Financial crime: Sanctions screening and the quirks of language
01 August 2018
For virtually any company participating in international trade, sanctions screening has long been an everyday fact of life. It can’t be avoided and, for most, is one of the most time-consuming and frustrating of compliance processes. But it needn’t be.
Much of the time, we see firms tackling their screening obligations through a range of standard systems that screen (to give just one broad example) customers against continually updated sanctions lists. Typically, though, this throws up a huge number of false positive alerts that make the process inefficient and, at times, dangerously ineffective. The problem, as we’ll explain in a moment, is that the idiosyncrasies of human language often get in the way. The good news is that advances in artificial intelligence (AI) have produced exciting add-on screening systems that can be layered onto existing programmes – greatly increasing the efficiency and accuracy of screening. So why aren’t more firms taking advantage of this advanced technology?
Sanctions screening comprises of two broad groups – customer screening and payments screening – but in this blog we’re going to concentrate on customers. The range of sanctions in place across the world at any one time are eye-watering. The US alone, for example, currently has 28 active sanctions programmes.
Customer screening, in practice, means checking customer data (at the point they are brought on board and at regular intervals based on the data they have collected) against the myriad of names that appear on sanctions lists around the world. (High-risk customers are also screened against ‘negative news’ databases, which we’ll return to in a later blog.) Standard screening analytics can do this quickly but not particularly efficiently, thanks to the quirks of human language (e.g. using middle names or switching names around) and the fact that humans tend to make mistakes (innocently or deliberately).
International customer data can appear in many different languages and scripts, and perhaps even in local dialect. Screening will inevitably rely on some data that has been input manually. Names are misspelled or translated inconsistently, birth dates may have been accidentally transposed, and ‘Robert’ may sometimes have called himself ‘Bob’. Most of these are accidental slips, cultural tics or have slipped through the net when databases were migrated between organisations – but a few will have been very deliberate attempts to mislead and hide. A false positive in sanctions screening could be for the simple reason that someone happens to have the same name as a suspected terrorist. But it’s also true to say that anyone who appears on a sanctions lists is likely to use an alias – so regulators expect more stringent cross-checking.
Regulators expect firms to go the extra mile in screening and initiatives that were once seen as innovative – such as ‘fuzzy matching’, which seeks out variations of names (including reordering of names), even those that are misspelt – are now a must-have. Even so, many firms are failing to take advantage of powerful analytical tools that could be layered onto their existing systems.
New advances such as entity resolution, for example, allow systems to connect the dots from multiple data sources, using attributes, relational information and probability scoring to seek out duplicate entries and fill in the gaps in missing data. A customer may have used variations of their name when applying for different financial products: ‘Edward John Davies’, or ‘EJ Davies’, or ‘Ed Davies’, for example. Entity resolution software will look for identifying data for each customer – so if EJ Davies and Ed Davies have the same birth date, nationality and address, the system is confident they are the same person and allocates a unique identification code.
These, along with innovations such as contextual monitoring – machine-learning systems that learn to let through a customer who is routinely flagged but then consistently cleared at investigation stage, unless the contextual details change – are transforming our approach to sanctions screening.