A bank's correspondent-banking team approves a payment instruction. The beneficiary clears automated name screening. Three days later a compliance analyst notices that the beneficiary's parent company – not the beneficiary itself – appears on the UK Consolidated List (OFSI's list of designated persons subject to UK financial sanctions). The payment has already settled. The question now is whether a breach has occurred and what must be reported.
Name and entity screening under OFSI is a two-layer obligation: screen the named counterparty, then trace ownership and control to determine whether an unlisted entity is nonetheless caught through a listed person. As of July 2026, OFSI's ownership-and-control test differs from OFAC's mechanical 50 percent rule and from the EU aggregation approach in ways that routinely produce different outcomes for the same corporate structure. Understanding where the regimes diverge is essential before any cross-border transaction is approved.
This analysis sets out how OFSI's screening obligations work, where UK rules diverge from OFAC and EU counterparts, the risk flags that internal screening tools commonly miss, and when to involve specialist sanctions counsel.
What does OFSI's name and entity screening obligation require?
OFSI's screening obligation requires any person subject to UK sanctions to check whether a counterparty is a designated person or is controlled by one – before providing funds or economic resources, and on an ongoing basis as the relationship continues. The legal basis sits in the Sanctions and Anti-Money Laundering Act ("SAMLA") and the thematic regulations made under it. The obligation applies to any person within the UK's jurisdiction and to UK persons acting anywhere in the world.
Two distinct checks are required. First, a name match: compare the counterparty's legal name and known aliases against the UK Consolidated List. Second, an ownership-and-control assessment (the test for whether a non-listed entity is caught through a listed person's interest in it): OFSI uses both a direct-ownership limb and a control limb. The control limb has no direct parallel in OFAC's published guidance, and that difference matters in practice.
OFSI's guidance treats "control" broadly. A designated person may exercise control through rights to appoint or remove a majority of the board, through contractual rights over the entity's commercial decisions, or through other means of directing the entity's affairs. Ownership percentage is one factor, not the only one. In our experience, compliance teams that import OFAC's 50 percent rule directly into their UK screening logic routinely under-screen against the UK standard.
The position above covers the standard case. Your facts – the counterparty, the ownership chain, the jurisdiction of the contracting parties, and the specific thematic regulations in play – change the analysis materially.
For an initial assessment of your OFSI screening exposure, contact Calder & Vance at info@caldervance.com.
How does OFSI's ownership-and-control test compare with OFAC and the EU?
OFSI's ownership-and-control test is broader than OFAC's in one critical respect and broadly aligned with the EU's approach, though the EU rules produce their own subtleties that compound the compliance challenge for cross-border businesses.
Under OFAC, the 50 percent rule (OFAC's rule treating entities owned 50 percent or more in the aggregate by blocked persons as themselves blocked) is the primary tool. The test is ownership-based and aggregation-aware: two blocked persons each holding 30 percent of an entity together reach the threshold. Control, in the sense of board rights or contractual influence, is not a published standalone trigger under OFAC's current guidance. This makes OFAC's test more predictable, but it creates a gap where a designated person exercises effective control through rights short of majority ownership.
OFSI closes that gap explicitly. A UK-designated person who owns less than 50 percent of an entity can still bring that entity within the prohibition if the designated person controls it. The practical effect is that a counterparty can clear an OFAC screen – because no blocked person holds 50 percent or more – and simultaneously be caught under OFSI's control limb. We regularly advise clients who discover this divergence only after a transaction has closed.
The EU's approach, under the relevant Council regulations, is closest to OFSI's. The EU uses a combined ownership and control test, and Commission guidance has addressed aggregation. However, EU regulations apply to EU-connected persons and EU-territory activity. A business operating between the UK, the US, and an EU member state must apply all three tests concurrently. Where the tests diverge, the stricter prohibition governs the party subject to it.
Where does automated screening most commonly fail?
Automated screening tools fail most often at three points: alias coverage, transliteration variation, and ownership-chain depth. Each failure mode carries distinct risk under OFSI's rules.
