If you are performing the retrieve with a microflow the database retrieve action could have a xpath like:
$MyFirstModule.Order_Account = ‘%CurrentUser%’
No need to lookup all orders and then filter as the filtering can take place in the retireve.
An even better and secure option would be to set the same condition as xpath on the security of the entity, an use entity access on the microlfow. This will prevent access to the records for other users, which is not the case when restrictions are only set in the microflow retrieve action or the xpath on a list/ grid.