The Future of Screening: Insights from 17 RegTech Leaders
How AI, Data Quality, and Industry Collaboration Are Reshaping AML Compliance
A comprehensive report from the Aventine Lab RegTech Roundtable, March 2025
Roundtable Participants
Panel 1: Screening & Data Providers
| Speaker | Company | Role |
|---|---|---|
| Kevin McGuinness | Napier AI | Global Head of GTM Strategy |
| Christian Focacci | Threat Digital | Founder & CEO |
Panel 2: Transaction, KYB, Onboarding & Risk (13:00–13:55 GMT)
| Speaker | Company | Role |
|---|---|---|
| Jonnie Davis | Zenoo | Head of Sales & Channel |
| Klaus Christensen | Know Your Customer | CEO & Co-founder |
| James Redfern | Diligencia | Director of Sales |
| Harriet Holmes | Thirdfort | AML Enablement Lead |
| Leonie Taber | Simur | Head of Risk & Compliance |
| Ruth Mittelman Cohen | VinciWorks | Head of Legal Compliance |
| Tracy Longbottom | Forsyte | Director |
| Amy Cleall | Flagright | Head of Partnerships |
Host: Arsalan Abbasi, Aventine Lab
Agenda
- The Evolution of Screening: From Watch Lists to Intelligent Systems
- The False Positive Problem: Still the Industry’s Biggest Challenge
- The AI Question: Revolution or Evolution?
- The Data Quality Imperative
- Beyond PEPs and Sanctions: The Expanding Definition of Risk
- The Orchestration Layer: Bringing It All Together
- The Human Element: Why Technology Alone Isn’t Enough
- Pricing Models: Per-Hit, Per-Search, or Subscription?
- Predictions for the Coming Years
Introduction
The landscape of anti-money laundering screening is undergoing its most significant transformation in two decades. At a recent virtual roundtable hosted by Aventine Lab, seventeen RegTech leaders gathered to discuss the evolution of screening technology, the role of artificial intelligence, and the persistent challenges that continue to plague compliance teams worldwide.
What emerged was a candid, unfiltered conversation about where the industry has been, where it’s going, and what practitioners need to know to navigate the changes ahead.
1. The Evolution of Screening: From Watch Lists to Intelligent Systems
The history of AML screening reads like a story of constant catch-up. In the early 2000s, the industry was dominated by a handful of data providers: World-Check (now London Stock Exchange Group), Dow Jones, LexisNexis, and RDC (now Moody’s). These companies built their businesses on manually curated databases, employing teams of researchers to review media, compile profiles, and maintain lists of politically exposed persons, sanctioned entities, and adverse media subjects.
“Those providers have between two and ten million profiles depending on the one you go with,” explained Christian Focacci, Founder and CEO of Threat Digital. “They have various levels of coverage, various levels of data quality. They were data providers, data aggregators, and they were terrible at technology.”
This created an opportunity for a new category of company: the screening platform. While data providers focused on maintaining lists, companies like Napier AI emerged to solve the technical challenge of actually matching those lists against customer databases, a deceptively complex problem involving name variations, transliterations, and fuzzy matching algorithms.
Kevin McGuinness, Global Head of GTM Strategy at Napier AI, described the evolution: “We would give customers a high degree of configurability, depending on what they want to see for a sanctions list, what they may want to see for a PEP. If you’re a UK bank and you only deal with a certain customer segment, you may not necessarily need to match against certain lists on a global capacity.”
Key Takeaway (Napier AI): The shift from static list matching to configurable, segment-specific screening has been fundamental. Institutions no longer need blanket global coverage. They need precision matching aligned to their actual customer base and risk appetite.
Key Takeaway (Threat Digital): Legacy data providers excelled at data curation but lagged on technology. This gap created the screening platform category and continues to drive innovation today.
2. The False Positive Problem: Still the Industry’s Biggest Challenge
If there’s one issue that unites compliance professionals across every sector, it’s the crushing burden of false positives. Despite twenty years of technological advancement, the fundamental problem remains: screening systems generate far more noise than signal.
“If you ask anyone in banking or who has to look at alerts, almost always the complaint is too many results to look at,” Focacci observed. “We talk about false negatives because it’s interesting and missing information. But the heart of the problem that people face daily is false positives.”