Alias coverage is the first gap. The UK Consolidated List includes aliases, former names, and trading names for most entries. A tool that screens only against the primary legal name will miss a counterparty operating under a variation. OFSI's published list includes all known aliases; screening logic must consume that field, not only the primary-name field.
Transliteration variation is the second gap. Names transliterated from non-Latin scripts – Arabic, Cyrillic, Chinese – can appear in multiple forms across different records. A robust screening configuration sets fuzzy-match tolerances that catch plausible variants without generating a volume of false positives that causes alert fatigue. Calibrating that balance is not a one-time task. In our practice, we have seen institutions set tolerances at first implementation and never revisit them, even as list composition changes.
Ownership-chain depth is the third and most consequential gap. Automated tools frequently screen only the direct counterparty, not intermediate holding companies or ultimate beneficial owners. Under OFSI's control limb, the relevant question is not just who owns the counterparty but who controls it – through any layer of the structure. A tool that stops at layer one misses designated-person control exercised at layer two or three. This is where the OFSI/OFAC divergence becomes a practical problem: OFAC's mechanical threshold means many tools are calibrated to a depth sufficient for the US standard but insufficient for the UK one.
A fourth failure mode, less common but serious, is de-risking (a financial institution exiting a relationship to avoid sanctions exposure) being used as a substitute for a proper ownership-and-control assessment. Exiting without analysis may leave the institution unable to demonstrate that it discharged the underlying screening obligation – particularly if OFSI later queries the termination.
What is the OFSI reporting obligation when screening produces a hit?
When name and entity screening produces a confirmed or suspected match against the UK Consolidated List, OFSI's reporting rules require prompt action. Under SAMLA and the relevant thematic regulations, persons in the financial sector who know or have reasonable cause to suspect that a customer or a person they have dealt with is a designated person must report that information to OFSI. The reporting obligation applies to financial institutions, broadly defined, and the window for reporting is short.
OFSI also requires the freezing of funds and economic resources that are held for, or on behalf of, a designated person. Where a screen produces a hit and funds are in transit, the institution must act immediately to ensure the assets are not made available. Continuing to process the transaction after a confirmed match – even where instructions have been issued – can itself constitute a breach.
The question of what counts as "reasonable cause to suspect" is material. OFSI's guidance addresses this, and the threshold is deliberately lower than certainty. A credible partial-name match against the Consolidated List, combined with other indicators such as a high-risk jurisdiction or an unusual transaction pattern, may be sufficient to trigger the reporting obligation even before a definitive ownership analysis is complete.
Cross-border dimension: under OFAC's rules, a similar obligation applies – persons dealing with blocked property must report holdings to OFAC within a short statutory window. The EU imposes comparable obligations under the relevant Council regulations. For a business subject to all three regimes, the reporting clocks may run concurrently and may require parallel filings. Timing differences between regimes make early legal advice essential.
If a transaction has already been flagged, or a confirmed match has been identified, an early review preserves options that narrow quickly. Contact Calder & Vance at info@caldervance.com to discuss next steps.
How does the cross-border compliance burden compound for businesses subject to multiple regimes?
For a business subject to OFSI, OFAC, and EU sanctions simultaneously – a UK bank with a US parent and EU subsidiaries, for example – the name and entity screening obligation is not a single test but three overlapping tests, each with its own list, its own ownership-and-control standard, and its own reporting trigger.
The lists themselves diverge. The UK Consolidated List, OFAC's SDN List (OFAC's list of Specially Designated Nationals and blocked persons), and the EU's own consolidated financial-sanctions list are each updated independently. A counterparty may appear on one list but not others, or may have been delisted from one while remaining on another. A screening programme that queries only one list – most often the SDN List, because of its length and the severity of secondary-sanctions risk – creates a gap for persons designated exclusively by OFSI or the EU.
