Key Takeaways
Chapter 8: Sanctions Screening: Watchlists, False Positives, and Calibration
Core Concept
Sanctions screening is the process of checking customers, transactions, and counterparties against government-published lists of prohibited individuals and entities. The regulatory cost of a missed true match (multi-billion-dollar penalties, license revocation) is so high that institutions calibrate for maximum sensitivity — producing false positive rates routinely exceeding 99%.
Essential Points
1. Multiple Regimes, Multiple Lists - OFAC (US): SDN List, Consolidated Sanctions List, FSE List, SSI List - OFSI/HM Treasury (UK): UK Consolidated List — independent from EU post-Brexit - EU: Consolidated Financial Sanctions List - UN Security Council: Multilateral regimes (DPRK, Al-Qaida, Taliban) implemented through domestic law - Extraterritoriality is critical: OFAC sanctions apply to all USD-denominated transactions clearing through US banks, regardless of where the transaction originates — making US sanctions de facto global for dollar-clearing banks
2. The OFAC 50% Rule An entity owned 50% or more by a sanctioned person is itself subject to OFAC sanctions even if the entity is not named on any list. This creates a beneficial ownership screening requirement beyond list-name matching.
3. Name Matching Is the Core Technical Challenge - Exact matching: appropriate for document IDs; insufficient for names - Levenshtein/edit distance: good for typos; poor for transliterations - Phonetic (Soundex, Metaphone): good for English phonetics; limited for non-Latin names - ML-based matching: can learn language-specific similarity patterns with training data - All systems require name normalization before matching: Unicode handling, diacritic removal, transliteration, honorific stripping
4. False Positive Rates Are Systematically High - Common names from populations frequently represented on sanctions lists (e.g., Arabic, Persian, Russian names) generate disproportionate false positive rates - Watchlists contain multiple aliases and transliterations per entry — each is a false positive opportunity - Regulatory pressure toward maximum sensitivity calibration creates a structural false positive problem - This has equity implications: certain demographic groups experience higher rates of payment delay and screening friction
5. Supporting Data Is the Primary False Positive Management Tool - Date of birth: the single most powerful disambiguation field - Nationality and country of origin: moderate discriminating power - Document identifiers (passport, national ID): definitive when available - Physical address: useful but easily falsified - A name score of 0.90 + no DOB match + no nationality match = LOW priority - A name score of 0.90 + DOB match + nationality match = HIGH priority requiring urgent review
6. Real-Time vs. Batch Have Different Requirements - Payment screening must be integrated before transaction execution — milliseconds to seconds - SWIFT MT103/MT202 fields (originator, beneficiary, intermediary) must be screened - Customer screening uses periodic batch processing supplemented by designation-triggered re-screening - New OFAC designations require rapid customer-base re-screening "as soon as practicable"
7. True Match Consequences Are Immediate and Specific - US: Block or reject transaction; report to OFAC within 10 business days; maintain five-year records - UK: Freeze assets; report to OFSI within 10 days - EU: Freeze; report to national competent authority - Voluntary self-disclosure before OFAC discovery significantly mitigates penalty exposure
8. The Five OFAC Compliance Program Components 1. Management commitment 2. Risk assessment (institution-specific sanctions exposure) 3. Internal controls (policies, procedures, screening systems) 4. Testing and auditing (including threshold testing against known matches) 5. Training for relevant personnel
Key Distinctions
| Aspect | Customer Screening | Payment Screening |
|---|---|---|
| Timing | Onboarding + periodic + triggers | Real-time (pre-execution) |
| Data screened | Name, DOB, nationality, address | Originator, beneficiary, intermediary |
| Processing mode | Batch (large volumes) | Real-time (individual transactions) |
| Speed requirement | Minutes to hours | Milliseconds to seconds |
| Alert response | Queue-based review | Hold/suspense pending review |
Connections to Other Chapters
- Chapter 6 (KYC): KYC data (name, DOB, nationality) is the input to sanctions screening. KYC data quality directly determines screening accuracy.
- Chapter 9 (Beneficial Ownership): The OFAC 50% Rule creates a beneficial ownership screening requirement — BO data from Chapter 9 feeds directly into sanctions exposure assessment.
- Chapter 11 (SAR/Case Management): Confirmed sanctions matches generate regulatory reporting obligations distinct from SAR filing — but managed through the same case management infrastructure.
- Chapter 23 (NLP for Regulatory Intelligence): NLP techniques are used to monitor regulatory publications for new sanctions designations — automating the detection of list changes that require re-screening.
- Chapter 29 (Algorithmic Fairness): The demographic disparities in sanctions screening false positive rates are a direct instance of the algorithmic fairness problem explored in Part 6.
Regulatory Reference Points
| Framework | Sanctions Relevance |
|---|---|
| 50 USC §1705 | US International Emergency Economic Powers Act — OFAC's primary authority |
| 31 CFR Part 501 | OFAC reporting, procedures, penalties |
| The Sanctions and Anti-Money Laundering Act 2018 | UK post-Brexit sanctions authority |
| EU Regulation (EU) 2018/1725 + sector-specific regulations | EU sanctions legal basis |
| UNSCR 1267, 1988, 1989 + successors | UN Al-Qaida/Taliban sanctions |
| UNSCR 2270 + successors | UN DPRK (North Korea) sanctions |
Next: Chapter 9 — Beneficial Ownership and Corporate Transparency →