The numbers are staggering. Some institutions process alerts in the hundreds of thousands daily, with false positive rates often exceeding 95%. The human cost is significant: analyst fatigue leads to missed genuine risks, while the financial burden of maintaining large compliance teams erodes profitability.
The solution, according to both panelists, lies not in a single silver bullet but in a layered approach to alert reduction. McGuinness outlined Napier’s methodology:
Layer 1: List Management. Ensuring institutions only match against lists relevant to their business. A UK retail bank doesn’t need to screen against every sanctions list globally.
Layer 2: Multi-Configuration. Applying different screening parameters based on geography, business line, or customer segment. Hispanic names require different matching rules than Irish names.
Layer 3: Name Matching Tuning. Fine-tuning the algorithms themselves to improve precision before any alert is generated.
Layer 4: Secondary Scoring. Using customer reference data and KYC information to automatically discount alerts where the customer’s profile clearly doesn’t match the listed individual.
Layer 5: AI Adviser. Only after all deterministic methods have been applied does AI enter the picture, providing guidance on the remaining 10–15% of edge cases.
“Working on that particular lineage, we reduce the amount of noise to the tune of about 80 to 90%,” McGuinness noted. “Whereas if you’re working on a legacy platform, it’s just so much noise, so much nonsense, and a big waste of time.”
Key Takeaway (Napier AI): False positive reduction isn’t about finding one magic solution. It’s about layering multiple approaches: list segmentation, multi-configuration, algorithm tuning, secondary scoring, and finally AI. This methodology achieves 80–90% noise reduction before human review.
3. The AI Question: Revolution or Evolution?
The conversation inevitably turned to artificial intelligence, perhaps the most discussed topic in compliance technology today. But the panelists offered a refreshingly nuanced perspective, pushing back against both AI hype and AI scepticism.
“I am, despite running an AI company, I try to use AI as little as possible whenever I can,” Focacci admitted. “It has its purposes, but you want to do anything deterministically that you can first. AI has this whole class of problems that’s really good at solving: messy problems where information is fuzzy and not clear. But there’s so much low-hanging fruit in the screening world where you’re taking things you know and deterministically removing results before you get to that last mile of adding AI.”
This philosophy (AI as a complement to, not replacement for, traditional methods) emerged as a consensus view. The most effective implementations use large language models strategically: for adverse media analysis, for understanding context, for handling the genuinely ambiguous cases that resist deterministic rules.
Where LLMs truly shine is in automating research at scale. Focacci’s company, Threat Digital, uses generative AI to produce due diligence research at something closer to screening costs, a dramatic reduction from traditional EDD pricing. “We’re automating research at scale. We’ve been doing this for longer than literally anybody. We started with LLMs at the core. We didn’t patch them on as an afterthought.”
But both panelists were quick to distinguish between genuine AI capabilities and what Focacci called “AI washing,” the tendency of vendors to rebrand existing products with AI terminology.
“Everyone says we use agents. It’s like AI washing. Really, they’re just using, best case scenario, an LLM. Worst case scenario, they’re doing the same thing they’ve been doing for ten years and they’re just calling it machine learning agents and trying to trick people.”
Key Takeaway (Threat Digital): True AI-native companies build with LLMs at the core, not as an afterthought. The real value lies in automating research at scale, bringing EDD-quality insights at screening-level costs. Be wary of “AI washing” where vendors simply rebrand legacy products.
Key Takeaway (Napier AI): Compliance-first AI means deploying machine learning only where it adds genuine value, typically on the 10–15% of edge cases that survive deterministic processing. AI should be the final layer, not the first.
4. The Data Quality Imperative
A persistent theme throughout the roundtable was the critical importance of data quality, both in the lists used for screening and in the customer data being screened.
James Redfern, Director of Sales at Diligencia, brought the perspective of a regional specialist operating in the Middle East and Africa. “No screening solution is gonna be any good if you start with the wrong core information. We’re about originating content from official sources: registries, chambers of commerce, official gazettes.”
The challenge is particularly acute in emerging markets, where corporate ownership structures can be opaque and official records incomplete or outdated. But even in developed markets, the quality of screening data varies dramatically between providers.
Leonie Taber, Head of Risk and Compliance at Simur, described her experience comparing major screening tools: “I’ve delved into the data feeds, where they come from, Factiva, Dow Jones, whether they’re doing web scraping from websites, which gives you a much less detailed and rigorous search parameter, whether they license content from media suppliers.”
