Monitoring Report: Column Reference and User Guide

The Monitoring Report is an Excel file you can download from the sanctions.io Monitoring Portal whenever you need it. It shows you every monitored entry along with their screening results, any matches found, review statuses, and a complete log of what happened and when, including actions taken by your team or the system. Filter by status and export at any time.

Use this guide to understand what each column contains, where the value comes from, and how to use it in your compliance workflows.

Applies to: Monitoring Portal

Topics Covered

→ How to Generate and Download the Report

→ Report Structure – Understanding the Rows

1. Input Data Columns

2. Results Data Columns

2.1. Core Match Fields

2.2. Identity and Biographical Fields

2.3. Sanctions and Program Fields

2.4. Vessel Fields

2.5 Aircraft Fields

2.6. Adverse Media Fields

3. Audit Columns

4. Audit Trail Columns

4.1 Audit Action Reference

→ Best Practices and Compliance Tips

How to Generate and Download the Report

Follow these steps to export a Monitoring Report from the portal:

In the Monitoring Entries toolbar, click the Status Filter dropdown.
Select the desired filter: All Entries, Entries with Alerts, Entries Without Alerts, New Matches, False Positive Matches, or Real Positive Matches.
Optionally, enter a name in the search bar to narrow the export to specific monitored entries.
Click Download Report (below the Status Filter dropdown). The portal will begin generating the file.
When ready, download the file from the Notification Center (bell icon in the top-right corner of the portal). You will also receive an email: "Your monitoring results export is ready."

Format: Excel (.xlsx)

Report Structure – Understanding the Rows

Each row in the report represents one match result for one monitored entry, not one entry per row. Understanding this is key to interpreting the report correctly.

Why You See Multiple Rows For the Same Entry

If a monitored entry has 2 potential matches, it will produce 2 result rows — one per match.
The Audit Trail adds additional rows for each action logged (e.g., an entry created, a result classified).
Use monitoring_entry_id or monitoring_entry_external_identifier to group all rows for the same subject.
Use result_id to isolate all audit trail rows for a specific match result.

The report is organized into four logical column groups, described in Sections 1 through 4:

1. Input Data - Details about the monitored entry as submitted by you or generated by the system.

2. Results Data - Screening match details sourced from sanctions lists, PEP lists, or adverse media.

3. Audit Columns - Current review status, comments, and lifecycle timestamps.

4. Audit Trail - A complete log of every action on each result.

Table Legend: Source (system, user, and data source) indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only, to help you understand where the information comes from.

Source

Meaning

System

Value generated automatically by sanctions.io. No input required from you.

User

Value provided by you when creating or uploading the monitoring entry.

Data Source

Value sourced directly from the underlying sanctions list or watchlist authority.

System
User

Can be set automatically by the system or manually updated by a user.

1. Input Data Columns

These columns capture the information submitted when a monitoring entry was created, either provided by you (User) or generated automatically by sanctions.io (System). They are the first columns in the report.

Source

Field

System

monitoring_entry_id Unique ID automatically assigned by sanctions.io to each monitoring entry. Use this to identify and reference any entry across reports and API calls. e.g. 683b4a94-1496-4e42-a77d

User

monitoring_entry_external_identifier Your internal reference ID (e.g., customer number, vendor ID). Helps map screening results back to your internal systems and build a false positive whitelist. Max 60 characters. e.g. my-id-123456

User

monitoring_entry_name The full name of the individual or the registered name of the entity submitted for monitoring. Max 15 words. e.g. John Doe

User

monitoring_entry_entity_type The type of entity being monitored. Helps target the correct subset of watchlists. Accepted values: Individual, Entity, Vessel, Aircraft. e.g. Individual

User

monitoring_entry_identifiers One or more unique identifiers for the subject. Improves match accuracy and reduces false positives. Supported: Passport, National ID, Tax ID, Email, Company domain, SWIFT code, IMO number, Aircraft registration. e.g. XXX123456789

User

monitoring_entry_countries One or more countries associated with the subject (residence, nationality, citizenship). ISO 3166-1 alpha-2 format (e.g., US, GB, MX). e.g. BR

User

monitoring_entry_date_of_birth Date of birth of the individual being monitored. Accepted format: YYYY-MM-DD. e.g. 2000-12-31

User

monitoring_min_score Minimum confidence score a match must meet to be returned. Controls screening sensitivity. Range: 0.80–0.99. Recommended default: 0.88. e.g. 0.88

User

monitoring_data_source Short code(s) of the list(s) or collections to screen against — e.g., sanctions-lists, PEP, adverse-media, or specific codes like SDN, UK-SANCTIONS. e.g. sanctions-lists

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2. Results Data Columns

These columns contain the match data returned by the screening engine, sourced from sanctions lists, PEP lists, adverse media, and other watchlists. They represent what was found on the watchlist, not what you submitted.

