OFAC 50% Rule: What It Requires and Who It Applies To

What is the OFAC 50 Percent Rule?

The OFAC 50 Percent Rule is an administrative interpretation issued by the US Office of Foreign Assets Control on August 13, 2014, extending US sanctions blocking obligations beyond entities explicitly named on the Specially Designated Nationals and Blocked Persons (SDN) List. Under the rule, any entity owned 50% or more in the aggregate by one or more SDNs is treated as a blocked entity under US sanctions law, even if OFAC never added it by name. The original guidance is published at https://ofac.treasury.gov/recent-actions/20140813.

The practical effect is significant. An entity doesn't need to appear on a watchlist for its property to be frozen. If a designated individual holds 60% of a trading company, that company's assets are blocked automatically. Any US person dealing with it faces the same legal exposure as if the SDN were named directly.

OFAC published the guidance in response to questions from regulated institutions about where their screening obligations end. The answer: not at the SDN list. Designated persons have long used nominees, shell companies, and layered ownership structures to distance themselves from designation consequences. The 2014 guidance made clear that corporate distance doesn't create legal distance.

OFAC updated and clarified the rule in November 2023, adding detail on how aggregation works when multiple SDNs each hold minority stakes and how to handle indirect ownership through chains of entities. The rule sits within the authority of the International Emergency Economic Powers Act (IEEPA), which authorizes the President, and by delegation OFAC, to block transactions with designated persons.

Compliance with the OFAC 50% Rule connects directly to the FinCEN CDD Rule. The beneficial ownership data collected for customer due diligence purposes is the same data used to run ownership-chain screening. The two obligations have distinct thresholds and purposes, but they share the same factual foundation.

Who does the OFAC 50 Percent Rule apply to?

The rule applies to all "US persons," a term with a specific legal scope:

• US citizens and permanent residents, wherever they live or conduct business
• US-incorporated entities, including their foreign branches
• Any person physically present in the United States, regardless of nationality
• Foreign financial institutions processing US dollar transactions, because USD clearing runs through US correspondent accounts, which brings those transactions under OFAC jurisdiction

That last category catches more institutions than expected. A German bank routing a payment through a New York correspondent bank is subject to OFAC rules for that transaction, even if neither sender nor receiver has any other US connection. Dollar-denominated means OFAC jurisdiction.

In practice, the 50% Rule reaches:

• Commercial banks and credit unions: Onboarding, account management, and transaction processing all require ownership-chain analysis.
• Broker-dealers and investment advisers: Holding a position in a blocked entity is itself a violation.
• Insurance companies: Premium payments and claims involving blocked entities are prohibited.
• Non-financial corporates: Trade finance, vendor payments, and supply chain transactions all carry exposure if counterparty ownership isn't verified.
• Foreign banks with US dollar operations: Any USD-denominated payment creates OFAC jurisdiction for that transaction.

There's no de minimis carve-out. A $500 payment to a company 51% owned by an SDN is a sanctions violation exactly as much as a $50 million one. Transaction size is irrelevant; the ownership threshold is the trigger.

Broker-dealers and advisers subject to FINRA Rule 3310 AML programs must treat OFAC 50% screening as a parallel, distinct obligation. Passing a BSA exam doesn't satisfy OFAC, and vice versa.

What does the OFAC 50 Percent Rule require?

The core obligation is to identify, block, and report any property or interests in property of entities that SDNs own at or above the 50% aggregate threshold. Operationally, this breaks into eight specific requirements:

1. Screen beyond the SDN list. Every counterparty relationship requires an assessment of whether any SDN, directly or indirectly, owns 50% or more of the entity. Checking names against the published SDN list is necessary but not sufficient.

2. Aggregate ownership across multiple SDNs. If SDN A holds 30% and SDN B holds 25% of the same entity, their combined 55% stake triggers the blocking requirement, even though neither individually meets the threshold. OFAC's 2023 guidance confirmed this aggregation rule explicitly. The starting point is total SDN-held ownership, not any single designee's share.

