MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Various sanctions, terrorist, and serious crime watch lists are available to anti-fraud professionals
and can be utilised for anti-fraud purposes. Led by the architect behind the United Nation’s new
format for the al-Qaeda and Taliban sanctions lists, this session discusses best practices in watch
list screening and the latest developments in identity matching techniques.
VICTORIA MEYER, CFE, FCCA
Director
Swiss International Business Academy
Zurich, Switzerland
Victoria is a Director of the Swiss International Business Academy. She trained in the
Forensic Services Department of KPMG London before moving on to coordinate the European
Forensic Technology practice for PricewaterhouseCoopers. After more than a decade in Big-4
Forensic practices, Victoria now works mainly in the financial services sector, and has worked
with the UN, OFAC, and other government agencies on a new format for anti-terrorism sanctions
information. She began working with identity data on Social Security fraud investigations and
has since used increasingly sophisticated linguistic matching techniques to support investigations
as diverse as FCPA, insider trading and mortgage fraud enquiries, as well as high profile
assignments for the UN and the search for dormant bank accounts dating from the Second World
War.
“Association of Certified Fraud Examiners,” “Certified Fraud Examiner,” “CFE,” “ACFE,” and the
ACFE Logo are trademarks owned by the Association of Certified Fraud Examiners, Inc. The contents of
this paper may not be transmitted, re-published, modified, reproduced, distributed, copied, or sold without
the prior consent of the author.
©2013
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Contents
1. Intelligence Screening for Compliance and Anti-Fraud
Purposes
 Sanctions Screening
 Screening Other Official Watch Lists
 Screening Other Intelligence Lists
 Internal Intelligence Lists
2. Selecting External Watch Lists
 Available External Lists
 Selecting Appropriate Lists

Outsourcing Collection
3. Managing Identity Data
4. Linguistic Identity Matching
This paper supports the session “Making the Most of
Sanctions and Other Watch Lists” for presentation at the
ACFE 2013 European Conference in Prague. The session
looks at the different kinds of sanctions and other watch
lists available to the anti-fraud professional and considers
how they can most effectively be employed in compliance
and anti-fraud processes. It begins by considering the
various counter-fraud uses for sanctions and other watch
lists (including internally gathered intelligence information)
and goes on to highlight some of the areas that are most
important in making the most effective use of this
intelligence: watch list selection and creation, data
management, and linguistic identity matching.
Intelligence Screening for Compliance and Anti-Fraud
Purposes
The four main sources for identity screening in compliance,
anti-fraud, and counter-terrorism projects are:

Sanctions lists
 Other official watch lists
©2013
2013 ACFE European Fraud Conference
1
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS

Other published intelligence lists
 Internally generated intelligence lists
While these lists may be compiled in different ways, and
used for different purposes, the techniques necessary for
making effective use of the intelligence they contain are
very similar.
Sanctions Screening
International sanctions programs may take different
forms. Some of the most well-known are country-based
programs, which prohibit certain kinds of transactions
with designated states. These often follow UN
resolutions designed to promote world peace or human
rights, such as the EU’s program of measures against
Iran, but may also be instigated at a national level, as is
the case with the United States’ economic embargo
against Cuba. Country-based official programs often do
not provide specific watch lists for screening, but may
still form the basis of internal lists. For example, a
financial institution might use a list of towns and ports
in a sanctioned country to help filter the payments it
processes.
Of more direct relevance to the screening process are
sanctions programs that produce official lists of named
individuals, groups, and entities against which
restrictive measures are in place. These are often lists of
parties who carry out or support terrorist activities, but
may also list members of a corrupt regime or parties
accused of war crimes or other atrocities. The measures
applied could include financial restrictions as well as
travel bans or other restrictive measures. Examples of
targeted sanctions lists include the UN’s al-Qaeda
Sanctions List, the U.S.-issued OFAC Specially
Designated Nationals List, the Consolidated List of
©2013
2013 ACFE European Fraud Conference
2
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Persons, Groups and Entities Subject to EU Financial
Sanctions, and the UK HMT’s Financial Sanctions List.