⚠️ Data Availability Notice
Results data reflect only what the original issuing authority has published. If a field is blank (e.g., no DOB or address), it means the data source did not provide that information.
sanctions.io does not alter, enrich, or modify original source data.

2.1. Core Match Fields

These fields provide the foundational metadata for each match result, drawn from both the sanctions.io system and the underlying data sources. They allow you to track, reference, and audit individual results.

Source

Field

System

result_screened_listsShort codes of the lists that were screened for this monitoring entry's configuration.e.g. SDN, UN, UK-SANCTIONS, PEP

System

result_entry_total_resultsTotal number of match results found for this monitored entry. If this is 2, there will be 2 result rows for the same entry.e.g. 2

System

result_idUnique system-generated ID for an individual match result. Use this to reference a specific match in the audit trail or via the API.e.g. f4f54321-c229-407d-93cb

System

result_created_atTimestamp indicating when the system first detected and created this match result.e.g. 2026-04-13 22:24:46

System

result_cleared_atTimestamp indicating when an alert was cleared — the entity no longer appears on the watchlist that triggered it. A populated value confirms the subject has been removed from the relevant list since the initial match.e.g. 2026-02-23 10:17:54

System

result_confidence_scoreHow closely the submitted name matched the watchlist record. Only results at or above monitoring_min_score are returned. Range: 0.80 to 1.00. A score of 1.00 means an exact name match.e.g. 1.0

System

result_data_sourceShort code of the specific data source where this result was found.e.g. SDN

Data Source

result_source_urlDirect link to the original sanctions list entry or adverse media article.e.g. https://result.source.com/

System

result_si_identifiersanctions.io's unique internal ID for this watchlist record. Use this together with monitoring_entry_external_identifier to build your false positive whitelist.e.g. SDN-NONE-000

System

result_first_importTimestamp indicating when this watchlist record was first entered into the sanctions.io system. Provides historical context for a match.e.g. 2023-05-20 21:30:50

Data Source

result_last_updateTimestamp of the most recent update to this watchlist record. Confirms you are working with the latest available data.e.g. 2026-02-13 11:14:59

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2.2. Identity and Biographical Fields

These fields contain descriptive information about the matched individual or entity, sourced directly from the underlying watchlist or data provider.

Source

Field

Data Source

result_nameThe primary name under which the individual, entity, or asset is listed by the sanctions authority. For adverse media, this field displays the article title.e.g. John Doe

Data Source

result_alt_namesAlternative names (aliases, AKAs) associated with the sanctioned subject as recorded by the data source.e.g. John James Doe, El John Doe

Data Source

result_entity_typeEntity type as listed on the watchlist: Individual, Entity, Vessel, or Aircraft.e.g. Individual

Data Source

result_titleOfficial titles of the individual as listed by the data source.e.g. President

Data Source

result_positionOfficial roles, titles, or functions held by the individual, including organization and date range where available.e.g. title: Circuit judge, start_date: 2008-01-01

Data Source

result_date_of_birthFull date of birth of the sanctioned individual, as published by the data source.e.g. 1948-10-30

Data Source

result_year_of_birthYear of birth, used when only the year is published by the data source.e.g. 1948

Data Source

result_countryOne or more countries associated with the entity as listed by the data source.e.g. GB

Data Source

result_country_residenceOne or more countries of residence of the entity.e.g. US

Data Source

result_nationalityNationality of the sanctioned entity.e.g. US

Data Source

result_citizenshipCitizenship of the sanctioned entity.e.g. US

Data Source

result_place_of_birthPlace of birth of the sanctioned individual, as published by the data source.e.g. San Juan de los Lagos

Data Source

result_addressKnown or last reported address(es) associated with the sanctioned subject.e.g. 210 Main Road, New York, US

Data Source

result_email_domainIndividual email address or company domain associated with the sanctioned subject.e.g. individual@example.com

Data Source

result_wallet_addressCryptocurrency wallet address associated with the sanctioned subject, where published by the data source.e.g. TRX-TAoLw5yD5XUoHWeBZRSZ1ExK9HMv2CiPvP

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2.3. Sanctions and Program Fields

These fields provide the regulatory and contextual detail behind a sanctions listing. They describe why and under what authority a subject was designated, including the relevant sanctions program, regime, remarks from the issuing authority, and any applicable licensing requirements.