Her conclusion was sobering: “As end users, we think that they are conclusive and they’re really not. Particularly in smaller jurisdictions, local news media was a gap we found. We could be screening against five tools, but they weren’t catching our market.”
This has led many compliance teams to adopt a multi-provider strategy. Ruth Mittelman Cohen, Head of Legal Compliance at VinciWorks, observed: “We’re seeing from our UK legal clients especially that they’re often taking more than one provider. They’re saying it’s okay, we can have three or four different providers to ensure that we’re getting the full picture.”
Key Takeaway (Diligencia): In emerging markets like the Middle East and Africa, screening is only as good as the underlying corporate data. Direct access to official registries and primary sources is essential. Aggregated data often misses critical ownership information.
Key Takeaway (Simur): Don’t assume screening tools are comprehensive. Dig into the data feeds: where do they source content, do they license media or scrape websites, what jurisdictions are genuinely covered? Local news media in smaller markets is a common gap.
Key Takeaway (VinciWorks): UK law firms are increasingly adopting multi-provider strategies, recognising that no single vendor covers everything. Three or four providers working together may be necessary for comprehensive coverage.
5. Beyond PEPs and Sanctions: The Expanding Definition of Risk
One of the most significant shifts discussed was the broadening scope of what constitutes “screening.” Historically, the term was synonymous with PEPs and sanctions, regulatory must-haves with clear-cut list sources. But modern risk assessment demands more.
Harriet Holmes, AML Enablement Lead at Thirdfort, was emphatic on this point: “Screening isn’t just PEPs and sanctions. I always try and steer the conversation away from marketing messaging around PEPs and sanctions is the only screening because it’s definitely not.”
The industry is moving toward what Amy Cleall from Flagright described as “intelligent risk-based contextual due diligence screening,” incorporating signals that go far beyond traditional watch list matching:
- Has this individual been seen before with different documentation?
- Have they been rejected by other institutions?
- Is there a pattern of applications across multiple firms?
- Does their address match known shell company registration patterns?
- What behavioural signals suggest elevated risk?
Tracy Longbottom from Forsyte noted that this shift requires rethinking the entire approach to risk: “PEPs and sanctions are three very distinct things, though they’re interconnected. They’re also mutually exclusive of each other. People lump them together, but they require different approaches.”
Klaus Christensen, CEO of Know Your Customer, framed the challenge in stark terms: “It’s an arms race. Both sides, the fraudsters, the money launderers, and we on the good side, are fighting to keep the upper hand. Both sides have to race here.”
Key Takeaway (Thirdfort): Screening extends far beyond PEPs and sanctions. Risk signals include document variations, rejection patterns across institutions, address anomalies, and behavioural indicators. Marketing that focuses solely on PEPs and sanctions undersells what modern screening should accomplish.
Key Takeaway (Flagright): The future is “intelligent risk-based contextual due diligence screening,” moving from reactive alert handling to proactive pattern detection and fraud prevention.
Key Takeaway (Forsyte): PEPs, sanctions, and adverse media are three distinct categories requiring different approaches. Lumping them together creates blind spots and inefficiencies.
Key Takeaway (Know Your Customer): Compliance technology is an arms race. Fraudsters and money launderers are adopting the same advanced technologies. Staying ahead requires constant investment and adaptation.
6. The Orchestration Layer: Bringing It All Together
As the compliance technology stack has grown more complex, a new category of platform has emerged: orchestration layers that integrate multiple data providers, screening tools, and decision engines into unified workflows.
Jonnie Davis, Head of Sales and Channel at Zenoo, explained the concept: “We have a no-code orchestration platform. We can bring in people’s APIs relatively quickly, SDKs for identity schemes, KYB, a range of different services. Our role is to orchestrate and deliver a full compliance ecosystem to our partners and customers.”
This orchestration approach addresses a fundamental challenge: no single provider excels at everything. Different vendors have different strengths (geographic coverage, data depth, matching accuracy, user experience). The most sophisticated compliance programmes leverage multiple tools, each chosen for specific use cases.
But orchestration brings its own challenges. As Ruth from VinciWorks noted, “It’s quite a hard game to play, and it’s often like a tightrope that you’re walking. For a lot of our clients, it’s actually quite overwhelming, especially when they’re faced with all of those options.”
