What Are Restricted Entities in Business Compliance?

A “restricted entity” is an individual, company, or organization that the U.S. government has identified as a concern for national security or foreign policy. These entities face specific prohibitions on certain business transactions with U.S. persons. The restrictions are implemented to prevent activities such as terrorism, the proliferation of weapons of mass destruction, and narcotics trafficking.

These controls are based on lists maintained by different government agencies. Engaging with a listed entity without proper authorization can lead to severe consequences, making awareness of this regulatory environment necessary for any business.

Major US Government Restricted Party Lists

The U.S. government maintains multiple lists of restricted parties as part of its export control and economic sanctions programs. Businesses must ensure they do not engage in prohibited transactions with any entity named on these lists. Different lists are managed by different agencies and carry different sets of restrictions.

These lists can include both U.S. and foreign persons. The reasons for an entity’s inclusion are varied, from activities contrary to U.S. national security interests to violations of export control regulations.

Department of Commerce, Bureau of Industry and Security (BIS)

The Bureau of Industry and Security (BIS) within the Department of Commerce enforces the Export Administration Regulations (EAR). Its primary tool is the Entity List, which identifies foreign persons subject to specific license requirements for the export, re-export, or in-country transfer of specified items.

Entities are added to this list when the U.S. government determines there is reasonable cause to believe they have been involved, are involved, or pose a significant risk of becoming involved in activities contrary to U.S. national security interests. The restriction imposes a specific licensing requirement for items subject to the EAR. This means a license may be required for exporting an item to a party on the Entity List, even if one would not normally be needed.

Department of the Treasury, Office of Foreign Assets Control (OFAC)

The Treasury Department’s Office of Foreign Assets Control (OFAC) enforces economic and trade sanctions. Its most prominent list is the Specially Designated Nationals and Blocked Persons List (SDN List), which includes individuals and entities like terrorists and narcotics traffickers designated under sanctions programs.

Unlike lists focused on export controls, inclusion on the SDN List results in a comprehensive block on all property and interests in property, which must be reported to OFAC. U.S. persons are broadly prohibited from most dealings with SDNs.

Department of State

The State Department maintains lists related to foreign policy and defense trade. The Directorate of Defense Trade Controls (DDTC) manages the AECA Debarred List, which identifies parties barred from participating in the export of defense articles or services. Debarment is a consequence of violating the Arms Export Control Act.

Another list is the Nonproliferation Sanctions (NPS) list, which targets foreign entities and individuals involved in proliferation activities. Sanctions can include a ban on U.S. government procurement, a prohibition on assistance, and the denial of export licenses.

Prohibited Transactions and Activities

Prohibitions depend on which list an entity appears on. For those on the BIS Entity List, restrictions center on items subject to the Export Administration Regulations (EAR). A company must determine if a license from the Department of Commerce is required before transferring goods, software, or technology to the entity.

These restrictions create a presumption of denial for license applications. For example, one entity might be restricted from receiving any item subject to the EAR, while another is only restricted from receiving items related to nuclear technology. A specific license review is required for transactions that might otherwise proceed without one.

Prohibitions for entities on OFAC’s SDN List are comprehensive. U.S. persons, which include U.S. companies and their foreign branches, are prohibited from engaging in virtually any transaction with an SDN. This includes financial transactions, providing services, or supplying goods, and is enforced through “asset blocking,” where any property of an SDN within U.S. jurisdiction is frozen.

This prohibition extends to entities owned 50 percent or more by one or more SDNs, even if the owned entity itself is not explicitly named on the list. This “50 Percent Rule” requires businesses to conduct deeper due diligence on the ownership structure of their partners. The goal of these sanctions is to financially isolate the designated parties from the U.S. financial system.

Parties on the State Department’s AECA Debarred List are barred from participating in any activity regulated by the International Traffic in Arms Regulations (ITAR). This includes applying for or using any export license for defense articles and services, effectively cutting them off from U.S. defense trade.

Required Due Diligence and Screening

Compliance requires gathering information about any party in a transaction. A company should collect the full legal name, any “doing business as” (DBA) names, the physical address, and the identity of key individuals like owners and directors. This information is the foundation for a reliable screening process.

Inaccurate data can cause a screening search to fail, creating a compliance gap. This information gathering and record keeping should be a standard part of customer and partner onboarding.

The U.S. government provides a free resource called the Consolidated Screening List (CSL), which is publicly accessible online. The CSL combines major restricted party lists from the Departments of Commerce, State, and Treasury into a single, searchable database. This tool allows businesses to check a name and country against multiple lists at once, streamlining due diligence.

When using the CSL, a user enters the collected information into the search fields. The “Fuzzy Name” search option is recommended as it accounts for misspellings and name variations. This feature produces a more comprehensive search and reduces the risk of missing a potential match.

Search results will indicate a potential “hit” on one of the lists and identify the source list and its agency. The company must then review the details of the hit to determine if it corresponds to their potential business partner. All screening activities, including the date of the search, the parameters used, and the results, should be documented and retained as evidence of due diligence.

Licensing and Authorization Process

If a screening reveals a partner is on a restricted list, the next step is to see if a license can be obtained. The application must be sent to the government agency that maintains the specific list. For example, an application for an entity on the Entity List goes to BIS, while one for the SDN List goes to OFAC.

Submitting an application to the wrong agency will cause delays and rejection, as each has its own jurisdiction and process.

A license application requires full disclosure of the proposed transaction. Applicants must describe the goods, services, or technology, including technical specifications and end-use. The application must also identify all parties and provide a justification for why the transaction should be approved.

Applications are submitted through dedicated online portals. For BIS licenses, applicants use the SNAP-R system, while OFAC license applications are submitted via its specific portal. These systems guide applicants through the submission process to ensure all required information is provided.

The review period can take weeks or months, depending on the case’s complexity. The agency may request additional information during the review. The final outcome is either the issuance of a license, which may have conditions, or a denial of the application.

Penalties for Non-Compliance

Engaging in prohibited transactions with a restricted entity without authorization can lead to severe civil or criminal penalties. The severity depends on the nature of the violation, whether it was intentional, and the specific regulations broken.

Civil Penalties

Civil penalties are primarily monetary and can be substantial. For EAR violations, BIS can impose fines up to $374,474 per violation or twice the transaction’s value. For sanctions violations, OFAC can levy civil penalties up to $377,700 per violation or twice the transaction’s value. Fines can accumulate quickly, as each unauthorized transaction may be a separate violation.

Criminal Penalties

If a violation is willful, the consequences can escalate to criminal charges against the company and individuals involved. Penalties include larger fines, potentially over a million dollars, and imprisonment for individuals. A criminal conviction also carries long-term reputational damage and can result in the loss of export privileges.