Source

Field

Data Source

result_start_dateDate when the individual or entity was sanctioned or added to the watchlist.e.g. 2022-02-25

Data Source

result_programCode of the sanctions program under which the subject is designated.e.g. ILLICIT-DRUGS-EO14059

Data Source

result_regimeSanctions regime under which the subject is listed.

Data Source

result_remarksFree-text notes provided by the issuing authority — e.g., reasons for listing, related parties, or other contextual information.e.g. Shell company used to obscure ownership...

Data Source

result_federal_register_noticeReference to the Federal Register notice associated with the designation. Primarily relevant for OFAC listings.e.g. 2025/1198

Data Source

result_federal_standard_orderFederal standard order related to the sanctions designation.

Data Source

result_license_requirementLicensing requirements applicable to transactions involving the sanctioned subject.e.g. For all items subject to the EAR...

Data Source

result_license_policyPolicy governing license applications related to the sanctioned subject.e.g. Policy of denial

Data Source

result_entity_numberThe unique reference number assigned to the entry by the sanctions authority or data source.e.g. 23075839067

Data Source

result_descriptionNarrative description of the sanctioned subject as provided by the issuing authority. May include background context or reasons for designation.

Data Source

result_additional_informationSupplementary data that does not fit into other structured fields. For sanctions: company numbers, org type, and similar details.e.g. tax_id_no: 181046704, organization_type: Other financial...

Data Source

result_relationsRelated entities or individuals linked to the sanctioned subject, as recorded by the data source.

Data Source

result_identifiersFormal identifiers associated with the sanctioned subject, such as business registration numbers or government-issued IDs.e.g. NZ business_number 9429042364061

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2.4. Vessel Fields

Populated only when the matched record is a vessel (result_entity_type = Vessel).

Source

Field

Data Source

result_vessel_call_signCall sign of the sanctioned vessel.e.g. CL2192

Data Source

result_vessel_imoIMO number uniquely identifying the sanctioned vessel.e.g. IMO 9354521

Data Source

result_vessel_typeType or classification of the sanctioned vessel (e.g., cargo, tanker).e.g. tanker

Data Source

result_vessel_gross_tonnageGross tonnage of the sanctioned vessel.e.g. 99144"

Data Source

result_vessel_gross_registered_tonnageGross registered tonnage of the sanctioned vessel.e.g. 56068

Data Source

result_vessel_flagFlag state (country of registration) of the sanctioned vessel.e.g. India

Data Source

result_vessel_ownerRegistered owner of the sanctioned vessel.e.g. Trade Inc Corp

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2.5. Aircraft Fields

Populated only when the matched record is an aircraft (result_entity_type = Aircraft).

Source

Field

Data Source

result_aircraft_serial_identificationSerial identification number of the sanctioned aircraft.e.g. 83490706

Data Source

result_aircraft_mode_s_transponder_codeMode S transponder code of the sanctioned aircraft.e.g. 424B32

Data Source

result_aircraft_modelModel designation of the sanctioned aircraft.e.g. IL-76TD

Data Source

result_aircraft_manufacture_dateManufacture date of the sanctioned aircraft.e.g. 2002-08-28

Data Source

result_aircraft_operatorOperator of the sanctioned aircraft.e.g. Mahan Air

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

2.6. Adverse Media Fields

Populated only when the matched result comes from an adverse media source (result_entity_type = Adv-media).

Source

Field

Data Source

result_entity_typeHelps filter adverse media results from other result types.e.g. Adv-media

Data Source

result_individuals_adv_mediaNames of individuals found within the adverse media article.e.g. John Q. Public, Fred Nerks

Data Source

result_entities_adv_mediaOrganizations, countries, or agencies mentioned in the adverse media article.e.g. UN Voluntary Fund for Victims of Torture

Data Source

result_media_sourceMain URL and name of the news or press source for adverse media results.e.g. url: https://newsitem.com, name: News Item

Data Source

result_summary_adv_mediaA brief summary of the adverse media article content.e.g. The sanctions are being applied to 12 individuals...

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

3. Audit Columns

These columns capture the current review state of each match result and lifecycle timestamps for the monitoring entry.