The secondary-sanctions dimension adds a further layer. OFAC administers secondary sanctions programmes that can penalise non-US persons for conduct that would not otherwise engage US jurisdiction, if that conduct involves significant transactions with designated persons. A UK or EU business running an OFSI-compliant transaction may nonetheless attract OFAC secondary-sanctions attention if the counterparty or a counterparty's counterparty appears on a relevant OFAC programme list. This extraterritorial reach means that OFSI compliance is a necessary but not sufficient screen for a cross-border business.
Singapore, Japan, and the UAE each maintain their own financial-sanctions regimes with independent list management and screening obligations. For trade-finance businesses, freight forwarders, and commodity traders operating through those hubs, the applicable country regime adds a fourth or fifth screen. In our cross-border practice, we advise clients to maintain a unified screening architecture that queries all relevant lists in a single workflow, rather than running sequential and potentially inconsistent checks.
What risk flags should compliance teams escalate to senior management?
Escalation triggers for name and entity screening under OFSI should be defined in advance. Waiting until a potential match is confirmed before involving senior compliance management or external counsel costs time and, in a live-transaction context, can cause a breach to deepen.
The following patterns warrant immediate escalation.
- A fuzzy-name match against the UK Consolidated List where the counterparty cannot promptly produce documentation ruling out the match.
- An ownership or corporate structure that cannot be verified to layer three or beyond within the transaction timeline.
- A counterparty incorporated in a jurisdiction where beneficial-ownership registries are opaque or unreliable, combined with any name-match indicator.
- A designated person identified as a former director, officer, or significant shareholder of the counterparty, even where they have formally divested.
- Instructions from the counterparty to route funds through a third-party account or a substitute payee without a plausible commercial explanation.
- A mismatch between the counterparty's stated business and the transactional profile – relevant to the "reasonable cause to suspect" threshold.
The myth worth addressing here: many compliance teams believe that an automated screening "pass" – no alert generated – discharges the obligation. It does not. OFSI's rules require the institution to have taken reasonable steps to identify a designated person. If the screening configuration was inadequate – wrong list, insufficient alias fields, shallow ownership check – a clean automated result provides no defence. The question OFSI asks is not whether the tool produced an alert, but whether the institution exercised appropriate care. Calibration, documentation, and governance around the screening programme are as important as the screen itself.
Related practices
- Compliance audit and testing – assessing and stress-testing screening and compliance programme design
- Ownership and control assessment under BIS/EAR – US export-control ownership analysis and its interaction with sanctions screening
- Ownership and control assessment – Canada – the Canadian autonomous-sanctions regime and its ownership test compared
When should a business involve specialist sanctions counsel on screening questions?
Specialist sanctions counsel should be involved before a transaction closes when any one of four conditions is present: the ownership chain cannot be verified to the required depth within the available timeline; a fuzzy match against the UK Consolidated List has not been definitively resolved; the transaction involves a counterparty subject to a thematic sanctions programme with broad sectoral scope; or the business is subject to more than one regime and the three tests produce divergent results.
After a transaction has settled, counsel should be involved immediately when a post-closing review identifies a possible match, when OFSI makes a formal inquiry, or when a voluntary self-disclosure (VSD – a disclosure to OFSI of a possible breach before enforcement action is initiated) is under consideration. A VSD filed promptly and accurately can be a significant mitigant in OFSI's enforcement calculus. One filed late or incompletely can complicate the position.
Calder & Vance's approach in screening-related matters follows a defined sequence: scope the apparent issue; assess whether the ownership-and-control threshold is met under each applicable regime; advise on reporting obligations and their timelines; prepare the VSD if one is required; and represent the client in any subsequent OFSI inquiry. We do not advise on how to avoid triggering a screen – that is circumvention. We advise on how to operate within the rules, respond when a screen produces a result, and design programmes that hold up to regulatory scrutiny.
In a recent matter, a financial-services business discovered that a long-standing counterparty had been acquired by a corporate group in which a designated person held a controlling interest short of 50 percent. The counterparty had passed OFAC-calibrated screening for several years. We assessed the position under OFSI's control limb, advised on the reporting obligation, and supported the client in filing a timely disclosure. The matter resolved without enforcement action, though no outcome can be guaranteed.