Settings — AML / Sanctions Screening
The Settings ▸ AML page configures the platform’s automated anti-money-laundering screening pipeline. When enabled, every verification subject is screened against the configured sanctions and risk lists, and any matches surface on the verification detail page for reviewer triage.
The platform’s design principle: findings are informational, decisions are human. AML hits never auto-reject a verification; the reporting entity retains the compliance decision and the audit trail captures both the hit and the human decision.

Anatomy of the page
Section titled “Anatomy of the page”1. Page header
Section titled “1. Page header”Standard PageHeader with the title AML / Sanctions Screening and a multi-line description summarizing the lists screened.
2. Settings panel
Section titled “2. Settings panel”A bordered card with four field rows:
| Field | Control | Saved on |
|---|---|---|
| Enable AML screening | Switch | Toggle change |
| Match threshold | Range slider (70–99) | Mouse-up / touch-end |
| Retention years | Number input (7–10) | Blur |
| Screening list sources | Per-list toggles + timestamps | Toggle change |
3. Sources section
Section titled “3. Sources section”A nested section header (Screening list sources) followed by one row per list. Each row carries a description, an on/off toggle, a “last refreshed” timestamp, and a Refresh now button.
Lists screened
Section titled “Lists screened”| List | Authority | Coverage |
|---|---|---|
| OSFI consolidated | Canada Office of the Superintendent of Financial Institutions | Canadian consolidated autonomous sanctions |
| OFAC SDN | US Treasury | Specially Designated Nationals |
| OFAC Consolidated (non-SDN) | US Treasury | Consolidated non-SDN lists |
| UN | United Nations Security Council | Consolidated sanctions |
| UK OFSI | HM Treasury | UK financial sanctions |
| FATF | Financial Action Task Force | Jurisdiction risk (call-for-action / increased-monitoring) |
Each list’s published source URL, last-refresh time, and snapshot hash are also shown per row on the settings screen, so every screening hit traces back to the authority that published the entry.
The platform pulls from upstream sources nightly at 02:00 UTC and indexes the results into a fast in-memory matcher. The matcher uses fuzzy name matching with the configured threshold.
Match threshold mechanics
Section titled “Match threshold mechanics”The threshold is a percentage: a match score below it is suppressed, above it surfaces as a hit on the verification detail page.
- 70–80% — wide net, more false positives, useful for high transliteration risk
- 85% — calibrated default; balances signal and noise
- 90–99% — tight net, fewer false positives, may miss near-matches
The score is computed from a name-similarity algorithm tuned for multi-script inputs (Latin, Cyrillic, Arabic, CJK).
Retention
Section titled “Retention”In Canada, PCMLTFR (SOR/2002-184), s. 69 (administered by FINTRAC) — and most other regulators — require AML records to be retained for at least 5 years. Athenty floors retention at 7 years as a buffer above that minimum and accepts 7–10 years; values outside 7–10 are rejected server-side. The default is 7 years.
The retention clock starts at the verification’s completion timestamp. After expiry, AML hits are purged from the verification record but the verification itself remains.
List sources
Section titled “List sources”Each list source has a toggle and a last-refresh timestamp. Disabling a list:
- Suppresses new hits from that list immediately
- Does not purge existing hits — those remain in audit history
Manual refresh:
- Triggers an out-of-band pull from the upstream regulator
- Useful when an emergency designation is published mid-day
- Idempotent — safe to spam; the worker dedupes
Permissions and scope
Section titled “Permissions and scope”| Role | View | Edit |
|---|---|---|
| Owner / Admin | ✓ | ✓ |
| Member | Indirect (sees hits on verification detail) | ✗ |
| Viewer | ✗ | ✗ |
AML configuration is tenant-wide. No per-matter override exists.
Audit logging
Section titled “Audit logging”| Action | Event |
|---|---|
| Toggle AML | org.aml_settings_updated (diff includes enabled) |
| Threshold change | org.aml_settings_updated (diff includes match_threshold) |
| Retention change | org.aml_settings_updated (diff includes retention_years) |
| Source toggle | org.aml_settings_updated (diff includes sources) |
| Manual refresh | org.aml_refresh_triggered (with source ID) |
Troubleshooting
Section titled “Troubleshooting”| Symptom | Most likely cause | Fix |
|---|---|---|
| AML toggle stuck off | Plan tier excludes AML | Upgrade under Settings ▸ Billing |
| Threshold won’t save | Released outside 70–99 | Drag back in range |
| Last-refreshed timestamp old | Auto-refresh hasn’t run yet today | Click Refresh now |
| Excessive false positives | Threshold too low | Raise to 90 and observe |
| Missed obvious hit | Threshold too high or list disabled | Lower threshold or re-enable list |
Standards & authorities
Section titled “Standards & authorities”Athenty’s screening is built to the international AML framework, but the app does not name any screen after a single regulator — your reporting-entity obligations govern, and they vary by country and sector. These are the authorities the screening logic is based on, linked to the official text. Attorney-review-pending — verify against the current rules.
| What Athenty does | Governing authority |
|---|---|
| Sanctions screening (OSFI, OFAC, UN, UK lists) | The published sanctions lists of each authority: Canada’s OSFI consolidated list under SEMA / JVCFOA; the UN Security Council consolidated list; US OFAC SDN + consolidated non-SDN; UK OFSI consolidated list. A sanctions match is blocking. |
| PEP (politically-exposed person) screening + enhanced due diligence | FATF Recommendation 12 (PEPs). A PEP hit is not itself a prohibition — it signals enhanced due diligence; the reporting entity decides. |
| High-risk jurisdiction risk (FATF list) | FATF Recommendation 19 + the FATF “high-risk jurisdictions subject to a call for action” / “increased monitoring” lists. A call-for-action jurisdiction floors the verification score to manual review; increased monitoring caps it pending review. |
| Record retention | PCMLTFR (SOR/2002-184), s. 69 (Canada) and most regulators require AML records be kept at least 5 years. Athenty floors retention at 7 years (configurable 7–10) as a buffer. |
| The reporting-entity decision | Athenty’s findings are informational — under FATF R.1 / the PCMLTFA the reporting entity makes and records the risk decision (in Canada, overseen by FINTRAC). |
Related pages
Section titled “Related pages”- Verifications — surface where AML hits appear on the detail page
- Settings ▸ Compliance — broader compliance dashboard
- Settings ▸ Audit Log —
org.aml_*events - Settings ▸ Billing — tier gates AML availability