#
SAPCompliance
#
SAPsecurity
Sanctions screening is a straightforward but important process for any company operating internationally. It helps ensure you follow global regulations, reduces the risk of financial or legal issues, and prevents accidental business with entities that might be subject to sanctions.
Here’s a quick look at why sanctions screening is useful:
Governments and international bodies maintain sanctions lists to limit trade and financial activities with certain high-risk individuals, organizations, or countries. Regularly checking these lists is key to staying compliant and avoiding penalties.
Some key sanctions lists include:
Since these lists are updated regularly, keeping track of them is important to avoid penalties, asset freezes, or harm to your company’s reputation.
Name matching is a critical yet challenging part of sanctions screening. Differences in how names are recorded can lead to both missed risks and unnecessary alerts. Here’s a closer look at the main issues:
By using techniques like fuzzy matching and incorporating occasional manual reviews, companies can better navigate these challenges, ensuring a more accurate and efficient sanctions screening process.
In this article, we’ll explain how to run a simple(sic!) sanctions screening using the OFAC list in Excel—completely free of charge. The name matching using this fuzzy tool that we will explain below is better than a 1:1 matching that one usually uses in tools like Excel, but it has limitations, please keep that in mind.
First you need to download on your local machine the sanctions list in CSV format.
The list can be found here.
https://sanctionslist.ofac.treas.gov/Home/SdnList
We will use the list marked below
Next, we need to download the list of your business partners’ names, e.g. your vendors. In our case we use SAP (ERP or S/4HANA), and the list can be obtained from the table LFA1 either via transaction SE16, SE16N etc.
The list can be exported by clicking the following button:
Now, you have the two key ingredients, but we are missing the key part of this DIY tool.
We need to download Fuzzy Lookup Add-in for Excel
https://www.microsoft.com/en-us/download/details.aspx?id=15011
Click on the download button, wait to be downloaded, and run install.
This will install and add the Add-in to your Excel.
OK, now that we have everything pieced together, we need to see how this is done.
First, you will need to copy the extracted SAP vendor data to the SDN file.
For performance reasons I have shortened the file to only 5000 entries, i.e. I’ve deleted the other 10000 entries from the file.
As you can notice below I have three sheets, one containing extracted SAP data, another SDN data, an a third one where analysis will be executed.
Now, you need to go to the sheet labeled SAP (in our case) and click control + L
In the Pop-up window you need to select the column where the vendor names are and click OK. In case your Excel list has a header, check My table has headers.
Now we should name our table by changing its name in the following field:
We repeat the same step for the second sheet – SDN list.
Now, to the final step!
Go to the sheet Analysis, and click on Fuzzy Lookup
The following icon will show up, go ahead and click on it!
When you have done this, on the right-hand side you will get this:
The first two selection options are the tables which we will compare, the second set is the fields which will compare and match.
Output columns is the result that we will see.
SAP name from SAP sheet, SDN Column 1 from SDN-short sheet, and Fuzzylookup.Similarity the level of similarity between the matches found.
You have the option to define similarity threshold, in our case we will use 0.9
Similarity threshold determines how closely two values must match for them to be considered a potential match. It is a numerical value between 0 and 1, where:
1.0 (100%) → Exact match required.
0.0 (0%) → Any level of similarity can be considered.
A higher threshold (e.g., 0.9) ensures strict matches with minimal errors but may exclude relevant matches with slight variations (false negatives).
A lower threshold (e.g., 0.5) allows for more flexible matching, capturing variations such as typos, abbreviations, or name differences, but may increase false positives.
When this is set up, the next thing is to click the Go button and wait for the results.
After the lookup is done, you will see the three columns, add a filter, and sort by similarity greater than 0.9.
This is our hit list.
Let’s chat and find the best strategy for yourbusiness! It’s about individual expert advice tailored to your business needs. Tools are only as good as their application. We don’t leave you alone with your solutions, we help you get the most out of them.
A basic, manual sanction list screening can be easily executed as shown, and as sanctions lists are “open” and readily available, this approach can be extended to other lists as well.
There are limitations or problems that need to be considered though: name matching, as explained above, and furthermore sanction lists often have information about alternative (or also known as, aka) names: some bad actors might use different names, or the issuer of the sanction list provides additional ways of writing a name. We have not considered those names in our example above, they are contained in a separated column of the sanction list file.
Those issues and other problems are handled in commercial solutions such as remQ Sanctions Compliance, including case management for the hits, and white listing entities etc. Contact us for a free trial!
With over 18 years of SAP experience, Tomislav is a seasoned Customer Success Manager at VOQUZ Labs, specializing in the remQ product with SAP functional expertise. Known for his solution-oriented and detail-focused approach, Tomislav is dedicated to driving customer success and innovating solutions within the SAP landscape. With a strong focus on maximizing the value of remQ, he continuously seeks to make a tangible impact and deliver exceptional results to clients. A sparring partner to solve your risk and compliance problems? Then Tomislav :)
Jens verfügt über mehr als 20 Jahre Erfahrung in den Bereichen SAP-Sicherheit, Compliance und interne Kontrollen. Er ist ein ehemaliger Wirtschaftsprüfer, immer neugierig, bereit zu lernen und Wissen zu teilen. Bei VOQUZ Labs ist Jens für die Risiko- und Compliance-Produkte verantwortlich. Es macht ihm Spaß, mit Kunden zu interagieren und schnelle und einfache Wege zu finden, um Produkte zu verbessern und den Kunden einen Mehrwert zu bieten. Pragmatisch und kundenorientiert? Dann Jens :)
Hast Du Fragen oder möchtest Du etwas hinzufügen? Hinterlasse uns bitte eine Nachricht! Deine Nachricht wird per E-Mail an uns übermittelt und nicht veröffentlicht.
