What Is Customer Screening and Monitoring in AML?
Customer screening and monitoring refers to the process of checking individuals and entities against sources such as sanctions lists, PEP lists, and adverse media in order to identify financial crime risks.
Why Is Customer Screening Important?
First of all, several regulators such as the FATF (Financial Action Task Force) require the implementation of effective customer screening procedures. If you fail to comply with these regulations, you are likely to face severe financial penalties and even the revocation of your licence, which can be even more damaging than financial penalties themselves. Furthermore, proper customer screening can also save you from reputational damage, which could be even more costly than regulatory penalties.
Let’s give a recent example to better illustrate the severity of the regulators. According to Reuters, the FCA has fined Starling Bank 29 million pounds due to the vulnerabilities in its AML controls and sanctions screening systems. The FCA stated that these weaknesses led the bank to open more than 54,000 accounts for 49,000 high-risk customers between September 2021 and November 2023.
How to Conduct Customer Screening?
Collect Customer Data: The first step starts with collecting and verifying customer data through official IDs such as passports and identity cards. However, there is more to it. Your compliance teams should also check their source of funds, transaction history, and business affiliations.
Sanctions Screening: Now that you have verified your customer’s identity, it is time to scan them against watchlists. You may start screening them against global sanctions lists such as those issued by the UN, OFAC, and the EU. This way you can ensure that they are not involved in criminal activities.
PEP Screening: The next screening process is against Politically Exposed Persons, as well as their relatives and close associates. If you spot that they hold or are connected to prominent public positions, this will require you to conduct enhanced due diligence.
Adverse Media Check: Lastly, you should also investigate whether your customer is linked to any negative news or media coverage. This way, you can be sure that they are not linked to any illegal or high-risk activity.
Automated Matching: Automated matching especially becomes crucial if you are often dealing with an international user base. Certain names, such as Chinese, Arabic, or Russian names, can lead to false positives and missed matches. In order to mitigate this risk, you should use screening software equipped with fuzzy logic and exact matching capabilities.
False Positive Reviews: Even if they pass the software checks, all potential matches must undergo manual review to determine whether they are true or false matches. Case management tools can be particularly helpful in these cases.
Risk Assessment: Next, combine all of the KYC (Know Your Customer) data and screening outcomes to define a risk rating. For example, being a PEP, coming from a high-risk jurisdiction, or exhibiting complex ownership, will define them as high-risk, which will require you to conduct EDD (Enhanced Due Diligence).
Ongoing Monitoring: Customer screening is not a one-time process. You should continuously monitor your customers to see if there are any new sanctions, PEP status changes, or adverse media updates.
Audit Trail & Reporting: You should always document detailed logs of your screening and onboarding activities. These will reinforce the transparency and accountability of your business during internal reviews and inspections.
What Lists Are Checked During AML Customer Screening?
· Sanctions lists such as those issued by OFAC, the UN, the EU, HMT and DFAT
· PEP (Politically Exposed Person) lists
· Watchlists such as Interpol, the FBI, and local regulators
· Adverse media
· Internal blacklists
.webp)
When Should Customer Screening Be Conducted?
Customer screening is not a one-time process. However, there is no specific frequency for carrying this out because it depends on the customers and their risk profiles.
Nonetheless, it is always necessary to conduct customer screening during the very first stage of the customer relationship. After onboarding, you will likely have a specific risk level of your customer. Based on the risk assessment, you can adjust your periodic review regularity.
Yet, there are other cases to carry out customer screening as well. For example, they may update their personal details such as name, address, ownership, structure, or identification documents. Especially, the changes in beneficial owners can radically change their risk levels and necessitate re-screening.
Aside from these, you must also conduct customer screening when you detect suspicious activity, regulations or lists are updated, processing high-value or cross-border transactions, or onboarding third parties/vendors.
Who Needs to Perform Customer Screening?
Particularly all institutions handling vast sums of money and cross-border transactions are obligated to perform customer screening such as financial institutions, crypto exchanges, payment providers, money service businesses, investment firms, legal/accounting/corporate service providers, gambling and gaming operators, real estate, law firms, and basically any other AML-regulated businesses.
What Are the Key AML Regulations Requiring Screening?
The FATF Recommendations: The FATF (Financial Action Task Force) sets the international standards for anti-money laundering and counter-terrorist financing. The FATF particularly requires financial institutions and other obligated entities to identify and verify customers, understand beneficial ownership and the nature of the relationship, and conduct ongoing monitoring under the FATF Recommendation 10.
The U.S. Bank Secrecy Act, USA PATRIOT Act, and FinCEN Rules: In the U.S., AML regulation is rather fragmented. However, in general these require institutions to maintain records, file reports, and have proper internal controls to detect any suspicious activity. Obligated institutions must identify the beneficial owners, verify identity, and do ongoing monitoring. They must particularly implement Customer Identification Program (CIP), Customer Due Diligence (CDD), and Enhanced Due Diligence (EDD).
