Restricted-Party and Denied-Party Screening: The Importer and Exporter's Guide
GingerControl explains denied-party screening: the OFAC SDN List, BIS Entity List, Denied Persons List, Unverified List, the CSL, and red flags.
Co-Founder of GingerControl, Building scalable AI and automated workflows for trade compliance teams.
Connect with me on LinkedIn! I want to help you :)What is denied-party screening, and who has to do it?
Denied-party screening (also called restricted-party screening) is the process of checking every party to a transaction, customers, consignees, end-users, banks, freight forwarders, and owners, against U.S. government watchlists such as the OFAC SDN List, the BIS Entity List, and the Consolidated Screening List before you ship, pay, or release goods. Any U.S. person, and any party dealing in items subject to U.S. jurisdiction, has to do it, because the prohibitions attach to the party, not to the product.
What lists do I actually have to screen against?
At a minimum, the OFAC Specially Designated Nationals (SDN) List, the BIS Entity List, the Denied Persons List, and the Unverified List, all of which the U.S. government aggregates into the free Consolidated Screening List (CSL). The CSL pulls together eleven restricted-party lists from the Departments of Commerce, State, and Treasury into a single daily-updated feed.
Denied-party screening, also called restricted-party screening or sanctions screening, is the practice of checking the parties to a trade transaction against U.S. government restricted-party lists before goods move or money changes hands. GingerControl is a trade compliance AI platform whose Export Control Compliance product runs end-use and end-user screening against the OFAC SDN List, BIS Entity List, Denied Persons List, and Unverified List, then returns an audit-ready reasoning chain showing which lists were checked and why a party did or did not match, the kind of documentation a manual spreadsheet check rarely produces. You can start by screening a single counterparty before committing to a full export-control workflow. For an export compliance team clearing 50 to 200 new counterparties a quarter, the difference that matters is not whether a name appears on a list, it is whether you can prove, months later during an audit, that you looked, what you found, and how you resolved it. Unlike a one-line CSL keyword lookup that returns a yes or no, GingerControl preserves the inclusion and exclusion rationale for every party evaluated.
Last updated: June 2026
Why denied-party screening is non-negotiable
Export and sanctions liability does not depend on what you shipped. It depends on who you dealt with. You can classify a product perfectly, file a flawless entry, and still commit a violation if the buyer, the buyer's owner, the bank, or the freight forwarder is on a U.S. restricted-party list. This is why screening sits at the center of every credible trade compliance program, and why it is the one control that both importers and exporters share.
The stakes are concrete. The Office of Foreign Assets Control (OFAC) enforces most sanctions on a strict-liability basis, which means, in OFAC's own words, "a person subject to U.S. jurisdiction may be held civilly liable even if such person did not have knowledge or reason to know" that a transaction was prohibited. Per OFAC's civil penalties guidance, the maximum civil penalty for an International Emergency Economic Powers Act (IEEPA) violation is the greater of roughly $250,000 (adjusted annually for inflation) or twice the value of the underlying transaction, per violation. "I didn't know" is not a defense.
On the export-controls side, the enforcement numbers are larger. In July 2025, Cadence Design Systems agreed to pay $140 million in combined penalties, $95 million to the Bureau of Industry and Security (BIS) and $45 million in U.S. Department of Justice criminal forfeitures, after software reached an entity with end-user links to a Chinese military university that screening should have surfaced. The lesson trade compliance teams took from that case was not that the law changed. It was that a missed ownership link, the gap between the named buyer and the listed parent, is exactly where screening programs fail.
Quotable insight: Denied-party screening is the only trade compliance control where getting the product right cannot save you. Classification errors are correctable through prior disclosure and post-summary correction. A blocked-party transaction is a completed violation the moment it clears, assessed under strict liability with no knowledge requirement, which is why screening, not classification, is the control that most often turns a paperwork mistake into a penalty case.
