Loading...
compliance

OFAC Potential Match Investigation Form

Document an OFAC potential match review from alert to final decision. Use it to compare identifiers, record due diligence, and keep a clear audit trail for block-or-clear outcomes.

Fill it now — Free Get Started
Customize with AI → Live preview →

Trusted by frontline teams 15 years of frontline software AI customization in seconds

Built for: Financial Services · Banking · Fintech · Import/export · Healthcare

Overview

The OFAC Potential Match Investigation Form is a case record for documenting how a sanctions screening alert was reviewed, what identifiers were compared, what evidence was checked, and whether the party was cleared or blocked. It is built for the point in the workflow where a screening system has raised a possible match and a human reviewer needs to show the reasoning behind the decision.

Use this template when you need a consistent investigation trail for onboarding, payments, vendor review, customer screening, or periodic rescreening. The form captures the alert details, the matched party comparison, due diligence steps, escalation notes, and the final outcome in one place. That makes it easier to hand off a case, support internal review, and explain the decision later.

Do not use it as a general intake form or as a substitute for your sanctions policy. If the alert is obviously unrelated, a lighter note may be enough. If the case requires legal review, a hold, or a formal blocking action, this form should still document the interim steps and the final decision. Keep the data set focused on what you actually need to decide the case, and avoid collecting extra PII that does not affect the outcome.

Standards & compliance context

  • This template supports sanctions review documentation by preserving the investigation trail, escalation path, and final block-or-clear decision.
  • Use data minimization when collecting identifiers and supporting documents, and avoid capturing PII that does not help distinguish the match.
  • If the form is exposed outside the organization, add clear consent or disclosure language for any personal data collected and explain what happens after submission.
  • Keep the audit trail complete enough for internal controls and later review, including reviewer identity, timestamps, and evidence references.

General regulatory context for orientation only — verify current requirements with counsel or the relevant agency before relying on this template for compliance.

What's inside this template

Submission Notice

This section sets the purpose of the case, explains whether anonymous submission is allowed, and captures the consent or disclosure needed for any personal data.

  • Purpose of submission
  • Anonymous submission

    Select only if your workflow allows anonymous submission for internal triage and no direct follow-up is needed.

  • PII and compliance record acknowledgment (required)

    I understand this form collects limited PII and compliance data for sanctions screening, audit trail, and recordkeeping purposes.

Alert and Screening Details

This section anchors the case to the original screening event so the reviewer can trace the alert back to the system, date, and source record.

  • Alert ID (required)
  • Screening date (required)
  • Screening system (required)
  • Alert type (required)
  • Source record reference (required)

    Reference the internal customer, vendor, transaction, or shipment record tied to the alert. Avoid entering full account numbers unless required by policy.

Matched Party and Identifier Comparison

This section records the side-by-side comparison that determines whether the potential match is real, false, or still uncertain.

  • Screened party name (required)
  • OFAC list name (required)
  • Identifier comparison (required)

    Document the identifiers reviewed and whether they matched, partially matched, or did not match.

  • Identifier comparison notes (required)

    Summarize the key similarities and differences, including any progressive disclosure items that were reviewed only if relevant.

Due Diligence and Escalation

This section shows what evidence was checked, whether the case was escalated, and how the investigation trail was preserved.

  • Review steps completed (required)
  • Supporting documents

    Upload only the documents necessary to support the investigation and decision.

  • Escalation required? (required)
  • Escalation details

    Show only if escalation is required. Include who was notified, when, and the reason for escalation.

  • Audit trail notes (required)

    Record the chronology of the review, including timestamps, reviewer names or roles, and key decision points.

Decision and Outcome

This section closes the loop by stating the final decision, the rationale, any blocking action, and the follow-up date if the case remains under review.

  • Final decision (required)
  • Decision rationale (required)
  • Blocking or rejection action taken

    Select if the transaction, account, or relationship was blocked, rejected, or otherwise restricted.

  • Next review date

    Set if the matter remains open or requires follow-up monitoring.

