Screening applications are about minimizing risk. The nature of the risk may be small or large. . . wasting the cost of mailing, damaging a relationship, doing bad business, doing catastrophic business, allowing illegal activity, putting someone’s life in danger.
The screening data will often include both alert lists and "cleared" lists (identities that should be expediently cleared). Making a false match to a cleared list is potentially as dangerous as missing a match in an alert list.
Regardless of the level of risk, there are some common elements of identity search in most screening applications.
It involves a search where a "no match" is normal;
A search where a "no match" is a good thing;
A search where if an "alert" match could possibly be considered as true the system must report it; and/or deny the transaction or record from further processing;
It must be designed and tested so that nothing relevant is ever missed.
It must minimize false matches to avoid unnecessary and possibly expensive investigation, or false clearance in the case of a false match to a cleared list.
There are four points in a system where important screening needs to be done:
To stop the transaction or raise an alert - involves a real-time screen of a transaction against an alert list;
To discover historical matches (e.g. when better matching algorithms have been implemented), a periodic batch screen of alert list data should be performed against the database;
At the time of adding new alert list entries, a screen of the new alert list entry against the database is required.
Batch suppression of records from participating in a business process (e.g. marketing list suppression).
In addition, if a serious alert is raised, a common investigative requirement will be to find any other data in the organization’s database(s) that could possibly be related to the identity that triggered the alert. Government and Industry investigation units need to be able do this across data sourced from multiple organizations. In this situation, because it is possible that the identity data involved is fraudulent or may have been manipulated, a thorough identity search must be used.