False positive alerts are the bane of compliance teams’ lives worldwide. They occur when a legitimate customer's transaction is flagged as potentially suspicious by an organisation’s anti-money laundering (AML) screening solution, only for nothing suspicious to be found, upon a closer review. False positives are time-consuming to investigate and a drain on productivity and operational efficiency.

Compliance teams have been trying for years to reduce the number of false positives, and solving (or at least taming) the “false-positive problem” is becoming increasingly urgent. Unprecedented sanctions, resulting from the war in Ukraine, the COVID-accelerated shift to digital transactions, greater regulatory scrutiny, and the macro-economic climate, are all contributing to a surge in alerts and resultant false positives. The commercial imperative to find more efficient ways of operating, has never been greater, as AML and compliance teams struggle to do more, with less.

Adding resources may alleviate some pressure in the short term, but it is not a sustainable approach given the unrelenting increase in alerts and current economic pressures. It is also costly. Labour is a significant contributor to the rising cost of financial crime compliance, currently estimated at £34.2 billion for UK Financial Services, according to the LexisNexis® Risk Solutions True Cost of Compliance Report 2023¹ – an increase of 19 per cent from two years earlier. More significant, however, is that hiring additional staff does not solve the foundational problem: too many false positives.

Redefining the Problem

False positives are a fact of life in the compliance world. They can never be completely eliminated – nor should they be. Tightening of screening thresholds could overlook real risk and may also signal to regulators a relaxed compliance posture, potentially attracting regulatory scrutiny. While there is little consensus in the industry regarding what represents a “good” false positive rate, it is not unusual to see institutions struggling under rates of 95% or more.²

Legacy technology is part of the problem. Traditional systems that rely on fuzzy matching and rules-based screening are struggling to keep pace with the complexity of sanctions and countless changes to watch lists. These tick- box solutions are also inflexible and difficult to scale. They deliver an abundance of false positives, all of which require labour-intensive manual review.

Data quality is critical too. Incomplete or inaccurate data can compromise the effectiveness of screening, further contributing to an overload of false positives, while potentially missing a false negative. Legacy systems and siloed business functions only make gathering accurate, up-to-date customer data more difficult.

High false positive rates can also be “self-imposed.” Considering the staggering fines levied by the Financial Conduct Authority (FCA) for AML non-compliance over the past several years – over £200m in 2022³  – it is no wonder that many institutions choose to err on the side of caution by casting a wider net. Spending a few million Pounds extra to investigate additional false positives is preferable to risking fines and potential reputational damage for missed sanctions. In other words, false positives are simply counted in the cost of doing business. But this approach is misguided.

Perhaps it is time to step back and look at the problem through a different lens?

Improving Relevance and Match Precision With Entity Resolution

Not all false positive alerts are created equal and they certainly don’t all belong in the same risk bucket. So, the route to solving your false positive problem, is to consider relevance.

Entity resolution shifts the conversation from quantity of alerts to quality, by bringing relevance and match precision to screening. Instead of using a rules-based approach to accept or reject matches, entity resolution leverages advanced analytics and precise entity linking to match data points and determine the likelihood that two records represent the same individual or company. It quickly cuts through the noise to reliably identify matches and expose hidden relational risk.

Entity resolution incorporating risk scoring takes screening to the next level, ranking matches by severity and likelihood of a match. This approach offers a quantitative assessment of customer risk, based on the strength of the match between a customer account and a watch list entity. Alerts with the most severe consequences and greatest likelihood of being true are prioritised within the queue so that precious human capital can be allocated intelligently – focusing on matches that most warrant immediate attention.

The methodical, explainable and data-driven approach to risk that entity resolution affords, helps to streamline investigation, substantially reduce false positives, and mitigate the risk of false negatives. It can provide valuable new attributes that can be used to automate remediation of alerts via rules, or even robotic process automation, sometimes known as “AI-based digital workers.” This approach translates into greater productivity for compliance teams and overall efficiency gains for the organisation.

Technology and Data: A Powerful Duo

One of the strengths of entity resolution for AML and know your customer (KYC) is its ability to mine both structured data (e.g., watch lists) and unstructured data (e.g. adverse news sources). Access to more accurate, high-quality data is critical for productive screening. Data from global risk sources must be continuously updated to incorporate the latest sanctions, politically exposed persons (PEPs), beneficial owners, enforcements, and other lists.

There is another problem, however. The strength of external data alone is not enough. Organisations must also look at the quality of their own input data at the very front of their compliance processes. Conducting an internal data quality assessment is a critical first step, followed by seeking solutions that can improve data quality to ensure your program does not fall victim to the “rubbish in, rubbish out” paradigm. For example, leveraging a proprietary ID returned by a partner’s identity verification or document authentication solution, paired with screening data that also contains that same ID, can help enhance the quality of input data. This results in better match precision as well as much-needed efficiency and accuracy in downstream compliance processes.

Organisations that modernise their screening systems to leverage both the latest technology and high-quality, dynamic global data will be rewarded with a solution to their false-positive problem: greater match precision and prioritised risk ranking. The once-elusive goal of achieving harmony between increased compliance posture and operational efficiency is now firmly in the grasp of today’s forward-thinking organisations.