GLOBAL PAYMENTS KNOWLEDGEISO 20022 / SWIFT / SEPA / MT / MX

Sanctions Screening / Learning brief

Anatomy of a sanctions list entry

Your notes

What this means in plain language

A single sanctions list record holds a primary name, aliases, dates and places of birth, nationalities, and identifiers, each tied to a programme tag. This article explains how every field drives a screening match and a defensible review.

A sanctions list is not a plain list of names; each entry is a structured record with many fields. At its centre sits a primary name, but around it are aliases (also known as names), one or more dates of birth, places of birth, nationalities, and identifiers such as passport or national identity numbers. Each entry also carries a programme tag showing which sanctions regime added it and why. A screening system compares customer and payment data against every field, not just the primary name. Understanding the record's shape explains why a match can fire on an alias or a date of birth rather than the headline name, and why a strong entry with several identifiers produces cleaner, more defensible results than a bare name. Reading an entry field by field is the first skill in screening analysis.

Understand the full idea, step by step

A letter arrives addressed to "J. Smith". Before you can act on it you have to decide which J. Smith — the neighbour two doors down, or a stranger who shares the name. You settle it with extra details: the flat number, a middle initial, a date you both remember. A sanctions list entry is the profile a screening team uses to make exactly that call about a party in a payment.

One list entry, field by field (SYNTHETIC — TRAINING ONLY)

Primary name
Orlin Freight Holding
Aliases (AKAs)
Orlin Freight; Orlin Logistics Group
Entity type
Company
Country / address
Registered office listed in one jurisdiction
Registration number
A national company registration identifier
Programme tag
Names the authority and the sanctions programme under which it was listed

The primary name is the heading, not the whole record

A sanctions list entry is a record with named fields, and each field is a separate signal. The primary name is where the eye goes first, but it is rarely where a match is decided. Aliases — also-known-as names — capture spellings, transliterations, and former names for the same party. For a person, a date of birth, place of birth, and nationality narrow a common name to one individual. Identifiers such as a passport number, a national identity number, or a company registration number are the strongest fields, because they are meant to be unique. Wrapping all of it is a programme tag recording which authority listed the party and under which regime.

Sanctions list entryone structured record describing a listed party

A sanctions list entry is a single record on an official list that names a party a firm must not deal with, together with the supporting details that let a screening system recognise that party in real data. The engine compares an incoming customer or payment against every populated field and combines the results into a score — so reading the entry field by field, rather than skimming the name, is the first analytical skill in screening.

You may be wondering: if the name matched, is the work not already done?

No — a name match is where the review starts, not where it ends. Names are the weakest field: common names are shared by unrelated parties, and spelling shifts across languages and systems. The other fields are what turn a coincidence into a confident answer. If the entry carries a date of birth or a registration number and the payment carries the same one, agreement is strong evidence of a true match. If they clearly disagree, that is strong evidence the alert is a coincidence — which Kabir records through a documented review, never a silent dismissal.

How the fields drive the comparison

  1. VALIDATION

    The engine compares names fuzzily, because spelling, word order, and transliteration vary. Near agreement counts as partial evidence, not proof.

  2. VALIDATION

    It widens the same comparison across the aliases, so a former or alternative name still raises the alert.

  3. VALIDATION

    Structured fields — date of birth, place of birth, nationality — either agree or they do not, so they confirm or separate two parties who share a name.

  4. VALIDATION

    Identifiers carry the most weight: a matching passport or registration number turns a probable match into a near-certain one; a clear mismatch is strong evidence of a false positive.

  5. VALIDATION

    The programme tag does not drive the comparison — it shapes the response, telling Kabir which regime applies and how the outcome must be handled.

A bare entry versus a rich entry
Name onlyName plus identifiers
Fields to compareJust the nameName, dates, place, identifiers
Alerts producedMore, and weaker on eachFewer, and stronger on each
Reviewer canOnly judge a nameConfirm or clear on a specific field
Decision note readsThin and uncertainShort, factual, defensible

COMMON CONFUSION

A match on the primary name proves the payment involves the listed party.

It proves only that a name resembled a listing. Whether it is the same party is decided by the supporting fields. Kabir treats each field as evidence and records which fields agreed and which stayed silent — that structured reading is what makes the decision explainable to a reviewer or auditor later.

STRICTLY SPEAKING

Strictly speaking, regimes and vendors populate entries to very different depths: some records carry several identifiers and full biographic detail, others are little more than a name and a programme tag. So real entries range from sparse to detailed, and an operation confirms what its own lists actually contain rather than assuming every field is present.

FOR NOW, REMEMBER

  • A sanctions list entry is a structured record — primary name, aliases, dates and places, identifiers, and a programme tag — not just a name.
  • Names are the weakest field; identifiers are the strongest, working as both confirmers and eliminators.
  • The programme tag shapes the response rather than the comparison, naming the authority and regime.
  • Reading an entry field by field is what makes a screening decision explainable after the fact.

