OFAC — Office of Foreign Assets Control (US)

The most consequential sanctions regime globally because it controls access to the USD financial system. Administered by the US Treasury Department. Key lists include the SDN (Specially Designated Nationals) list, the sectoral sanctions lists, the NS-MBS list, and country-based programmes (Iran, North Korea, Syria, Cuba, Russia-linked, Venezuela, Belarus).

Scope: Binds US persons, US subsidiaries, and anyone transacting in USD or touching US correspondent banking. This is why OFAC effectively reaches global finance — almost every cross-border transaction touches USD clearing.

UN Security Council Sanctions

Issued by the United Nations Security Council under Chapter VII resolutions. Member states are legally required to implement UN sanctions into domestic law. Focus areas include North Korea (DPRK), ISIL/Al-Qaida, Taliban, Somalia, Yemen, Libya, and others.

Scope: Globally binding in principle; actual enforcement depends on domestic transposition. Every UN Member State implements UN sanctions, but with national variations.

EU Consolidated Sanctions List

Administered by the European Commission; implemented through EU Council Regulations. Covers restrictive measures against third countries, entities, and individuals across the EU’s foreign policy tools. Major active programmes: Russia (heavily expanded post-2022), Belarus, Iran, Syria, Myanmar, Venezuela.

Scope: Binds all EU persons, EU-incorporated entities, and non-EU persons conducting business in the EU.

UK OFSI — Office of Financial Sanctions Implementation

Administered by HM Treasury. Post-Brexit the UK operates its own sanctions regime separate from the EU. OFSI maintains the UK Sanctions List, and sanctioned parties are identified under the specific UK statutory instruments.

Scope: Binds all UK persons worldwide and all persons within the UK — so any bank with a UK branch or UK-based customer must screen against OFSI.

HMT — HM Treasury Consolidated List

HM Treasury’s consolidated list of targets of financial sanctions sits alongside the UK Sanctions List and provides the operational list for financial institutions. Updates are frequent; screening providers refresh as near-real-time as possible.

Regional & National Sanctions

Every KYC operation in a given region must also screen local sanctions: DFSA (Dubai), CBUAE (UAE federal), MAS (Singapore), HKMA (Hong Kong), MOF Japan, RBI + FIU-IND (India, often via UN lists plus national targeted sanctions under UAPA), FINTRAC (Canada, enforcing SEMA & CCFA regimes), AUSTRAC (Australia, enforcing DFAT sanctions). Multi-jurisdictional banks screen against a union of all applicable lists.

Primary Sanctions

Binding directly on persons within the jurisdiction of the sanctioning authority. OFAC primary sanctions bind US persons, US subsidiaries, and transactions touching US jurisdiction (USD clearing, US tech, US nexus). UK OFSI primary sanctions bind UK persons worldwide and anyone in the UK. EU primary sanctions bind EU persons and entities.

Secondary Sanctions

Extend the sanctioning authority’s reach beyond its own persons. OFAC’s secondary sanctions, for example, threaten non-US persons with loss of access to the US financial system if they transact with certain sanctioned parties — even when no US nexus exists in the transaction itself. This is the legal mechanism by which OFAC sanctions effectively reach global finance.

Real-world example: A UAE-based bank processing Iran-related transactions with no US nexus is not directly bound by US primary sanctions — but it could lose its US correspondent banking relationships (loss of USD access) under secondary sanctions exposure. Most global banks treat secondary sanctions compliance as equivalent to primary compliance for this reason.

Worked 50% Rule example

Structure: A Cyprus holding company is 30% owned by Ivanov (SDN-listed), 25% owned by Petrov (SDN-listed), 25% owned by a clean party, and 20% owned by another clean party.

Analysis: Aggregate sanctioned ownership = 30% + 25% = 55%. Under the 50% Rule, the entire Cyprus holding is treated as sanctioned — and any entity it owns above 50% inherits the same status.

Practical consequence: A bank approving this relationship without aggregating the two sanctioned owners is in breach of OFAC rules. This is the exact fact pattern that produced several multi-hundred-million-dollar fines between 2018 and 2024.

Country-Based Sanctions

Broad prohibitions against transacting with an entire jurisdiction. Examples: US sanctions on North Korea, Iran (with specific exceptions under nuclear agreements), Cuba, Crimea (regional). These are comprehensive programmes that touch most or all transactions with the named country.

Sectoral Sanctions

Target specific sectors of an economy (energy, defence, finance) or specific activities (new debt and equity issuance) rather than the country entirely. OFAC’s sectoral sanctions on Russian energy and financial firms are the most prominent example. Complex to operationalise — you may transact with a sectorally-sanctioned entity for permitted activities but be barred from others.

Targeted / List-Based Sanctions

Sanctions targeting specific named individuals or entities (the SDN list, UN 1267 Consolidated List, EU’s entity-specific designations). These are the day-to-day bread of screening — every customer, beneficial owner, director, authorised signatory, and counterparty is screened against these lists.

Automated Screening Engines

Customer onboarding triggers an automated screen across OFAC SDN, UN Consolidated, EU, UK OFSI, HMT, and local sanctions lists simultaneously. Matching algorithms use fuzzy-match logic — exact-match, sound-alike (phonetic), transliteration-aware, and name-order flexible — because sanctioned parties routinely use name variants.