Again, many of the national programs are based on
sanctions imposed under UN resolutions, so many of
the names appearing on the UN lists also appear on
supra-national lists such as those issued by the EU, as
well as national sanctions lists such as the OFAC and
HMT lists.
It is arguably in the financial services industry that
organisations face the greatest risks if their sanctions
screening processes fail, as the penalties for providing
parties involved in money laundering or terrorist
financing with access to the financial system can be
severe. In the worst case scenario, an organisation’s
ability to do business in one or more regions can be
threatened, as regulators impose strict fines and
consider withdrawing banking licences for breaches of
sanctions or anti-corruption legislation. In addition,
indirect penalties can include negative effects on the
organisation’s reputation and the cost of increased
regulatory scrutiny going forward. That said, as many
of the named sanctions lists apply to individuals
working with terrorist organisations or accused of
serious crimes, more and more non-financial services
organisations are choosing to incorporate these lists into
their anti-crime procedures.
Screening Other Official Watch Lists
The principles discussed in this paper can just as easily
be applied to other kinds of watch lists, including law
enforcement lists such as Interpol’s Red Notices, the
FBI’s Crime Alert List and Featured Fugitives lists, and
the various national and regional wanted lists issued by
police forces around Europe. Effective screening
against such lists can help to prevent an organisation
©2013
2013 ACFE European Fraud Conference
3
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
from doing business with parties accused of criminal
offences and from becoming involved in on-going
scams.
The techniques discussed in this paper are also
applicable to regulatory enforcement lists, such as the
lists of unauthorised firms issued by the FSA in the UK,
the U.S. OCC list of Enforcement Actions and the SEC
list of administrative proceedings, as well as a host of
similar European lists, such as those issued by BaFin in
Germany, the AFM in the Netherlands, and the CNMV
is Spain. However, greater care must be taken in
selecting such lists for screening and in determining the
appropriate response if a prospective business partner is
found to be on such a list. While some lists comprise
serious warnings, such as parties involved in known
scams, others detail more administrative penalties and
may contain the names of large, reputable international
businesses.
Screening Other Intelligence Lists
As part of their compliance programs, many
organisations also screen lists that are not intended to
serve as a warning of a specific risk. Some of the most
commonly used are PEP lists—lists of politically
exposed persons. Though in most cases there is no
implication of impropriety on the part of those listed,
some organisations choose to apply enhanced due
diligence to such parties in order to limit the risk of
becoming implicated in corrupt activities. Some
organisations, particularly those required to comply
with the FCPA or the more recently introduced UK
Bribery Act, also use lists of organisations with full or
partial state-ownership in order to determine which of
their business partners might qualify as “public
officials.”
©2013
2013 ACFE European Fraud Conference
4
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Other lists may be of a more specific nature. For
example, one of the most high-profile identity screening
exercises of recent times was the project to identify
assets left behind by victims of the Second World War.
The value of dormant assets under management is
climbing globally, fuelled in part by successive
international crises, which have seen owners unable to
make timely claims for their property, and in part by the
reduction in practices that would previously have seen
such assets written up to profit or transferred to state
ownership. Fraudsters have long since recognised this
and become skilled at claiming to be the owner of
assets left behind by those killed or displaced by war
and other crises. Using verified lists of those known to
have been incapacitated by these events can help to
identify fraudulent claims for the assets they left
behind.
Internal Intelligence Lists
While official, published watch lists can be invaluable
in the fight against crime and terrorism, for specific
anti-fraud investigations it is often internally gathered
intelligence that forms the basis for screening exercises.
Examples include:
 Corruption and bribery investigations: Over the
last two decades, the FCPA has become a
significant feature of the anti-fraud landscape, and
the 2011 introduction of the UK Bribery Act has
strengthened the applicable provisions. A
fundamental pillar of all anti-bribery investigations
is the identification of relevant power holders and
agents, and the matching of these individuals and
organisations against payment registers.
