Stop failing good customers at the identity check
In AML, a false positive is a screening alert, a sanctions, PEP or adverse-media name match that turns out not to be your customer. Reducing those is a screening job your firm keeps. The problem most onboarding teams actually feel is different: false rejections, where genuine customers fail the identity check because one data source has no record of them.
Both problems cost money. They cost it in opposite ways, and the fix for one does nothing for the other. Getting the two straight is the difference between tuning a screening system and recovering revenue you are losing at onboarding.
A KYC false positive is a screening alert that, on review, is not a genuine match. Your screening system flags a new customer against a sanctions, PEP or adverse-media list, an analyst checks it, and the person turns out to be someone else who happens to share a name. The customer was always legitimate. The system over-flagged.
The management of these alerts sits at the centre of any sanctions screening control framework. Industry guidance treats whitelisting, the use of ancillary identifiers such as date of birth and nationality, and the discounting of weak name matches as core screening disciplines.
Name-based screening is noisy by design. It is built to catch every plausible match, so it flags common names, transliterated names, and records that share only a partial identifier. The large majority of alerts on legitimate customers clear as no match once an analyst reviews them.
Every one of those alerts still has to be worked. That is the cost of a screening false positive: analyst hours spent confirming that a real customer is not a listed person. Reducing it is a matter of better screening logic, richer identifiers and disciplined whitelisting. It is a screening problem, and it stays with your firm.
If your cost is analysts clearing alerts, you have a screening false-positive problem, and the answer is screening tuning. If your cost is genuine applicants dropping out at the identity step, you have a false-rejection problem, and the answer is how you verify identity. These are near-opposite failure modes. One over-flags people who should pass. The other under-passes people who should never have failed.
The table below separates them cleanly.
|
|
Screening false positive |
Identity false rejection |
|
What it is |
A screening alert that is not a real match |
A genuine customer wrongly failed |
|
Where it happens |
Sanctions / PEP / adverse-media screening |
The identity-verification step |
|
Failure mode |
The system over-flags |
The system under-passes |
|
Typical cause |
Common names, transliteration, thin identifiers |
Single data source has no footprint for the customer |
|
Who it hits |
Legitimate customers sharing a listed name |
Thin-file people: younger adults, recent movers, newcomers to the UK |
|
The cost |
Analyst hours clearing alerts |
Lost good customers, needless manual review |
|
The fix |
Better screening logic, identifiers, whitelisting |
Match across two or more independent data sources |
|
Does KYC Match address it? |
No, screening stays with your firm |
Yes, this is what KYC Match does |
A false rejection happens when a real customer fails a check they should have passed. The most common cause is a verification design that relies on a single data source. If that source has no footprint for the customer, the check fails, regardless of the person being entirely genuine.
This hits thin-file and no-footprint customers hardest. A single credit reference agency check depends on the applicant having a record at that agency. Younger adults, recent movers and people newly arrived in the UK often do not, so they fail a single-source check despite being real, payable customers.
The scale of the underlying population is easy to underestimate. The FCA's Financial Lives 2024 survey found around 0.9 million UK adults were unbanked in 2024, and that 22% of the 15.3 million adults who applied for a regulated credit agreement in the two years to May 2024 were declined a product. A meaningful minority of legitimate customers carry a light data footprint, and a single-source check is where they fall out.
For the person applying, the experience is worse than a decline. They entered correct details, waited, and were told they could not be verified. Most do not try again. They go to a competitor whose check happened to find them.
Matching a customer's name, address and date of birth across two or more independent data sources gives a genuine thin-file applicant more than one chance to be found. A customer invisible to one credit reference agency may be clearly present in mobile network, banking or insurance records. Checking several independent datasets recovers the real customers a single-source check wrongly failed.
This is also the standard the regulations point to. The Money Laundering Regulations 2017 require verifying identity from a reliable source that is independent of the customer, and HMRC guidance indicates a single-source electronic check is not normally sufficient on its own. In practice, firms meet this through the industry "2+2" convention: matching at least two identity attributes against at least two independent, reliable sources. Matching across more sources both satisfies the test and finds more genuine people.
The efficiency gain is distinct from screening. When good customers pass automatically at the identity step, fewer legitimate applicants land in manual review or enhanced due diligence queues. The saving comes from keeping real customers out of needless manual review, which is a different mechanism from clearing screening alerts. Keep the two efficiency stories separate, because they draw on different budgets and different teams.
No. Multi-source matching separates genuine thin-file customers, who are recoverable, from records that are genuinely absent or suspect, which are correctly failed. Recovering the first group does not mean passing the second.
In one Tier-1 gaming operator's data, a CRA-only 2+2 check failed almost 30% of new customers. A second pass across additional independent sources found data on 55% of those failures, while 45% still had no footprint at all. Around half of the previously failed customers were onboarded, and the records with no footprint were correctly not passed.
The point holds beyond gambling. Adding independent sources does not lower the bar. It finds the real people a narrow check was missing, while the genuinely unverifiable stay unverified.
KYC Match performs the identity-matching step. It returns a configurable count of independent data-source matches on name, address and date of birth, across banks, mobile networks, insurance data, public-sector data, finance applications and credit reference agencies, so you can run a second check on the customers a single source failed. It runs as a real-time API or as a batch data wash across a back-book.
It does not do sanctions or PEP screening, so it neither creates nor clears screening false positives. Your firm keeps the wider customer due diligence: risk assessment, screening, source of funds where required, and ongoing monitoring. KYC Match reduces false rejections at the identity step. It does not discharge the rest of your programme.
OneID is a digital verification services provider, certified under the UK's Digital Verification Services Trust Framework.
You can run 1,000 records through KYC Match for free and compare the results against your existing provider. Send the records, see how many previously failed customers a multi-source check recovers, and decide from the evidence. Contact OneID to set up the comparison.
A false positive is a screening alert, a sanctions, PEP or adverse-media name match, that turns out not to be your customer once reviewed. The system flagged a legitimate person by mistake. Clearing these alerts is a screening task, separate from identity verification.
A false positive is a screening system flagging a legitimate customer as a possible match to a watchlist. A false rejection is the identity-verification step failing a genuine customer because the data source checked has no record of them. One over-flags, the other under-passes.
You reduce screening false positives through better screening logic, richer identifiers such as date of birth and nationality, alias tuning, and disciplined whitelisting of confirmed non-matches. This is a screening-configuration task. Identity-matching tools, including KYC Match, do not perform screening and do not affect these alerts.
Thin-file customers hold little or no record at the data source a single-source check relies on, typically one credit reference agency. Younger adults, recent movers and people new to the UK often have no footprint there, so a single-source check fails them despite being genuine, verifiable people.
Yes. Matching name, address and date of birth across two or more independent data sources gives a genuine customer more than one chance to be found. A customer invisible to one source may be present in mobile, banking or insurance data, so multi-source matching recovers customers a single-source check wrongly failed.
No. KYC Match performs the identity-matching step only. It does not screen against sanctions, PEP or adverse-media lists, and it does not create or clear screening false positives. Your firm keeps screening, risk assessment, source of funds and ongoing monitoring.