The European Union AML Directives: The EU’s Anti-Money Laundering Directives (AMLDs) require its member states to implement its directives. Particularly, the AMLD6 further tightened obligations concerning adverse media, predicate offenses, and criminal liability. Like the other regulations, the EU’s framework also requires obligated entities to perform customer due diligence when entering into a business relationship.
The UK Money Laundering Regulations 2017: The Financial Conduct Authority (FCA), HM Revenue and Customs (HMRC), and the Gambling Commission enforce these regulations, which legally require firms to perform customer screening and ongoing monitoring as part of Customer Due Diligence to prevent more laundering and terrorist financing.
What Is Fuzzy Matching in Screening?
Fuzzy matching is used to identify similar but not identical data using specific algorithms, machine learning, or AI in order to minimize false positives. There are a few techniques that fuzzy matching may depend on, such as Levenshtein Distance, Jaro-Winkler, or Soundex. During fuzzy matching, spelling variations, typos, missing letters, different transliterations, reversed names and nicknames are targeted. For example, it can identify name variations such as Ali Mohammad and Ali M. Mohamad, through phonetic and pattern analysis.
What Tools Are the Most Important for AML Customer Screening?
More often than not, a customer screening software features sanctions, watchlist databases, and adverse media. So, we will not cover these in this section. However, one of the main factors that distinguishes a good software from a mediocre one is its interface. In addition to screening capabilities, a successful software must feature matching engines, alerting, case management, and workflow orchestration.
Aside from these, you will need a reliable foundation to screen your customers. This base is mostly established during onboarding. Improper identity verification is very liable to failures in customer screening. Therefore, you may go for a software that also features KYC (Know Your Customer) tools.
Also, APIs (Application Programming Interfaces) allow you to connect your existing onboarding or payment systems directly to the AML software. These solutions are both easier to integrate and ensure efficiency without causing a slow user experience.
We must also mention the importance of batch screening/bulk screening. These are especially essential for institutions with large customer pools because they cut off the inefficiency that comes with long, manual reviews.
Last but not least, ongoing monitoring also plays a crucial role in compliance procedures after the onboarding, which we will elaborate on below.
What Is Ongoing Monitoring in AML Screening?
Ongoing monitoring is an essential tool that will help you stay up-to-date and remain compliant. It refers to the continuous process of re-screening customers, transactions, and related entities against updated sanctions, PEP, and adverse media lists. When a customer gets added to any of these lists, ongoing monitoring will alert your compliance team to verify these manually.
,
How to Reduce False Positives in Customer Screening?
Cutting down false positives begins with the quality of the data. In order to achieve this, you should apply secondary identifiers such as DOB or address, consistent data formats, and validate documents with digital verification tools. Furthermore, data from various sources may result in dirty data. Therefore, you should perform an ETL (extract, transform, load) operation on the data before using it.
We have already mentioned the importance of fuzzy matching, but how can you implement this to ensure that you are getting the best out of it. First, set appropriate similarity scores. This depends on the name complexity and your goals but as a rule of thumb, a score between 85% and 95% is usually ideal.
You can also adjust the screening intensity based on the risk levels. For example, you may enable broader fuzzy matching and all lists against high-risk customers, while setting narrower thresholds or fewer list categories for low-risk customers.
Despite the ongoing controversies, it is undeniable that AI and Machine Learning have become indispensable for many industries, and AML is not an exception. Most of the modern AML platforms leverage Machine Learning and Artificial Intelligence-based solutions to reduce false positives. These can be continuously retrained to get better results over time.
A recent research showed that the machine learning models significantly reduce false positives compared to traditional rule-based screening. In some cases, it reduced the false positives by more than 40%.
How Sanction Scanner Supports AML Customer Screening
First of all, our solutions conduct screening against data from over 3,000 sanctions, watchlists, and PEP lists, which cover more than 220 countries and jurisdictions. Furthermore, we update these lists every 15 minutes in order to stay up-to-date.
We enable businesses to verify customer and transaction parties both before and during financial activity thanks to our instant AML name and transaction screening software. The response time takes no longer than 150 milliseconds and our customers report reduction in false positives up to 96.99%.
In order to align with regulations such as the FATF Recommendation 10 and the EU AMLD requirements for continuous due diligence, we feature a dedicated Ongoing Monitoring tool that automatically re-screens customers depending on the frequencies you set. When a customer’s risk profile changes or a new match appears, we send alerts in real-time.
We also provide easy integration through API, user-friendly case management dashboard, batch and manual screening options, as well as AI-powered data cleaning, normalization, entity profiling, and matching to identify relevant risk links. This is only part of what we offer. If you are interested in finding out more, do not hesitate to contact us.
FAQ's Blog Post
Ongoing monitoring continuously tracks customer activity after onboarding, while screening is a one-time identity check.
Enhanced screening is triggered by high-risk factors like PEP status, sanctions updates, or unusual transactions.
False positives slow compliance teams and increase costs, which is why AI-based fuzzy matching improves accuracy.
Small businesses can use cloud-based AML tools to automate checks without heavy infrastructure costs.
Sanction Scanner automates daily screening, updates sanctions data, and sends real-time alerts for any risk changes.
