What Is the SDN List? OFAC Designations, Asset Blocking, and Screening Obligations

The Office of Foreign Assets Control (OFAC) issued 14 enforcement actions in 2025 totalling more than $265 million in civil penalties. That figure is more than five times the prior year total. Most of those violations trace back to the same operational failure: a business transacted with, or failed to block assets belonging to, someone on the Specially Designated Nationals and Blocked Persons list because no screening check ran. Whether you run a fintech startup or a regulated financial institution, this post covers what the SDN list is, what happens when a name gets added, and who is legally required to screen against it.

SDN stands for Specially Designated Nationals and Blocked Persons. The SDN list is published and maintained by OFAC, a division of the U.S. Treasury Department. It names individuals, entities, and vessels whose assets must be blocked by U.S. persons and with whom U.S. persons are prohibited from transacting.

What does the SDN list contain and who gets designated?

The SDN list is not a single sanctions regime. OFAC administers more than 30 distinct sanctions programs, and the SDN list is the consolidated output across all of them. Each program targets a specific country, region, or threat type, and names added under one program sit alongside names from every other on the same published list.

As of April 2026, designations span terrorism financing, narcotics trafficking, cybercrime, human rights abuses, weapons proliferation, and corruption. Designation does not require a criminal conviction. OFAC sanctions are administrative actions grounded in the International Emergency Economic Powers Act (IEEPA) and related statutes. OFAC applies them on the basis of national security and foreign policy considerations, not criminal guilt. A company executive, a front company, a vessel, or an entire state-owned enterprise can appear on the list if OFAC determines they meet the criteria for a given program.

In 2025, OFAC designated more than 1,300 individuals and entities, with a particular focus on cartel networks, Southeast Asia-based fraud operations, and Iran’s shadow banking structure, according to the Center for a New American Security’s 2025 year-in-review. The list updates on any business day with no fixed schedule. Additions, removals, and modifications appear without advance notice, which is the core operational challenge for any screening program. You can run a name search against the current list at the OFAC Sanctions List Search tool, which reflects the most recent published version at any given time.

The SDN list is separate from OFAC’s other restricted-party lists, such as the Foreign Sanctions Evaders list and the Sectoral Sanctions Identifications list. OFAC publishes a Consolidated Sanctions List that merges all of these into a single file, available through the OFAC Sanctions List Service, which most compliance programs screen against rather than querying each underlying list individually.

For a broader view of how the SDN list fits within the global sanctions architecture, see this guide to AML compliance and global watchlists.

What happens to assets after an SDN designation?

Assets are blocked immediately upon designation. Any U.S. person, including financial institutions, payment processors, and businesses of all types, who holds property in which an SDN has an interest must freeze those assets. The freeze is not a judgment call.

When a name is added to the SDN list, three consequences follow. U.S. assets held by or on behalf of the designated party are blocked. Pending and future transactions with the designated party are prohibited. If your business has already processed a transaction or holds blocked property, OFAC requires you to file a blocking report within 10 business days, as set out in OFAC’s blocking and reporting guidance.

The financial exposure attached to a missed SDN match is not trivial. The civil penalty ceiling for IEEPA violations stands at $377,700 per transaction as of January 2025, per OFAC’s civil penalties page. Criminal convictions carry penalties of up to $1 million and up to 20 years’ imprisonment per violation. A single transaction that clears when it should have been blocked can create liability on both counts.

Eight of OFAC’s 14 enforcement actions in 2025 involved violations of Russia-related sanctions, according to Sidley Austin’s 2025 enforcement review. OFAC also showed increased willingness to pursue non-bank intermediaries, private equity funds, and real estate companies that had not historically faced enforcement. That pattern means no sector can treat SDN screening as someone else’s obligation. For a detailed guide on building a screening program that accounts for how obligations interact across lists, see effective sanctions screening for compliance professionals.

Is SDN list screening mandatory for small businesses?

OFAC screening is mandatory for every U.S. person and entity. There is no minimum revenue threshold, no transaction-size floor, and no small-business exemption. The obligation applies to any company incorporated in the United States, any U.S. citizen or resident acting in any professional capacity, and any entity subject to U.S. jurisdiction, regardless of industry.

Who exactly must screen against the SDN list?

The scope extends well beyond banks. Financial institutions, credit unions, broker-dealers, money services businesses, insurance companies, and payment processors carry the most detailed screening requirements under U.S. anti-money laundering (AML) regulations. Professional services firms, technology companies, staffing agencies, and e-commerce platforms that process payments or maintain vendor relationships also fall within OFAC’s jurisdiction.

You do not need to be a regulated financial institution for the obligation to apply. If your business sends or receives payments, engages contractors, or holds counterparty relationships of any kind, OFAC expects you to screen those parties against the SDN list and the full consolidated sanctions list. The absence of a dedicated compliance function does not reduce the legal exposure. OFAC’s enforcement record shows it pursues non-bank entities, including private equity funds and real estate companies, when violations occur.

How often should you screen?

A one-time check at onboarding is not enough. OFAC guidance expects businesses to screen at the point of customer onboarding, at minimum annually during the relationship, and immediately following any SDN list update. Because updates arrive without notice, a name that was clean at onboarding last month may appear on the list today.

For transaction screening workflows, real-time checks are the only reliable method to catch a match that appears between periodic reviews. Batch screening with a weekly or monthly cadence leaves a gap that OFAC enforcement can reach into.

How Shufti helps compliance teams screen the SDN list

Compliance teams without large in-house legal functions face a concrete operational challenge with SDN screening. The list updates without notice, matching logic must handle name variants, transliterations, and aliases, and a single missed hit can trigger a reporting obligation within 10 business days. Manual or batch-based processes cannot reliably meet that standard when the underlying list changes on any business day.

Shufti’s AML screening runs against 100,000+ data sources and 3,500+ global watchlists, with data refreshed every 15 minutes. Your screening reflects the current list state rather than a snapshot from a prior batch run. Coverage spans 215+ sanction regimes, including the OFAC SDN list, alongside politically exposed persons (PEP) profiles and adverse media, so a single check surfaces watchlist hits, PEP exposure, and negative-news signals in one audit trail.

For businesses that need to document their screening program for regulators or auditors, each check produces a verifiable record. The screening covers 235+ countries, which matters when your customers or vendors operate across jurisdictions where multiple sanctions regimes apply simultaneously.