OFAC Search: How to Use the SDN Lookup Tool and Read Its Results Correctly

The OFAC SDN lookup tool is free, takes 30 seconds to run, and is regularly misread by people who know what they're doing. Not because the interface is confusing — it's simple. Because the results look more definitive than they are. A "no matches found" screen feels like a clearance. It isn't. A partial match at 84% feels like a near-miss worth dismissing. It can be a confirmed hit under the "reason to know" standard. And the 50 Percent Rule blocks entire ownership structures that never appear on the list at all.

This article covers what each result actually means, what it requires you to do next, and where the tool structurally cannot help you regardless of how carefully you use it.

What the SDN list actually contains (and why alias coverage matters more than the name)

The Specially Designated Nationals list is not a simple blocklist. Each entry includes a primary name, known aliases, date of birth, nationality, passport numbers, entity type, and the specific sanctions program authorizing the designation. One entity can carry 30+ aliases across Latin, Cyrillic, Arabic, and Chinese romanizations. Those aliases are where searches either hit or miss — and the tool matches against all of them simultaneously when you search.

OFAC does not publish designations on a schedule. Most weeks there's a batch on Tuesday mornings. But the Friday afternoon drop — a new designation landing at 4 p.m. — happens regularly, especially after geopolitical escalations. Between January and September 2025, OFAC published 47 separate list updates. A static copy of the SDN downloaded on Monday morning can be wrong by Friday afternoon.

The SDN is one of six OFAC-maintained lists. The Sectoral Sanctions Identifications (SSI) list covers Russian financial, energy, and defense entities under Executive Order 13662 — not blocked outright, but Directives 1–4 restrict specific transaction types. The Foreign Sanctions Evaders (FSE) list targets non-U.S. persons who helped others evade U.S. sanctions. There's also the Non-SDN Chinese Military-Industrial Complex Companies list and two others. The OFAC Consolidated Sanctions List combines all six.

Run a search against "SDN List Only" and you miss SSI-listed entities entirely. We've caught this in due diligence reviews on deals with Russian counterparties — the Consolidated list would have flagged the sectoral exposure; the SDN-only search returned nothing and the team treated that as a clean result.

How to run an OFAC search without the two settings that kill accuracy

Go to sanctionssearch.ofac.treas.gov. Four fields: Name, ID/Passport Number, Address, and a CSL toggle. Most people fill in the name and hit search. The two settings they ignore are what determine whether the search is worth anything.

List selection. The default is "SDN List Only." Change it to "Consolidated Sanctions List" before you run anything. This is the single setting that determines whether your search covers all OFAC programs or just one.

Confidence threshold. The tool uses fuzzy matching at 80% by default. A search for "Ahmad Al-Rashid" returns entries scoring above 80% similarity — catching "Ahmed Al-Rasheed" but potentially missing more distant romanizations of the same name. At 100%, you get exact character matches only. At 60%, you get everything that shares a common word, including noise.

The tool does not independently test multiple romanization standards for non-Latin names. A Farsi name transliterated three different ways can produce three different confidence scores — or none of them hit at 80%. We've seen Iranian SDN-listed entities clear automated searches under their transliterated business name and only match when an analyst ran their primary alias manually against the PDF list. Two different names. Same person. Different result.

Step by step:

1. Navigate to sanctionssearch.ofac.treas.gov
2. Select Consolidated Sanctions List — not SDN List Only
3. Enter the name exactly as it appears on your transaction documents
4. Run at 80% confidence; re-run at 65% for any counterparty with a non-Latin name origin
5. Review every result including partial matches — "reason to know" applies to partials
6. Download the current SDN list in XML or CSV monthly as your audit reference
7. Log the search date, list version, threshold used, and result for every search — including clean ones

How to read OFAC search results: three outputs, three required responses

"No matches found" means no entry in the selected list matched your input at the chosen threshold on the current list version. It is not a clearance. It doesn't address 50 Percent Rule exposure — entities owned 50%+ by an SDN are blocked but never appear on the list. It doesn't cover the bis entity list or State Department debarred parties. Document the search with the four required fields and re-screen if the transaction takes more than 30 days to close. OFAC treats screenings as time-stamped; conditions change.

