Compliance & trade
intelligence glossary.
Definitions for the terms that appear most often in sanctions compliance, export controls, beneficial ownership, and supply chain due diligence contexts — from practitioner-facing fundamentals to technical terminology.
A
- Adverse Media
- Negative news coverage, investigative reporting, or public record sources that suggest a potential compliance risk — including allegations of fraud, corruption, money laundering, sanctions violations, or ties to criminal networks. Adverse media screening is required as part of enhanced due diligence (EDD) for high-risk customers and is increasingly integrated into automated third-party risk workflows. The challenge is distinguishing credible adverse signals from noise: volume, source credibility, relevance, and recency all affect how an adverse media hit should be weighted.
B
- Beneficial Ownership BO
- The natural person(s) who ultimately own or control a legal entity — as distinct from the nominal or registered owner. A beneficial owner may hold their interest directly through equity, or indirectly through a chain of intermediary legal entities. Most beneficial ownership regulations set a disclosure threshold (commonly 25%) above which natural persons must be identified. Sayari’s world model resolves beneficial ownership chains across jurisdictions, linking nominee and holding entities back to ultimate individual owners where registry disclosures permit.
- Bureau of Industry and Security BIS
- The US Department of Commerce agency responsible for administering export controls under the Export Administration Regulations (EAR). BIS maintains the Entity List, the Denied Persons List, the Unverified List, and the Military End User List. BIS also publishes the Commerce Control List (CCL), which specifies the export control classification numbers (ECCNs) assigned to controlled goods and technologies. BIS enforcement has increasingly focused on re-export violations and third-country transshipment used to evade semiconductor and advanced technology controls.
C
- Customer Due Diligence CDD
- The process of verifying a customer’s identity, understanding the nature of their business, and assessing money laundering and sanctions risk. CDD encompasses identity verification, beneficial ownership identification, and ongoing monitoring. Under FinCEN’s CDD Rule (31 CFR § 1010.230), covered financial institutions must identify and verify the beneficial owners of legal entity customers at account opening. The depth of CDD scales with customer risk — routine CDD for standard-risk customers, enhanced due diligence (EDD) for higher-risk relationships.
D
- De Minimis Rule
- A threshold under US export control regulations below which foreign-produced items incorporating controlled US-origin content are not subject to US export licensing requirements. For most countries, the threshold is 25% US-origin controlled content by value; for countries subject to stricter controls (including embargo targets), the threshold is 10%. The calculation is item-specific and applies to controlled content only — not total item value. Determining de minimis thresholds is a frequent source of compliance complexity in global supply chains, particularly for semiconductor components.
- Dual-Use Goods
- Products, software, or technology that have both legitimate commercial applications and potential military or weapons of mass destruction (WMD) applications. Dual-use items are the primary focus of export control regimes — including the US Commerce Control List (CCL), the EU Dual-Use Regulation, and the Wassenaar Arrangement. Items are classified by Export Control Classification Number (ECCN) based on technical parameters and end-use potential. Common dual-use categories include semiconductors, advanced manufacturing equipment, cryptography software, aerospace components, and precision measurement instruments.
E
- EAR99
- The Export Administration Regulations classification for US-origin items not listed on the Commerce Control List (CCL). EAR99 items generally do not require an export license for most destinations. However, EAR99 classification does not mean unrestricted export: items classified EAR99 still cannot be exported to sanctioned countries, to entities on the BIS Entity List or Denied Persons List, or for WMD-related end-uses — regardless of classification. The common misconception that “no license required” means “no restrictions apply” is a significant source of enforcement exposure.
- Export Control Classification Number ECCN
- A five-character alphanumeric code in the US Commerce Control List that identifies the export control status of a specific item, software, or technology. The first character designates the product category (e.g., 3 = Electronics), the second designates the product group (A–E), and the remaining digits identify control parameters. An ECCN determines what license requirements apply based on the destination country and end-use. Items not on the CCL receive an EAR99 designation. Exporters are responsible for correct ECCN classification — misclassification is a common source of BIS enforcement action.
- Enhanced Due Diligence EDD
- A deeper level of customer or counterparty investigation for relationships presenting elevated compliance risk. EDD typically requires additional identity verification, source of wealth and funds analysis, adverse media review, beneficial ownership chain resolution, and enhanced ongoing monitoring. EDD is mandatory under most AML regulatory frameworks for politically exposed persons (PEPs), customers in high-risk jurisdictions, and correspondent banking relationships. Specific documentation standards vary by regulatory regime and institution risk appetite.
- Entity Resolution
- The computational process of determining whether multiple data records — from different sources, with different name spellings, different ID numbers, or different transliterations — refer to the same real-world entity. Entity resolution is a core challenge in compliance data: the same company may appear as “Huawei Technologies Co., Ltd.” in one database, “HUAWEI TECH CO LTD” in a trade manifest, and “华为技术有限公司” in a Chinese registry. Without entity resolution, cross-source correlation requires manual analyst work for every query. Sayari’s world model applies entity resolution across 500M+ corporate records and 3.8B+ trade transactions at ingestion time.