3. Apply look-through across all tiers. If an SDN owns 60% of Company X, and Company X owns 70% of Company Y, Company Y is also blocked. The look-through obligation applies at every tier of the corporate structure. Stopping at direct shareholders isn't compliant.

4. Block the property immediately. Once a covered entity is identified, all assets and interests must be frozen. No transactions can proceed. Blocked funds must be placed in a separate, interest-bearing account.

5. Report to OFAC within 10 business days. Every blocked or rejected transaction must be reported. Annual reports on all blocked property holdings are required thereafter.

6. Retain records for 5 years. All records relating to blocked transactions must be kept for 5 years from the transaction date, consistent with the record-keeping requirements under the BSA.

7. Rescan portfolios after new designations. When OFAC adds a new SDN, all existing relationships must be rescreened. The blocking obligation arises at the moment of designation. A counterparty that was clean on Monday may be blocked by Tuesday afternoon.

8. Document the ownership analysis. For complex ownership structures, retain written documentation showing how the chain was evaluated and how the conclusion was reached. "We checked the list" won't satisfy an examiner when the SDN held the entity indirectly.

The Customer Identification Program under Section 326 establishes identity verification at account opening. The OFAC 50% Rule requires ongoing, dynamic screening of ownership chains throughout the relationship, not a one-time onboarding check.

What evidence do regulators expect?

OFAC examiners and bank regulators reviewing OFAC compliance programs look for documented, tested, and maintained processes. On any audit day, expect requests for:

• Board-approved OFAC compliance policy: A written policy that explicitly names the 50% Rule, defines the ownership threshold, and describes the look-through obligation across ownership tiers. A generic sanctions policy saying "we screen the SDN list" doesn't satisfy this.

• Ownership screening procedures: Step-by-step operational documentation of how analysts identify beneficial owners for screening, aggregate SDN ownership across multiple designated persons, and handle multi-tier corporate structures.

• Screening system configuration and update logs: Technical documentation showing which data feeds the screening system uses and how often the SDN list refreshes. Examiners compare update timestamps to screening event logs. A 48-hour lag on SDN list updates is a finding.

• Training records: Documented evidence of annual OFAC compliance training for all relevant staff. The 50% Rule should appear explicitly in training content, with completion records showing who was trained and when.

• Alert disposition records: For every screening alert generated, a documented analyst decision explaining the basis for clearing or escalating. These records must be retained for 5 years. A pattern of rapid, undocumented clears is a red flag.

• Blocking and rejection reports: Copies of all OFAC reports filed, with confirmation that blocked funds are held in compliant interest-bearing accounts.

• Third-party screening coverage: Evidence that vendor due diligence and correspondent banking relationships include beneficial ownership screening.

• Independent testing results: Internal audit or qualified third-party test findings, with documentation of gaps identified and remediation steps taken.

The AMLA 2020 risk-based approach means regulators calibrate scrutiny to your institution's risk profile. The look-through obligation under the 50% Rule applies across all counterparties regardless of risk tier.

Common failure modes

Most 50% Rule failures come from programs built around the SDN list that were never updated to address ownership look-through.

• SDN-list-only screening. The most common gap. Screening systems run name matches against the SDN list but have no mechanism to check whether beneficial owners are designated. A company named "Apex Trading Ltd" passes because it isn't listed, even if an SDN holds 70% of its shares.

• Static ownership data. Beneficial ownership collected at onboarding and never refreshed. OFAC designations happen mid-relationship. Without periodic ownership updates, an institution won't know when a counterparty's shareholder structure changes after account opening.

• Aggregation blind spots. Systems that check each owner individually but don't sum SDN ownership percentages. Two SDNs at 26% each pass individual checks but fail the aggregation test at 52% combined.

• One-tier look-through. Analysts check direct shareholders but stop there. A two-tier holding structure with an SDN at the top and a nominee company in the middle defeats this approach entirely.

• Delayed portfolio rescans. Treating new OFAC designations as affecting only new customers. The blocking obligation attaches to all existing property at the moment of designation. An institution needs a process to rescan the full customer book each time the SDN list updates.

