Key Takeaways
- OFAC screening is the process of checking whether a person or entity appears on U.S. sanctions lists before engaging in a financial transaction or business relationship.
- OFAC screening doesn’t end at onboarding; it continues through payments, profile changes, and list updates for as long as the relationship is active.
- A defensible OFAC compliance program isn’t just about having a policy; it’s about applying it the same way, every time, with a documented record of every decision.
What Is OFAC Screening?
OFAC stands for Office of Foreign Assets Control. It is a division of the U.S. Department of the Treasury and is the main body responsible for administering and enforcing economic and trade sanctions against individuals, entities, and countries.
OFAC maintains a database, or multiple lists, containing names of individuals and entities with whom U.S. citizens and businesses are prohibited or restricted from engaging in financial transactions or business dealings. OFAC screening (or OFAC compliance check) is basically the process of checking whether an entity or person appears on these lists and is subject to any sanctions.
The most important is the Specially Designated Nationals and Blocked Persons (SDN) list. Other lists include the Consolidated Sanctions List, the Sectoral Sanctions Identifications (SSI) list, and several regional lists.
Who Must Conduct OFAC Screening?
OFAC screening matters to you, even if you’re not a bank. Every U.S. person and person subject to U.S. jurisdiction, is required to screen both new and existing relationships. Onboarding a new vendor, hiring for a senior role, opening a customer account can create sanctions exposure and should be addressed through risk-based controls where relevant. All of it triggers a screening obligation.
In practice, it covers financial institutions, fintech companies, payment processors, staffing agencies, healthcare organizations, insurance companies, and any business that deals with vendors, contractors, or customers.
See how Compliancely helps teams stay on top of OFAC screening obligations.
Why OFAC Screening Is Required
The main purpose of OFAC screening? It’s to ensure compliance with U.S. sanctions laws and avoid relationships or transactions that carry serious legal, financial, and reputational consequences.
The risk doesn’t stay in one lane. It enters through customer onboarding, vendor approvals, payment processing, or merchant activation. Any workflow where a restricted party could enter the process.
Weak or inconsistent screening doesn’t just create compliance exposure, it generates downstream problems such as delayed approvals, higher manual review volume, and audit gaps that are difficult to close after the fact.
The cost of getting it wrong is also high as civil and criminal penalties escalate quickly. The total OFAC settlements in 2025 exceeded $265 million, up from roughly $49 million in 2024. Reputational damage compounds the regulatory risk. A single enforcement action can erode client relationships and invite heightened scrutiny that could linger for years.
OFAC Screening Is an Ongoing Process
A defensible OFAC sanctions screening program requires more than running a name against a list. It’s not a one-time check. Sanctions lists are not static and they’re updated continuously as geopolitical conditions change. A customer or vendor who passes initial onboarding screening may pose greater risk over time.
That’s why organizations should define a repeatable process for screening relevant parties, reviewing potential matches, documenting decisions, and reassessing active relationships based on their sanctions risk.
When done well, here are the operational benefits:
- Regulatory compliance: Prevents prohibited relationships and transactions before they occur
- Faster decisions: Reduces unnecessary delays when screening is structured and consistently applied
- Lower manual burden: Improves alert handling and cuts review friction on clear non-matches
- Audit readiness: Preserves a documented record of what was screened, when, and how decisions were made
Besides, OFAC screening doesn’t operate in isolation. It sits inside a broader anti-money laundering (AML) framework. Effective screening helps identify transactions linked to terrorism financing, narcotics trafficking, money laundering, and corruption.
