New Blog Post · 6-minute read
The $1.72M Wake-Up Call:
Why Schools Must Screen Tuition Payors for OFAC Sanctions
Most schools think sanctions compliance is a bank problem. OFAC disagrees. A $1.72M settlement shows why your tuition revenue chain is your biggest risk.
In February 2026, OFAC announced a $1,720,000 settlement with IMG Academy tied to 89 apparent violations of counternarcotics sanctions. The issue was not a complicated trade transaction. It was tuition enrollment agreements and payments connected to two Specially Designated Nationals (SDNs), tied to a Mexico-based drug cartel.
This matters because it highlights something most institutions still miss: sanctions risk shows up through everyday business operations, including tuition contracts, third-party payments, refunds, credits, and overpayments.
What Happened, In Plain Language
OFAC’s enforcement release describes a pattern that will feel familiar to any institution with international touchpoints:
- Annual tuition enrollment agreements were signed and renewed over multiple years.
- Tuition obligations were significant, ranging from roughly $47,000 to about $102,000 per academic year.
- Payments were made through a mix of third-party wire transfers and credit card payments, including wires from third parties located primarily in Mexico.
- When balances existed, credits and carry-forwards were applied into future periods—standard financial operations for schools.
The Takeaway: OFAC noted that the SDNs provided full name details that matched SDN List entries. Minimal due diligence during application or enrollment would have revealed the issue. If you accept tuition from the wrong party, you create liability, even if your core mission is education.
The Real Risk is the Money Chain
Most programs focus on screening the student. That is not enough. A safer model is to screen the full tuition chain of responsibility.
The Signers
Parent or guardian who signs the tuition agreement.
The Payors
Payor on the account, including third-party payors or wire originators.
The Sponsors
Sponsors, donors, scholarship funders, or agents.
Why? Because sanctions exposure is often attached to the person controlling funds, not the person receiving services.
When Schools Should Screen
A practical sanctions control program triggers screening at moments money or contractual obligations change:
- 1Application submission
- 2Enrollment agreement signature
- 3Invoice creation
- 4Payment initiation or receipt
- 5Refunds, credits, and overpayments
- 6Re-screening monthly/quarterly or on list updates
Audit-Ready Proof
Good intentions do not survive audits. Proof does. Your evidence trail needs:
- Who was screened (roles, not only names)
- When they were screened (timestamp)
- Which list version was used
- Review decisions & reason codes
The University Compliance Playbook:
Sanctions Screening for Tuition Payments
Universities are not exempt from OFAC and BIS regulations. Institutions must screen the entire "money chain"—including students, parents, and third-party sponsors—to ensure tuition payments do not involve sanctioned entities or embargoed countries.
The Compliance Mandate
The Wake-Up Call
A recent settlement highlighted university exposure regarding tuition agreements involving sanctioned individuals.
Screening Beyond the Student
Compliance requires screening the "money chain," including guardians, sponsors, and third-party payors.
10-Year Recordkeeping
Federal updates now require institutions to retain screening and transaction records for a full decade.
The 3-Step Compliance Workflow
| Data Field | Compliance Value |
|---|---|
| Full Name | Mandatory: Primary identifier for sanctions list matching. |
| Date of Birth (DOB) | High: Essential for distinguishing between individuals with common names. |
| Country/Nationality | Medium: Critical for detecting embargoed country risk (e.g., Iran, North Korea). |
1. Intake & Batch
Import tuition payor lists via CSV for automated cross-referencing against global watchlists.
2. Match Review Queue
Route potential hits to a central queue for manual "clear" or "block" decisions.
3. Export Audit Proof
Generate tamper-proof "Audit Packets" containing screening results and decision logs for regulators.