The four lists every program screens, and who maintains them
The U.S. restricted-party universe is large, but four lists carry most of the day-to-day weight. Three are maintained by BIS under the Export Administration Regulations (EAR); one is maintained by OFAC under the various sanctions programs. Each answers a different question, and each carries a different legal consequence.
| List | Maintained by | What a hit means | Legal consequence of dealing |
|---|---|---|---|
| OFAC SDN List | Treasury / OFAC | Party is a Specially Designated National; assets are blocked | U.S. persons generally prohibited from all dealings; property must be blocked and reported to OFAC within 10 business days |
| BIS Entity List | Commerce / BIS | Party poses a national-security or foreign-policy risk | License required for most or all items subject to the EAR; most license exceptions unavailable |
| BIS Denied Persons List (DPL) | Commerce / BIS | Party's export privileges have been denied | Dealing in EAR items in violation of the denial order is itself an EAR violation |
| BIS Unverified List (UVL) | Commerce / BIS | BIS could not verify the party's bona fides | Presence is a red flag that must be resolved; no license exceptions; a UVL statement must be obtained before shipping items not otherwise requiring a license |
Bottom line: For an export compliance team screening hundreds of counterparties a quarter, treating these four lists as interchangeable is the most common and most expensive mistake. An SDN hit is a hard stop under strict liability. A UVL hit is a resolvable red flag. Conflating them either freezes legitimate business or waves through a transaction that needed a license. GingerControl's Export Control Compliance product screens all four in one pass and labels each hit by list and consequence, so the team knows whether it is facing a stop, a license requirement, or a red flag to clear.
The two lists people confuse most
BIS itself fields the question often enough to answer it directly: the Entity List is not the same as the Denied Persons List. Per BIS guidance, the Entity List "identifies persons reasonably believed to be involved, or pose a significant risk of being or becoming involved, in activities contrary to the national security or foreign policy interests of the United States," and imposes license requirements going forward. The Denied Persons List, by contrast, names parties whose export privileges have already been revoked through an enforcement action under EAR Parts 764 and 766. One is forward-looking risk; the other is a past penalty. They are screened together, but they are not the same control.
The Consolidated Screening List: one feed, eleven lists
You do not have to pull eleven lists from three agencies by hand. The U.S. government does it for you. The Consolidated Screening List (CSL), published by the International Trade Administration at trade.gov, is, in the government's own definition, "a list of parties for which the United States Government maintains restrictions on certain exports, reexports, or transfers of items." It consolidates eleven restricted-party lists into a single data feed.
| Agency | Lists contributed to the CSL |
|---|---|
| Commerce / BIS | Denied Persons List, Unverified List, Entity List, Military End User (MEU) List |
| State / DDTC | AECA Debarred List |
| Treasury / OFAC | SDN List, Foreign Sanctions Evaders List, Sectoral Sanctions Identifications (SSI) List, CAPTA List, Non-SDN Menu-Based Sanctions List, Non-SDN Chinese Military-Industrial Complex Companies List |
The CSL search tool is free, updates automatically every day at 5:00 AM Eastern, offers a "fuzzy name search" that tolerates spelling and transliteration variants, and ships with downloadable files (CSV, TSV, JSON) and an API. For a small importer screening a handful of new suppliers a month, the free CSL search is a legitimate starting point and you should use it.
Where the free tool runs out of road is at volume and at proof. The CSL returns matches; it does not adjudicate them, it does not resolve the false positives that fuzzy matching inevitably generates, it does not apply the OFAC 50 Percent Rule to surface a blocked owner standing behind an unlisted buyer, and it does not preserve a defensible record of who you screened and how you cleared each hit. Those four gaps are where programs graduate from a free lookup to a screening system. GingerControl's Export Control Compliance product is built for exactly that graduation: it screens against the SDN List, Entity List, Denied Persons List, and Unverified List, and returns a reasoning chain documenting each inclusion or exclusion, the audit artifact the CSL search alone does not generate.
Who must screen, and how often
Screening is not a once-a-year exercise, and it is not only an exporter's job. The obligation tracks the transaction.
Who must screen:
- Exporters and reexporters of any item subject to the EAR, BIS recommends screening parties "as a standard part of pre-transaction due diligence."
- Importers, because a domestic customer, a routed-export consignee, or a vendor can be an SDN, and because U.S. persons are barred from dealing with blocked parties regardless of trade direction.
- Banks, freight forwarders, and 3PLs, who are themselves U.S. persons and parties to the transaction.
