GLOBAL PAYMENTS KNOWLEDGEISO 20022 / SWIFT / SEPA / MT / MX

Sanctions Screening / Learning brief

Types of lists in a screening product

Your notes

What this means in plain language

A screening product manages several distinct kinds of list — official sanctions, politically exposed persons, adverse media, internal watchlists, allow lists, geography, institution, and regulatory-request lists. Each list has a different purpose and drives matching and disposition differently.

A screening product is only as useful as the lists it checks names against. Those lists are not all the same. Official sanctions lists name parties an institution is legally forbidden to deal with. PEP (politically exposed person) lists flag people in prominent public roles who warrant closer review. Adverse-media lists gather negative news signals. An institution also keeps its own private watchlists and allow lists — sometimes called good-guy lists — that record parties already cleared. Country and geography lists carry risk ratings for places, while institution and BIC (Business Identifier Code) lists cover banks and their routing identifiers. Regulatory-request lists, such as a 314(a) request list in the United States, hold names authorities have asked firms to check. Each type differs in who publishes it, how a match is treated, and whether a hit blocks a payment, opens a review, or quietly clears it.

Understand the full idea, step by step

Picture a doorkeeper at an event holding several sheets: a list of people who must not be let in, a list of names to watch and report, a list of already-cleared regulars waved straight through, and a note about which neighbourhoods tonight's trouble is coming from. Same doorway, different lists, different actions. A screening product manages its lists in much the same way — and confusing one kind for another is a real mistake.

Official lists versus judgement lists

The lists split into two broad groups by legal force. Official sanctions lists, published by governments and international bodies, name parties an institution must not transact with; a confirmed match is not a matter of judgement — it typically blocks the payment and opens a case. The second group informs judgement rather than compelling action. PEP (politically exposed person) lists flag people in prominent public functions — ministers, senior officials, their close associates — because their role carries higher corruption risk, not because dealing with them is forbidden. Adverse-media lists gather negative news signals tied to a name. A match on either usually raises the review level and may call for enhanced due diligence, but does not by itself stop a payment.

The institution's own lists

Alongside published lists, a product manages lists the firm builds itself. Internal watchlists (or blocklists) record parties the firm has decided to monitor — a counterparty flagged in an earlier investigation, say — and behave much like a sanctions list mechanically, though the firm controls their contents and rules. Allow lists, sometimes called good-guy or whitelists, do the opposite: they record parties already investigated and cleared, so the engine can suppress a hit that would otherwise recur on every payment to a known, legitimate counterparty. Used carefully, an allow list cuts repeat false positives without weakening coverage — but only because every entry is added after a documented review, carries who approved it and on what evidence, and is itself audited.

List type, purpose, and what a match does
List typePurposeTypical disposition
Official sanctionsParties a firm must not deal withBlocks and escalates
PEPHigher-risk public rolesRaises review level
Adverse mediaNegative news signalRoutes to review
Internal watchlistFirm's own parties to monitorRoutes to a queue
Allow listAlready cleared, legitimate partiesSuppresses the repeat hit

You may be wondering: if the lists work so differently, does the matching also differ by list?

Yes — the matching follows the purpose. Sanctions and internal watchlists feed fuzzy name matching that tolerates spelling variants and transliteration, because a near-match to a forbidden party still warrants a look. Allow lists feed suppression logic. Lists of countries or of institutions and their routing identifiers often feed exact or structured matching against specific message fields. So a product's real skill is applying the right matching technique, and the right disposition, to the right kind of list.

Allow list (good-guy list)a governed record of cleared parties

An allow list records parties a firm has already investigated and cleared, so the engine can stop re-raising the same hit on every payment to a known, legitimate counterparty. It is a record of decisions the firm can justify, not a shortcut past screening: entries are added only after a documented review, are attributed to an approver, and are audited — because yesterday's cleared namesake can become tomorrow's designation, and the entry must be revisited when the lists change.

COMMON CONFUSION

A PEP or adverse-media match is a reason to block a payment, just like a sanctions match.

Only official sanctions carry that legal force. A PEP flag marks higher corruption risk and an adverse-media flag marks a news signal — both usually raise scrutiny and may trigger enhanced due diligence, but neither, by itself, forbids the dealing. Treating them as automatic blocks confuses a judgement input with a legal prohibition.

STRICTLY SPEAKING

Strictly speaking, real regimes and product designs vary by jurisdiction — some firms also maintain country and geography risk lists, and lists of institutions and their routing identifiers, so screening can raise scrutiny on higher-risk locations or screen intermediary banks, not only ultimate parties. An institution maps each list to its own policy rather than assuming a single universal taxonomy.