Partial matches are where most teams get into trouble. The tool flags these with a confidence score below 100% but above your threshold. Dismissing a partial at 87% without manual review because "the score is low" is the kind of decision that appears in OFAC administrative subpoena responses. The correct response: pull the full SDN entry, compare every available identifier — date of birth, nationality, passport numbers, aliases — against your counterparty's KYC file. If at least two independent identifiers contradict the entry, a named compliance officer documents the comparison and approves the transaction. If identifiers are missing or ambiguous, hold the transaction and contact OFAC before proceeding. Not after.

Exact matches require an immediate block and a report to OFAC's Compliance Division within 10 business days under 31 C.F.R. § 501.604. The clock starts from the date you identified the match — not the date you finished your internal review. Teams that spend two weeks organizing paperwork before filing are accruing a second violation while they work on the first.

Five things the OFAC SDN lookup tool cannot catch

1. Beneficial ownership exposure. Under the 50 Percent Rule, any entity owned 50% or more — directly or indirectly — by an SDN is itself blocked, even if it appears nowhere on the list. The tool returns nothing for these entities because they are not listed. Chasing down UBO chains for counterparties with holding structures in the BVI, Cayman Islands, or Cyprus requires beneficial ownership data that sanctionssearch.ofac.treas.gov does not have.

2. Cryptocurrency wallet addresses. OFAC designates specific crypto wallet addresses on the SDN — the Binance settlement, one of the largest in OFAC history, explicitly cited failure to screen wallet addresses as a core violation. The name-search interface does nothing for digital asset exposure.

3. Vessel and aircraft identifiers. IMO numbers and aircraft tail numbers appear in OFAC enforcement actions. The tool doesn't search them.

4. Non-OFAC restricted party lists. A counterparty can be clean on the entire Consolidated Sanctions List and simultaneously appear on the BIS Entity List — which prohibits EAR-controlled exports without a license. We've talked to export managers who shipped EAR99-classified hardware to an Entity List-listed Chinese research institution after running a clean ofac check. OFAC clearance didn't help them with BIS.

5. Intraday list updates. If you screen a counterparty at 9 a.m. and OFAC publishes a new designation at 2 p.m. affecting the same transaction, your morning search result doesn't cover the afternoon reality. For transactions that extend over multiple days, re-screening before final execution is not optional.

OFAC search vs. the Consolidated Screening List: which one to use

The consolidated screening list (CSL) at trade.gov/consolidated-screening-list is a separate U.S. government tool maintained by the International Trade Administration. It pulls 13 lists from three agencies: OFAC (SDN and other programs), the Department of Commerce Bureau of Industry and Security (Entity List, Denied Persons List, Unverified List), and the Department of State (Debarred Parties, Nonproliferation Sanctions, and others).

The OFAC search tool does not include BIS or State Department lists. These are not duplicates — they're different programs with different legal authorities and different transaction consequences.

For export compliance, the minimum viable screening covers both: OFAC's sanctionssearch.ofac.treas.gov for sanctions exposure, and ITA's CSL for denied and debarred parties. Running one and skipping the other is not a compliance program. It's half of one.

Why OFAC enforcement keeps hitting companies that already screened

The pattern in 2025 enforcement settlements is consistent and it's not what most people expect. The companies being penalized generally did screen. The problem is they couldn't prove it.

OFAC settlements in manufacturing, freight forwarding, and technology distribution regularly land in the $200,000–$800,000 range for non-financial companies. Not the nine-figure bank cases. The kind that hits a mid-market exporter on a Tuesday and doesn't make any news.

