Sanctions screening matches

Detects references to sanctions screening matches in financial and compliance documents. Commonly found in Australian regulatory filings, transaction records, and audit documentation.

Type

regex

Engine

boost_regex

Confidence

medium

Confidence justification

identifier/document-structure anchored regex with constrained context replaces phrase-only detection.

Detection quality

Mixed

Jurisdictions

au

Regulations

AML/CTF Act (Cth), IPA 2009 (Qld), NDB Scheme (Cth), Privacy Act 1988 (Cth), SOCI Act 2018 (Cth)

Frameworks

ISO 27001, ISO 27701, PCI-DSS, SOC 2

Data categories

financial

Scope

wide

Platform compatibility

Purview: Compatible, GCP DLP: Compatible, Macie: Compatible, Zscaler: Compatible, Palo Alto: Degraded, Netskope: Unsupported

Pattern

(?is)\b(?:sanctions\s+screening|DFAT\s+consolidated\s+list|sanctions\s+match|designated\s+person|prohibited\s+entity|screening\s+result|sanctions\s+compliance|politically\s+exposed\s+person)\b

Corroborative evidence keywords

sanctions screening matches, sanctions, screening, matches, credit, lending, insurance, financial, fiscal, monetary, accounting, treasury, audit, revenue, expenditure, budget, ledger, accounts payable, accounts receivable, balance sheet (+2 more)

Proximity: 300 characters

Should match

• sanctions screening — Primary topic phrase match
• dfat consolidated list — Case-insensitive topic phrase match
• sanctions match — Alternative topic phrase match
• designated person — Additional topic phrase match

Should not match

• unrelated generic text without domain phrases — No relevant topic phrases present
• placeholder value 12345 — Random text should not match topic-specific regex
• credit premium — Generic word pair from old broad template should not match

Known false positives

• Financial terminology appearing in published reports, accounting textbooks, regulatory guidance, or template documents without actual transaction data. Mitigation: Require corroborative evidence keywords within the proximity window. Cross-reference with structured financial identifiers to confirm actual sensitive data.
• In Australian English, standard business terminology overlapping with financial detection keywords in routine correspondence and documentation. Mitigation: Increase confidence threshold when scanning business correspondence. Layer with transaction-specific patterns for higher precision.

References

• https://www.dfat.gov.au/international-relations/security/sanctions/consolidated-list
• https://www.dfat.gov.au/international-relations/security/sanctions/remittance-service-providers