FOR NOW, REMEMBER

  • Official sanctions lists compel action; PEP and adverse-media lists inform judgement.
  • Firms also build their own lists — internal watchlists to monitor, allow lists to suppress cleared, repeated false positives.
  • An allow list is a governed, audited record of justified decisions, not a way past screening.
  • Matching and disposition follow the list's purpose: fuzzy-and-block for sanctions, suppress for allow lists, structured for geography and institutions.

TRY IT YOURSELF

A payment at Meridian Bank raises a match on an adverse-media list for the beneficiary — a negative news signal, with no sanctions listing involved. What is the appropriate handling?

Raise the review level and apply the firm's risk policy — possibly enhanced due diligence — but do not treat the flag as an automatic block.

Correct — Correct. Adverse media is a judgement input, not a legal prohibition. It warrants closer scrutiny and may lead to enhanced due diligence, but only an official sanctions match compels blocking.

Block the payment immediately, because any list match means the party cannot be dealt with.

Not this one — Blocking is the disposition for a confirmed official sanctions match. Adverse media carries no such legal force; treating it as an automatic block confuses a risk signal with a prohibition.

Clear it at once, since only sanctions lists are worth reviewing.

Not this one — Adverse media is not decisive but it is not ignorable either — it exists precisely to raise the review level. Clearing without review skips the judgement the list is meant to prompt.

You now know the lists a product manages. Next: how the whole product fits together — list management, the matching engine, hold queues, case management, tuning, and audit, end to end.

KEEP GOING

Three things to remember

  1. 01

    Screening lists differ by publisher, legal weight, and how a match is handled.

  2. 02

    Sanctions lists can block a payment; PEP and adverse-media lists usually trigger review, not a block.

  3. 03

    Allow lists and internal watchlists let an institution tune outcomes to its own risk decisions.

Where you would use this

USE CASE 01

A compliance team loads official sanctions lists so forbidden parties are stopped before settlement.

USE CASE 02

An onboarding analyst screens a new customer against PEP and adverse-media lists to decide the review level.

USE CASE 03

An operations lead adds a repeatedly cleared counterparty to an allow list to cut avoidable false hits.

Put the idea into a real situation

Illustrative example: a fictional bank, Meridian Trust, screens a EUR 48,200.00 payment to a beneficiary named Anton Vale. The name raises no hit on any official sanctions list, but it matches a PEP list entry for a regional finance minister and appears on the bank's internal watchlist from a prior review. The sanctions check clears in under 2 seconds, while the PEP and internal-watchlist matches route the payment to a review queue for a human analyst rather than blocking it outright.

Evidence & review

REVIEWED 2026-07-13

Screening product list taxonomy generally; the legal weight of each list type depends on the firm's jurisdiction and policy. Not legal advice.

What this brief simplifies: Groups lists into a teaching taxonomy; real products may split or combine these and add geography and institution lists with their own rules.

Sources for this brief3
  1. Official requirement

    The FATF Recommendations: International Standards on Combating Money Laundering and the Financing of Terrorism & ProliferationFinancial Action Task Force · PEPs and enhanced due diligence measures

    The global standards countries implement against money laundering, terrorist financing, and proliferation financing, including targeted financial sanctions and payment transparency under Recommendation 16. · Checked 2026-07-12

    Adopted in 2012 and updated regularly since; the June 2025 FATF plenary agreed revisions to Recommendation 16 on payment transparency. Consult the live consolidated text for the current wording.

  2. Market practice

    Wolfsberg Group Sanctions Screening GuidanceThe Wolfsberg Group · List types and good-guy list governance

    Industry guidance on the elements of an effective sanctions screening programme: the risk-based approach, list management, matching technology, alert generation, and alert handling. · Checked 2026-07-12

    Wolfsberg guidance is industry market practice, not law; institutions vary in how they apply it.

  3. Simplified educational illustration

    Payments Signal editorial teaching modelsPayments Signal

    This site's own simplified teaching models. · Checked 2026-07-12

    Used wherever diagrams, scenarios, figures, or example values are didactic constructions rather than sourced facts; every such use carries a simplifications disclosure. All people, companies, banks, and list entries in examples are fictional.

Learn this properly

Related briefs

View Sanctions Screening archive

How a sanctions screening product works

An end-to-end view of the capabilities leading sanctions screening products share — list management, a matching engine, real-time and batch screening, hold queues, alert and case management, disposition, tuning, and audit.

READ BRIEF

Sanctions screening versus AML and fraud

Sanctions screening is a list check with an immediate stop. Anti-money-laundering monitoring looks for suspicious patterns after the fact, and fraud detection protects against theft in real time. The three share data but differ in purpose, timing, and outcome.

READ BRIEF

The risk-based approach to screening

The duty to freeze is absolute, but how a bank calibrates its screening, which lists, how sensitive the matching, how often it re-screens, is a set of documented, defensible risk decisions proportionate to the bank's exposure.

READ BRIEF