Sanctions Screening

Most banks screen customers at onboarding and then periodically—monthly, quarterly, or when processing high-risk transactions. They download sanctions lists from OFAC, UN, EU, and UK databases, run batch screening overnight, and investigate matches the next day. This worked when sanctions lists were stable and updates were infrequent.

That world no longer exists. Sanctions lists now update multiple times weekly. Geopolitical crises add hundreds of names overnight. Russia sanctions. North Korea designations. Myanmar restrictions. Iran nuclear program entities. Each crisis brings waves of new sanctions, PEP additions, and beneficial ownership revelations.

Periodic screening creates exposure gaps. A customer gets sanctioned on Monday. Your bank screens quarterly. That customer continues transacting for three months before your next screening cycle catches them. During those months, every transaction creates regulatory violations and reputational risk.

Even daily screening has gaps. Lists update at 2 AM. Your screening runs at midnight. A sanctioned individual transacts at 10 AM before your next screening cycle. That's ten hours of unprotected exposure. In high-velocity environments, that's thousands of transactions before detection.

Name matching creates operational nightmares. Arabic names have multiple transliterations. Mohammed, Muhammad, Mohamed—all the same person, different spellings. Add fuzzy matching to catch variations, and you generate thousands of false positives. Your analysts spend entire days clearing innocent customers with common names. Tighten matching criteria, and you risk missing actual sanctions matches due to spelling differences.

The workload is constant and manual. Every sanctions list update requires re-screening your entire customer base. For a bank with 500,000 customers, that's 500,000 name checks against every list update. Matches require manual investigation—reviewing customer profiles, assessing match quality, documenting decisions. The process consumes entire compliance teams.

Mirsad AI provides continuous sanctions protection through two mechanisms: real-time transaction screening and daily customer base re-screening. You maintain zero-gap coverage without manual intervention.

Real-time transaction screening happens at the moment of transaction. Before any payment processes, before any wire transfer executes, Mirsad screens all parties—sender, recipient, intermediary banks, beneficial owners—against current sanctions lists. OFAC, UN, EU, UK, and regional PEP databases are checked simultaneously. Transactions involving sanctioned entities are blocked instantly.

This isn't fuzzy matching that flags every Mohammed. Rasid applies intelligent name matching that understands transliteration patterns, cultural naming conventions, and contextual factors. When a customer named Mohammed Ahmed Hassan makes a payment, Rasid doesn't just compare strings. It examines: Does this customer have documented identity verification? Are their biographical details consistent? Is their transaction history legitimate?

A 91% name match to a sanctioned individual named Mohamed Ahmad al-Hassan in Yemen triggers investigation. Rasid analyzes: The customer is 32, employed in Bahrain for six years, with verified passport and residence permit. The sanctioned individual is 58, based in Sana'a, designated for terrorism financing. Despite name similarity, these are clearly different people. Case cleared with documented reasoning.

Muhaqqiq handles ambiguous matches—same name, similar age, overlapping geographic connections. It conducts enhanced investigation: beneficial ownership verification, relationship network mapping, source-of-funds analysis, cross-reference with adverse media. It determines whether this is a genuine sanctions match or a false positive requiring clearance.

Muhtasib prepares regulatory documentation when sanctions matches are confirmed—same individual, clear identity overlap, undeniable connection to designated entity. It compiles transaction histories, relationship evidence, sanctions list references, and investigation reasoning. Your compliance officer receives a case file ready for regulatory filing and account freezing procedures.

Watchtower handles daily customer base re-screening. Every night, your entire customer base—all 500,000 or 5 million profiles—gets re-screened against updated sanctions lists. OFAC published new designations today? Your customers are screened tonight. UN added PEP names? Checked automatically. EU expanded Russia sanctions? Your customer base is verified before morning.

This happens without human intervention. Watchtower processes millions of profiles overnight, generates matches, and routes them directly to the autonomous investigation workflow. Rasid clears false positives. Muhaqqiq investigates ambiguous cases. Muhtasib prepares action items for genuine matches. Your compliance team arrives in the morning with investigation-ready alerts, not a backlog of unchecked names.

Exposure gaps disappear. Your customers are screened daily, not quarterly. Sanctions list updates trigger automatic re-screening within hours, not weeks. Real-time transaction screening means no payment involving sanctioned entities ever processes. Zero-gap coverage becomes standard.

False positive rates drop below <1%. Intelligent name matching understands transliteration patterns and cultural conventions. Your analysts stop clearing hundreds of innocent Mohammeds and focus on genuine sanctions risks. The system distinguishes between name similarity and identity overlap.

Screening workload becomes autonomous. Watchtower processes millions of profiles overnight. Rasid clears false positives automatically. Muhaqqiq investigates ambiguous matches. Your compliance team reviews only the cases requiring human judgment—not every match generated by fuzzy logic.

Regulatory compliance becomes provable. Complete audit trails document every screening cycle, every sanctions list update, every match investigation. Examiners ask when you last screened against Russia sanctions? Every customer, last night. When did you implement the new OFAC updates? Automatically, within three hours of publication.

Your compliance team transforms from name-matching processors to strategic risk managers. The system adapts to sanctions evolution—new lists get integrated automatically. Emerging geopolitical risks are incorporated without manual configuration. Your screening coverage expands with global sanctions complexity, not with headcount.

Integration requires two components: real-time transaction screening and Watchtower batch screening. Real-time screening connects to your payment processing infrastructure. Watchtower connects to your customer database for nightly re-screening.

Weeks 1-2: API connectivity and data mapping. We integrate with your transaction flows and customer profile databases. Sanctions list subscriptions are configured—OFAC, UN, EU, UK, regional PEPs, and any jurisdiction-specific lists you require.

Weeks 3-4: Name matching calibration. Your team provides examples of known false positives and true matches from historical screening. We tune matching thresholds for your customer demographics—Arabic name patterns, transliteration handling, cultural conventions. The goal: maximize true match detection while minimizing false positive noise.

Weeks 5-12: Parallel testing. Both systems run independently. Your existing screening continues through current processes. Mirsad screens the same transactions and customer base simultaneously. You compare match rates, validate accuracy, and measure false positive reduction.

Go-live criteria: 99.9%+ sanctions match detection rate, <1% false positive rate, 100% daily customer base coverage, real-time transaction screening operational. Production deployment only after you validate these metrics against your historical sanctions cases.

Your data remains in your environment. Customer profiles and transaction data stay on your infrastructure. We push sanctions list updates and collect anonymized screening statistics—zero access to customer PII or transaction details. Watchtower operates as infrastructure within your environment, not a cloud service processing your data externally.