Investigations often focus on the creation of a list of
relevant public officials and local facilitators, and
©2013
2013 ACFE European Fraud Conference
5
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS

screening this against an organisation’s vendor and
payment registers.
Insider trading: The core of many insider trading
investigations lies in identifying the friends and
associates of those with legitimate access to insider
information and determining any overlap with the
friends and associates of those who have apparently
benefited from trading on this information.
Identifying imprecise matches is often key due to
the ad hoc way in which friends’ and associates’
details are collected, and the unofficial (often


handwritten) nature of the underlying documents.
Identifying duplicate claims: Whether it be
insurance payouts or state benefit payments, making
multiple claims is a long established method of
fraud. A slight change to identity details is all that is
needed to get past the standard controls in most
payment systems, so it is important that fraud
monitoring tools are able to pick up on unusual
similarities between claimants and flag these for
review. Internally generated lists of known
fraudsters and those previously rejected for payouts
can also help identify new fraudulent claims.
Anti-money laundering: Financial institutions are
required to screen their clients and transactions
against an ever-increasing number of official lists of
alleged criminals, PEPs, and their associates. Much
of this information is available for purchase, but
strict data protection and associated regulations
often mean that only confirmed information is
available commercially (e.g., details of those
holding public office or individuals convicted of
crimes). Many institutions also monitor local and
international news services and compile their own
watch lists of those suspected of facilitating local
©2013
2013 ACFE European Fraud Conference
6
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
corruption or of involvement in serious or organised
crime.
Selecting External Watch Lists
Available External Lists
There are many different national and international
sanctions lists, and even more law enforcement/crime
management lists available, particularly if the lists
published by regional and local forces are considered.
Depending on the types of lists to be covered by a
compliance or anti-fraud system, the number of
regulatory enforcement and warning lists may be even
higher. This last category incorporates many kinds of
warnings, from investor alerts and lists of enforcement
action taken by regulatory bodies, to lists of
administrative procedures, such as bankruptcies and
other watch lists, such as credit risk warnings and lists
of websites involved in attempted fraud.
There are a number of ways to obtain official sanctions
and other watch list data. Many of these lists and
intelligence sources are available free from the websites
of the issuing bodies, though they may not be nicely
formatted as downloadable lists. Examples include:
©2013
2013 ACFE European Fraud Conference
7
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
UN Sanctions Lists
The UN’s list of parties subject to sanctions as a
result of their connection to al-Qaeda
The UN’s list of parties subject to sanctions as a
result of their connection to the Iranian nuclear
and ballistic arms programs
International Criminal Cases
Cases brought before the International Criminal
Court (e.g., relating to Darfur, Uganda, DR
Congo, etc.)
Parties indicted by the International Criminal
Tribunal for Rwanda
National and Supra-National Sanctions Lists
The European Union’s consolidated list of
sanctioned parties (includes those measures
applied following UN resolutions)
Australian consolidated list of sanctioned parties
(includes those measures applied following UN
resolutions)
UK consolidated list of sanctioned parties
(includes those measures applied following UN
resolutions)
U.S. (OFAC) Specially Designated National List
of parties sanctioned as a result of their
connection to terrorism, drug trafficking, and
other offences
List of terrorist organisations issued by the
Israeli Defence Ministry
Canada’s consolidated list of sanctioned parties
(includes those measures applied following UN
resolutions)
Russian terrorist sanctions lists
French list of freezing orders issued in relation
to terrorist activities
Swiss list of parties sanctioned as a result of
their connection to al-Qaeda or the Taliban
Law Enforcement Lists
List of parties wanted for serious crimes by the
Chinese Public Security Ministry
Persons wanted by the German Federal Criminal
Police
Mexican Federal Attorney General’s most
wanted fugitives
Persons wanted by the Russian Interior Ministry
©2013
www.un.org/sc/committees/1267/AQList.htm
www.un.org/sc/committees/1737/consolist.shtml
www.icccpi.int/en_menus/icc/situations%20and%20case
s/cases/Pages/cases%20index.aspx
unictr.org/Cases/StatusofCases/tabid/204/Defaul
t.aspx
eeas.europa.eu/cfsp/sanctions/consol-list_en.htm
www.dfat.gov.au/icat/unsc_financial_sanctions.
