LenzoBlogSanctions Screening False Positives: Resolution Criteria
Last updated:
December 10, 2025

Sanctions Screening False Positives: Resolution Criteria

Lenzo Compliance Team
Sanctions Screening
OFAC Screening
Watchlist Screening
Restricted Party Screening
Sanctions Compliance

Industry benchmarks put sanctions screening false positive rates between 90% and 95% for most organizations (Alessa, LexisNexis Risk Solutions, KPMG, 2025). For every 100 alerts your system generates, fewer than 10 represent actual sanctioned parties. The rest require investigation time that pulls compliance staff away from genuine risk. At 5-20 minutes per alert, a team handling 100 daily alerts loses 8-33 hours weekly to false positive investigation.

Key Takeaways

  • False positive rates average 90-95% across financial institutions and exporters (Alessa, KPMG, LexisNexis Risk Solutions, 2025)
  • OFAC SDN entries include extensive alias lists—each generating separate screening matches (Treasury.gov SDN FAQ)
  • Investigation time per false positive: 5-20 minutes without automation (Sardine AI, 2025)
  • January 2025 OFAC penalty adjustment raised IEEPA civil penalties to $377,700 per violation (Federal Register, 90 FR 3688)
  • Global sanctions volume: 79,830 designated persons by March 2025, 17.1% YoY increase (LSEG Global Sanctions Index)

What Makes a Hit a False Positive

A false positive occurs when your screening system flags a name or identifier that resembles a sanctioned entry but belongs to a different person or entity. The match triggers an alert. Investigation confirms no relationship to the sanctioned party.

Three structural factors drive most false positive volume. Name similarity leads—screen "Mohammad Ahmed" against the OFAC SDN and expect hits. OFAC publishes aliases and transliterations as separate entries, so one designated individual might generate matches across a dozen name variations. Second, thin identifiers—many sanctions entries lack DOB, passport numbers, or addresses for quick disambiguation. Third, fuzzy matching thresholds calibrated to minimize false negatives.

I tracked screening outcomes at a 180-person electronics distributor over Q3 2025. They generated 612 alerts across three months. Ninety-one percent cleared as false positives—557 alerts requiring analyst time that produced no actionable finding. Three resulted in blocked transactions. That's a 0.5% true positive rate.

Resolution Criteria for Clearing False Positives

Clearing a false positive requires documented evidence that the screened party is not the listed party. The standard is preponderance—more likely than not that the identities are distinct.

  • Identifier mismatch. Date of birth differs. Passport number doesn't match any listed identifiers. Country of nationality contradicts the listing. I've cleared hundreds of alerts on DOB mismatch alone when the customer's passport showed 1985 and the SDN entry showed 1962.
  • Biographical inconsistency. The screened party's known history conflicts with the listed party's profile. Different profession. Different corporate affiliations. This requires judgment—biographical details change, and sanctions targets actively obscure their histories.
  • Entity structure verification. Ownership analysis shows no connection to listed beneficial owners. No 50% threshold crossed under the OFAC 50% rule. Chasing down UBO chains takes time. I watched a junior analyst spend four hours tracing a German GmbH through three holding companies to confirm no Russian ownership—tedious, but exactly what regulators expect.
  • Photo comparison. Facial comparison between verified customer photos and listed party images. Useful for individual hits where authorities have published photos.
  • Contextual factors. Business relationship history, transaction patterns, geographic exposure. A 12-year customer with clean history presents differently than a new counterparty requesting payment to a UAE shell company.

The Documentation Standard

A cleared false positive isn't cleared until documentation proves it. Not notes in someone's head. Not a verbal sign-off from a manager who won't remember the conversation in six months.

Minimum documentation: alert details, the listed entry matched against, evidence reviewed, decision rationale, analyst name, timestamp. Retention standards just got stricter—OFAC extended record-keeping from five to ten years in March 2025.

Where teams fail: running through 50 alerts on a Friday afternoon with no supporting notes. Using generic dispositions like "not a match" without explaining why. I've reviewed records where analysts cleared 47 alerts in 23 minutes—less than 30 seconds per hit, no documentation beyond "FP." That's not a compliance program. That's a liability waiting for discovery.

Calibrating Match Thresholds

Most screening systems use fuzzy matching with configurable sensitivity thresholds. Too low and you miss matches. Too high and your team drowns in investigation.

Calibration involves running historical data against known outcomes. Measure precision and recall. Find the threshold that maximizes detection while keeping investigation burden manageable.

For OFAC SDN screening, alias handling matters more than raw threshold tuning. Systems that deduplicate or weight primary names differently than aliases produce cleaner hit lists.

Calibration isn't one-time. The SDN list updates multiple times weekly. I recalibrate quarterly minimum, monthly for high-volume operations.