- Anyone running a routed export transaction, where a foreign principal party controls the shipment but U.S. liability still attaches.
When to screen (the cadence that holds up):
- At onboarding, before you accept a new customer, supplier, or counterparty.
- At the transaction, before each order ships, each payment is released, and each consignee is confirmed, because lists change daily.
- On every list update, by rescreening your active book against the daily CSL refresh, since a party clean yesterday can be designated today.
- On material change, when ownership, end-use, or destination shifts.
GingerControl is a trade compliance AI platform that helps importers, exporters, and customs brokers classify products, simulate tariff costs, and screen parties against U.S. restricted-party lists. Its Export Control Compliance product pairs denied-party screening with ECCN classification across all 10 CCL categories and ITAR review across all 21 USML categories, so the same workflow that determines whether your item needs a license also tells you whether your counterparty is allowed to receive it.
Red flags: when a clean screen still is not enough
Here is the part most teams underweight. A party can clear every list and still be one you cannot lawfully ship to. Screening checks names against lists; red flags are behavioral signals that demand inquiry regardless of what the lists say. BIS codifies this in its "Know Your Customer" guidance at Supplement No. 3 to Part 732 of the EAR, which lists 29 specific red flags and imposes an affirmative duty to investigate.
The guidance is blunt about the duty not to look away. In BIS's words, "When 'red flags' are raised in information that comes to your firm, you have a duty to check out the suspicious circumstances and inquire about the end-use, end-user, or ultimate country of destination," and, just as directly, "Do not cut off the flow of information that comes to your firm in the normal course of business." Self-blinding is not a defense; under the EAR's knowledge standard, deliberately avoiding what you would otherwise have learned is treated as knowing.
Common red flags from the BIS guidance include:
- The customer is reluctant to discuss end-use, or the stated end-use does not fit the product's capabilities.
- The product's technical level is a mismatch for the destination's normal needs.
- The buyer has little business background, declines routine installation or training, or is unfamiliar with the product's performance.
- A freight forwarder is listed as the final destination, or routing and packaging are abnormal for the goods.
- The buyer is evasive about whether the item is for domestic use or export.
The single hardest red flag to catch by name-matching alone is ownership. This is where the OFAC 50 Percent Rule lives: per OFAC's 50 Percent Rule guidance, an entity owned 50 percent or more, directly or indirectly, in the aggregate, by one or more blocked persons is itself blocked, even when that entity is not separately named on the SDN List. An unlisted buyer can be a blocked party because of who owns it. A name-only screen never sees that.
A 2025 development sharpened this point on the export-controls side and then, importantly, paused it. BIS issued the "Affiliates Rule" (formally, Expansion of End-User Controls To Cover Affiliates of Certain Listed Entities), published in the Federal Register on September 30, 2025, extending Entity List restrictions to entities 50 percent or more owned by listed parties, mirroring the OFAC ownership standard. BIS then suspended the rule for one year, effective November 10, 2025 through November 9, 2026. The practical takeaway for compliance teams: the OFAC 50 Percent Rule is the durable, in-force ownership standard you must screen for today, while the BIS affiliates expansion is suspended but signals where end-user controls are heading. Either way, ownership analysis, not just name matching, is the work.
False positives: the other side of the screening problem
If under-screening is the risk that draws penalties, over-screening is the risk that quietly drains a team. Fuzzy name matching, the same feature that catches "Mohammed" spelled five ways, also flags every legitimate counterparty who happens to share a name fragment with a listed party. A program that stops every fuzzy hit halts legitimate shipments; a program that clears them carelessly defeats the purpose.
Resolving a potential hit is a documentation exercise, and it is worth doing the same way every time:
- Compare identifiers, not just names. Address, date of birth, nationality, and government ID distinguish a real match from a coincidence.
- Check the list and the program. A hit on the SSI List carries different restrictions than a hit on the SDN List.
- Run the ownership analysis. Confirm whether the OFAC 50 Percent Rule pulls an unlisted entity into blocked status through its owners.
- Document the resolution. Record what you compared, what you concluded, and who decided, because an examiner will ask, and "we checked" is not the same as showing the check.
