OFAC Sanctions Screening

OFAC sanctions screening is the operational backbone of US sanctions compliance. The Office of Foreign Assets Control, part of the US Department of the Treasury, administers and enforces economic and trade sanctions based on US foreign policy and national security goals. US persons must screen the parties they pay, hire, contract with, and receive funds from against the OFAC sanctions lists, and they must avoid prohibited dealings with sanctioned jurisdictions. For US founders running international contractor and payroll operations, screening is not optional and not “set and forget.”

How OFAC Sanctions Screening Works

OFAC publishes multiple lists. The most consequential is the Specially Designated Nationals and Blocked Persons (SDN) list, which identifies individuals and entities whose property must be blocked under US sanctions. Other lists include the Consolidated Sanctions List, the Sectoral Sanctions Identifications (SSI) list, the Non-SDN Communist Chinese Military Companies (NS-CMIC) list, and various regional lists.

A typical screening workflow:

1. Identity capture. Collect full legal name, country of residence, date of birth (individuals), entity registration number (entities), beneficial-ownership data for entities at or near the 50 percent threshold.
2. Fuzzy match against SDN and other lists. Account for transliteration, name variants, aliases, and date-of-birth proximity.
3. Country and region screening. Block transactions linked to comprehensively sanctioned jurisdictions: Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine.
4. 50 Percent Rule analysis. For entities, aggregate beneficial-ownership across blocked persons.
5. Hit adjudication. Triage matches, escalate true matches, and file blocking reports to OFAC where applicable.
6. Periodic rescreening. OFAC updates the SDN list weekly or more often. Counterparties screened clean today can be added tomorrow.

The legal foundations sit in 50 USC 1701 to 1707 (the International Emergency Economic Powers Act, IEEPA) and the Trading with the Enemy Act. Program-specific authority is in OFAC regulations at 31 CFR Chapter V.

Who Must Comply

• US persons: Any US citizen, US permanent resident, individual physically present in the US, entity organized under US law (including its foreign branches), and any person present in the US.
• Foreign subsidiaries of US persons: Many programs (notably Cuba and Iran) reach foreign subsidiaries owned or controlled by US persons.
• Non-US persons: OFAC sanctions can reach non-US persons through US-dollar clearing transactions, exports of US-origin goods or technology, facilitation of prohibited dealings by US persons, and secondary sanctions targeting specific behavior.

A US-headquartered contractor platform must screen every contractor, every payee bank, and every counterparty along the chain. A foreign-headquartered platform that touches the US correspondent banking system or US-dollar payments has secondary-sanctions and US-dollar nexus exposure.

Penalties

Civil and criminal penalties scale rapidly:

• Civil penalties (IEEPA, adjusted for inflation annually): Up to the greater of about 377,700 dollars per violation or twice the underlying transaction. Each prohibited transaction is a separate violation.
• Criminal penalties (IEEPA): Up to 1,000,000 dollars per violation for entities, up to 20 years of imprisonment for individuals, for willful violations.
• Trading with the Enemy Act, Cuba programs: Distinct civil and criminal regime with similar order of magnitude.
• Strict liability for civil: A US person can be penalized for a transaction it processed without knowledge that the counterparty was sanctioned. Lack of awareness is not a defense, though it is a mitigating factor.
• Reputational, banking-relationship and customer impact: Often larger than the cash penalty.

OFAC publishes enforcement actions on its Recent OFAC Actions page.

Common Pitfalls

• Screening name only. A clean name match against the SDN list does not catch a blocked-by-ownership entity. The 50 Percent Rule requires beneficial-ownership data, not just identity.
• One-time screening. Counterparties that were clean at onboarding can be added to the SDN list later. Ongoing rescreening is required.
• Missing country and region detection. A contractor whose KYC says “Ukraine” but who actually resides in Donetsk is a comprehensive-sanctions hit. IP geolocation, bank account country, and residence verification all matter.
• Treating sanctions as a financial-services problem. Any US person that pays, hires, contracts, or invoices internationally is in scope. A SaaS company paying a developer in Iran is a clear violation regardless of industry.
• Underestimating facilitation. A US person directing a foreign subsidiary to do a sanctioned deal is itself a violation even if the US person never touches the transaction directly.

Related Forms and Terms

• Sanctioned Country List: the specific comprehensive-sanctions jurisdictions a screening program must block on residence and presence.
• AML: the broader anti-financial-crime regime that runs in parallel to OFAC screening.
• KYC: the identity-verification process whose output feeds OFAC screening.
• FCPA: the parallel anti-bribery regime that often intersects with sanctions exposure in the same jurisdictions.

Omnivoo Contract Management screens contractor identity, residence, and beneficial-ownership against the SDN list and comprehensive-sanctions jurisdictions at onboarding and on every payout cycle, with automated hit adjudication queues and an audit trail OFAC examiners can follow.