How to use this template

  1. 1. Enter the alert ID, screening date, screening system, alert type, and source record reference so the case can be traced back to the original screening event.
  2. 2. Record the screened party name and the OFAC match name, then compare the identifiers that matter for your policy using the identifier comparison field and notes.
  3. 3. Document each due diligence step completed, attach only the supporting documents that influenced the decision, and note whether escalation is required.
  4. 4. If the case needs review by legal, sanctions leadership, or another approver, capture the escalation details and preserve the audit trail notes before closing the case.
  5. 5. Select the final decision, explain the rationale in plain language, record any blocking action taken, and set the next review date if follow-up is needed.

Best practices

  • Mark required fields only where the review cannot be completed without them, and keep optional fields available for cases that need more context.
  • Use conditional logic to show escalation and blocking fields only when the reviewer selects a match that needs further action.
  • Compare identifiers side by side instead of relying on a free-text summary, so reviewers can see exactly why the match was cleared or blocked.
  • Limit supporting documents to the records that changed the decision, and avoid attaching unnecessary PII or duplicate screenshots.
  • Write the decision rationale as a short factual summary that names the identifiers reviewed, the evidence checked, and the policy basis for the outcome.
  • Capture who reviewed the alert and when, because an audit trail without reviewer attribution is hard to defend later.
  • Set a next review date only when the case remains open, monitored, or subject to periodic recheck.

What this template typically catches

Issues teams running this template most often surface in practice:

The alert ID or source record reference is missing, which makes the case hard to trace back to the original screening event.
The reviewer records a conclusion without comparing the actual identifiers that drove the decision.
Supporting documents are uploaded without explaining why they matter, creating clutter instead of evidence.
Escalation is mentioned but not documented with who received it, when it happened, or what changed afterward.
The final decision is vague, such as 'reviewed' or 'closed,' instead of clearly stating cleared, blocked, or pending.
The form collects extra PII that is not needed to resolve the match, increasing privacy risk without improving the decision.
Next review dates are left blank even when the case should be rechecked under policy.

Common use cases

Bank sanctions analyst review
A sanctions analyst uses the form after a payment screening alert to compare the customer name, address, and other available identifiers against the OFAC entry. The completed record shows why the payment was cleared or held for escalation.
Fintech onboarding escalation
A compliance reviewer documents a potential match found during customer onboarding and routes the case to a sanctions officer when the identifiers are too close to clear quickly. The form preserves the handoff and the final disposition.
Import/export trade compliance case
A trade compliance team records a potential match involving a vendor or consignee before shipment release. The template captures the due diligence steps and any blocking action taken to support the shipping decision.
Healthcare vendor screening review
A healthcare compliance team uses the form to document a vendor or contractor screening alert and the identifiers reviewed before approving or rejecting the relationship. The audit trail helps show that the review followed internal policy.

Frequently asked questions

When should this form be used?

Use it when screening produces a possible OFAC sanctions match and you need to document the investigation before clearing or blocking the record. It is meant for case-by-case review, not routine onboarding data entry. If the alert is clearly unrelated, you may not need a full investigation record. If the match is uncertain, this form creates the audit trail that supports the final decision.

Who should complete the investigation?

A compliance analyst, sanctions reviewer, or other authorized reviewer should complete it, with escalation to legal or the sanctions officer when required. The person filling it out should be able to compare identifiers, review source records, and explain the rationale for the outcome. If your process separates screening from adjudication, this form should capture both the initial review and any escalation. Keep the reviewer role explicit so the audit trail is clear.

How often is this form used?

It is used each time a screening alert generates a potential OFAC match that requires manual review. That can happen during onboarding, periodic rescreening, payment review, vendor setup, or ad hoc investigations. The form is not a recurring checklist by itself; it is a case record for one alert or one matched party. If your workflow creates multiple alerts for the same entity, you may want a linked case ID or source record reference.

What information should be compared in the identifier section?

Compare the identifiers that actually help distinguish the screened party from the OFAC entry, such as full name, aliases, address, date of birth where lawful and necessary, country, registration numbers, and other available reference data. Use only the minimum necessary fields and avoid collecting extra PII that does not change the decision. The goal is to show why the match is true, false, or inconclusive. If a field is unavailable, note that explicitly rather than leaving the reviewer to guess.

