Chapter 03 · 9 min read
AML, Sanctions, PEPs, and Adverse Media
Watchlists. Politically exposed persons. Adverse media monitoring. The screening layer that turns identity verification into compliance.
You can verify someone is a real human, holding a real passport, with a real face — and still be required to refuse to do business with them.
That's what AML screening is for. It runs on top of KYC/KYB to answer: "Is this a person or entity we're permitted to transact with under sanctions, anti-corruption, and anti-terrorism law?"
The lists you must check
| List | Maintainer | What it captures |
|---|---|---|
| OFAC SDN | US Treasury | Sanctioned individuals, entities, vessels, aircraft |
| EU Consolidated | European External Action Service | EU-imposed sanctions targets |
| UN Consolidated | UN Security Council | UN-mandated sanctions (binding globally) |
| HMT | UK HM Treasury | UK financial sanctions |
| Interpol Red Notices | Interpol | Internationally wanted persons |
If you operate in or serve customers from a particular jurisdiction, the relevant lists become legally binding. US-based services must screen against OFAC. Period.
PEPs (politically exposed persons)
PEPs are people who hold or have held prominent public functions — heads of state, senior politicians, central bank governors, military leaders. They're not banned from financial services, but transacting with them requires Enhanced Due Diligence (EDD) because of corruption risk.
The categories typically include:
- Domestic PEPs: Officials of your own country.
- Foreign PEPs: Officials of any other country.
- International organization PEPs: Senior staff at the UN, IMF, World Bank, etc.
- Family members and close associates (RCAs). Often the actual money flow.
Adverse media
The grayest category. Adverse media screening searches for the customer's name in news sources alongside negative keywords (fraud, money laundering, terrorism, organized crime, etc.). A hit doesn't necessarily disqualify them — it triggers a review.
Quality varies wildly by provider. The good ones use trained NER models to disambiguate "John Smith convicted of fraud" from "John Smith, the children's author, wrote about fraud." The bad ones return false positives that waste your review team's time.
The false-positive problem
Sanctions screening on a name like "Mohammad Ali" will return hundreds of partial matches. Resolving each is the job of fuzzy matching + secondary identifiers (DOB, country, address, document number).
A well-tuned screening system has:
- A clear match score. 100 = exact name + DOB + country. 60 = name only.
- Configurable thresholds. You decide what score requires manual review.
- Whitelist support. Once you've resolved a false positive, don't show it to your reviewer again next time.
Continuous monitoring
One-time screening at onboarding is the bare minimum. Most regimes also require ongoing monitoring — re-screening your customer base whenever sanctions lists update.
Lists update unpredictably. OFAC adds and removes entries weekly. A customer who was clean at signup can land on a list six months later. You're expected to detect that, freeze their account, and file a SAR (Suspicious Activity Report) within the prescribed window.
What gets people fined
Reading enforcement actions is the fastest education in this space. The patterns:
- Inadequate transaction monitoring. Your screening was OK at onboarding but you didn't catch suspicious patterns later.
- SARs not filed. Your team flagged something internally but didn't escalate to FinCEN within 30 days.
- Sanctions evasion. A user tried to reach a sanctioned destination through your platform and you didn't block them.
- Lack of documentation. You did everything right but can't prove it. The audit trail is the product.