Last reviewed: May 2026 | Consolidated List Screening DFAT TFS
- The DFAT Consolidated List is Australia’s primary sanctions screening database, combining all UN and
autonomous designations into a single searchable list updated in real time. - Screening the DFAT list alone is necessary but often not sufficient — for high-risk counterparties,
supplementary screening against OFAC SDN, EU Consolidated List, and UN Consolidated List is standard practice. - Effective screening requires more than exact-match name searching. Fuzzy matching, alias searching, and
date-of-birth verification are essential for avoiding both false negatives (missed matches) and false positives
(unnecessary refusals). - Beneficial ownership screening must extend beyond the customer to the ultimate beneficial owner (UBO) —
a match anywhere in the ownership chain triggers the asset freeze obligation. - For new or amended designations, you must act on the list update before completing any transaction with a
potentially affected counterparty — reliance on a prior clear screen is not a defence if the list has
been updated since.
What Is the DFAT Consolidated List?
The DFAT Consolidated List (formally the Australian Sanctions List) is maintained by the
Australian Sanctions Office within the Department of Foreign Affairs and Trade (DFAT). It consolidates, in a single
searchable database, the names of all persons and entities subject to targeted financial sanctions (TFS) or travel
bans under Australian law — whether arising from UN Security Council resolutions or from Australia’s
own autonomous sanctions regimes.
The list is publicly available at dfat.gov.au and can be downloaded in XML and CSV formats for integration with screening
systems. As at May 2026, the list contains approximately 3,500–4,000 entries spanning all sanctioned regimes,
with Russia-related designations constituting the largest single category (over 1,200 entries).
Structure and Content of the List
Each entry on the DFAT Consolidated List includes, where available:
- Full legal name and all known aliases, transliterations, and former names;
- Date of birth (for natural persons) and other identifying details such as passport numbers,
national identity numbers, and known addresses; - Date of designation and the legal basis (UN resolution, Ministerial declaration);
- Regime (Russia, Iran, DPRK, Myanmar, etc.);
- For entities: legal name, country of incorporation, and known registration details; and
- Designation criterion — the stated legal reason for the designation.
Understanding the designation criterion helps compliance teams assess the likely risk profile and evasion
strategies of a designated party, which is relevant to enhanced due diligence and typology-based monitoring.
Supplementary Lists: When DFAT Alone Is Not Enough
The DFAT Consolidated List reflects Australia’s domestic legal obligations. However, best practice —
and in many correspondent banking relationships, a contractual requirement — is to screen against multiple
lists simultaneously:
| List | Maintained by | Relevance for Australian Firms |
|---|---|---|
| DFAT Consolidated List | DFAT (Australian Sanctions Office) | Primary legal obligation; all Australian sanctions designations |
| OFAC SDN List | US Treasury (OFAC) | Largest universe of sanctioned parties globally; USD transactions touching the US financial system require SDN compliance regardless of geography |
| EU Consolidated Sanctions List | European Commission | Often leads Australia’s own list on new designations; EUR clearing and EU correspondent relationships require EU compliance |
| UN Consolidated List | UN Security Council Committees | UNSCR-mandated designations (ISIL/Al-Qaida, DPRK, Iran residual); legally binding on all UN member states |
| UK HM Treasury Sanctions List | OFSI (UK Treasury) | GBP transactions and UK correspondent relationships; UK maintains aligned but distinct designations |
USD-denominated transactions clearing through the US financial system, or transactions involving a US person or
US-incorporated entity anywhere in the chain. Australian firms with US correspondent relationships, or those
processing USD payments, are exposed to OFAC as well as DFAT requirements.
How Screening Must Work: Practical Requirements
1. Trigger Points for Screening
Screening must occur at multiple points in the customer lifecycle:
- Onboarding — before establishing any customer relationship or executing the first
transaction; - Every transaction — a customer clear at onboarding may be designated at any subsequent
point; - On list update — batch rescreening of existing customer base whenever material new
designations are added; and - On change in customer information — change of name, address, beneficial ownership, or
other key details triggers a rescreening obligation.
2. Fuzzy Matching and Alias Screening
Exact-match name screening is inadequate. Designated persons frequently operate under aliases, transliterations, or
variant spellings. Effective screening requires:
- Fuzzy matching algorithms (e.g., Jaro-Winkler, Levenshtein distance) to catch typographical
variants; - Transliteration matching — Arabic, Cyrillic, Farsi, Korean, and Chinese names have
multiple valid transliterations; - Alias screening — the DFAT list includes all known aliases; your system must screen
against all, not just the primary legal name; and - Date-of-birth verification — a critical secondary identifier to distinguish true matches
from false positives with similar names.