Typical tools: LexisNexis Bridger, Dow Jones Risk & Compliance, Refinitiv World-Check, Accuity, Fircosoft, in-house engines for larger banks.

Alert Triage — The L1 Analyst Role

Every alert appears in a sanctions queue. The L1 analyst runs initial triage: compare secondary identifiers (DOB, nationality, place of birth, address, occupation, known family members, employer). Most alerts at this stage are false positives — the name matches but the secondary identifiers disprove the match.

Critical rule: Never clear a name-match alert based on the name alone. Always triangulate with at least two secondary identifiers.

Escalation to Sanctions Officer

Alerts that cannot be dispositioned cleanly as false positives at L1 go to a dedicated Sanctions Officer or L2 reviewer. This reviewer applies deeper investigation: open-source intelligence, cross-referenced screening across multiple vendors, direct engagement with the customer’s front-office relationship manager for additional context, and consultation with legal where the transaction structure is ambiguous.

Decision — Block, Freeze, Clear

Outcomes of the sanctions investigation:

• Confirmed true match: Block the relationship or freeze any accounts under domestic asset-freeze rules, file required regulator notifications (e.g., OFSI reporting in the UK, FinCEN notification in the US), and document the block decision.
• Possible match — investigation incomplete: Hold the transaction or relationship pending resolution; escalate to Head of Compliance where urgency demands.
• False positive: Clear the alert; document the basis of clearance with named analyst, date, and corroborating secondary identifiers. Add to the “known cleared” list with appropriate re-review cycle.

Ongoing Re-Screening

Sanctions lists are updated constantly. Every customer is re-screened on a cycle (daily for high-risk populations, weekly or monthly for lower-risk) to detect newly added parties. List updates drive most of the ongoing alert volume at tier-1 banks.

Why False Positives Are So Common

• Common surnames (Khan, Ahmed, Kim, Lopez, Petrov) have many sanctioned namesakes
• Fuzzy-match algorithms intentionally cast a wide net
• Transliteration from non-Latin scripts creates name variants
• Name-order differences (Western vs Asian vs Arabic conventions) trigger alerts
• Geopolitical events rapidly expand lists, driving alert surges

Managing Volume Without Missing True Matches

• Tune matching algorithms to your customer book’s demographic and geographic profile
• Use strong secondary-identifier triangulation — DOB, nationality, address
• Maintain a “known cleared” list with defined re-review cycles
• Invest in premium screening tools (Dow Jones, LexisNexis, Refinitiv World-Check are considered market standards)
• Use rule-based rejection of obvious false positives (e.g., a US-resident customer named Ivan Petrov matched against a Russia-based SDN with different DOB and no US ties)

Scenario 1 — Clear false positive

A customer named “Vladimir Ivanov” applies for a retail account at Revolut UK. Screening alerts: matches three SDN-listed Vladimir Ivanovs in Russia. Secondary identifiers: customer’s DOB differs from all three; customer is UK-resident with UK employer since 2015; customer has no Russia nexus in their file.

Outcome: Clear false positive. Disposition documented with named analyst, date, and the specific secondary-identifier basis for clearance. Customer added to known-cleared list with 6-month re-review cycle. Total resolution time: under 15 minutes.

Scenario 2 — Partial match requires investigation

A KYC analyst at JPMorgan London screens a new corporate customer. The Chief Financial Officer matches 80% to a Sectoral Sanctions List entry with the same nationality and same city of residence, but a different middle name.

Investigation: Sanctions Officer requests corporate HR records, LinkedIn verification, past employer references, and photograph (where available). Identifies that the CFO is a distant namesake but not the sanctioned individual — different employer history, different age band, different career trajectory.

Outcome: Cleared after investigation with detailed disposition memo. Sanctions Officer approval required given the partial match quality.

Scenario 3 — 50% Rule applied correctly

A Cyprus-registered holding company applies for USD correspondent services at Goldman Sachs. Direct shareholder screening shows no hits. UBO trace identifies four individual beneficial owners: two Russian nationals on the OFAC SDN list (aggregate 32%), and two clean individuals (aggregate 68%).

Analysis: Aggregate sanctioned ownership under 50% — structure not treated as sanctioned. However, given the material SDN exposure and the USD relationship nexus, Head of Compliance and dedicated Sanctions Officer approval required. Enhanced monitoring applied. Specific transaction-level screening will run whenever the sanctioned UBOs are involved indirectly.

Change one fact: If the two SDN shareholders together hold 52%, the entire structure is treated as sanctioned under OFAC 50% — no USD correspondent relationship is possible. This is the classic 50% Rule scenario regulators test.

Scenario 4 — Sanctions evasion pattern detected

An established corporate customer at Barclays GCC begins transacting with a new intermediary in Country B (not sanctioned) that routes goods to Country A (sanctioned). Invoice values are precisely at local customs thresholds. Historical activity had no Country A exposure.

Outcome: Immediate freeze of pending transaction. Sanctions Officer and MLRO review. Request for underlying contracts and end-beneficiary documentation. Customer cannot produce credible end-use documentation. SAR filed on sanctions-evasion typology; relationship exited. This is the exact fact pattern producing the largest enforcement actions in the past decade.