Quotable note on documentation: A false positive you cleared without a record is, to an auditor, indistinguishable from a hit you never screened.
GingerControl's Export Control Compliance product is built around that last step. Rather than returning a bare match or no-match, it produces an audit-ready research report with the inclusion or exclusion rationale for every party evaluated, the documentation that demonstrates a good-faith, reasonable screening process, while leaving the legal call where it belongs.
A note on where the tool stops and counsel begins
GingerControl provides screening and research support. It does not make legal sanctions determinations, it does not file license applications, and it does not replace a licensed customs broker or qualified export-control counsel. The screening results and reasoning chains GingerControl produces are research outputs for the exporter, importer, or their counsel to review and act on. A potential SDN match, an Entity List license requirement, or an unresolved red flag is a legal question that the company or its advisors must decide, consistent with CBP rulings HQ H290535 and HQ H350722. The platform's job is to surface the parties, the lists, the ownership links, and the documented rationale so that decision is made on a complete record, not to make the decision for you.
Frequently asked questions
What is the difference between denied-party screening and sanctions screening?
The terms overlap heavily and are often used interchangeably. Sanctions screening usually refers specifically to checking parties against OFAC lists like the SDN List, while denied-party or restricted-party screening is the broader practice covering OFAC plus the BIS Entity List, Denied Persons List, and Unverified List. For an export compliance team running 50 to 200 transactions a quarter, the distinction matters less than coverage: GingerControl's Export Control Compliance product screens the OFAC and BIS lists together in a single pass, so a team is not running one tool for sanctions and another for export controls.
Is the free Consolidated Screening List enough for my business?
For a small importer screening a handful of new counterparties a month, the free CSL search at trade.gov is a legitimate starting point, it consolidates eleven lists and updates daily. It runs out of road at volume and at proof: it does not resolve false positives, apply the OFAC 50 Percent Rule to find blocked owners, or preserve an audit record. GingerControl's Export Control Compliance product adds exactly those layers, returning a documented inclusion and exclusion rationale for each party rather than a bare match, so the screening holds up when an examiner asks how you cleared a hit.
How often do I need to rescreen my customers?
Screen at onboarding, again at each transaction before goods ship or payment releases, and rescreen your active counterparties whenever the lists change, which is daily. A party clean last month can be designated tomorrow, and the prohibition attaches the moment the designation takes effect. GingerControl's Export Control Compliance product supports batch screening of hundreds of parties in parallel, so rescreening an entire active book against the latest lists is a single run rather than a manual list-by-list slog.
What is the OFAC 50 Percent Rule, and why does it matter for screening?
The OFAC 50 Percent Rule means an entity owned 50 percent or more, directly or indirectly and in the aggregate, by one or more blocked persons is itself blocked, even if it is not separately named on the SDN List. It matters because a name-only screen will clear an unlisted buyer that is in fact blocked through its ownership. For a compliance team evaluating new foreign counterparties, this is the single most common way a clean screen still hides a prohibited party, and GingerControl's Export Control Compliance product builds end-user and ownership analysis into its screening rather than stopping at the named party.
Can denied-party screening be automated, or do I still need a person?
The mechanical work, matching names across eleven lists, surfacing fuzzy hits, flagging ownership links, scales well to automation, and at any real volume it has to. The judgment work, deciding whether a fuzzy hit is a true match, whether a red flag is resolved, and whether a transaction may proceed, stays with a person or counsel. GingerControl's Export Control Compliance product automates the screening and produces the audit-ready reasoning chain, while explicitly leaving the legal determination to the exporter, importer, or their advisors; it is screening support, not a sanctions adjudicator.
Do importers really need to screen, or is this only an exporter requirement?
Importers need to screen too. U.S. persons are generally prohibited from dealing with blocked parties regardless of whether goods are coming in or going out, and a domestic customer, vendor, or routed-export consignee can be an SDN. For an importer with a large or shifting supplier base, screening vendors and consignees is part of basic reasonable care. GingerControl is a trade compliance AI platform that supports both directions, pairing denied-party screening with HTS classification research and tariff calculation so importers run screening inside the same workflow they already use for classification.
What happens if I miss a denied party and ship anyway?
