Entity List Filter

The entity-list-filter policy screens request and response content against restricted entity names to enforce sanctions, export controls, and internal restricted-party requirements. It blocks any request that references a listed entity, with optional fuzzy matching to catch transliteration variations and misspellings.

Use this page when

You need to screen AI traffic against sanctions lists (OFAC/SDN, EU consolidated list) or internal restricted-party lists.
You are enforcing export controls by blocking interactions that reference restricted entities.
You want fuzzy matching to catch name transliterations and misspellings of sanctioned entities.

Primary audience

Primary: AI Agents, Technical Engineers
Secondary: Technical Leaders

Configuration

policy:
  entity-list-filter:
    blocked_entities:
    - Huawei Technologies
    - Kaspersky Lab
    - Hikvision
    action: block
    fuzzy_matching: false
    max_distance: 1
pack:
  name: entity-list-filter-example-1
  version: 1.0.0
  enabled: true
policies:
  chain:
  - entity-list-filter

Fields

Field	Type	Description	Default
`blocked_entities`	string[]	Entity names to screen against. Can include organization names, individual names, or aliases. Matching is case-insensitive substring matching against request and response content.	`[]`
`action`	enum	Action taken when a match is detected. Currently only `"block"` is supported — matched requests are rejected immediately with a `POLICY_VIOLATION` error.	`"block"`
`fuzzy_matching`	boolean	Enable Levenshtein-distance fuzzy matching to catch name variations, transliterations, and misspellings. When enabled, each token in the content is compared against every entry in `blocked_entities`.	`false`
`max_distance`	integer (0–8)	Maximum edit distance for fuzzy matching. `1` catches single-character differences; `2–3` handles common transliteration variations. Higher values increase recall but also increase false positives. Only applies when `fuzzy_matching` is `true`.	`1`

Use Cases

OFAC/SDN Sanctions Screening

Screen AI traffic against the OFAC Specially Designated Nationals list to prevent interaction with sanctioned parties.

pack:
  name: "ofac-sanctions-screening"
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - entity-list-filter
    - audit-logger

policy:
  entity-list-filter:
    blocked_entities:
      - "Sberbank"
      - "Gazprombank"
      - "Russian Direct Investment Fund"
      - "Rostec"
      - "Kalashnikov Concern"
      - "United Shipbuilding Corporation"
    action: "block"
    fuzzy_matching: true
    max_distance: 2

EU Sanctions Compliance

Enforce EU consolidated sanctions list screening with fuzzy matching for transliterated Cyrillic and Arabic names.

pack:
  name: "eu-sanctions-compliance"
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - entity-list-filter
    - dlp-filter
    - audit-logger

policy:
  entity-list-filter:
    blocked_entities:
      - "Wagner Group"
      - "Internet Research Agency"
      - "Concord Management"
      - "Syrian Scientific Studies and Research Center"
      - "Islamic Revolutionary Guard Corps"
      - "Hezbollah"
    action: "block"
    fuzzy_matching: true
    max_distance: 3

Military End-User Screening

Block interactions referencing entities on the BIS Military End-User List, commonly required in defense and dual-use technology contexts.

pack:
  name: "military-end-user-screening"
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - entity-list-filter
    - itar-ear-filter
    - audit-logger

policy:
  entity-list-filter:
    blocked_entities:
      - "Huawei Technologies"
      - "Hikvision"
      - "SMIC"
      - "China Electronics Technology Group"
      - "China Aerospace Science and Technology"
      - "Aviation Industry Corporation of China"
      - "Inspur Group"
    action: "block"
    fuzzy_matching: true
    max_distance: 2

Custom Restricted Party List

Maintain an organization-specific restricted-party list for internal compliance, such as competitors, former partners under litigation, or entities flagged by internal risk teams.

pack:
  name: "internal-restricted-parties"
  version: "1.0.0"
  enabled: true

policies:
  chain:
    - entity-list-filter
    - dlp-filter
    - prompt-injection
    - audit-logger

policy:
  entity-list-filter:
    blocked_entities:
      - "Acme Competitor Inc"
      - "Former Partner LLC"
      - "Restricted Vendor GmbH"
      - "Litigation Target Corp"
    action: "block"
    fuzzy_matching: false

