CSI Resources

image representing a caution zone

5 Best Practices to Fend off OFAC Violations

  • by Ronnie Wylie
  • Apr 14, 2016

The continual expansion of a global economy that trades increasingly online, across international borders and through digital currency has driven the U.S. Treasury Department to cast a wider net of OFAC violations, ensnaring not only financial institutions, but also everyone from unwitting small business owners to sophisticated corporations.

In fact, in each of the last seven years, businesses other than banks—including non-traditional financial institutions—have represented at least two-thirds of the total number of OFAC fines imposed.

Though the facts are daunting, there’s something organizations can do to avoid the wrath of OFAC and stay in compliance: screen.

Denied Party Screening Best Practices

Really, the crux of your OFAC compliance program is its denied party screening process, in which you cross-check your business dealings for matches to the Specially Designated Nationals (SDN) list—an inventory of individuals and entities with whom all U.S. citizens and businesses are prohibited from conducting business.

The list is updated each time OFAC identifies a new individual or entity to be added or removed, which can occur daily. Experts recommend screening your entire customer base each time the SDN list, or any other government watch list, is updated. With every cross-check, there is the potential for positive matches, each of which requires due diligence to either confirm or rule out a match. That due diligence includes a detailed comparison of the similarities between the name, address and other information of your customer and the SDN.

5 Critical Screening Best Practices

Here are five critical screening best practices that are proven to significantly streamline the screening process while reducing the risk of OFAC violations and their resulting harm.

  1. Use Outsourced List Updates

    Businesses can sign up to receive email notifications from OFAC when the list changes, however, that equates to a manual comparison between the updated list and your transaction, customer or database. Instead, take advantage of outsourced list updates, where a third-party provider handles the burden of monitoring the SDN updates and provides them to you in a usable format.  

  2. Automate the Screening Process

    No matter your risk profile, attempting to manually screen is next to impossible. And for businesses whose risk profiles indicate the need to screen with considerable frequency, manual screening also is risky. Investing in a comprehensive automated screening solution that easily integrates into your existing applications and compliance processes significantly eases your OFAC compliance burden: 

    • Cross-checks all of your databases against the SDN list
    • Streamlines your compliance by simultaneously cross-checking other watch lists
    • Facilitates the reporting of positive matches to OFAC
    • Provides detailed reports to prove your compliance
    • Decreases false positive matches by using address or date-of-birth disqualification
    • Whitelists (i.e. adds to a “good customer list”) names cleared through due diligence


  3. Support Multiple Integration Methods

    Many businesses need even more support to maintain and strengthen their OFAC compliance. The best automated screening solutions provide these additional features: 

    • Facilitate and automate single SDN look ups
    • Streamline and automate batch file runs
    • Support the review and resolve functions of multi-list screening
    • Provide enhanced search and report capabilities
    • Offer complete Customer Data Management
    • Deliver the ability to integrate into most web-based applications, onboarding systems, etc.


  4. Leverage Advanced Word Matching Technologies

    The SDN list is full of initials, acronyms and other name variations that could result in a significant amount of potential matches, which increases the amount of due diligence required to identify positive matches. For that reason, your automated screening solution must include an algorithm sophisticated enough to pinpoint true similarities and disqualify false ones. 

  5. Use an On-Demand Solution
  6. The final best practice is investing in an On-Demand screening solution. In addition to streamlining and automating your OFAC compliance, this cloud-based type of solution puts everything—screening, searching and reporting—at your fingertips anytime and anywhere through the use of secure credentials. 

For more information about OFAC and ways to fend off a violation—as well as what to do if you suspect you have a potential SDN match—download our whitepaper, Understanding OFAC: A Best Practices Compliance Guide for Businesses.


Ronnie Wylie serves as data services manager with CSI Regulatory Compliance, a role in which he oversees regulatory watch list screening and the watch list update process. Ronnie holds more than 10 years’ experience pertaining to economic sanctions and watch lists. He is a member of the Association of Certified Anti-Money Laundering Specialists (ACAMS).