Sanctions screening is the operational process by which businesses — principally financial institutions, but also any organisation subject to sanctions obligations — systematically check their customers, counterparties, transactions, and other relevant data against applicable sanctions lists to ensure they are not doing business with, or processing transactions for, designated individuals, entities, vessels, or jurisdictions. At its most basic level, sanctions screening involves matching names and other identifying data against published lists such as the EU Consolidated Sanctions List, the OFAC SDN List, and the UK OFSI Consolidated List. In practice, however, effective sanctions screening is considerably more complex: it must account for name variations, transliterations, aliases, and spelling differences across languages and scripts; it must apply fuzzy matching logic to catch near-matches that an exact-name search would miss; and it must be calibrated carefully to balance the risk of missing a true match against the operational burden of generating excessive false positives.
Sanctions screening operates at two distinct levels within a compliance programme. Customer screening — sometimes called static screening — involves checking customers at onboarding and on a periodic or event-driven basis throughout the relationship, to detect any new designations affecting existing clients. Transaction screening involves checking each individual payment or transaction in real or near-real time against sanctions lists, which is particularly critical for correspondent banks and payment processors handling high volumes of cross-border transactions. Financial institutions are also expected to screen not just the named parties to a transaction but also underlying beneficiaries, intermediaries, and — in the case of trade finance — the goods, vessels, and ports involved. Sanctions violations — including those resulting from screening failures — can attract some of the largest regulatory penalties in the compliance world, and regulators in the EU, UK and US have all made clear that inadequate screening infrastructure will be treated as a serious compliance failing regardless of whether an actual prohibited transaction was processed.
