Start free trial
OFACguidesvendor screening

How to screen vendors against the OFAC SDN list

A practical walkthrough of screening vendors and counterparties against the U.S. Treasury OFAC SDN list — what to check, how often, and how to keep a defensible audit trail.

Kleerance Editorial
How to screen vendors against the OFAC SDN list

The OFAC Specially Designated Nationals and Blocked Persons list (the "SDN list") is the U.S. sanctions list most businesses trip over first. If you deal with any U.S. counterparty, run payments through the U.S. financial system, or ship goods with any U.S. nexus, you almost certainly have SDN screening obligations — even if nobody has ever told you that in writing.

This guide is a practical, non-legal walkthrough of what SDN screening actually looks like in day-to-day operations for a small or mid-sized business.

This article is informational and is not legal advice. Sanctions obligations are fact-specific — consult qualified counsel for your program.

What the OFAC SDN list actually is

The SDN list is maintained by the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC). It names individuals, companies, vessels, and aircraft whose assets are blocked and with whom U.S. persons are generally prohibited from dealing. It is updated on a rolling basis — often multiple times per week — as designations are added, modified, and (occasionally) removed.

OFAC publishes the list in several formats (TXT, XML, and the "Consolidated" list which bundles SDN with other OFAC-maintained lists like Sectoral Sanctions and Non-SDN Menu-Based Sanctions). The authoritative source is sanctionssearch.ofac.treas.gov. Every match on Kleerance links back to the primary source record for that reason.

Who has to screen

The short version: any U.S. person, and often non-U.S. persons whose transactions "cause" a U.S. person to violate sanctions. In practice this pulls in:

  • U.S. companies and their non-U.S. subsidiaries (for many programs)
  • Financial institutions, payment processors, marketplaces, and crypto platforms
  • Exporters and importers
  • Non-U.S. companies clearing USD payments through correspondent banks
  • Any business that receives OFAC-flagged transactions from its payment processor

If you have never done sanctions screening and any of the above applies, treat this as a "must fix" gap, not a "nice to have."

What "screening" actually means

Screening is comparing the name (and, ideally, other identifiers) of a counterparty against the SDN list to see whether they appear on it. It is not a background check and it is not a credit report. There are three practical dimensions to get right:

  1. Coverage — which lists you check
  2. Match quality — how you decide whether "Vladimir Putin" in your CRM is the same "Vladimir Putin" on the list
  3. Cadence — when you check (onboarding, re-screening, real-time payments)

A minimal SDN screening workflow

Here is what a lean, defensible workflow looks like for a small operations team:

1. Screen at onboarding

Every new customer, vendor, supplier, or high-value counterparty is screened before you sign a contract, disburse funds, or ship goods. Screen the legal entity name, any known trade names, and — for higher-risk relationships — beneficial owners and key officers.

2. Fuzzy match, then adjudicate

Names on the SDN list are often transliterations of non-Latin alphabets (Russian, Arabic, Chinese) with dozens of variant spellings. Exact-match screening misses real hits. Use fuzzy matching (Kleerance uses trigram similarity plus word-boundary checks) and then have a human adjudicate anything that scores above your review threshold.

A reasonable default:

ScoreRecommended action
≥ 90%Treat as a likely match. Freeze the transaction and escalate.
70–89%Manual review required.
40–69%Flag for review but low priority.
< 40%No match.

3. Log every check

Every screening event needs a durable audit trail: what name you searched, what list versions you screened against, what score came back, who adjudicated it, and what decision was made. If OFAC or a bank ever asks "what did you check on August 12?", you need to be able to answer with a timestamped record — not a screenshot.

Kleerance writes every screening search to a per-account audit log by default. See our restricted-party audit trail post for why this matters.

4. Re-screen periodically

The SDN list changes constantly. A vendor who was clear when you onboarded them last year may have been designated since. Most compliance programs re-screen active counterparties at least monthly, and real-time on any transaction above a materiality threshold. Continuous monitoring (Kleerance's Growth plan and above) automates this.

5. Know what to do on a true positive

A true SDN match is not a customer service issue — it is a legal one. Do not tip off the counterparty. Freeze the transaction, escalate internally, and follow your program's designated escalation path (which often includes filing a blocking report with OFAC within 10 business days).

Common mistakes

  • Screening only the primary name. Aliases catch designations that primary-name screening misses.
  • Relying on a one-time PDF download. The SDN list changes; a snapshot from a quarter ago is not current.
  • Screening customers but not vendors. Sanctions obligations apply to counterparties on both sides.
  • No audit trail. Even correct screening decisions look like negligence without a record.

How Kleerance helps

Kleerance indexes the OFAC SDN list plus nine other government watchlists (OFAC Consolidated, BIS DPL, BIS Entity List, State DTC/ISN, UN Consolidated, EU CFSP, UK OFSI). Every match includes the confidence score, the source list, and a link back to the primary government record. Every search — anonymous or authenticated — is logged. See the full list catalog or start a free trial to run your first screening.

This article is for informational purposes only and is not legal advice. Consult a qualified sanctions or export-controls attorney for guidance on your specific obligations.

Related articles