3. Beneficial Ownership Screening
For corporate customers and counterparties, the screening obligation extends beyond the legal entity itself. If a
designated person owns or controls (directly or indirectly) 50% or more of an entity, the entity’s assets are
treated as the designated person’s assets under the Australian Sanctions Office’s interpretation. Best
practice applies a 25% threshold consistent with AUSTRAC’s AML/CTF beneficial ownership standards. In
practice, this means:
- Obtain and verify the ownership structure of all corporate counterparties;
- Screen every layer of the ownership chain, not just the immediate counterparty; and
- Re-screen on any reported or detected change in the ownership structure.
4. False Positive Management
High-volume screening generates false positives — matches to similarly-named persons who are not, in fact,
designated. Robust false positive management is essential to avoid both unnecessary transaction refusals (creating
customer harm) and screening fatigue (where alert handlers stop investigating because of excessive noise). Key
practices:
- Calibrate matching thresholds to balance sensitivity (catch true matches) and specificity (filter out obvious
non-matches); - Document every false positive determination, including the secondary identifying information used to clear it;
- Senior compliance officer approval before clearing a potential match; and
- Never allow a customer to self-clear — all potential match reviews must be conducted by compliance staff,
not by frontline or sales personnel.
5. Record-Keeping
All screening records must be retained for at least 7 years under the Anti-Money Laundering and
Counter-Terrorism Financing Act 2006 (AML/CTF Act). Records should include: the date of screening, the lists
screened, the match score and decision, secondary verification details for any potential match, and the name of the
compliance officer who reviewed the determination.
List Update Monitoring: Staying Current
DFAT updates the Consolidated List in real time following Ministerial declarations. A transaction that is
permissible at 9:00 a.m. may be prohibited by 11:00 a.m. if a relevant designation is made during that window.
Compliance obligations therefore include:
- Subscribing to DFAT’s email notification service for Consolidated List updates
(available at dfat.gov.au); - Where available, integrating a real-time API feed from a commercial sanctions screening vendor
that maintains mirrored lists with minimum latency; - Triggering a batch rescan of existing customers and counterparties within 24 hours of any
material list update affecting your risk-relevant regimes; and - Implementing a hold-and-review process for transactions in progress that may be affected by a
newly-published designation.
Frequently Asked Questions
- Is the DFAT Consolidated List the only list we are legally required to screen against in Australia?
- Under Australian law, your primary legal obligation is to screen against the DFAT Consolidated List (which
incorporates all UN-mandated and autonomous Australian designations). However, Australian entities processing USD
transactions through US correspondent banks, or with USD-denominated correspondent relationships, face secondary
OFAC obligations by virtue of the terms of those correspondent agreements and OFAC’s extra-territorial
reach. Regulatory expectations (AUSTRAC) and correspondent bank requirements in practice mean that screening the
DFAT list alone may not satisfy all your obligations. - How often should we rescan our existing customer base against the DFAT list?
- There is no single prescribed frequency in Australian law. However, AUSTRAC guidance and market practice require
a risk-based approach: high-risk customers (PEPs, customers with connections to high-risk jurisdictions or
sanctioned sectors) should be rescanned monthly at minimum, ideally in real time via automated monitoring.
Lower-risk retail customers should be rescanned within 24–48 hours of any material list update. Wholesale
counterparties should be rescanned monthly and on any structural change to their beneficial ownership. - Our screening system generates hundreds of false positives a day. How do we manage this without it becoming a
bottleneck? - High false positive rates typically indicate overly broad fuzzy matching thresholds or insufficient secondary
identifiers configured in the system. Corrective actions include: (1) tuning the matching algorithm to incorporate
date-of-birth and nationality as secondary filters; (2) building a curated “cleared” exception list
for recurring false positive names (with documented approvals for each entry); (3) implementing auto-clear rules
for matches below a defined threshold where date of birth, nationality, and other identifiers definitively exclude
the designated party. All tuning decisions should be documented and reviewed at least annually. - We identified a potential match to a Russia-designated person. The customer has the same name but provides a
different date of birth. Is that sufficient to clear? - A different date of birth is a significant discriminator but may not be sufficient on its own, given that
designated persons may present false dates of birth or documentation may be unreliable. Best practice requires at
least two independent secondary identifiers (date of birth plus passport number, or date of birth plus address)
before clearing a potential match. The determination should be documented and approved by a senior compliance
officer. If only one identifier is available and there is residual doubt, the transaction should not proceed
pending further due diligence. - What happens if we process a transaction and a match is later confirmed?
- If a transaction has already been executed and you subsequently confirm it involved a designated person, you are
required to: (1) freeze all remaining assets connected to that person held by your institution; (2) notify the
Australian Sanctions Office (DFAT) and the AFP; (3) submit a Suspicious Matter Report (SMR) to AUSTRAC; and (4)
seek legal advice regarding whether a voluntary disclosure to the Australian Sanctions Office is appropriate to
mitigate any potential enforcement consequences. Whether criminal liability attaches will depend on whether the
due diligence defence under s.17 of the Autonomous Sanctions Act can be established.
This article is general information only and does not constitute legal advice. Sanctions law is subject to
frequent change. Always verify current designations against the live DFAT Consolidated List and seek independent
legal advice for specific situations.