We have several vendors that we use for OFAC screening (onboarding, wires, IAT, regular database screening, branch, etc). Audit has now come to us to suggest that our newest OFAC vendor is considered a "model". I can't claim expertise in what is and what isn't considered a model, but know that our own internal folks in Compliance and Audit have argued over this same topic over the years. This new vendor uses exact match on name plus attributes such as address, DOB to identify potential matches and allows us to configure the confidence of the match. Our other vendors take a similar approach. Do any of you consider your OFAC screening tools to be a "model"?

I haven't looked at the current definition of a model, but I never considered OFAC screening to be a model, and no auditor or examiner ever suggested it was.

Large bank in my area contacted their regulator regarding this (FDIC) San Francisco Region and was told that software used for OFAC screening is a model due to the algorithm used to detect matches.

Another example of don't ask a question you don't want to know the answer. (Joke)

We are including a review of the OFAC screening when we have our next model validation.