html
www.hmtreasury.gov.uk/fin_sanctions_listtargets.htm
www.treasury.gov/resourcecenter/sanctions/SDN-List/Pages/default.aspx
www.mod.gov.il/pages/general/teror.asp
www.osfibsif.gc.ca/osfi/index_e.aspx?ArticleID=524
www.fedsfm.ru/documents/terr-list
www.tresor.economie.gouv.fr/4248_DispositifNational-de-Gel-Terroriste
www.seco.admin.ch/themen/00513/00620/0062
2/00623/index.html?lang=fr
www.mps.gov.cn/n16/n1237/n1417/index.html
www.bka.de/nn_198410/DE/Fahndungen/Perso
nen/BekannteTatverdaechtige/bekannteTatverda
echtige__node.html?__nnn=true
www.pgr.gob.mx/servicios/fugitivos/fugitivos.a
sp
www.eng.mvdrf.ru/rozysk/17/
2013 ACFE European Fraud Conference
8
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Persons wanted by the South African Police
Service
Appeals issued by Crimestoppers UK
Persons wanted by the FBI for white-collar
crimes
Selection of Interpol “Red Notices”
www.saps.gov.za/_dynamicModules/internetsite
/wphome.asp
wanted.crimestoppers-uk.org/
www.fbi.gov/wanted/wcc
Warnings issued by the Hong Kong Monetary
Authority regarding fraudulent websites, emails,
and other technology frauds
www.hkma.gov.hk/eng/key-information/pressrelease-category/fraudulent-websites-e-mailsand-telephone-system-and-other-fraudcases.shtml
www.moneysense.gov.sg/UnderstandingFinancial-Products/Investments/Investor-AlertList/IAL-Listing.aspx?sc_p=all
www.cmvm.pt/cmvm/comunicados/contrordmto
graves/pages/deccrimesmercado.aspx
www.led.go.th/ff/casein/casein.asp
secure.interpol.int/Public/Wanted/Search/Form.a
sp
Italian Police most wanted list
www.interno.it/mininterno/export/sites/default/it
/sezioni/ministero/dipartimenti/dip_pubblica_sic
urezza/direzione_centrale_della_polizia_crimina
le/scheda_16056.html
Regulatory Alerts, Enforcement, and Administrative Actions
List of Financial Institutions of Primary ML
www.treasury.gov/resource-center/terroristConcern issued by the U.S. TreasuryActions
illicit-finance/311-Actions/Pages/311taken under Section 311 of the USA PATRIOT
Actions.aspx
Act
Significant cases dealt with by the Corrupt
app.cpib.gov.sg/cpib_new/user/default.aspx?pgI
Practices Investigation Bureau in Singapore
D=627
UK (FSA) list of parties not authorised to
www.fsa.gov.uk/Pages/Doing/Regulated/Law/A
conduct regulated activities who may be trying
lerts/index.shtml
to operate in that area
List of parties not licenced by the Monetary
Authority of Singapore who may purport or be
perceived to be licenced by them
Portuguese Securities Exchange enforcement
decisions
List of bankruptcies registered in Thailand
©2013
2013 ACFE European Fraud Conference
9
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
Obviously, there are many more countries with
organisations issuing watch lists than are represented
above, and most of the countries represented in the list
issue many more lists than are shown. In addition,
many administrative regions (e.g., towns, counties,
states, departments, kantons, etc.) also issue a variety of
different kinds of watch lists. As a result, the number of
lists that may need to be incorporated into an anti-fraud
screening program can be substantial.