High-Risk Gaps in OFAC Screening Process
Most businesses run into the same problems when it comes to OFAC screening:
- Screening against outdated lists, using spreadsheets to update, and relying on manual reminders to review
- Incomplete, inconsistent, or unstructured data means missed hits and false negatives
- Screening stops at onboarding and doesn’t continue through the relationship
- Customer, vendor, and payment workflows follow different or undocumented processes
- Documentation is scattered, making it slow and difficult to pull evidence when it’s needed
- Using legacy systems for current transaction volumes, resulting in alert spikes, review backlogs, and alert fatigue in analysts
Meeting OFAC Screening Requirements with Compliancely
Compliancely is an API-first compliance platform that combines sanctions screening, identity verification, business verification, and tax validation in one workflow. It’s built for compliance, risk, and operations teams that need all these checks to work together across onboarding, verification, and ongoing monitoring without having to manage it across fragmented systems.
- Unified compliance platform: Combines sanctions screening, business verification, identity checks, and tax validation into one platform, so no switching between tools.
- Direct, real-time screening: Entities are screened against direct-from-source data in real-time, ensuring accurate and up-to-date results without manual intervention.
- Ongoing monitoring: Sanctions checks are not limited to onboarding. Continuous monitoring ensures risk is identified even after initial approval when status changes.
- Reduced false positives: Direct-source data and structured workflows help minimize unnecessary alerts and manual reviews.
- Flexible implementation: Teams can use APIs, a no-code web portal, or bulk workflows depending on their operational needs and volume.
- Unified audit trail: Every screening decision is logged with timestamps, results, and reviewer actions, making audits and regulatory reviews easier.
Real-World Examples
Here are a few scenarios from real life that help you understand when OFAC screening is required.
Scenario 1: Merchant onboarding before activation
A payments platform requires sanctions screening before enabling payouts for any new merchant. During onboarding, a potential match surfaces against a related owner. The compliance team reviews the alert, clears it using supporting identifiers, and logs the decision with documentation. When the account is later audited, the record is already there.
Scenario 2: Vendor approval before first payment
Procurement approves a new supplier and routes them to payment. Before any funds move, the disbursement workflow triggers a sanctions check. The screening surfaces a related-party concern, a beneficial owner with a partial name match against a watchlist. The payment is held, the concern is reviewed, and the decision is documented before disbursement is approved or declined.
Scenario 3: Watchlist update on an active account
A customer is cleared screening at onboarding a few months before. A sanctions list update adds a new designation that partially matches the customer’s profile. Ongoing monitoring flags the change automatically, and the compliance team receives an alert without having to run a manual re-check. They review the match, document the outcome, and either clear or escalate without disrupting the customer’s account in the meantime.
Scenario 4: High alert volumes slowing application reviews
A fintech team is processing a high volume of onboarding applications, but sanctions alerts are creating a bottleneck. Many of the alerts are irrelevant. By centralizing screening into a single workflow and improving data consistency at the point of entry, the team reduces false positives and cuts the time analysts spend on manual review without lowering the threshold for genuine matches.
FAQs
1. What are the OFAC sanctions screening compliance requirements?
A risk-based OFAC sanctions compliance program commonly includes consistent screening across all relevant parties, a structured process for reviewing and resolving matches, clear escalation paths, documented decisions, and ongoing monitoring after approval.
2. Does OFAC screening stop at onboarding?
It doesn’t. Depending on the organization’s risk profile, checks may also be required before payments are processed, when ownership or profile information changes, and as part of ongoing monitoring when sanctions data is updated.
3. Why do false positives occur?
Incomplete or inconsistent input data, overly broad matching logic, and fragmented workflows are the most common causes.
4. What records should I keep and for how long?
A complete record typically includes screening results, analyst notes, timestamps, supporting documentation, and the final decision on each case. Keep transaction records for at least 10 years, blocked-property records for as long as the property is blocked, plus 10 years after.
5. What OFAC screening capabilities does Compliancely offer?
Compliancely screens against authoritative sanctions and watchlists in real time, automatically re-screens entities when lists are updated, and logs every decision in a unified audit trail. Beyond sanctions, it covers the broader compliance workflow including KYC, KYB, address verification, and TIN validation.
Book a demo and see how Compliancely consolidates sanctions screening, KYB, KYC, and tax ID validation into one workflow.