Compliance playbook

Sanctions screening best practices

The practical parts that reduce false positives and help you pass audits: matching logic, tuning, evidence, and re-screening strategy.

Test a name (free tool)OFAC screening API use case

1) Match on more than just names

Names are noisy. Use identifiers whenever you can: country, date of birth (individuals), registration numbers (entities), addresses, and document IDs.

2) Tune thresholds and review workflows

Two teams can screen against the same lists and get radically different false-positive rates. The difference is tuning and consistent review steps. Define:

  • Matching thresholds per entity type and geography
  • When to escalate to compliance leadership
  • Disposition reasons (clear, true match, needs more info)
  • Evidence requirements (what must be recorded)

3) Define re-screening policy (and prove it)

A common audit question is not just “do you screen,” but “when did you screen?” Choose a policy (on list updates, scheduled, or both) and keep timestamps for each screening event.

4) Build an audit trail by default

Save enough data so a third party can reconstruct the decision: inputs, match candidates, identifiers considered, reviewer notes, approvals, and timestamps. This is especially important for borderline cases.

5) Connect screening to monitoring

Screening is a point-in-time check. Monitoring catches behavior. If you have transactions, plan for transaction monitoring and re-screening at an appropriate cadence.

Related

What is AML screening?

The core checks (sanctions + PEP) and how teams implement them.

Comparison

World-Check alternative

API-first workflows and transparent pricing for screening.