F
- Foreign Corrupt Practices Act FCPA
- A US federal law that prohibits US persons, companies, and foreign issuers of US securities from paying bribes to foreign government officials to obtain or retain business. The FCPA has two core provisions: anti-bribery, and accounting (books and records, internal controls). Liability extends through third parties — a company can be held liable for bribes paid by agents, distributors, joint venture partners, or acquired companies. FCPA due diligence on third parties requires identifying beneficial owners and politically exposed persons with authority over relevant commercial decisions.
- Foreign Ownership, Control, or Influence FOCI
- A condition under the National Industrial Security Program (NISP) in which a foreign interest has the ability — directly or indirectly — to direct matters affecting the management of a US entity in a way that could create risk for classified information or government contracts. FOCI analysis requires tracing the full ownership chain of a US contractor to identify any foreign beneficial owners. When FOCI is identified, mitigation agreements (Special Security Agreements, Security Control Agreements, voting trust agreements) may be required as a condition of continued contract performance.
- Front Company
- A legal entity established or used to conceal the true ownership, source of funds, or purpose of a transaction — typically to obscure a connection to a sanctioned party, criminal organization, or state actor. Front companies may engage in nominal legitimate business to provide cover. Common indicators include: ownership chains passing through secrecy jurisdictions, mismatched business activity and financial flows, nominee directors or shareholders, and registration patterns inconsistent with stated purpose. Sayari’s ownership chain mapping is designed specifically to identify beneficial ownership connections obscured through front company structures.
K
- Know Your Customer KYC
- The process by which financial institutions and regulated businesses verify customer identity, understand the nature of business relationships, and assess the risk of money laundering, terrorist financing, and sanctions violations. KYC encompasses customer identification (CIP), customer due diligence (CDD), and enhanced due diligence (EDD) for higher-risk relationships. KYC is mandated by the Bank Secrecy Act in the US and by analogous frameworks (4AMLD, 5AMLD, 6AMLD) in the EU. KYC failures are among the most common sources of AML enforcement action globally.
N
- Nominee Director / Nominee Shareholder
- A person or entity that appears in official corporate registry filings as a director or shareholder on behalf of the true principal — to conceal the actual beneficial owner in the public record. The nominee’s name appears in filings; the actual owner exercises control through private agreement. Nominee arrangements are legal in many jurisdictions but are a common mechanism for ownership opacity. Identifying nominee relationships typically requires analysis of cross-jurisdictional ownership patterns, UBO disclosures, and adverse media — rather than registry records alone.
O
- Office of Foreign Assets Control OFAC
- The US Treasury Department office responsible for administering and enforcing economic and trade sanctions. OFAC maintains the Specially Designated Nationals and Blocked Persons (SDN) list, whose assets are blocked and with whom US persons are generally prohibited from transacting. OFAC also administers country-based programs (comprehensive embargoes against Cuba, Iran, North Korea, Syria, and the Crimea/Zaporizhzhia/Kherson/Donetsk/Luhansk regions) and list-based programs targeting specific individuals and entities. OFAC’s 50 percent rule extends blocking obligations to entities 50% or more owned by SDN-listed persons, even if those entities aren’t separately listed.
P
- Politically Exposed Person PEP
- An individual who holds or has held a prominent public function — including heads of state, senior government officials, judicial officials, senior military officers, senior executives of state-owned enterprises, and senior officials of international organizations. PEPs represent elevated money laundering and corruption risk because their positions create opportunities to abuse public power for private financial gain. Most AML frameworks require enhanced due diligence for PEPs and their immediate family members and close associates. FATF defines PEPs as a mandatory high-risk category requiring specific screening and monitoring procedures.
S
- Sanctions Screening
- The process of checking individuals, entities, vessels, aircraft, and other subjects against government-maintained sanctions and denial lists to identify prohibited or restricted relationships. Effective sanctions screening requires more than simple name matching: it requires fuzzy matching for name variations and transliteration differences, ownership chain analysis to apply the OFAC 50 percent rule, geography-based filtering, and real-time list update processing. Failures to identify ownership-chain connections to SDN-listed entities — not just direct name hits — are among the most common sources of OFAC civil enforcement actions.
- Specially Designated Nationals SDN
- Individuals and entities designated by OFAC under one or more sanctions programs. SDNs have their US-accessible assets blocked and US persons are generally prohibited from transacting with them. The SDN list contains thousands of designations across dozens of programs spanning individuals, companies, vessels, and aircraft. Designations are at the entity level — related entities not separately listed may still be blocked under the 50 percent rule. Sayari processes SDN list updates in real time as OFAC publishes them.
- Shell Company
- A legal entity with no active business operations or significant assets — typically used as a holding vehicle, for tax structuring, or to obscure beneficial ownership. Shell companies are legal and common in legitimate corporate structures. They become a compliance concern when used to layer ownership chains to conceal beneficial owners, facilitate sanctions evasion, or channel illicit funds. Key indicators include: nominee directors, virtual offices, no employees, minimal assets, and registration in jurisdictions with low transparency requirements.