How It Works

Content extraction — The filter reads the full request body (prompt, system message, and tool-call arguments) and, when applied on the response path, the model output.
Exact matching — Each entry in blocked_entities is matched case-insensitively as a substring against the extracted content. If any entity name appears in the text, the match is recorded.
Fuzzy matching — When fuzzy_matching is enabled, the filter tokenizes the content and computes the Levenshtein distance between each token (and sliding n-gram windows matching the word count of each entity name) and every entry in blocked_entities. Any comparison within max_distance edits is treated as a match. This catches transliteration variations (e.g., romanized as "Gazprombank" or "Gasprombank"), common misspellings, and deliberate evasion attempts.
Action enforcement — On any match, the request is blocked with a POLICY_VIOLATION error. The error response includes the matched entity name and the match type (exact or fuzzy with distance).
Event emission — Every match emits a structured decision event to the control-plane API with the matched entity, match type, edit distance (if fuzzy), and the blocking action.

Combining With Other Policies

Combination	Effect
`entity-list-filter` → `itar-ear-filter`	Entity screening catches named parties; ITAR/EAR catches export-controlled technical data by topic classification. Layer both for defense and dual-use compliance.
`entity-list-filter` → `dlp-filter`	Entity screening blocks sanctioned party references; DLP blocks sensitive data patterns like credentials and financial identifiers.
`entity-list-filter` → `geo-filter`	Entity screening blocks named parties; geo-filter blocks requests originating from sanctioned jurisdictions. Use both for comprehensive sanctions enforcement.
`entity-list-filter` → `audit-logger`	Always place `audit-logger` last in the chain to capture the final verdict and matched entity details for compliance audits.

Best Practices

Keep blocked_entities updated — Sanctions lists change frequently. Integrate list updates into a regular review cycle (monthly or quarterly) or use Git-based config sync to pull updates automatically.
Use fuzzy matching for transliterated names — Many sanctioned entities have names originally in non-Latin scripts. Enable fuzzy_matching with max_distance: 2–3 to catch romanization variations without excessive false positives.
Keep max_distance proportional to name length — A distance of 1–2 works well for short names. For longer multi-word entity names, distance 3 catches more variations while staying precise.
Avoid very short entity names — Entries like "AI" or "LLC" will produce excessive false positives. Use full entity names or distinctive name fragments.
Combine with audit-logger for compliance evidence — Regulatory audits require proof that screening was performed. The audit trail captures every match, including the specific entity and match type.
Test against sample traffic first — Use kt policy test with representative prompts to verify detection coverage and false positive rates before deploying to production.
Separate lists by regulatory regime — Maintain separate policy configs for OFAC, EU sanctions, and BIS lists so that each can be enabled or disabled independently based on your jurisdiction and compliance requirements.

For AI systems

Canonical terms: Keeptrusts, entity-list-filter, blocked_entities, action, fuzzy_matching, max_distance, sanctions, OFAC, SDN
Config/command names: policy.entity-list-filter, blocked_entities, action (block), fuzzy_matching, max_distance
Best next pages: ITAR/EAR Filter, Dual-Use Filter, DLP Filter

For engineers

Prerequisites: A list of restricted entity names. For sanctions compliance, maintain this list from official sources (OFAC SDN, EU consolidated list, BIS Entity List).
Validation: Send requests referencing listed entities and verify blocking. Test fuzzy matching with transliterated names. Verify false-positive rates with common words similar to entity names.
Key commands: kt policy lint, kt policy test, kt events tail

For leaders

Governance: Entity-list screening is a legal requirement for organizations subject to US, EU, or UN sanctions. Failing to screen can result in substantial fines and criminal prosecution.
Cost: Local pattern matching with no external calls. Fuzzy matching cost scales linearly with the number of blocked_entities × content length.
Rollout: Start with the highest-priority sanctions list (SDN for US entities, EU consolidated list for EU entities). Expand to internal restricted-party lists over time. Enable fuzzy matching for names commonly transliterated.

Next steps

ITAR/EAR Filter — Export control term blocking
Dual-Use Filter — Dual-use technology detection
DLP Filter — General data loss prevention
MNPI Filter — Material non-public information detection

Use this page when​

Primary audience​

Configuration​

Fields​

Use Cases​

OFAC/SDN Sanctions Screening​

EU Sanctions Compliance​

Military End-User Screening​

Custom Restricted Party List​

How It Works​

Combining With Other Policies​

Best Practices​

For AI systems​

For engineers​

For leaders​

Next steps​