Fuzzy matching: Getting the balance right

Image related to Fuzzy matching: Getting the balance right


Written by Sarah Reynolds on Monday 28 August, 2017

Regulation such as the EU’s Fourth Money Laundering Directive, the USA PATRIOT Act and other international anti money laundering (AML), know your customer (KYC) and counter financing of terrorism (CFT) regulations require firms to have adequate systems and controls in place to ensure that criminals, terrorists and terrorist financing organisations are accurately identified and reported to the relevant authorities.

Screening your entire customer base on a regular basis can alert you to the risk of being exposed to suspicious or sanctioned individuals and organisations, but how do you ensure that you are completing these searches effectively?            

Introducing fuzzy matching

Fuzzy matching relates to the rules used in screening solutions which allow for non-exact matches to be identified; it is used when a firm screens the information relating to its business activity against available international, domestic and internal lists, and many returns may be produced as potential matches. The parameters of the systems need to be wide enough to take into consideration slight nuances in a name (including mistakes in client data), but not too wide so that you are left with a high number of ‘false positives’. The biggest problem with fuzzy matching, though, is this ‘false positive’ challenge. The nature of screening systems is that not every ‘hit’ will be a true match.

Effective screening will differentiate between individuals and entities with common names and perform both ‘exact’ and ‘inexact’ name matching for accurate identification – even when data is misspelt, incomplete, or sometimes missing.

An efficient system will identify:

  • different spelling of names e.g. ‘Jon’ instead of ‘John’, ‘Elisabeth’ or ‘Elizabeth’
  • shortened names e.g. ‘Elizabeth’ matches with ‘Elisa’, ‘Elsa’, ‘Beth’, ‘Betty’, etc.
  • insertion/removal of punctuation and spaces
  • name variations
  • name reversal
  • inadvertent misspellings
  • deliberate misspellings
  • phonetic spellings
  • abbreviations e.g. ‘Ltd’ instead of ‘Limited’.

Accurate screening relies upon non-exact complex fuzzy matching because criminal elements targeting organisations often transpose names, dates of birth and other personal information to attempt to conceal their true identity.

Minimising false positives and false negatives

A false positive is a match produced by the system that, following subsequent investigation turns out to be wrong. A false negative on the other hand, is a genuine risk that is missed by the system and is not flagged for review.

False positives receive the most attention because the issue is prominently visible and therefore contributes to an excess of administrative work because they must be investigated – just like every potential match must be investigated.

One of the most effective methods of reducing false positives is to ensure accurate data sources ahead of screening. This is because the accuracy of underlying data directly influences the results of any screening solution. The following are examples of how results can be affected when poorly prepared data enters the screening system:

  • invalid, incomplete or inconsistent client data results in repetitive false positives
  • screening criteria is set so loose that the results are meaningless.

False negatives mistakenly indicate that there is no match, when in fact there is. The risk false negatives bring is twofold: first, because the matches don’t trigger any results you have no idea how much information you are missing, and secondly, this information is never reviewed because no one even knows it exists. Common causes of missing relevant information include:

  • system limitations
  • user error
  • lack of relevant data.

Is there a solution?

A frequent high number of false hits may be difficult to manage for firms with large volumes of screening. To narrow down false hits, firms will employ a rule matching capability within their screening systems to discount false hits where possible, leaving only potential or true matches for further investigation.

There are many service providers who can provide this facility on a firm’s behalf; alternatively, firms may build this into their internal systems. The timing of screening is crucial to effective management of AML and sanctions risk and must be taken into consideration when there are changes to either the client’s profile or the lists used.

Firms may benefit from appointing individuals or a committee to manage the additions, removals, reviews and approvals of items in global and domestic internal lists.

It is important to have the support of the business for this and essential that there are senior management, AML and sanctions compliance function representatives involved in these committees.

Firms need to have a clear understanding of any screening software used, including any limitations. The parameters should be tested and calibrated in line with the risk appetite of the firm. Measures should be in place to ensure that it remains effective. Calibrating screening systems to the appropriate level of fuzzy matching is a key tool to protect a firm against financial crime.