search: filter/handle weak vs strong results

[adamdecaf]

From their docs:

Am I required to screen for weak aliases (AKAs)?

OFAC's regulations do not explicitly require any specific screening regime. Financial institutions and others must make screening choices based on their circumstances and compliance approach. As a general matter, though, OFAC does not expect that persons will screen for weak AKAs, but expects that such AKAs may be used to help determine whether a hit arising from other information is accurate.

Will I be penalized for processing an unauthorized transaction involving a weak alias (AKA)?

A person who processes an unauthorized transaction involving an SDN has violated U.S. law and may be subject to an enforcement action. Generally speaking, however, if (i) the only sanctions reference in the transaction is a weak AKA, (ii) the person involved in the processing had no other reason to know that the transaction involved an SDN or was otherwise in violation of U.S. law, and (iii) the person maintains a rigorous risk-based compliance program, OFAC will not issue a civil penalty against an individual or entity for processing such a transaction.

[adamdecaf]

Right now we don't read weak references and the specification doesn't require us to. If needed we can read the weak references.

[adamdecaf]

@wadearnold Should we return weak references? We don't index or return them currently.

[wadearnold]

It is my understanding that we will only need to check against the SDN numbered entries.