Why Dual-Use Goods Screening Must Move to Transaction Level
Most trade finance teams screen goods at onboarding. Regulators no longer consider that sufficient. The gap between what compliance teams do and what authorities now expect is widening, and it is being measured in timestamped audit trails, not intentions.
A gap that does not announce itself
Consider a trade finance team processing several hundred Bills of Lading each week. A shipment moves through a familiar corridor: industrial components, a counterparty that passed onboarding, a destination the team has handled many times before. Nothing flags. No one looks again.
Six months later, a regulator asks for the audit trail. Not for the customer file, but for that specific transaction. The question is not whether the goods were dangerous. The question is whether the team can demonstrate, with a verifiable, timestamped record, that they checked.
In an increasing number of cases, they cannot. The consequences are serious: regulatory fines, asset freezes, and the loss of correspondent banking relationships. They follow not from malicious intent but from a process that was never designed to produce evidence at transaction level.
The regulatory signal has been clear for some time. In September 2021, the UK Prudential Regulation Authority and Financial Conduct Authority wrote jointly to the CEOs of trade finance institutions, calling out the need to identify dual-use goods risk and to use tools such as vessel tracking and independent document verification as part of due diligence. That letter did not mark the end of regulatory scrutiny in this area. It marked the beginning of it.
The problem with goods that serve two masters
Dual-use goods are, by definition, ordinary. A pump. A sensor. A chemical compound. Each has a legitimate commercial application; each may also have a military or proliferation one. The line between the two is not drawn by what the item is called but by precise technical specifications, tolerances, performance thresholds, material compositions, that are rarely captured in a Bill of Lading.
The regulatory architecture governing these goods spans 25+ international control lists. They include the Wassenaar Arrangement, which covers conventional arms and dual-use technologies; the US Commerce Control List, administered by the Bureau of Industry and Security; EU Regulation 2021/821, which governs exports across member states; the Missile Technology Control Regime; and the Chemical Weapons Convention. Each list was written for exporters and customs authorities, not for the compliance teams inside banks processing trade transactions at scale.
That mismatch is structural. The language of export control lists is technical and jurisdiction-specific, while trade documents are commercial and often generic. Screening one against the other manually is not a process, it is a workaround.
The scale of the problem is not abstract. Screen the word ‘sensor’ against the UK Strategic Export Control List and it returns 64 possible matches. The list was written for customs authorities and exporters, not for a bank processing hundreds of Bills of Lading a day.
Why onboarding checks are no longer enough
The prevailing approach in most trade finance operations follows a familiar pattern. A customer is screened at onboarding. Goods are reviewed, in broad terms, as part of the relationship setup. After that, the transaction lifecycle runs largely unmonitored for dual-use risk.
When a compliance officer does need to check a specific shipment, the process typically involves leaving their primary platform, cross-referencing government registers, consulting Excel-based lists, and making a judgement call. The result lives in an email, a note, or nowhere at all. There is no consistent audit trail. There is no timestamped record of what was checked, against which list, on which date, with what outcome.
Even when screening tools exist, the goods description in a Bill of Lading may say nothing more than ‘furniture’ or ‘components’. The information banks receive was never designed to support regulatory classification. Bad actors know this and exploit it deliberately, keeping descriptions vague precisely because they know what banks can and cannot see.
OFAC, the Bureau of Industry and Security, and EU authorities have each signalled, with increasing clarity, that verifiable due diligence is expected at the transaction level, not just at onboarding. The question regulators are now asking is not whether a firm has a dual-use goods policy. It is whether that policy produced a documented, reviewable action for every relevant transaction.
Manual cross-referencing of regulation lists, however diligent, does not produce that record at scale. The compliance team may have looked. But they cannot prove it.
What a transaction-level standard looks like in practice
In 2023 the ICC identified the components of an effective technology solution for dual-use goods screening: extraction of goods descriptions from documents, screening against regulatory lists, and validation against maritime intelligence. It also noted that most solutions at the time only worked after the transaction had completed. The challenge was to bring that capability into the transaction itself, in real time.
PurpleTRAC DUG Screening is designed to meet that standard. A Bill of Lading number and a goods description are all that is required. The result comes back in seconds: a clear status of OK, Warning, or Critical. The logic is jurisdiction-aware.
If the discharge country falls within a Risk Region, the system returns a Warning.
A Prohibited Region returns Critical. Where a discharge country is unknown, the system returns a Warning rather than an OK. Ambiguity is treated as a risk signal, not a pass.
The screening runs against 25+ international regulation lists, including Wassenaar, the US Commerce Control List, EU Regulation 2021/821, the MTCR, and the Chemical Weapons Convention, without requiring the compliance team to maintain or update those lists manually. Vessel movement, transshipment locations, and route data are layered in alongside goods screening, providing the broader transaction context that goods descriptions alone cannot deliver.
Every search is documented, including searches where no match was returned. That last point matters. Regulators and insurers are interested not only in alerts that fired, but in evidence that the check was performed.
Because DUG Screening runs inside PurpleTRAC alongside existing Bill of Lading, container, and vessel checks, there is no tool-switching, no separate system, no parallel workflow. Severity levels for Risk and Prohibited Regions are configurable per account, so the output reflects each institution’s own compliance policy rather than a one-size-fits-all threshold. The audit trail is built into the process, not appended to it after the fact.
Find out how it fits your workflow
The regulatory bar for dual-use goods screening is not, in the end, a classification problem. It is a documentation problem. Authorities want evidence that the check happened consistently, at transaction level, for every Bill of Lading. The teams best positioned to meet that standard are those whose screening process produces a verifiable record as a matter of course, not as an afterthought.
Build the audit trail into your process, not after it
See how DUG Screening produces a verifiable, timestamped record for every Bill of Lading, inside the workflow your team already uses. To speak to a member of the team, contact [email protected]