Sanctions Screening for U.S. Exporters: 2026 Guide
If you ship a product, license software, or wire money across a U.S. border, you are subject to OFAC's sanctions regime — and 2026 has been one of the most aggressive enforcement years on record. In May alone, OFAC announced a settlement with Adani Enterprises Limited and continued its near-weekly cadence of Iran-related designations under the administration's "Economic Fury" campaign.
Sanctions screening is the control that sits between your sales pipeline and a multimillion-dollar penalty notice. This guide explains what U.S. exporters must screen, what's changed in 2026, and how to build a defensible program without enterprise-tier overhead.
What sanctions screening actually means
Sanctions screening is the process of checking the names, addresses, and ownership structures of every counterparty you transact with against government-maintained watchlists — primarily OFAC's Specially Designated Nationals (SDN) List, but also sectoral lists, the BIS Entity List, and consolidated international lists.
The core obligation is strict liability. U.S. sanctions programs, whether targeting countries or Specially Designated Nationals, generally prohibit the provision of services unless there is an applicable exemption or general license. You don't need to know your customer is sanctioned to be liable — you needed to check.
Screening typically covers:
- Customers and end users — the named buyer and the ultimate recipient
- Intermediaries — freight forwarders, distributors, agents, brokers
- Beneficial owners — anyone with 50%+ ownership of an entity counterparty
- Payment counterparties — the bank or wallet that actually sends funds
- Employees and contractors — particularly if they touch controlled technology
What changed in 2026
Enforcement is broader than ever
OFAC is no longer focused only on banks and oil traders. The total value of these enforcement actions was $266 million, with $215 million of that total representing OFAC's penalty notice issued against GVA Capital. OFAC also took action against manufacturers and logistics providers for diversionary sales and services support to Iran, Venezuela and Cuba.
Even non-traditional targets are now on the hook. In February 2026, OFAC penalized a Florida school for receiving tuition payments, via third parties, from Mexican cartel-related sanctioned parties, which led OFAC to warn that even companies that consider themselves "predominantly domestic" have sanctions risk.
The message: if you take money from anyone, anywhere, you should be screening.
Cartels are now Foreign Terrorist Organizations
This is the single biggest shift for exporters with Latin America exposure. In February 2025, the State Department designated a number of Mexican, Salvadoran and Venezuelan drug cartels — almost all of which were already sanctioned by OFAC under counternarcotics authorities — as foreign terrorist organizations (FTOs), and specially designated global terrorists (SDGTs). These unprecedented FTO designations expose companies and financial institutions that operate in Latin America where cartels play significant roles in the licit and illicit economies to heightened risks of criminal and civil liability.
FTO designations carry criminal — not just civil — exposure. A material support charge does not require intent to support terrorism, only knowledge of the recipient.
The "gatekeeper" theory of liability
In 2026, OFAC will intensify its enforcement crackdown on gatekeepers – professional service providers such as investment advisors, accountants, attorneys and providers of trust and corporate services – who fail to properly understand and mitigate sanctions risks associated with their provision of services.
If you sit between a buyer and a controlled product — a distributor, a SaaS reseller, a logistics provider — OFAC now expects you to do real diligence, not just take a name at face value.
Sham transactions and the 50% rule
In March 2026, OFAC issued new guidance reshaping how exporters must think about ownership screening. On March 31, 2026, the US Department of the Treasury's Office of Foreign Assets Control (OFAC) issued a new Sanctions Advisory titled "Guidance on Sham Transactions and Sanctions Evasion" (the Advisory). The Advisory highlights the sanctions risks arising from sham transactions used to evade US sanctions and identifies specific red flags that businesses, financial institutions, and other persons should consider when evaluating whether property may be the subject of a sham transaction.
The enforcement context is brutal. In December 2025, OFAC entered into an enforcement settlement with IPI Partners, a Chicago-based private equity firm, for soliciting, receiving, and maintaining investments from a sanctioned Russian oligarch for four years, where senior leadership knew the blocked person was the source of funds.
The lists you must screen against
| List | Maintained by | Why it matters |
|---|---|---|
| SDN List | OFAC | Master blocked-persons list; strict liability |
| Sectoral Sanctions Identifications | OFAC | Industry-specific (energy, finance) prohibitions |
| Consolidated Sanctions List | OFAC | Non-SDN lists (FSE, NS-MBS, PLC, etc.) |
| BIS Entity List | Commerce / BIS | License required for EAR-controlled items |
| BIS Denied Persons List | Commerce / BIS | All export privileges revoked |
| DDTC Debarred List | State Department | ITAR debarments |
| Foreign Terrorist Organizations | State Department | Material support is criminal |
The U.S. government bundles most of these into the Consolidated Screening List (CSL) published by the International Trade Administration. Screening against the CSL is the practical baseline.
Red flags to bake into your workflow
Drawing from OFAC's 2026 Sham Transactions Advisory, train your team to escalate when they see:
- Late payment instruction changes — a new payer, a new bank, or a split payment after the contract is signed
- Opaque ownership — trust structures, nominee shareholders, or counterparties unwilling to disclose beneficial owners
- Geographic mismatch — billing address in one jurisdiction, ship-to in another, IP address in a third
- Family member or close associate of a designated person appearing in any role
- Recent ownership transfers of property or entities — especially where the transferor cannot be cleanly identified
Compliance teams should integrate the Advisory's red flags into existing sanctions screening and due diligence procedures, particularly when evaluating transactions involving property that may have been recently transferred by or on behalf of a blocked person.
Building a defensible program
1. Screen at the right moments
One screen at onboarding is not enough. Screen at multiple points, not only at onboarding. At minimum:
- At customer creation — before any contract is signed
- At order acceptance — before goods are picked or licenses are issued
- At payment release — especially if payer details have changed
- On list updates — re-screen your customer base whenever OFAC publishes new designations (often weekly in 2026)
2. Use fuzzy matching, but tune it
Sanctioned parties don't spell their names the way you do. They must carry out sanctions screening using fuzzy matching. This is because it's common for fraudsters to use slightly altered versions of their names compared to those found on official documents. Thus, a good sanctions screening system should be able to identify 'Mohammad' as 'Mohammed' or 'Muhamad'.
The trade-off is false positives. Tune your match threshold so that obvious aliases catch but common names don't drown your team in noise.
3. Document every decision
The single most important deliverable from a screening program is the audit trail. Regulators, banks, and acquirers will ask you to prove you cleared a deal. Store one transaction-level file that ties screening to the business decision. Every potential match should be logged with:
- The name screened and the list version used
- The match score and disposition (cleared / escalated / blocked)
- The reviewer's identity and the reasoning
- A timestamp that ties to the underlying transaction
4. Establish stop-pay and stop-ship authority
Define "stop-ship" and "stop-pay" authority, plus release rules. If a screening hit comes in at 4:55 PM on a Friday, someone needs the authority to hold the shipment until Monday — and that authority needs to be written down before the hit happens.
What "good" looks like in 2026
The regulators have telegraphed their expectations. A defensible program in 2026:
- Screens every counterparty, not just customers
- Looks through corporate structures to ultimate beneficial owners
- Re-screens continuously as lists update
- Maintains a per-transaction audit trail that a third party can audit
- Has named escalation paths with stop-pay and stop-ship authority
- Treats payment-detail changes as a high-priority escalation
The cost of building this is now far lower than the cost of a single OFAC inquiry, let alone a penalty notice.
Screen your first name free — takes 10 seconds. Get started at screenshield.dev/signup
Related: OFAC Screening: The 2026 Guide · Restricted Party Screening: 2026 Guide · How to Screen the Consolidated Screening List