Does this form replace the need for an audit trail?

No. It is designed to capture the audit trail inside the case record, including who reviewed the alert, what evidence was checked, what escalation occurred, and why the final decision was made. If your organization uses separate logs or case management notes, this form should reference them through the source record reference or audit trail notes. A clean audit trail is especially important when a decision is later questioned. Keep timestamps, reviewer names, and document references consistent with your internal controls.

What is the difference between blocking and clearing?

Clearing means the reviewer determined the potential match is not the sanctioned party or does not require blocking under your policy. Blocking means the record or transaction was restricted according to the applicable sanctions process. The form should make the final decision unambiguous and include the rationale and any blocking action taken. If the decision is pending escalation, do not force a clear-or-block outcome before the review is complete.

How should supporting documents be handled?

Attach only the documents needed to support the decision, such as screening screenshots, identity verification records, correspondence, or internal notes. Avoid uploading unnecessary PII or unrelated files, especially if they are not needed for the case record. If your process uses progressive disclosure, keep the main form concise and attach evidence only when it changes the outcome. Make sure file naming and retention follow your internal records policy.

How can this form be customized for different workflows?

You can add conditional logic for alert type, entity type, or escalation path so reviewers only see the fields that apply. For example, payment screening cases may need different evidence than vendor onboarding cases. You can also adjust the decision options, required supporting documents, and next review date rules to match your policy. Keep the core structure intact so every case still captures the alert, comparison, due diligence, escalation, and outcome.

What are common mistakes when using an ad hoc process instead of this form?

Ad hoc notes often miss the alert ID, the exact identifiers compared, or the reason a match was cleared. They also tend to skip escalation details and make it hard to reconstruct the decision later. Without a standard form, reviewers may collect too much data in one case and too little in another, which weakens consistency. This template gives you a repeatable structure so each review is documented the same way.

Related templates

Forms

Vendor RFP Submission

Vendor RFP Submission form for collecting bidder details, solution fit, pricing, references, and ...
Forms

Vendor / Supplier Onboarding

Vendor / Supplier Onboarding collects the legal, tax, banking, insurance, and compliance details ...
Forms

Staff Mandated Reporter Training Acknowledgment Log

Track who completed mandated-reporter training, who acknowledged reporting duties, and when renew...
Forms

Bilingual Document Translation Approval Form

Use this Bilingual Document Translation Approval Form to route a document through translation, ba...
Forms

Reasonable Suspicion Observation Form

Document observable signs, witness statements, supervisor review, and immediate actions in one Re...
Inspections

Accreditation and Certification Reporting Tracker

Track accreditation and certification submissions in one place, from standard version checks to e...
Sop

Cash Drawer Open & Count

Cash Drawer Open & Count is the SOP for verifying a drawer, counting the starting bank, recording...
Hr Policy

Anti-Harassment & Anti-Discrimination Policy

Anti-Harassment & Anti-Discrimination Policy template for defining prohibited conduct, reporting ...

Go deeper on the topic

Related concepts
  • Lockout/Tagout
    Lockout/tagout (LOTO) is the procedure for controlling hazardous energy — electrical, hydraulic, pneumatic, mechanical, thermal, chemical — before...
  • Job Hazard Analysis
    Job hazard analysis (JHA) — also called job safety analysis (JSA) — is the structured exercise of breaking a work task into sequential steps, identifying the...
  • Near-Miss Reporting
    A near-miss is an event that could have caused injury or damage but didn't — a slip that didn't fall, a load that shifted but didn't drop, a machine that...
  • AI Governance
    AI governance is the framework a company uses to decide what AI tools are allowed to do, who's accountable for their outputs, what data they're allowed to...
Related guides

Ready to use this template?

Get started with MangoApps and use OFAC Potential Match Investigation Form with your team — pricing built for small business.

Get Started Customize with AI
Ask AI Product Advisor

Hi! I'm the MangoApps Product Advisor. I can help you with:

  • Understanding our 40+ workplace apps
  • Finding the right solution for your needs
  • Answering questions about pricing and features
  • Pointing you to free tools you can try right now

What would you like to know?

AI-generated responses may not be 100% accurate