Key Takeaway (Zenoo): No-code orchestration platforms allow institutions to integrate best-of-breed providers without extensive development work. The value lies in rapid API integration and flexible workflow configuration, letting compliance teams choose the right tool for each specific use case.
7. The Human Element: Why Technology Alone Isn’t Enough
Despite all the advances in automation, every panelist emphasised the continued importance of human judgement in the screening process. This isn’t just a philosophical preference. It’s increasingly a regulatory expectation.
Ruth highlighted the SRA’s position in the legal sector: “These AI tools should be integrated and utilised with the big caveat that the SRA at least expect you to have everything documented and humans have reviewed it and to actually have a human decision-making rather than it being an automated decision-making.”
Harriet Holmes expanded on this: “With my risk and compliance hat and my legal hat on, we’re always balancing the excitement about AI with consumer safety and protection. We’re working with really sensitive data, and we have to remember there’s a human that belongs to that data.”
James Redfern offered a practical framework: “AI and technology should be used to do the low-risk stuff really well and really fast, and always escalate the high-risk stuff to people. Call me old-fashioned, but I think that’s where it’s going.”
Key Takeaway (VinciWorks): The SRA expects documented human review and decision-making, even when AI tools are deployed. Automation doesn’t remove the requirement for human oversight. It changes where that oversight is applied.
Key Takeaway (Thirdfort): Balancing AI excitement with data protection responsibilities is essential. Behind every data point is a human being whose information must be handled responsibly.
Key Takeaway (Diligencia): A practical framework: use AI for low-risk, high-volume tasks; escalate high-risk cases to human analysts. Technology handles the routine; humans handle the complex.
8. Pricing Models: Per-Hit, Per-Search, or Subscription?
The economics of screening remain complex and varied. Traditional data providers have historically priced on value, charging what the market will bear rather than what the service costs to deliver. This has created opportunities for newer entrants to compete on price while maintaining quality.
Focacci described his company’s approach: “It’s volume-based, and it’s locked into real costs that make sense. We pay X, this is what we charge, and it scales with volume. It’s not some made-up hand-wavy pricing. Everything is grounded in reality.”
McGuinness outlined Napier’s model: “We price based on scale. If you’re a mid-market participant with 400,000 unique customers, that’s fine. Likewise, if you have 50 million unique customers, the scale will give them the same output. It’ll just cost more because of the processing requirements. We don’t have a price cap per user.”
The trend appears to be moving toward more transparent, usage-based pricing, a shift driven partly by competition and partly by customer demand for predictability.
Key Takeaway (Threat Digital): Volume-based pricing tied to actual costs creates transparency and scalability. Avoid “value-based” pricing that bears no relationship to delivery costs.
Key Takeaway (Napier AI): Scale-based pricing without per-user caps allows large institutions to deploy broadly without artificial constraints. Processing volume, not user count, should drive costs.
9. Predictions for the Coming Years
The roundtable concluded with reflections on where the industry is heading. Several themes emerged:
AI Will Become Table Stakes. “Within the next three years, almost every screening solution is gonna have an AI layer at the end of it because the benefits are just so good,” Focacci predicted.
Data Providers Face Disruption. The ability of AI to automate what data providers do manually (curating, structuring, and updating risk profiles) threatens the incumbents’ business model. “If someone comes out that has a comparable dataset that is more reflective of the price it costs to create, I think we’re gonna see changes,” Focacci said.
Consolidation Will Continue. The screening and compliance technology space remains fragmented. Expect continued M&A activity as larger players seek to build comprehensive platforms.
Regulation Will Demand Explainability. As AI becomes more prevalent, regulators will increasingly require that firms can explain how their systems work and demonstrate that human oversight exists throughout the process.
The Arms Race Accelerates. Both criminals and compliance teams will continue adopting more sophisticated technologies. Staying ahead requires constant investment and adaptation.
