (the Bureau of Industry and Security Entity List, the State Department Debarred Parties List) and sector-specific restrictions. A bank supporting a trade finance transaction may need to screen the exporter, the importer, the goods description, the shipping line, and the destination country all at once.

Sectoral sanctions are worth understanding separately from full SDN designations. OFAC's Russia-related sectoral sanctions under Executive Orders 13662 and 14024 don't prohibit all transactions with listed entities; they restrict specific transaction types, including new debt with a maturity over 14 days and equity instruments. Treating a sectoral sanctions hit the same as an SDN match produces both false blocks and false clearances.

Know Your Customer (KYC) and Customer Due Diligence (CDD) processes feed the data that sanctions screening depends on. Poor CDD, missing beneficial ownership data, or outdated address records mean screening runs on incomplete inputs. The output is only as good as the underlying data quality.

Finally, sanctions evasion is what institutions are ultimately trying to detect. Shell companies, front companies, and layered ownership structures are the primary evasion techniques. Screening the immediate counterparty name alone is insufficient when the beneficial owner sits three layers deep in a corporate structure.

**