Sanctions Screening Disclosure

1. What this service is

The screening service operated at /sanctions-screen and inside the customs invoice wizard takes a person or company name and returns matches against the consolidated sanctions lists published by four authorities — the United States Office of Foreign Assets Control (“OFAC”), the European Commission, His Majesty’s Treasury (UK OFSI), and the United Nations Security Council. It is offered free of charge and without account registration.

2. What this service is NOT

• It is not legal advice or a legal opinion.
• It is not a regulated sanctions screening service of the kind required by financial-services regulation (anti-money-laundering, know-your-customer, etc.).
• It does not screen against every sanctions or restricted-party list in existence. Notable lists outside our scope include U.S. Department of Commerce Entity / Denied Persons / Unverified Lists, U.S. Department of State debarment lists, country-specific lists from Australia, Canada, Switzerland, Japan, Singapore, Hong Kong, and others, and private commercial blacklists.
• It does not perform identity verification (KYC), beneficial-ownership checks, or PEP (politically-exposed person) screening.
• It does not screen vessel IMO numbers, aircraft tail numbers, or cryptocurrency wallet addresses against sanctions data even where the source authority publishes such information.
• A non-match (“clear”) result is not a guarantee that the named party is unsanctioned. The party may be sanctioned by an authority we do not screen, may appear under a name we did not match, or may have been added to a list after our last refresh.

3. Data sources

We ingest the following lists directly from the authority’s official primary distribution endpoint. We do not use any third-party aggregator.

• OFAC SDN List — Specially Designated Nationals list, US Department of the Treasury. Primary source: sanctionslistservice.ofac.treas.gov.
• OFAC Consolidated Sanctions List — Sectoral, Foreign Sanctions Evaders, Non-SDN, etc. Same authority and infrastructure.
• EU Consolidated Financial Sanctions List (CFSL) — European Commission, DG FISMA. Public XML download under thewebgate.ec.europa.eu domain, free public access token.
• UK OFSI Consolidated List — Office of Financial Sanctions Implementation, HM Treasury. XML at ofsistorage.blob.core.windows.net.
• UN Security Council Consolidated List — Office of the High Commissioner. XML at scsanctions.un.org.

Each list is fetched in full on every refresh; we do not maintain a private mirror or apply our own editorial judgement to which entries to ingest. If an authority adds, modifies, or removes an entry, the change appears in our database on the next refresh cycle.

4. Refresh cadence

Each list is re-fetched in full once per day. The timestamp of the most recent successful refresh for every source — and an overall freshness state — is shown live on /sanctions-screen, so you can always verify how current the data is before you rely on a result.

Maximum staleness during normal operation is therefore approximately 24 hours. If a refresh fails — for example because an authority's feed is temporarily unavailable — the freshness indicator shifts to “stale” after about 30 hours and to “broken” after about 96 hours. We do not silently mask refresh failures: if the indicator says we're fresh, we have proof; if we don't have proof, the indicator says so.

5. Matching algorithm

For every input name we apply name normalisation (lowercase conversion, removal of punctuation, removal of common corporate suffixes such as Ltd, LLC, GmbH, FZE) and then run the normalised query against three matching layers:

1. Exact equalityagainst a sanctioned entity’s normalised primary name oragainst any of its registered aliases (the authorities themselves publish “also-known-as” variants alongside the primary). Match confidence: 1.00.
2. Substring containment— if the query is a substring of a longer normalised name (e.g. “Vladimir” appears inside “Vladimir Vladimirovich Putin”), the row is returned. Match confidence: 1.00.
3. Trigram word-similarity using PostgreSQL’s word_similarity() function with a similarity threshold of 0.50. This catches transliteration and spelling variants (“Mohammed” / “Muhammad”, “Lukoil” / “Loukoil”). Match confidence: the similarity score, between 0.50 and 0.99.

The algorithm is deterministic and applied uniformly to every query. We do not weight, suppress, or boost results based on jurisdiction, regime, customer identity, or any commercial consideration.

