Sanctioned security screening 101 for Asset Managers

Sanctioned security screening refers to identifying whether a financial instrument such as a bond, note, equity, exchange-traded fund (ETF), securitized product, or derivative is linked to a sanctioned individual, entity or government. This involves screening the issuer, not just the security, and understanding corporate structures, country restrictions, and investment prohibitions.

For asset managers, this process is relevant throughout the investment lifecycle, from asset selection to portfolio construction, due diligence, trade execution, and ongoing monitoring.

Many sanctions regimes apply restrictions not only to listed entities but also to those owned or controlled by sanctioned parties. A well‑known example is the OFAC 50% Rule, which states that any entity that is 50% or more owned, directly or indirectly, by one or more blocked persons is treated as if it is itself sanctioned.

This rule has wide-reaching implications for securities:

• A company might not appear on any sanctions list yet still be in scope because its parent or combined ownership structure meets the threshold.
• A publicly traded security issued by such a company would be considered restricted within a sanctions jurisdiction.
• Tracing ownership can require visibility several layers up the corporate hierarchy, often across multiple jurisdictions.

Other jurisdictions may have similar rules or guidance, but thresholds and interpretations can vary. Because of this variation, asset managers often require data that reveal ultimate beneficial ownership (UBO), cross‑holdings, and legal entities within a broader corporate group.

Although both sanctioned security screening and sanctioned entity screening operate within the same compliance ecosystem, the two functions address different risks:
 

1. Objects of screening

• Entity screening checks people, companies or organizations.
• Security screening checks financial instruments and their issuers.
   

2. Data requirements

• Entity screening requires identity data (names, addresses, aliases).
• Securities screening requires security identifiers (e.g., CUSIPs, ISINs, SEDOLs) and instrument-level metadata.
• Both entity and security screening require global corporate ownership and organizational hierarchy details for a robust solution.
   

3. Risk triggers

• Entity screening flags when a client or counterparty matches a sanctioned party.
• Security screening flags when holding or trading a specific instrument could breach restrictions linked to the issuer or trade execution jurisdiction.
   

4. Operational timing

• Entity screening often occurs during onboarding or periodic review.
• Security screening is needed throughout the asset ownership lifecycle—pre‑trade, post‑trade (ongoing monitoring), and when rebalancing a fund or exiting a position.
   

Security screening also may require understanding jurisdiction‑specific restrictions that apply at the instrument level. Some sanctions regimes, particularly those targeting Russian and Belarusian financial instruments, link restrictions to when a security was issued—a dimension that is not relevant in traditional entity screening.

• EU sanctions explicitly tie certain restrictions to issuance dates. For example, the 2022 EU amendment to the Regulation concerning restrictive measures against Russia (EU Regulation No 833/2014), prohibits the sale of euro‑denominated securities issued after 12 April 2022 to Russian persons or entities, while securities issued before that date fall outside the restriction.
  
  
• U.S. (OFAC) sanctions typically apply to designated persons, entities, or sectors, rather than to issuance dates. However, some measures—particularly Russia‑related sectoral programs—do use issuance dates and maturity thresholds as criteria for whether transactions in debt or equity instruments are restricted. These rules can apply to “new” debt or equity issued after dates or above certain maturity limits.
  
  

Unlike entity screening, where an entity match is the primary consideration, securities screening may require checking an instrument’s issuance or maturity date, and sector classification to determine whether it falls within the scope of a given sanctions regime.

Given the breadth and depth of data required for sanctions screening, asset managers may rely on specialized providers for:

• Issuer entity data: mapping issuers to their legal entities, parents, and subsidiaries.
• Ownership information: identifying sanctioned ownership chains and control relationships.
• Corporate hierarchies: linking securities to issuers several layers up the structure.
• Sanctions list coverage: aggregating lists across jurisdictions.
• Instrument metadata: Security identifiers such as ISINs, CUSIPs, or SEDOLs; issue type; currency; country; exchange; sector; and payoff details such as issue date and maturity date.
  
  

Moody’s can provide this content via specific datasets, but also through dedicated solutions.

• Orbis provides data and solutions for entity ownership and hierarchy data
• Grid provides sanctions data and a solution integrated with Orbis data for sanctioned entity workflows
• Portfolio View provides securities sanctions coverage, incorporating data from Orbis, Grid, and a rich database of publicly traded assets

With sanctions regimes evolving rapidly, asset managers are under heightened scrutiny regarding which securities they hold, trade, or distribute. Even a single overlooked issuer relationship could introduce compliance, reputation, or operational risk. Effective security screening provides greater clarity on where those risks may arise.

*Disclaimer: This content is for informational purposes only and does not constitute legal, financial, compliance or other professional advice. Please consult with a qualified professional for specific legal, financial, compliance, or other professional advice. For more terms and conditions pertaining to Moody’s products and services, refer to the disclaimer on Moody’s website.