Selecting Appropriate Lists
The selection of watch lists to be included in an
intelligence database will generally be based on a
number of factors, including:
 The nature of the investigation/control process
 The relevant geographical area
 The jurisdictions in which the overall organisation
operates
 The requirements of relevant regulators and




governing bodies
The recommendations of industry bodies
The availability of relevant published lists
The reliability and motives of the list-issuing bodies
Restrictions imposed by screening technology and
hit-handling resources
In some investigations, the nature of the project will
clearly indicate the intelligence data required. For
example, an anti-corruption investigation based in a
specific country will typically require data on local
politicians, agents, and facilitators. In other cases, a
broader intelligence base will be required. This is often
the case with preventive measures, such as the client
screening systems used in the financial services
industry. Though regulators will generally only specify
that their own, local sanctions list is used for screening,
©2013
2013 ACFE European Fraud Conference
10
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
global operations and a more general requirement for
banks to “know their customer” means that, in practice,
a much wider range of lists is generally used.
The UK bank NatWest famously fell foul of this last
requirement when it provided banking services to the
Palestinian Charity, Interpal. Interpal has been alleged
to provide funds to Hamas-backed groups. It was listed
as an unlawful organisation by the Israeli government
in 1998, and in 2003, the U.S. authorities also listed it
as a Specially Designated Global Terrorist group.
NatWest was taken to court by a group of claimants
who had been affected by Hamas-led terrorist attacks in
Israel, who claimed that, in providing banking services
to Interpal, NatWest had provided material support for
the attacks. The court found that NatWest should have
been aware of the Israeli designation, based on its own
KYC policies and on the standards set by the Wolfsberg
group and FATF. This ruling had a significant impact
on the banking community, particularly as the Israeli
list was published only on the Israeli government
website, in Hebrew. It became clear that banks were
going to have to work harder to ensure that they had
identified all relevant available intelligence sources.
For each of the lists selected for inclusion in the
intelligence database, it should be clear what the
expected action would be if a true hit on the list was
generated. For some lists, such as terrorist sanctions
lists or those indicted for war crimes, it might be clear
that the organisation does not want to do business with
any listed party. In other cases, inclusion on the list
might only signify that enhanced due diligence would
be required before contracting with those listed.
©2013
2013 ACFE European Fraud Conference
11
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
There are often jurisdictional issues to consider,
particularly where a party is listed for serious crimes in
only some jurisdictions. It is interesting that, after
several investigations, the UK authorities have not
listed Interpal as a terrorist organisation and it remains
registered as an official charity. UK banks (unless they
are also “U.S. persons”) are, therefore, not required to
avoid business with Interpal, though even banks
sympathetic to the charity have, in practice, found
themselves subject to third-party pressures to cease
providing banking services.
Outsourcing Collection
The sheer volume of lists can be daunting, especially if
global coverage is required, and some lists might not be
published in a language or script that is recognised by
an organisation’s internal systems. In addition, many of
these lists are frequently updated, in some cases more
than once a day, so list management can become a huge
task for organisations wishing to keep their intelligence
data up to date. For many projects, a more relaxed
update schedule may be appropriate, but in some cases,
such as in the compliance systems of financial
organisations, not updating watch list data on a
sufficiently regular basis can lead to serious regulatory
repercussions.
For this reason, many organisations choose to purchase
their watch list data from a dedicated compliance
intelligence provider, such as:
 Dow Jones (“Dow Jones Watchlist”):
www.dowjones.com/collateral/files/dj-watchlistbrochure.pdf
©2013
2013 ACFE European Fraud Conference
12
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS


World-Check (“World-Check Risk Screening”):
www.world-check.com/our-services/world-checkrisk-screening
World Compliance: www.worldcompliance.com
These organisations employ dedicated teams of multilingual researchers who monitor official websites
constantly and update a centralised, consolidated list.
Factors to consider when selecting an intelligence
service provider are:









How strong is their global coverage (i.e., where are
their researchers located and what languages do
they speak)?
What sources do they use for their data collection?