6. Known limitations

• False negatives are possible. Causes include name spelling unique to the customer’s records, transliteration outside the trigram threshold, partial corporate names, ownership through shell companies (“50% rule” ownership inferences are not performed), or membership of sanctions lists outside our scope.
• False positives are common with short or generic names. Our top results sort by similarity score; queries shorter than three characters return nothing.
• Non-Latin scripts are returned as-published by the authority. We do not transliterate Cyrillic, Arabic, Chinese, etc. into Latin variants beyond what each authority chooses to publish.
• Date of birth / national-ID matching — the data is ingested but not currently used as a matching key. Only name + alias matching is performed.
• Address-based matching is not performed. Two unrelated companies sharing a city block may both match if their names are similar.
• Sectoral and partial sanctions — some authorities (notably OFAC) impose narrow sectoral restrictions (e.g. on debt, equity, or specific commodity types) on parties that are not blanket-prohibited. Our screen surfaces the listing but does not interpret the underlying restriction; you must read the original listing.

7. De-listings

When an authority removes an entity from its published list (for example, after a successful delisting petition), our next refresh will not find that entity in the upstream feed. We mark our local row with a removed_at timestamp and exclude it from screening results going forward. The historical row is retained for audit purposes but does not produce matches in any user-facing surface.

8. No warranty & limitation of liability

The screening service is provided “as is” and “as available”, without any warranty of any kind, whether express or implied, including without limitation any warranty of merchantability, fitness for a particular purpose, accuracy, or non-infringement. We do not warrant that the service will be available without interruption, that its results will be accurate or complete, or that its use will satisfy any legal or regulatory obligation imposed on the user.

To the maximum extent permitted by applicable law, our aggregate liability arising out of or relating to your use of the screening service is limited to the amount you have paid us for the screening service itself in the twelve months preceding the event giving rise to the claim — which, because the screening service is offered free of charge, is zero. This limitation applies in addition to, and is subject to, the limitation of liability and disclaimers in our general Terms of Service.

9. What you must do

Before relying on a screening result for any commercial, regulatory, or legal purpose:

• If you receive a match — stop the underlying transaction immediately, verify the identity (matches can be coincidental), consult qualified sanctions counsel, and where applicable file a blocked-property report with the relevant authority.
• If you receive a non-match — do not treat the result as clearance to ship, pay, or onboard. Apply your own compliance programme, including any further screening obligations imposed on you by your jurisdiction or industry regulator. For higher-risk transactions, run additional checks against the authority lists outside our scope (Section 2 above).
• Do not embed our public API in a customer-facing compliance product without your own legal review of suitability.

10. Reporting issues

If you believe an entity is matched in error, missing entirely, or listed with an incorrect attribute, please contact us at compliance@customs-invoice.com with the query you ran and the result you observed. Note that we cannot remove an entity from a sanctions list — only the issuing authority can do that — but we will investigate any apparent ingestion or matching error and respond within five business days.

11. Compliance Audit Record (paid PDF)

On request, we generate a downloadable PDF called a Compliance Audit Record. The document captures, at the moment of generation, the query name you submitted, the result we returned (match or no match), the four sanctions sources we screened against, the entry count for each source, and the timestamp of each source’s most recent successful refresh. The PDF carries a unique record identifier and a SHA-256 content hash that lets anyone with access to the underlying database verify that the document was not modified after issue.

The Audit Record is a historical record of when a screen was run, against which lists, and what the lists looked like at that moment. It is nota regulatory clearance, not a sanctions licence, not legal advice, and not a representation that the named party is unsanctioned. Every limitation in Sections 2, 6, and 8 of this disclosure applies to the Audit Record in full. The document is intended as evidence for your own compliance file that you performed an automated screening at a given point in time, and for use alongside — never in place of — qualified sanctions counsel and the controls required by your own jurisdiction or industry regulator. Reliance on the Audit Record by any third party (including, without limitation, banks, insurers, freight forwarders, customs brokers, or counterparties) is at that party’s sole risk and outside the scope of any duty owed by us.

12. Changes to this disclosure

We will update this page when material changes occur to data sources, refresh cadence, the matching algorithm, or scope. The date at the top of this page reflects the most recent revision. Continued use of the screening service after publication of an updated disclosure constitutes acceptance of the changes.