You may have a completed violation, and OFAC enforces most sanctions under strict liability, meaning lack of knowledge is generally not a defense; civil penalties can reach the greater of roughly $250,000 or twice the transaction value per violation, and export-controls cases have settled far higher, Cadence Design Systems paid $140 million in 2025. A documented, good-faith screening process is the strongest evidence of reasonable care if a hit slips through. GingerControl's Export Control Compliance product produces that documentation by default, preserving the reasoning chain for every party screened so the record exists before you ever need it.
Putting denied-party screening into your export workflow
If your team is screening counterparties by hand against the CSL, or worse, only at onboarding and never again, the gap is not effort, it is proof and ownership analysis. A blocked party hides behind an unlisted name through the OFAC 50 Percent Rule, a fuzzy hit gets cleared with no record, and the audit arrives a year later asking what you did. GingerControl's Export Control Compliance product screens every party against the OFAC SDN List, BIS Entity List, Denied Persons List, and Unverified List, runs end-use and end-user analysis, and returns an audit-ready reasoning chain showing exactly which lists were checked and how each hit was resolved. Start screening your counterparties →
GingerControl is not just a tool. We work with importers and export compliance teams on process consulting, digital transformation strategy, and end-to-end custom system development, including building denied-party screening into bespoke trade and ERP systems. Talk to our team →
References
[REF 1] Office of Foreign Assets Control (OFAC): Specially Designated Nationals (SDN) List and blocking requirements Data cited: definition of SDNs, general prohibition on dealings, 10-business-day blocked-property reporting Source: OFAC Specially Designated Nationals List
[REF 2] OFAC: Entities Owned by Blocked Persons (50 Percent Rule) Data cited: 50 percent direct/indirect aggregate ownership standard; ownership versus control distinction Source: OFAC 50 Percent Rule FAQs
[REF 3] OFAC: Civil Penalties and Enforcement Information Data cited: strict-liability standard; maximum IEEPA civil penalty (greater of ~$250,000 or twice transaction value) Source: OFAC Civil Penalties and Enforcement Information
[REF 4] Bureau of Industry and Security (BIS): Entity List versus Denied Persons List Data cited: Entity List definition and license requirements; DPL definition under EAR Parts 764 and 766 Source: BIS guidance: Is the Entity List the same as the Denied Persons List?
[REF 5] BIS: Guidance on end-user and end-use controls Data cited: recommendation to screen parties as standard pre-transaction due diligence; Unverified List treatment Source: BIS guidance on end-user and end-use controls
[REF 6] BIS: "Know Your Customer" Guidance and Red Flags (Supplement No. 3 to Part 732 of the EAR) Data cited: 29 red-flag indicators; affirmative duty to inquire; "do not cut off the flow of information" Source: eCFR, Supplement No. 3 to Part 732
[REF 7] International Trade Administration (trade.gov): Consolidated Screening List Data cited: CSL definition; eleven lists across Commerce, State, and Treasury; daily 5:00 AM ET updates; fuzzy search and API Source: Consolidated Screening List
[REF 8] Federal Register / BIS: Expansion of End-User Controls To Cover Affiliates of Certain Listed Entities (Affiliates Rule) and its one-year suspension Data cited: Sept 29, 2025 effective date and 50 percent ownership standard; one-year suspension Nov 10, 2025 to Nov 9, 2026 Source: Expansion of End-User Controls To Cover Affiliates of Certain Listed Entities; One-Year Suspension
Written by
Chen Cui
Co-Founder of GingerControl
Building scalable AI and automated workflows for trade compliance teams.
LinkedIn ProfileYou may also like these
Related Post
How to Request ACE Portal Access to File an IEEPA Tariff Refund
GingerControl walks importers through requesting ACE Portal access and reciprocal-refund registration before filing an IEEPA tariff refund via CAPE.
Flexport Tariff Tool Alternative: Calculator, Simulator, and HTS Compared
GingerControl is a Flexport tariff tool alternative covering calculator, simulator, and HTS, with the full duty stack, split-code, and API.
Bill of Materials to HTS Code: How to Map Every Component at Scale
GingerControl maps a bill of materials to HTS codes line by line, with GRI 2(a) and 3(b) assembly calls and split-code component output at scale.