TRY IT YOURSELF

An alert fires on a payment because the beneficiary name closely resembles a listed entry. The entry carries a company registration number; the payment carries a clearly different registration number for a company with the same name. What does Kabir have?

Strong evidence the alert is a coincidence, to be resolved by a documented review rather than a silent close.

Correct — Correct. A clear mismatch on a strong identifier is powerful evidence that a name agreement is coincidental. It resolves the alert, but only through a review that records which fields disagreed, so the reasoning survives an audit.

Proof of a true match, because the names agree and a name is the primary field.

Not this one — The name is the weakest field. When a strong identifier clearly disagrees, the name agreement is most likely a coincidence — the identifiers outweigh a shared name.

Nothing usable — only the programme tag can decide a match.

Not this one — The programme tag shapes how a confirmed match is handled; it does not decide whether two parties are the same. The registration numbers are exactly the evidence that decides that here.

If identifiers are what turn a shared name into a confident answer, the next question follows naturally: why do those identifiers, and clean data on both sides, matter so much for matching?

KEEP GOING

Three things to remember

  1. 01

    A sanctions entry is a structured record, not a single name.

  2. 02

    Aliases, dates of birth, places, nationalities, and identifiers each give the screening engine something specific to match on.

  3. 03

    The programme tag records which regime listed the party and supports the review decision.

Where you would use this

USE CASE 01

A screening analyst reads every field of an entry to judge whether an alert is a true match or a false positive.

USE CASE 02

A data team maps customer and payment fields to the correct entry fields so the comparison is meaningful.

USE CASE 03

A compliance officer cites the programme tag and identifiers when documenting why a payment was held or released.

Put the idea into a real situation

Illustrative example: a fictional list entry names 'Orin Vale' as the primary name, with two aliases ('O. Vale' and 'Orin V. Vale'), one date of birth (14 March 1971), a place of birth (the fictional town of Port Alder), one nationality, and a passport number (X0000000). A payment names 'Orrin Vale', born 14 March 1971. The engine scores a near-name agreement plus an exact date-of-birth match and raises an alert. An analyst compares the passport field, finds no number on the payment, and escalates for a documented review rather than releasing on the small name difference alone.

Evidence & review

REVIEWED 2026-07-13

Sanctions screening generally; field examples reflect the structure of major official lists (for example OFSI, OFAC, UN, EU). Not legal advice; a firm's obligations depend on the lists and jurisdictions it is subject to.

What this brief simplifies: Uses one synthetic entry and a simplified field-by-field match model. Real engines combine many weighted features and vendor-specific scoring, and entry completeness varies by regime.

Sources for this brief3
  1. Official requirement

    The UK Sanctions ListUK Government (FCDO and HM Treasury / OFSI) · Consolidated list record structure

    The single authoritative source for UK sanctions designations, including the asset-freeze targets that UK financial sanctions screening must cover. · Checked 2026-07-12

    From 28 January 2026 the UK Sanctions List replaced OFSI's separate Consolidated List of Financial Sanctions Targets, which is no longer updated; OFSI provides a search tool over current designations.

  2. Market practice

    Wolfsberg Group Sanctions Screening GuidanceThe Wolfsberg Group · Use of primary and secondary identifiers in matching

    Industry guidance on the elements of an effective sanctions screening programme: the risk-based approach, list management, matching technology, alert generation, and alert handling. · Checked 2026-07-12

    Wolfsberg guidance is industry market practice, not law; institutions vary in how they apply it.

  3. Simplified educational illustration

    Payments Signal editorial teaching modelsPayments Signal

    This site's own simplified teaching models. · Checked 2026-07-12

    Used wherever diagrams, scenarios, figures, or example values are didactic constructions rather than sourced facts; every such use carries a simplifications disclosure. All people, companies, banks, and list entries in examples are fictional.

Learn this properly

Related briefs

View Sanctions Screening archive

What sanctions are and why payments are screened

Sanctions are legal restrictions on dealing with listed people, entities, and places. Screening is the control that enforces them, checking every customer and payment against official lists before money is allowed to move.

READ BRIEF

Who issues sanctions: regimes and authorities

Several authorities issue sanctions: the United Nations, the United States, the European Union, and the United Kingdom among them. Their lists overlap but are not identical, so a bank must decide which regimes its business obliges it to apply.

READ BRIEF

Sanctions screening versus AML and fraud

Sanctions screening is a list check with an immediate stop. Anti-money-laundering monitoring looks for suspicious patterns after the fact, and fraud detection protects against theft in real time. The three share data but differ in purpose, timing, and outcome.

READ BRIEF