A company that wants to hire or work with outside parties needs to have a proper vetting and screening process in place. Under U.S. sanctions regulations, U.S. citizens are generally prohibited from engaging in business with sanctioned individuals or entities. Skipping out on screening opens the door to potential compliance issues and makes it easier to be defrauded.
In many highly regulated industries, especially those dealing with money or international transactions, OFAC sanctions screening is a core compliance requirement. If a company processes transactions that should have been blocked or rejected because of sanction issues, they are subject to civil penalties, large settlement payments, or enforcement actions. In 2025, OFAC listed 14 penalties, settlements, and findings of violation that came out to a total of $265,746,819.
Most companies that require OFAC screening as part of their broader sanctions and AML compliance automate the screening process using automated sanctions screening tools, scheduled list downloads, or API-based integrations.
In this blog, we’ll focus on OFAC API for screening, what it does, and why automated sanctions watchlist screening should be part of the onboarding and screening workflow.
What Does an OFAC API Do?
OFAC refers to the Office of Foreign Assets Control, the U.S. Treasury office that publishes sanctions lists, including the Specially Designated Nationals and Blocked Persons list. This is an official database that contains names of individuals and entities that are generally not allowed to work with U.S. persons because they may be linked to illegal or sanctioned activities.
In order to check OFAC sanctions lists, companies can use an OFAC API. An OFAC API automated sanctions watchlist screening can connect business systems to sanctions data and screening workflows. This integration allows teams to check individuals and entities against restricted-party lists.
For most regulated industries that work with international customers, cross-border payments, have high transaction volumes, or onboards third-party vendors, an OFAC screening is usually part of their pre-onboarding workflow, payment review, and customer monitoring programs.
An effective OFAC screening API should be able to perform the following functions:
- Name screening: Checks individual names against OFAC records using fuzzy matching to account for spelling variations, aliases and transliterations.
- Entity screening: Checks businesses, vendors, merchants, contractors, and counterparties against sanctions lists and watchlists.
- Match scoring: Give a score or rank to potential matches based on name, alias, address, and metadata.
- Workflow routing: Sends the vendor or internal screening results to the right next step, such as pass, potential match, reject, or review.
- Evidence capture: Stores search inputs, timestamps of when the search was done, sources of the databases/lists, and results.
- Re-screening: Runs checks again when OFAC lists are updated or when customer data changes.
How OFAC APIs Work in Screening Workflows
Running an OFAC check sounds relatively simple and straightforward when done for a single individual or entity. However, checking hundreds of names at the same time can quickly turn into a time-consuming process.
In order to make sanctions screening less of a time-consuming process, organizations can use a real-time OFAC screening API to automate the screening process. By embedding the API into their onboarding, payment processing, or vendor approval workflows, businesses can check names and entities against up-to-date sanctions data.
An OFAC API typically works by collecting relevant data, sending a screening request, comparing the submitted information against sanctions watchlists, scoring potential matches, supporting case handling, and documenting activity for audit purposes.
- Data collection: The system collects all the relevant information required for the check, including name, business name, date of birth, address, country, tax ID, and entity type.
- API screening request: Once embedded into the onboarding, payment, or vendor workflow, the system checks an entity by sending screening data to the OFAC API.
- Watchlist comparison: It compares the submitted record, including aliases, alternate spellings, addresses, and related identifiers, against up-to-date sanctions data.
- Match result and score: After comparison, a match result is returned with the match score, matched list, matched fields, entity details, and recommended next steps.
- Decision and case handling: Records that are low-risk can be cleared automatically (depending on company policy). Any potential match is routed for review.
- Audit logging: The system maintains logs of every request, response, decision, override, and reviewer action for internal audit and regulatory review.
Reading the results of an OFAC screening
An effective OFAC API screening result does more than just return a “hit” or “no hit” result. It should also offer context and help teams understand why a match appeared, how close the match is to the sanctioned list, and whether the case should be cleared, reviewed, or escalated.
Identifying the Data Sources, Watchlists, and Matching Logic Behind Accurate Screening Results
When a business screens an individual or an entity, it needs to know whether that person or entity appears on a sanctions list. And in order to do so, accurate screening is simply non-negotiable.
Accurate screening typically depends on three things- the quality of the data source, how often the source is refreshed, and the matching logic.
An OFAC screening API should rely on authoritative sanctions data and provide enough details to support defensible decisions. Instead of relying only on exact name matches, a strong screening system also checks fuzzy or similar names, aliases, and former names. It also checks business names, compares addresses and countries, date of birth or registration data, and entity type.