OFAC's administrative subpoenas ask for four things: the date of the search, the list version queried, the confidence threshold used, and the result — including negative results. Teams that log hits but treat clean results as requiring no documentation have nothing to show when that subpoena arrives. "We checked and it was clean" without a timestamp and a list version isn't a defense. It's evidence that the program didn't function.

The Framework for Compliance Commitments — OFAC's controlling guidance — identifies five components a sanctions program needs: management commitment, risk assessment, internal controls, testing and auditing, and training. Companies that can show all five, even imperfectly, receive materially better treatment. The ones that can show none get the egregious designation, and the penalty calculation changes completely.

FAQ

We got a partial match at 84% — the names look similar but DOB is different. Can we approve the transaction?

You can make a documented disposition decision, but you can't just move on. Pull the full SDN entry. Compare DOB, nationality, passport numbers, and aliases against your counterparty's KYC file. Two independent identifiers that contradict the entry support a clearance decision — but a named compliance officer has to document the comparison and sign off. If your KYC file is thin and the identifiers are ambiguous, the correct move is to hold and submit an OFAC inquiry. Approving on "the score was only 84%" without a documented comparison is how partial matches become enforcement cases.

Our counterparty has a Chinese company name — we searched it and got nothing. Are we covered?

Probably not fully. The tool matches against the name as entered, not against every possible romanization or character-set rendering. A Chinese entity's English trade name, its Pinyin transliteration, and its registered Chinese characters can produce completely different results. Run the search in every form the name appears on your documents, check their English alias field manually in the SDN PDF, and if the entity has ownership links to mainland China, run a 50 Percent Rule check — because that's where most of the exposure actually sits.

Our counterparty was clean six weeks ago. Do we need to re-screen before we close the deal?

Yes. OFAC treats each screening as time-stamped. The list updates 2–3 times per week. If your transaction timeline exceeds 30 days, a clean result from six weeks ago does not cover your closing date. This is not an edge case — it's a documented gap that appears in enforcement actions involving deals with extended timelines. Re-screen within 24–48 hours of transaction execution.

What's the actual difference between an SDN screening and a full sanctions screening?

SDN screening checks one list. Full sanctions screening — or what OFAC calls Consolidated Sanctions List screening — covers all six OFAC-maintained lists simultaneously, including the SSI list (which restricts specific transaction types with Russian entities without blocking them outright) and the FSE list. Beyond that, complete restricted party screening also covers BIS and State Department lists that OFAC's tool doesn't touch. Define in writing which lists your program covers and document that scope. OFAC's Framework asks for it explicitly.

We process 400 transactions a month manually. Is that a compliance program or a liability?

Technically legal, practically a liability at that volume. Manual searches at scale create three specific gaps: inconsistent confidence threshold settings across different staff members, no intraday coverage when OFAC publishes afternoon updates, and documentation quality that degrades under volume pressure. OFAC's penalty framework under 31 C.F.R. Part 501, Appendix A weighs whether a compliance program actually functioned — not just whether a search was technically run. A process that produces inconsistent documentation across 400 transactions is a program with a pattern of gaps, and OFAC will read it that way.

The OFAC search tool is the right place to start. It's not the end of the analysis. It covers listed names at a point in time, at a confidence threshold you control, on a list version that will be updated before some of your transactions close. It does not see beneficial ownership chains, wallet addresses, vessel identifiers, or the BIS and State lists that sit completely outside its scope.

Most compliance failures we've seen come from teams that ran the tool correctly and assumed that was enough. It isn't. The SDN check is one component. Documenting every search with the right four fields is another. Running 50 Percent Rule checks on counterparties with complex ownership is a third. Covering BIS and State lists is a fourth. None of those are optional if you're moving goods or money across borders at any meaningful volume.

If your current workflow doesn't cover all of that consistently, Lenzo is built specifically for this: daily OFAC feed updates, automated 50 Percent Rule beneficial ownership screening, multi-list restricted party checks across OFAC, BIS, and State, and search logs that capture exactly what OFAC's subpoenas ask for — date, list version, threshold, result — on every transaction automatically.