False positives are an inescapable feature of know-your-business (KYB) screening. When a compliance team runs a company and its ultimate beneficial owners (UBOs) against sanctions, politically exposed persons (PEP), and adverse media databases, the screening engine is designed to over-alert.
According to Duna, it flags a hit that belongs to a different entity with a similar name, a company in a separate jurisdiction, or a news article with no connection to financial crime. The analyst dismisses it and moves on, but not before losing time they could have spent on genuine risk.
The scale of that wasted time is significant. Industry research consistently puts false positive rates in KYB and anti-money laundering (AML) screening between 90% and 95% of all alerts. McKinsey has reported that more than 90% of transaction-monitoring alerts at most banks are false positives, with only one or two in every hundred requiring action. PwC research places the range at 90–95%, while ACAMS estimates up to 90% for sanctions screening specifically. Duna’s own observations across customer screening queues suggest the figure sits closer to 95–99%, depending on vendor configuration.
Three structural forces drive rates this high. First, input data is frequently incomplete, as most KYB screening relies on little more than a name and country, making it nearly impossible to distinguish one “John Smith” from another. Second, the underlying list data is messy, containing incomplete profiles, transliteration variants, and entries that bear no practical relationship to financial crime. Third, fuzzy matching, the default approach for catching spelling variations and partial data, is deliberately permissive. Tightening it enough to eliminate false positives would also eliminate genuine hits, which is a regulatory breach. The system over-alerts by design.
The goal, therefore, is not to eliminate false positives. It is to reduce the time each one costs. Four operational changes deliver the most measurable impact. Allowing analysts to dismiss confirmed false positives in bulk from a list view, rather than opening a separate detail page for every alert, is typically the single largest time saving in a review queue. Displaying the screened entity and the matched profile side by side, at the list level, removes the click-through cost on obvious dismissals.
Storing a prior clearance decision and automatically suppressing future hits on the same profile, an approach the Wolfsberg Group recognises under the labels “Good Guys lists” and whitelisting provided it is documented and reviewable, compounds in value over the lifetime of a customer relationship. Finally, encoding active sanctions designations as policy-level knockouts removes ambiguity entirely and concentrates human review on genuinely uncertain cases.
Artificial intelligence is increasingly part of the conversation, though its role in compliance comes with non-negotiable constraints. Explainability, auditability, and zero tolerance for material error are baseline requirements, and ACAMS guidance on AI in sanctions screening places model validation, drift testing, and decision traceability at the centre of any deployment. Within those constraints, large language models are better suited to match assessment, comparing entity attributes in unstructured text, than to impact assessment, which is rule-based and policy-dependent.
The right architecture pairs a deterministic policy engine for impact decisions with AI triage for match likelihood, with every decision logged and attributable. McKinsey has reached the same conclusion: machine-learning models can materially reduce noise in screening, but only when integrated into a governed compliance architecture.
Four metrics determine whether a KYB review queue is genuinely improving: the false positive rate and total volume of false positives reviewed; total analyst time spent on hits; the share of monitoring hits automatically suppressed on previously cleared profiles; and the number of screened entities per analyst per period. Without these benchmarks, claims of false positive reduction remain unverifiable.
Regulatory pressure is also sharpening expectations. Under the European Anti-Money Laundering Authority (AMLA) supervisory framework, operational since 2025, firms must demonstrate defensible reasoning for every escalation or dismissal. Every dismissed alert requires a recorded rationale. Organisations that have moved decision logic out of analyst memory and into auditable systems are better positioned to meet this standard.
Duna, the AI-native business identity platform for KYB, know-your-customer (KYC), AML, and lifecycle compliance, addresses these challenges across its product. Customers including Plaid, CCV (Fiserv), Moss, and Bol use the platform to onboard businesses 10.6x faster and run compliance teams 4.8x more productively.
Its screening and monitoring layer enables bulk dismissal from the list view, separates screening and monitoring workflows, applies the Wolfsberg-recognised whitelisting approach to recurring hits, and enforces policy-level knockouts on unambiguous sanctions designations. Its AI virtual screening assistants reduce false positives by approximately 70% across the queue, with every decision logged in a format that meets the EU AMLA defensibility standard.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