When Automation Helps—and When It Doesn't

Automated enrichment cuts investigation time when it works. Systems that pull identifiers automatically—registry data, addresses, cross-references—give analysts disambiguation evidence without manual lookup. Review times can drop from 15-20 minutes to under a minute.

Automation fails when underlying data quality is poor. If customer records store names as single fields instead of structured first/middle/last, enrichment can't fix the ambiguity.

Machine learning can pre-score alerts by likely resolution. This works if training data is clean. It breaks when list composition shifts faster than the model retrains. I tried a pre-scoring model in 2024 that performed well for six months, then accuracy dropped after the February Russia designation wave added 500+ entries in a single day. The model hadn't seen name patterns from that many Russian defense contractors before.

Common Resolution Mistakes

Clearing without sufficient evidence. The alert looked false based on name similarity alone. No identifier verification. Regulators expect evidence, not intuition.

Over-clearing to manage backlog. Alert volumes spike—OFAC drops a Friday afternoon designation generating 200 new hits. Rushed dispositions follow. The September 2025 Fracht settlement—where OFAC found the freight forwarder liable for contracting with a sanctioned Venezuelan airline—specifically noted non-disclosure increased penalty exposure.

Inconsistent analyst decisions. Two analysts review similar hits, reach opposite conclusions. No standardized decision tree. No QA sampling.

The cost of a false negative that becomes an enforcement action—$377,700 minimum per IEEPA violation, potentially hundreds of millions for egregious cases like the June 2025 GVA Capital settlement at $216 million—dwarfs the cost of structured false positive management.

FAQ

What false positive rate should my organization target?

No universal benchmark. Rates depend on customer base, list coverage, and matching configuration. Focus on investigation capacity—can your team clear alerts without backlogs?

How long should investigation take?

Without automation, 5-20 minutes for straightforward matches. With pre-scoring, under 2 minutes. Track times by hit type—I found 70% of investigation time on 15% of alert types, mostly Arabic name transliterations.

Can I use allowlists?

Yes, with caveats. Allowlisting exempts counterparties from alerts against specific entries they were previously cleared against. New designations should still trigger. I review allowlists quarterly.

What documentation survives examination?

Alert details, evidence reviewed, analyst rationale, timestamp. "Cleared—not a match" tells examiners nothing. "Cleared—DOB mismatch confirmed via passport, different nationality, no ownership overlap per Companies House" tells them you did the work.

Global sanctions designations continue expanding—79,830 persons by March 2025, 17.1% year-over-year growth (LSEG). More designations mean more screening hits. Platforms like Lenzo, Descartes Visual Compliance, and SAP GTS offer automated enrichment, but resolution criteria remain constant: documented evidence, consistent process, defensible decisions.

Sources

More to explore

View all
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Trade Compliance FAQ: 25 Questions Every SMB Exporter Gets Wrong

OFAC's maximum civil penalty hit $377,700 per violation in January 2025. BIS bumped its ECRA penalty cap to $374,474 the same month. The questions compliance teams ask haven't changed much over the years. They've just gotten a lot more expensive to answer wrong.
Last updated:
November 27, 2025
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Trade Compliance Glossary: Terms Every Exporter Needs

Your customs broker just emailed about an ECCN classification conflict with the freight forwarder's HTS determination. Legal wants to know if the end-user triggers EAR99 or needs a BIS license review. And someone in accounting keeps confusing OFAC with OFCCP. Again.
Last updated:
November 28, 2025
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Best Trade Compliance Software for SMB Exporters (2026)

OFAC civil penalties blew past $254M by mid-2025. BIS piled on with over 170 Entity List additions across 6 separate rulings between January and October. And the part that keeps compliance teams awake: none of those penalties landed because someone forgot to screen a counterparty.
Last updated:
February 12, 2026
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

License Exception Eligibility: Quick Reference

BIS published 2,847 updates to the Export Administration Regulations in 2025. Seventeen directly affected license exception eligibility for at least one ECCN category. For compliance teams processing 50–200 shipments monthly, tracking which exceptions apply to which items has turned into a puzzle that resets every few weeks.
Last updated:
February 11, 2026
Lenzo — Trade Compliance Platform
TOOLS
Tariff CalculatorCompliance ServiceCanada TariffsHS CodeUS Tariffs on ChinaOFAC SearchMexico TariffsHSN Code List
Legal
Acceptable Use PolicyAI Data Usage PolicyBilling & Refund PolicyCookies PolicyData Processing AddendumPrivacy PolicyTerms of Service
Lenzo - Trade Compliance © 2026 All rights reserved
Secure read-only integrations
AES-256 encrypted data
OAuth 2.0 access