Key Takeaways by Provider
| Provider | Key Insight |
|---|---|
| Napier AI | Layered approach to false positive reduction (80–90% noise reduction); compliance-first AI as the final layer, not the first; scale-based pricing without per-user caps |
| Threat Digital | AI-native architecture with LLMs at the core; automating EDD-quality research at screening costs; beware of “AI washing” in the market |
| Know Your Customer | Compliance is an arms race, both sides are adopting advanced technology; clean, reliable data from official sources is the foundation |
| Thirdfort | Screening extends beyond PEPs and sanctions to behavioural signals and pattern detection; balance AI excitement with data protection responsibilities |
| Zenoo | No-code orchestration enables best-of-breed integration; rapid API connectivity lets compliance teams choose the right tool for each use case |
| Diligencia | In emerging markets, direct access to official registries is essential; use AI for low-risk tasks, humans for high-risk decisions |
| VinciWorks | UK law firms adopting multi-provider strategies; SRA expects documented human oversight even with AI tools |
| Simur | Don’t assume screening tools are comprehensive. Dig into data sources, licensed content, and jurisdictional coverage |
| Forsyte | PEPs, sanctions, and adverse media require distinct approaches; lumping them together creates inefficiencies |
| Flagright | The future is intelligent, risk-based contextual screening, moving from reactive to preventive compliance |
Key Takeaways for Compliance Professionals
From two hours of candid discussion, several practical lessons emerged for compliance teams evaluating their screening capabilities:
- Don’t chase AI for its own sake. Focus first on optimising deterministic processes: list management, matching tuning, and secondary scoring. AI works best as the final layer, not the first.
- Question your data providers. Understand exactly where their data comes from, how it’s updated, what jurisdictions are covered, and what gaps exist. Don’t assume comprehensive coverage.
- Consider a multi-provider strategy. No single vendor excels at everything. The best compliance programmes often leverage multiple tools, each chosen for specific strengths.
- Think beyond PEPs and sanctions. Modern risk screening encompasses behavioural signals, pattern detection, and contextual analysis. Build capabilities accordingly.
- Maintain human oversight. Regulators expect it, and genuinely ambiguous cases require it. Technology should augment human judgement, not replace it.
- Demand transparency on pricing. The market is moving toward more rational, usage-based pricing. Don’t accept “value-based” pricing that bears no relationship to costs.
- Invest in data quality. The best screening technology in the world can’t compensate for poor customer data or incomplete list coverage.
Conclusion: An Industry in Transition
The screening industry stands at an inflection point. The technologies that dominated the past two decades (manually curated databases, deterministic matching engines, alert-heavy workflows) are giving way to something more intelligent, more efficient, and more effective.
But this transition is not happening overnight, and it’s not happening uniformly. The largest institutions are investing heavily in next-generation capabilities, while smaller firms often struggle with basic compliance obligations. Data providers are racing to adapt their business models before they’re disrupted. And regulators are working to understand technologies that didn’t exist when their frameworks were written.
What’s clear from this roundtable is that the leaders in this space share a common perspective: they’re pragmatic about AI’s capabilities and limitations, committed to data quality above all else, and focused on outcomes rather than hype.
As Amy Cleall from Flagright summarised: “At the end of the day, we’re hopefully preventing fraud victims and detecting serious criminal networks. The enhancements we’re making should enable customers to move from not just reacting to financial crime, but actually preventing it, focusing on real suspicious activity rather than repetitive, monotonous alerts.”
In that mission, technology is a means to an end, and the end is a financial system that’s harder for criminals to exploit. On that, everyone agreed.
References & Resources
Participating Companies:
- Napier AI : Next-generation AML platform for screening and transaction monitoring
- Threat Digital : AI-powered adverse media and due diligence screening
- Know Your Customer : Global KYB with direct registry connections
- Thirdfort : Identity verification and AML for legal and property
- Zenoo : No-code compliance orchestration platform
- Diligencia : Corporate intelligence for Middle East and Africa
- VinciWorks : AML training and compliance software for law firms
- Simur : KYC/KYB platform with digital wallet capabilities
- Forsyte : Risk management consultancy
- Flagright : Real-time AML compliance and transaction monitoring
Regulatory References:
- Solicitors Regulation Authority (SRA) : UK legal sector AML guidance
- Financial Conduct Authority (FCA) : UK financial services regulation
- OFAC Sanctions Lists : US Office of Foreign Assets Control
Data Providers Mentioned:
- LSEG World-Check : Risk intelligence database
- Dow Jones Risk & Compliance : Sanctions and PEP screening
- LexisNexis Risk Solutions : Identity and compliance data
- Moody’s (formerly RDC) : Risk data and analytics
This article is based on the Aventine Lab RegTech Roundtable: Future of Screening, held on 25 March 2025.
Watch the full recording: LinkedIn Live Event
About Aventine Lab
Aventine Lab helps RegTech companies make revenue predictable through market intelligence, competitive analysis, and go-to-market strategy.
