Screening sanctions

Definition

Sanctions screening continuously verifies that a customer, beneficial owner, counterparty or transaction does not appear on international sanctions lists.

These lists come from OFAC (US), the EU, the UN, HM Treasury (UK), the Direction générale du Trésor (FR) and other authorities. It is an operational pillar of AML/CFT: every obliged entity must screen at onboarding and monitor continuously, because the lists change constantly.

The main lists

• OFAC SDN (US Treasury) — the global reference list, to be respected as soon as there are USD links.
• OFAC SSI — sectoral restrictions (Russia, Venezuela).
• EU Consolidated List — EU sanctions, frequently updated.
• UN Consolidated List — Security Council decisions.
• HMT (UK) and national lists (DGT, BaFin, FINMA).

In total, several hundred thousand persons and entities.

How it works

1. Gathering the consolidated lists (via World-Check, Dow Jones, ComplyAdvantage, OpenSanctions).
2. Matching the customer's names, dates of birth, countries and identifiers against the entries.
3. Fuzzy matching tolerant of variations (transliteration, typos, nicknames): Levenshtein, Soundex, Jaro-Winkler, ML.
4. Alerts on probable matches.
5. Human review by a compliance analyst.
6. Action if confirmed: freezing funds, refusal, TRACFIN report, alert to the DGT.

The challenge: false positives

Fuzzy matching generates many false positives (a "Mohammed Ali" matches dozens of OFAC entries), hence a huge alert volume, high operational cost, the risk that true positives get buried, and accounts blocked by mistake. Modern players (Sardine, ComplyAdvantage, Hawk) invest in ML models to reduce these false positives.

Continuous screening

A check only at account opening is insufficient, because the lists evolve (especially since 2022 on Russia). Screening must be periodic (re-screening the whole base at each update), real-time on transactions (before executing a transfer) and automatic (built into the backend, outside the alerts).

Sectoral or geographic sanctions

Beyond individual lists, some sanctions target a sector or a country: Russia since 2022 (banks, oil, goods), Iran, North Korea, Cuba, Venezuela (partial embargoes), and even crypto (Tornado Cash addresses sanctioned by OFAC in 2022). Full screening covers individuals, entities and the country of the payee's IBAN/SWIFT.

What sanctions screening is not

• Not PEP screening: a PEP is not sanctioned but subject to enhanced due diligence (shared tools, different consequences).
• Not credit scoring: no creditworthiness assessment.
• Not optional: breaching sanctions can cost billions (BNP, 2014: $8.9bn for Iran, Cuba and Sudan).
• Not static: a new list drops almost every day; the system must be up to date in near real time.

In the PSD2 ecosystem

Screening applies to all PSPs (PSD2 + AMLD). For PISPs, you must check the payee's IBAN and identity without breaking the speed of the instant transfer. AISPs screen their own customers at onboarding and continuously, without touching the linked accounts.

Concrete examples

• Leaders: Refinitiv World-Check (LSEG), Dow Jones Risk & Compliance, ComplyAdvantage, LexisNexis Bridger, Sayari, OpenSanctions.
• BNP 2014: a historic $8.9bn fine by US authorities for sanctions violations via USD operations — a textbook case.
• Russia 2022+: more than 20 EU sanctions packages, forcing banks to re-screen their entire base within days.
• Tornado Cash 2022: OFAC sanctions the crypto mixer; any interaction with its addresses becomes illegal for US players.
• Cost: €2 to €10m/year for a mid-sized bank, €10 to €50k/year plus 0.5 to 2 FTEs for a fintech.
• Alert volume: 5 to 20 alerts per 1,000 customers screened, of which fewer than 1% are confirmed; ML can cut this volume by 5 to 10x.
• Evolution: increasingly dynamic sanctions, hence pressure toward real time, crypto-wallet screening and detection of circumvention (holdings, front men).