'Status' and 'Text' Show Only the Latest Change

The result_status and result_text columns reflect only the most recent action. To see the full history of all classifications and changes, refer to the Audit Trail columns in Section 4. Each status change automatically updates result_modified_at, maintaining a traceable record.

Source

Field

User

monitored_sinceTimestamp indicating when the entry was added to the Monitoring Portal and continuous screening began.e.g. 2026-04-13 22:24:33

User

monitoring_added_byEmail address of the user who added this entry to monitoring.e.g. user@company.com

System
User

result_statusCurrent review status of the match result. Reflects only the most recent action. Values: New (not yet reviewed), False Positive (reviewed and cleared), Real Positive (confirmed match, action required).e.g. New

System
User

result_textUser comment or system-generated note for the current status. Reflects only the most recent action. Use the Audit Trail for the full history.e.g. New Result Found

User

result_modified_atTimestamp of the most recent status or comment change by a user.e.g. 2026-04-13 22:24:46

User

monitored_untilTimestamp indicating when monitoring for this entry ended (i.e., when the entry was deleted).e.g. 2026-01-23 10:18:57

User

monitoring_deleted_byEmail address of the user who deleted this monitoring entry.e.g. user@company.com

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

4. Audit Trail Columns

The audit trail is a complete log of every action performed on each match result — whether by a user or the system. Each distinct action generates a separate row in the report.

Why Audit Trail Rows Repeat Input and Result Data

Each audit trail row is self-contained and repeats the full set of Input Data and Results Data columns for context. This ensures every row is independently traceable without requiring cross-referencing.

To reconstruct the full action history for a single match result, filter all rows by result_id.

Source

Field

User

audit_actionThe action that was recorded. See the Audit Action Reference table for all possible values.e.g. Result Created

User

audit_userEmail address of the user who performed this action. For system-generated actions, this field shows System.e.g. user@company.com

User

audit_used_tokenThe API token used to authenticate the action. Useful for identifying whether an action was taken via the portal or through an API integration.e.g. b462a20b-XXXXX-XXXXX-XXXXX

User

audit_timestampThe exact timestamp when this audit action was performed.e.g. 2026-04-13 22:24:46

Source indicates where each value originates. This column does not appear in the monitoring report. It is included here as a reference only.

4.1 Audit Action Reference

All possible values for the audit_action column and their meaning:

audit_action Value

Meaning

(blank)

The system detected a new potential match for the monitored entry.

Monitoring Entry Created

The monitoring entry was added to the portal (manually, via batch upload, or via API).

Monitoring Entry Deleted

The monitoring entry was deleted (deactivated) from the portal (manually or via API).

Result Created

A match result was generated by the screening engine. Triggered once per result, with audit_user set to System.

Result set to "False Positive"

A user reviewed the match and classified it as a false positive. Future alerts for this specific match combination will be suppressed.

Result set to "Real Positive"

A user reviewed the match and confirmed it as genuine, requiring action or escalation.

Result set back to "New"

A user reset the result status back to New — typically to re-open a previously classified result for further review.

Best Practices and Compliance Tips

Recommended Workflow

Download and archive full reports at least once within 12 months.
Use monitoring_entry_external_identifier to link results back to your CRM, ERP, or KYC platform.
Review result_confidence_score in context — a score of 1.0 is an exact name match (it doesn't mean the entity is sanctioned). Always cross-check legal names, DOB, country, and position fields.
Classify every result as False Positive or Real Positive to maintain a clean audit trail and suppress repeat alerts for that specific entry/result combination.
Store additional documentation to support decisions on your local drive or in your compliance/case management system.
Use the Audit Trail columns to demonstrate due diligence in regulatory reviews or internal audits.

We're here to help!

If you have any questions or need more help, please contact our support team anytime!

Chat: Available directly through the Help Center page
Email: help@sanctions.io

Monitoring Report: Column Reference and User Guide

A complete guide to every field in your Monitoring Report

Topics Covered

How to Generate and Download the Report

Report Structure – Understanding the Rows

Why You See Multiple Rows For the Same Entry

1. Input Data Columns

2. Results Data Columns

2.1. Core Match Fields

2.2. Identity and Biographical Fields

2.3. Sanctions and Program Fields

2.4. Vessel Fields

2.5. Aircraft Fields

2.6. Adverse Media Fields

3. Audit Columns

4. Audit Trail Columns

Why Audit Trail Rows Repeat Input and Result Data

4.1 Audit Action Reference

Best Practices and Compliance Tips

We're here to help!