What is their reputation in the industry, and how is
their relationship with regulators?
How often is their data updated?
Do they have a robust, enforceable approach to
content and quality?
Is any kind of external certification available?
Do they use an appropriate data structure (see
below)?
If they provide an online search function, is it
appropriately flexible (see below)?
If they provide data files, what formats are
available?
Managing Identity Data
Maintaining a database of watch list data requires a number
of key steps:
 Determining whether lists will be purchased from an
intelligence vendor, sourced individually from official
websites, or created internally
 Managing duplication/consolidation
 Defining an appropriate data structure
©2013
2013 ACFE European Fraud Conference
13
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS

Defining an appropriate update schedule
 Verifying amendments will not affect system
performance
 Auditing adjustments and reconciling data
The consolidation element is another key reason why many
organisations choose to purchase their watch list data.
Many parties are listed on multiple watch lists—for
example, those sanctioned under the UN’s program related
to al-Qaeda appear not only on the UN list, but also on
supra-national lists such as the EU Consolidated list and
many different national sanctions lists. Not consolidating
the duplicate entries would lead to an overall intelligence
database size many times the actual number of sanctioned
parties, which increases both the processing time required
for automated screening and the time needed to manually
review duplicate hits.
Within the consolidation process, it is important that no
information is lost. For example, many list-issuing bodies
provide multiple possible spelling variations for the names
of sanctioned parties. In the event of a hit, it may be
important to know which official body has listed the variant
on which the match has been generated.
The structure in which the data is maintained is also key to
an efficient screening and matching program.
Unfortunately, many official watch lists are issued in
outdated structures that owe little to the principles of
relational data management. This topic has recently been
the subject of a UN-led project to define a new structure for
sanctions data. The draft structure was circulated among
the compliance and anti-fraud community in 2011, and
subsequently approved by the UN’s 1267 Committee. In
2012, OFAC in the United States updated its data systems
©2013
2013 ACFE European Fraud Conference
14
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
using the principles defined as part of the UN project,
which are described in the attached consultation paper.
The appropriate update schedule will depend on the
requirements of the project and the frequency with which
the lists to be incorporated are updated. Regulated
businesses may find that the relevant regulatory bodies
specify a minimum acceptable update frequency, but many
regulators remain vague on this point. If the lists are
sourced internally (as opposed to purchased from an
intelligence vendor), then the appropriate schedule may
also depend on the available resources, as monitoring
external websites and appropriately updating internal data
accordingly can be a time-consuming task. Some list
issuers provide a subscription service that notifies users
when amendments are made, and some provide delta
files—data files that contain only details of changes made
since the last update/in the last day/in the last week—which
can simplify this task. But many list issuers do not provide
notifications and issue their updates by simply replacing the
list file published on their website, leaving the user to
determine what the changes might be.
When screening is part of a real-time business process,
such as the screening of payment transactions in the
financial services sector, it is vital that changes are
reviewed before being fed into the live system. Some
sanctions and warning regimes have strictly defined criteria
for what must be included on a sanctions list, which might
lead to entries being made even when the listed party can
only be identified in the vaguest terms. The currentlysuspended EU sanctions relating to Myanmar contain
several entries that could cause problems in automated
payment systems (e.g., those where the only names
available are friend and family.) On the other hand, some
amendments may be so minor that they are not worth re-
©2013
2013 ACFE European Fraud Conference
15
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
screening—for example, “Dr John Smith” may be amended
to “Dr. John Smith.” In this case, it could reasonably be
expected (assuming appropriate search logic is
implemented) that the amended entry would not alter the
search results.
As with any data management program, watch list updates
should also be subject to periodic checks and controls. A
common way to verify the working of an update system is
to start the database by adding a complete watch list,
regularly updating the data set using the series of delta files
provided by the list issuer or intelligence vendor, and then
periodically comparing this to the full, updated file
provided by the issuer. When processing time is at a
premium, this comparison will typically be run overnight or
on a non-working day.
