With the Sanctions option enabled in the admin's 'Global Settings > Compliance' panel, you can verify a customer's data obtained from ID Card Data against the U.S. OFAC Sanctions list, which it's updated daily.
Users with data matching persons indicated in that list are denied their current purchase and further ones.
Enabling sanctions list screening
In your admin's 'Compliance > Triggers' panel, add a new trigger:
Choose the parameters for the ID data trigger, its values and save by clicking the Finish button. At and above the set values, users are prompted to present their ID card prior to making larger transactions:
Then, add the Sanctions trigger at the same threshold value of the ID data trigger.
Once the Sanctions trigger is enabled, the latest OFAC sanctions list is downloaded from the U.S. Treasury Department website by the server, which may take a hour or two:
If the data contained on the back of a customer's ID card contains a name and birthdate similar to one on the OFAC sanctions list, the user is denied the current purchase, receiving instead the screen at the top of this article after scanning their ID.
So as to prevent transacting with a sanctioned person, coins will not be sent, and the user will need to contact the operator for a refund.
If the user attempts another transaction using the same phone number they used at the beginning of their purchase flow, they will be denied altogether and not allowed to insert cash.
The system currently draws from two sanctions lists:
- Specially Designated Nationals (SDNs): https://www.treasury.gov/ofac/downloads/
- Consolidated Sanctions List - which includes entities in addition to the SDN list, detailed here: https://home.treasury.gov/policy-issues/financial-sanctions/consolidated-sanctions-list-data-files
See details on our code here: https://github.com/lamassu/lamassu-install/blob/electric-enlil/install#L206-L215
Sanctioned user records
You can view a customer's sanctions status within the 'Compliance > Customers' panel.
Clicking on the desired customer's row, will open their page, then click the gavel icon to open up their verification details, and there you'll be able to see the 'Sanctions check' category as highlighted below:
A spreadsheet of sanctioned customers and their transaction attempts may be exported directly from the server with the export-sanctions-log script.
You can find more detailed instructions in the Exporting transaction logs article.