AML screening software relies on matching technology to compare individuals and entities’ records against AML databases to identify true hits. While the different matching technologies offered by vendors all try to solve the same problem, their effectiveness, transparency and coverage differ significantly. Being able to evaluate which is right for your business is critical.
Why? Regulators require MLRO and Chief Compliance Officers to understand and explain how their matching technology works. Whatever matching technology you choose, you will need to demonstrate its effectiveness
This article uses a regulatory perspective to give you key elements to consider when evaluating providers’ matching technology. These include the solution’s effectiveness at identifying risk, the insights it provides into screening results and whether it can deal with customers from different jurisdictions.
Identifying and mitigating risk
In the context of AML screening, your matching technology needs to effectively identify customers appearing on AML databases without generating too many false positives. If it can’t, the result is likely to be more risks and costs for your organization. While configuration is important, your first priority is to understand how the matching technology copes with common data quality anomalies.
Data quality is a big challenge for screening and is often neglected by matching technology. Poor data quality is the single biggest contributor to missing true hits. Hidden names in joint accounts and addresses, name variations, name order, spelling mistakes, and date of birth variations can all impair the effectiveness of matching technology. Solutions that can’t address these challenges will miss true hits and put your business at risk. As an example, Apple was fined for not identifying entities on the OFAC list due to spelling variations and the presence of organization identifiers in entity records.
You should be able to tailor your matching configuration to the record type, whether it’s an individual, an entity or a transaction, and the source application to optimize your screening performances and meet your regulatory obligations. When fine-tuning your configuration, adjusting parameters will give you the best chance to identify risk. For example:
- Flexibility in selecting primary (name, address) or secondary (date of birth, passport number, ID number) matching criteria
- The ability to set fuzziness at individual field level
- Applying different rules across risk levels, jurisdictions and data sets
Having the ability to adjust matching configurations by yourself and simulating their impact on the number of alerts is also helpful. That way you can optimize your matching performances before pushing new configurations to your live environment.
Understanding and explaining matching results
Regulators are encouraging compliance officers to educate themselves on how their matching technology works and helps their organizations fight financial crime. But understanding the underlying steps that the algorithms take to generate alerts is only half the equation. You also need to be able to interpret the matching results and use that insight to make data-driven decisions.
Essentially, you want to avoid the ‘black-box’ approach where data is inputted, a process you don’t understand occurs and results are churned out. Regulators will want to know why you configured the system the way you have, what you expected to achieve by doing so and what the actual results have been.
The insight your algorithm provides is not just useful for regulators. It is an invaluable resource for your compliance team to understand alerts and review them faster. It will also make it much simpler for your internal audit team to review the matching technology and the volume and type of alerts you are getting.
Supporting different cultures
If you have a multi-cultural customer base or a global business, your matching algorithm should take into consideration language and cultural variations. Alternatively, if your business growth aspiration involves expanding into new markets, you want to make sure that you can comply with new jurisdictions’ regulations.
Some organizations opt to get local solution providers that adapt to cultural specificities. This means compliance teams end up with multiple solutions and a fractured view of their global risk levels. There is more value in getting a matching technology that can handle all cultures in a consolidated platform. This will not only help you reduce costs but more visibility and understanding of your organisational risk.
As naming conventions vary across cultures, it creates complexity for matching. For example, in Latin America, individuals have the particularity of having a matronymic and a patronymic surname. How is the matching technology taking this into account to remain efficient?
Another example is names written in Chinese characters and matched to their English sounding equivalent on a sanctions list. Transliteration algorithms can have limited results, with native-to-native algorithms often being more accurate. You should evaluate whether potential solutions can handle native character screening for both customer and list data.
Selecting the right partner
Ask your solution provider how their matching technology can improve the effectiveness of your screening, provide understandable and explainable results and support the different regions in which your business operates.
Partnering with an AML solution provider that built a sophisticated matching algorithm able to meet your requirements represents a significant advantage as they will be able to adapt their technology to your need. If you have any questions about the world of matching technologies, our team is here to help.