- Supply Chain Due Diligence
- The process of identifying, assessing, and mitigating risks within a company’s upstream supply chain — including sanctions exposure, forced labor, export control violations, and human rights concerns. Regulatory frameworks requiring supply chain due diligence include the UFLPA (US), the EU Corporate Sustainability Due Diligence Directive (CSDDD), the German Supply Chain Due Diligence Act (LkSG), and France’s Loi de Vigilance. Effective supply chain due diligence requires tracing corporate ownership at each tier — not just the direct supplier — to identify sub-tier connections to restricted parties or high-risk jurisdictions.
T
- Tier-N Supplier
- A classification for suppliers in an extended supply chain based on distance from the buyer. A Tier 1 supplier has a direct relationship with the buyer. A Tier 2 supplier supplies the Tier 1 supplier. Tier 3 and beyond suppliers feed components or materials further up the chain. UFLPA compliance and export control due diligence increasingly require looking beyond Tier 1 — a buyer’s direct supplier may have no connection to restricted parties while sub-tier suppliers of raw materials or components may link directly to sanctioned entities or forced labor programs. Tracing sub-tier connections requires trade data analysis combined with corporate ownership resolution.
- Third-Party Risk Management TPRM
- A structured framework for identifying, assessing, and managing risks arising from relationships with external vendors, suppliers, partners, agents, and distributors. TPRM programs typically include risk-tiering (prioritizing higher-risk third parties for deeper screening), due diligence (sanctions, ownership, adverse media, and financial health review), contract controls (representations, audit rights, termination provisions), and ongoing monitoring. Regulatory pressure on TPRM has intensified across financial services, defense contracting, and critical infrastructure — driven by OFAC enforcement, UFLPA requirements, and expanding anti-corruption frameworks.
U
- Ultimate Beneficial Owner UBO
- The natural person who ultimately owns or controls a legal entity, traced through all intermediate holding structures. Unlike the registered owner or nominee, the UBO is the human individual with the final economic interest. Identifying the UBO is the central objective of beneficial ownership due diligence — and the central challenge when ownership chains pass through multiple jurisdictions with varying disclosure standards. Sayari resolves UBO chains by integrating corporate registry filings, UBO disclosure registers, and trade record connections across 250+ jurisdictions.
- Uyghur Forced Labor Prevention Act UFLPA
- A US federal law enacted in December 2021 that establishes a rebuttable presumption that all goods mined, produced, or manufactured wholly or in part in the Xinjiang Uyghur Autonomous Region (XUAR), or by entities on the UFLPA Entity List, are produced with forced labor and therefore prohibited from US importation under 19 U.S.C. § 1307. The presumption can only be rebutted by “clear and convincing evidence” — a high standard. Effective UFLPA compliance requires Tier 2 and Tier 3 supply chain tracing, ownership analysis for XPCC-linked entities, and trade data analysis to identify Xinjiang-origin flows even when goods transit through third countries.
V
- Variable Interest Entity VIE
- A corporate structure in which a foreign investor achieves effective economic and operational control over a Chinese operating company without direct equity ownership — typically through contracts between a wholly foreign-owned enterprise (WFOE) and a domestic Chinese entity. The VIE structure was developed to allow foreign investment in sectors where PRC law restricts direct foreign equity. VIE structures create significant compliance complexity: the foreign investor’s rights rest on contractual rather than equity relationships, the structure is not formally recognized under Chinese law, and the ownership relationships may be invisible through standard corporate registry analysis alone.
X
- Xinjiang Production and Construction Corps XPCC
- A quasi-military organization and economic entity controlling a significant portion of Xinjiang’s agricultural, industrial, and infrastructure sectors. The XPCC and its subordinate entities have been designated by OFAC under the Global Magnitsky Act and are listed on the UFLPA Entity List. XPCC-linked entities have been identified in supply chains for cotton, polysilicon, tomatoes, and other Xinjiang-origin commodities. Identifying XPCC connections requires tracing corporate ownership through provincial-level Chinese registries — many XPCC-affiliated entities are registered at the provincial AMR level rather than in national SAMR filings.
#
- 50 Percent Rule OFAC POLICY
- An OFAC policy that extends blocking obligations to entities owned 50% or more in the aggregate by one or more SDN-listed persons, even if those entities are not themselves listed on the SDN list. The rule applies cumulatively: if two SDN-listed persons each own 30% of a company, the company is blocked even though no single SDN holds 50%. The rule also applies to entities owned by other blocked entities, requiring full ownership chain tracing to identify downstream exposure. This policy significantly expands the practical scope of OFAC compliance beyond the list itself — and is a primary driver of demand for Sayari’s ownership chain resolution capabilities.
SEE SAYARI IN ACTION
Put these concepts to work.
Sayari applies ownership chain resolution, sanctions list integration, and trade data analysis to the real-world problems these definitions describe. Request a demo to see how.