Linguistic Identity Matching
One of the most important factors in the effective screening
of intelligence data is the way in which it is searched.
Search technologies can be assessed with reference to their
recall (a search with strong recall does not miss relevant
hits) and precision (a search with good precision does not
produce too many irrelevant hits). While the risks
associated with poor recall are obvious, there can be
significant hit-handling costs associated with poor
precision, as well as the increased risk that hit handlers will
miss a relevant hit in a sea of false-positive results, so it is
vital to get the balance right between these two criteria.
While almost all search procedures require some level of
trade-off between recall and precision, it is worth
considering this relationship in more detail. Clearly, a
matching system which returns all database profiles for any
search criteria provides a very low level of precision. As
precision is improved, the risk increases that a relevant
©2013
2013 ACFE European Fraud Conference
16
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
profile could be excluded from the results list. However,
the extent to which recall may suffer as a result of a
specified increase in precision is determined by the
sophistication of the technology involved. This is where
linguistic identity matching can most greatly benefit the
screening process.
Many traditional methods of name matching suffer a
significant loss of precision if recall is improved. This is
particularly the case with technology based on text
comparison measures, such as edit distance methods.
Using such computational measures, the fall in recall as
precision increases is a mathematical inevitability.
Linguistic name matching has, to a large extent, provided a
solution to this problem. It is a relatively new field, based
on knowledge drawn from linguistic sciences and from its
sub-discipline, onomastic studies (the study of proper
names). Mathematical and probabilistic algorithms no
longer form the basis of matching technology, but have
acquired a new, supporting role for the core fundament of
linguistics.
Every linguistic matching rule has two functions: a
matching function and an analytical function. The matching
element applies the rules required to identify names that are
valid linguistic alternatives. An example could be the rules
required to match possible transcriptions of the Cyrillic
name Ельцин, such as Yeltsin, Jelzin, Eltsine, and Ieltsin.
The matching element ensures an appropriate recall for the
search process.
The analytical element ensures that each linguistic
matching rule is only applied in appropriate circumstances.
Using the above example, the analytic function would
prevent the rules required to match Yeltsin with Eltsine
being applied to produce a match between Yan and Ane,
©2013
2013 ACFE European Fraud Conference
17
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
despite these examples being orthographically similar in
the same manner, requiring the removal of the initial y and
the addition of a and final e. The analytical element,
therefore, moderates the impact of increased recall on the
precision rate.
In this way, the use of linguistic matching rules has
revolutionised the identity matching arena and allowed
organisations greater freedom to increase precision without
running the additional risks associated with reduced recall.
The attached paper, “Identity Search and Screening,”
describes the challenges faced in the matching of proper
names and looks at the linguistic matching solution in more
detail.
Even when appropriate search technology is in place, the
system may still fall short if it is not appropriately
configured. It is important in any screening system that the
search configuration accurately reflects the goals of the
system and the risks that it is trying to manage. To this end,
anyone managing such a process should have a defined
search strategy that sets out how different classes of
matches should be treated.
 Should transcription variants be matched? If so, which
languages and scripts are relevant for this process?
 Should homophone names be matched? Which
languages are relevant for this?
 Should typographic errors be accounted for? If so,
which kinds of errors should be allowed?

Should partial matches be allowed? If so, which factors
should be taken into consideration?
The answers to these kinds of questions should be defined
in a search standard. Within an organisation, a consistent
search standard is desirable, but in cases where the risks
faced by search systems differ substantially, or there is a
©2013
2013 ACFE European Fraud Conference
18
NOTES
MAKING THE MOST OF SANCTIONS AND WATCH LISTS
wide variation in data quality, it may be appropriate to
define different levels of search accuracy for use in
different systems. The attached paper, “Linguistic Search
Standard,” is taken from the book Linguistic Identity
Matching, written by Bertrand Lisbach and Victoria Meyer,
and considers how such a standard could be defined in
greater detail.
©2013
2013 ACFE European Fraud Conference
19
NOTES