UC19: Sanctions Screening Alert Disposition

The Problem

Banks screen all customers and transactions against OFAC, EU, UN, and other sanctions lists. Screening matches generate alerts requiring investigation and disposition. Alert volume is enormous: 10,000-50,000+ alerts/month at large banks. However, 85-95% of hits are false positives: name-only matches with insufficient identifying information (e.g., "John Smith" matches to a sanctioned entity but customer is a different John Smith with different DOB/location). Current process: compliance team manually reviews each alert, gathers customer identifying data, determines if match is true positive or false positive, and documents disposition. Median time: 10-20 minutes per alert for obvious false positives; 30-60 minutes per alert for more ambiguous cases. Backlog of unreviewed alerts creates regulatory risk.

What the Agent Does

Receives sanctions screening alert with match details: matched name, sanctions list source, match score, customer ID
Retrieves customer KYC data: full legal name, DOB, address, business registry info, beneficial owner data, transaction history, geographic footprint
Applies disposition rules for obvious false positives:
Name-only match with clear distinguishing data (different DOB, address, business type, no transaction history to sanctioned country) → false positive, auto-close
Match score below configurable threshold (e.g., <80% name similarity) → false positive
Customer transaction history shows no activity in sanctioned jurisdictions or with sanctioned counterparties → false positive indicator
Flags genuine matches (high match score, customer has activity in sanctioned jurisdiction, customer has no clear distinguishing data) for investigator escalation
Generates disposition narrative: data points supporting false positive assessment or escalation rationale
Routes false positives to supervisor for approval then auto-close; routes true positives to investigator queue
Tracks disposition accuracy (false positive vs. true positive rate) for regulatory monitoring

Data Requirements

Data Sources:

Sanctions Screening System (Actimize by NICE, Fircosoft, SAS AML, or custom) , Screening alerts, match details, match scores, screening run history
OFAC Sanctions List API , U.S. Treasury Office of Foreign Assets Control consolidated list
EU Sanctions Database API , European Union consolidated sanctions list, member state lists
UN Consolidated Sanctions List , UNSC sanctions screening data
Customer KYC Database (CIP, KYC system) , Customer full legal name, DOB, address, nationality, business type, beneficial owner data
Customer Transaction Database , Historical transactions, counterparties, geographic corridors, transaction patterns
Beneficial Owner Registry (internal) , Ownership structure, ultimate beneficial owners, related parties
Disposition Rules Database (internal) , False positive thresholds, disposition logic, name matching rules, distinguishing data requirements
AML Case Management System , Prior sanctions dispositions, similar alerts, investigator decisions

Data Classification:

Public: Sanctions lists (OFAC, EU, UN)
Internal Structured: Screening alerts, customer KYC data, transaction history, disposition rules, match scores
Internal Unstructured: Investigator notes, disposition narratives, prior case files
External Third-Party: OFAC/EU/UN sanctions feeds
Sensitive/Regulated: Customer personal data (DOB, address), KYC information, beneficial owner data, transaction history, investigation records

Data Quality Requirements:

Sanctions list freshness: daily updates from OFAC, EU sources. Customer data completeness: 99% (full name, DOB, address available). Customer data accuracy: 100% (must match source records). Transaction history completeness: 100% for lookback period (typically 3-5 years). Match score accuracy: standardized per screening system (e.g., Actimize match scoring). Disposition accuracy baseline: 90%+ for obvious false positives (validated from historical investigator decisions).

Integration Complexity: High , Requires integration with screening system (Actimize, Fircosoft, custom) with real-time alert feeds. Sanctions list integration with daily updates from OFAC, EU, UN sources (different formats, different refresh cycles). Customer data enrichment from KYC system, transaction database, beneficial owner registry. Investigator workflow integration with AML case management system. Disposition rules require complex business logic and regular updates as sanctions policy changes. High regulatory scrutiny requires extensive audit logging and monitoring.

Score Breakdown

Criterion	Weight	Score (1-5)	Weighted
Time Recaptured	15%	5	0.75
Error Reduction	10%	2	0.20
Cost Avoidance	10%	4	0.40
Strategic Leverage	5%	2	0.10
Data Availability	15%	4	0.60
Process Clarity	15%	4	0.60
Ease of Implementation	10%	3	0.30
Fallback Available	10%	4	0.40
Audience (Int/Ext)	10%	5	0.50
Composite	100%		3.45

Why It Scores Well

Details to be provided.

Regulatory Alignment

OFAC Regulations (31 CFR Chapter V): Agent must document all screening and disposition; false negatives are compliance violations
EU Sanctions Regulation: Agent must comply with EU member state sanctions screening procedures
FinCEN Guidance on Sanctions Compliance: Agent assists in disposition; human specialist retains authority for true positive determination
AML/CFT (FATF, Basel Committee): Sanctions screening is mandatory control; agent supports efficiency but not decision authority

Sprint Factory Fit

4 build sprints (requires governance maturity; high regulatory scrutiny)

Build Sprints 1-4: Sanctions list integration, customer data enrichment, disposition rule codification, false positive filtering, investigator escalation workflow, audit logging, regulatory reporting, sensitivity/specificity monitoring

Comparable Implementations

Commonwealth Bank: Sanctions alert disposition AI; 80% false-positive filtering; investigator efficiency improved by 60%
Barclays: Sanctions screening alert triage; 75% of obvious false positives auto-cleared; investigation backlog reduced by 50%

Deploy This Use Case with the Sprint Factory

From zero to a governed, production agent in 6 weeks.

Sprint Factory Schedule a Briefing

Related Use Cases

On-Demand Compliance

Regulatory Change Monitoring & Impact Triage

Score: 4.5/5.0

On-Demand Compliance

Compliance Exception Report Generation

Score: 4.35/5.0

On-Demand Compliance

Insurance Regulatory Scanning & Policy Update

Score: 4.3/5.0