REST + JSON

Sanctions and Compliance Screening API (DFAT and ASIC Banned Registers)

Screen a name or an Australian entity against the DFAT sanctions consolidated list and the ASIC banned and disqualified persons and organisations registers. One call, joined from free public sources, with a source and date on every hit.

Which lists we cover

We screen against two named registers, plainly stated, no bundled black-box list count.

POST https://api.auo.com.au/v1/screen
Authorization: Bearer auo_sk_test_...

{ "name": "Jane Citizen", "dob": "1980-01-01" }
RegisterStatusAs of
DFAT sanctions consolidated listreview2026-07-04
ASIC banned and disqualified personsno_match2026-07-01
ASIC banned and disqualified organisationsno_match2026-07-01

Every row names the register it came from and the date it was checked. There is no combined pass/fail field.

Possible-match, never cleared

Screening returns review or no_match per register, never pass, fail, or cleared. A no_match means no hit was found on the lists we checked as of that date, it is not a clearance and it is not a guarantee the entity carries no risk. A review result means a possible match was found and warrants a human look, not an automatic block.

The DFAT list's date-of-birth field is multi-value and free text (for example "1945, 1946, approx"), so it cannot always be reliably parsed as a date. A name hit without a matching DOB still returns review, rather than being silently dropped because the DOB did not line up.

Honest about scope

Some screening products advertise a large bundled list count and hourly refresh across many jurisdictions. This API screens against two named, free, Australian government sources: the DFAT sanctions consolidated list and the ASIC banned and disqualified persons and organisations registers. That is narrower than a global multi-jurisdiction screening product, and we say so rather than imply coverage we do not have. We do not maintain a global PEP database. What we do provide is accurate, sourced, and continuously monitored, on the sources that matter for an Australian entity.

Trusts screen the trustee

A trust has an ABN but is not itself a company and holds no register entry of its own to check against a banned-persons list. Where an entity resolves to a trust, screening runs against the corporate trustee, the entity that actually holds liability, not the trust. This mirrors how the API models entity_form across the whole product.

Screening plus monitoring

A screening check is a point-in-time result. An entity that is clean today can be added to the DFAT list or the ASIC banned registers tomorrow, which matters for Tranche 2 AML/CTF obligations that require ongoing monitoring, not a one-off check at onboarding. You can watch an entity and get a webhook the moment it shows up on a watchlist. See business monitoring.

FAQ

Screening questions.

Does a no-match mean the entity is cleared?

No. A no-match means no hit was found on the lists we check as of that date, not that the entity is cleared. Screening results should be reviewed, not treated as a pass.

Which lists do you screen against?

The DFAT Consolidated List (Australia's sanctions list) and the ASIC banned and disqualified persons and organisations registers.

Do you check global PEP databases?

No. We screen against the DFAT sanctions list and the ASIC banned registers only. We do not maintain a global politically exposed persons database, and we say so rather than imply broader coverage than we have.

How do you handle a trust?

A trust has no register of its own to screen. We screen the corporate trustee, the entity that actually holds liability, not the trust itself.

Screen your first entity in a minute.

Get an API key