Priority Data Sources and Matching Data for OFAC Screening API
| Source | Why it matters |
|---|---|
| OFAC SDN List | Provides core U.S. sanctions compliance coverage that identifies individuals, entities, groups, aircrafts and vessels designated under OFAC sanctions programs |
| OFAC Consolidated Sanctions List data | Screens against OFAC’s non-SDN sanctions lists in consolidated data files. |
| Sanctions program and list-source data | Shows which OFAC list or sanctions program triggered the match. |
| Non-U.S. sanctions lists | Helps multinational teams manage cross-border exposure such as the UK, EU, UN, Canada, and others. |
| Alias and transliteration data | Detects exact names, similar names, aliases, alternate spellings, and phonetic variations. |
| Ownership and beneficial ownership data | Identifies entities that may be blocked under OFAC’s 50 Percent Rule (owned 50% or more, directly or indirectly and in the aggregate, by one or more blocked persons). |
| Address and country data | Helps distinguish true matches from unrelated names |
| Additional identifiers | Support match review using details such as DOB, nationality, passport number, tax ID, company registration number, vessel IMO number, or place of birth. |
Note: OFAC screening is often the U.S. baseline, but many compliance programs, like Compliancely, also screen against the UK, European Union, United Nations, Canada, politically exposed person (PEP), adverse media, and other watchlist sources.
The Difference Between Real-Time Sanctions Screening and Static Watchlists
Using current sanctions lists is a critical step during onboarding, payments, and ongoing monitoring. Many sanctions screening tools rely on static watchlists that are periodically updated. This can create a gap between list changes and screening results. And when a screening is done during the gap, it can return outdated or incomplete results.
A real-time OFAC API helps reduce this risk by screening against the latest available data and supporting prompt re-screening anytime lists are refreshed. This lowers the chances of exposure and compliance issues.
How To Evaluate an OFAC API That Fits Your Workflow
When evaluating an OFAC API, the speed of the screening is not the only important consideration, there are various other factors that the API should be evaluated on. Here’s an OFAC API evaluation checklist to help evaluate the best API for your workflow:
- Use direct or authoritative sanctions sources and support OFAC SDN and consolidated list screening.
- Must offer screening support for businesses, individuals, vendors, and payees.
- Provide fuzzy matching with configurable thresholds, explanation of the clear match, match scores, and matched-field details.
- Support real-time API responses and webhook delivery, where needed.
- Should offer ongoing monitoring and automatic re-screening anytime a sanctions list changes.
- Provide support for bulk screening for portfolio or vendor file reviews.
- Must include case review workflow for potential matches with complete audit trails that record timestamps and decisions as well as exportable reports.
- A strong OFAC API should include role-based access controls for compliance, operations, and administrative users.
How Compliancely Supports OFAC Screening by API
Compliancely brings sanctions and watchlist (including OFAC) screening into a real-time, API-first workflow. For compliance teams, this means sanctions screening can sit inside a broader verification workflow that combines OFAC, KYB, address verification, tax ID validation, and ongoing monitoring in one connected process.
Advantages of using Compliancely for OFAC screening
- API-first delivery: Embeds checks directly into existing onboarding, payments, and vendor workflows.
- Web portal: Support for manual review and no-code operations through an online dashboard.
- Bulk screening: Allows portfolio, vendor, and file-based screening at scale.
- Watchlist monitoring: Sends alerts when sanctions risk changes.
- Audit trail: Records screening results, decisions, and overrides, in an audit-ready format.
- Broader compliance stack: Combines OFAC screening with KYC, KYB, TIN match in one platform.
How OFAC API Works in Real Compliance Situations
A fintech company onboarding a new wallet user
In this case, an OFAC API during customer onboarding can help screen a new wallet user before the account is activated. The API will show any potential matches, log the results and allow the onboarding to continue, if results are clear, without any intervention.
A marketplace has to review and verify a new seller before onboarding them
The OFAC API would help screen the business, owner names, address, and tax details during the onboarding process in a single workflow to check the legitimacy of the seller.
A bank has to review a cross-border payment after OFAC screening triggered a potential match
If an OFAC screening triggers a potential OFAC match because of a similar name and country, the case has to get routed for another round of review.
A vendor risk team has to screen a large list of suppliers
Instead of screening a single supplier at a time, the team uploads multiple vendor files for bulk sanctions screening. The system separates clear records from potential matches.
A lender monitors an existing borrower portfolio and re-screens again after onboarding
A lender re-screens its borrower portfolio after the sanctions list updates and a new watchlist alert is flagged, documented, and escalated before the lender approves more credit exposure.
FAQs
1.What is an OFAC API?
An OFAC screening API screens individuals and entities against official sanctions lists and returns structured results for onboarding, payments, vendor checks, and monitoring workflows.
2.Is OFAC screening required for every business?
All U.S. citizens must comply with OFAC sanctions, but whether or not a business uses automated OFAC screening depends on its risk profile, industry, transaction volume, customers, locations, and compliance program.
3.How does an OFAC API reduce false positives?
An OFAC API reduces false positives by using a stronger matching logic such as exact and fuzzy name matching, aliases, identifiers, geography, and configurable match thresholds.
4.What is ongoing OFAC re-screening?
Ongoing re-screening means rechecking existing individuals or entities again when sanctions lists or risk-relevant records are updated.
5.Can OFAC screening be automated?
Yes, OFAC APIs can automate screening in real time, send possible matches to compliance teams for review, and store records to support audits and regulatory reviews.
6.How does Compliancely support OFAC screening?
Compliancely provides API, portal, bulk, and monitoring tools for sanctions screening alongside broader verification features, including KYC, KYB, TIN, address, and audit workflows.
Detect risk faster and reduce compliance risk by verifying individuals and entities using our real-time OFAC screening API.