• Undocumented clear decisions. Institutions that screen properly but don't record their reasoning. When an examiner asks how a complex ownership chain was evaluated, "we checked and it looked fine" isn't a defensible answer.

OFAC publishes all civil enforcement actions with full documentation at https://ofac.treasury.gov/civil-penalties-and-enforcement-information. Sanctions violations frequently trace to exactly these program gaps, particularly failures to identify SDN-controlled entities that don't appear on the SDN list by name.

Penalties for non-compliance

OFAC civil penalties under IEEPA are calculated as the greater of a statutory maximum per violation or twice the value of the transaction. For 2024, the statutory maximum is $368,136 per violation, adjusted annually for inflation. That figure increases each year.

The critical phrase is "per violation." Each blocked transaction that slips through is counted separately. An institution that processes 500 blocked payments through a gap in its 50% screening faces 500 potential violation counts. OFAC settled with Standard Chartered in 2019 for $639,023,798, covering sanctions violations that included failures in the bank's sanctions compliance controls. Full enforcement documentation is at OFAC's civil penalties database: https://ofac.treasury.gov/civil-penalties-and-enforcement-information.

Criminal liability exists for willful violations. Individuals face penalties up to $1 million per count and up to 20 years imprisonment. Corporate criminal penalties under IEEPA have no statutory cap.

Voluntary self-disclosure before OFAC independently discovers a violation typically results in a 50% reduction in the base penalty calculation. Institutions that identify a 50% Rule gap, remediate it, and self-disclose consistently receive materially lower penalties than those where OFAC finds the problem first during an exam or investigation.

For nationally chartered banks, 12 CFR Part 21 creates additional exposure. The OCC can impose cease-and-desist orders and civil money penalties for BSA/OFAC program failures independently of whatever OFAC itself imposes.

Related regulations and frameworks

The OFAC 50% Rule connects to a cluster of interlocking obligations:

FinCEN CDD Rule: Requires covered institutions to collect beneficial ownership information for legal entity customers, with a 25% identification threshold. That's a lower bar than OFAC's 50% blocking threshold, and deliberately so. The CDD Rule gathers the ownership data that OFAC 50% screening then uses. The Federal Register notice at https://www.federalregister.gov/documents/2016/05/11/2016-10567/customer-due-diligence-requirements-for-financial-institutions sets out the original rationale in full.

CTA Beneficial Ownership Reporting: The Corporate Transparency Act created a national beneficial ownership registry at FinCEN. Financial institutions will eventually query this registry to support OFAC 50% look-through analysis, particularly for domestic entities where ownership chains can be verified against registry records.

FATF Recommendation 24: The international standard on beneficial ownership transparency that underpins both the CTA registry and the FinCEN CDD Rule. FATF Rec 24 requires member countries to maintain accurate beneficial ownership information for legal entities, creating the global foundation for the data the OFAC 50% Rule depends on.

FATF Recommendation 1 (risk-based approach): OFAC expects institutions to calibrate their screening depth to counterparty risk. The look-through obligation itself is binary (blocked or not), but investment in data quality and system sophistication should reflect the institution's actual risk exposure.

EU AMLR 2024: The EU's 2024 AML Regulation imposes analogous beneficial ownership look-through obligations for EU-sanctioned entities, creating a parallel framework for European institutions operating across jurisdictions.

The OFAC SDN List is the authoritative data source that anchors all 50% Rule analysis. Every look-through exercise begins and ends there.

How FluxForce supports OFAC 50 Percent Rule compliance

FluxForce agents screen counterparty ownership chains against the OFAC SDN list continuously, applying the 50% aggregation rule across multiple tiers of corporate structure. Nova Sentinel's real-time sanctions monitoring flags any new SDN designation touching an existing relationship, triggering an immediate portfolio rescan. Every screening decision includes full documentation of the ownership analysis, so compliance teams can show examiners exactly how each chain was evaluated. To see how FluxForce closes the gap between SDN-list screening and full beneficial ownership look-through, request a demo.