Cutting AML False Positives With Configurable Thresholds

The dirty secret of AML screening is that the matches are easy and the non-matches are expensive. Any engine can surface every watchlist record that shares a name with your customer. The real work — and the real cost — is dismissing the ones that aren't actually your customer. False positives are where compliance teams burn their hours, where onboarding slows to a crawl, and where good customers get blocked because they happen to share a name with someone on a list.

Didit's AML engine is built to suppress that noise without losing signal. Through configurable match-score weights, a tunable match threshold, configurable risk thresholds, and the document-number Golden Key, you can shrink the review queue to the hits that genuinely matter — and prove to a regulator exactly why each suppression was justified. It's all included in the $0.20 per check screening.

Key takeaways

• Match weights are configurable. Name (60%), date of birth (25%), and country (15%) are defaults — re-weight them to your population, as long as they sum to 100.
• The match threshold (default 93) decides what reaches a human. Anything below it is auto-classified False Positive.
• Risk thresholds (default approve 80 / review 100) decide what's Approved, In Review, or Declined — so even real matches don't all queue.
• The Golden Key. A matching document number overrides the Match Score to 100%, removing namesake ambiguity entirely.
• Every suppression is auditable — the review states give compliance a defensible record of why each non-match was dismissed.
• All tuning is in the Console; the screening itself is $0.20 per check.

Why false positives are the problem worth solving

Across 1,300+ watchlists, a common name will match many records. The overwhelming majority are people who simply share a name with your customer — namesakes, not matches. If your engine routes all of them to an analyst, three things happen: onboarding slows while customers wait, analyst cost balloons, and — most dangerously — alert fatigue sets in and a real hit gets dismissed in a sea of noise.

The goal of tuning is not to find more matches. It's to make the engine confident enough about identity that it can dismiss the namesakes itself, leaving humans to adjudicate only the records that are plausibly the same person and carry real risk. Done well, this is the difference between a review queue of thousands and a review queue of dozens — with the same recall on genuine threats.

The four levers

Didit gives you four independent controls. The first three are thresholds and weights; the fourth is a hard identity signal.

1. Match-score weights

The Match Score is a weighted blend of identity signals, configurable in the Console:

Signal	Default weight	When to raise it
Name similarity	60%	Rarely — name alone is the weakest discriminator
Date of birth	25%	When you reliably collect DOB; raising this crushes namesake noise
Country	15%	For populations concentrated in specific jurisdictions

The weights must sum to 100. If most of your false positives are shared-name collisions and you collect date of birth, shifting weight from name to DOB is the single highest-leverage change you can make.

2. The match threshold

The match threshold (default 93) is the line between "ignore" and "review." A profile scoring below it is automatically set to False Positive and never reaches an analyst; at or above it, the profile becomes Unreviewed. Raise the threshold to suppress more aggressively; lower it to widen the net. This is your primary noise dial.

3. The risk thresholds

Even among real identity matches, not everything needs a human. The Risk Score's two thresholds — default approve 80 and review 100 — sort confirmed matches into Approved (below 80), In Review (80–100), and Declined (above 100). Tuning these means a confirmed but low-risk match (say, a minor regulatory-register entry) can auto-approve, reserving review time for genuine concern.

4. The Golden Key

The strongest lever is also the simplest. If you pass a document_number and it matches the watchlist record, the Match Score is overridden to 100% — there is no namesake ambiguity to suppress, because a document number is a definitive identity signal. Wherever you collect a document number, the Golden Key removes false positives for that subject entirely.

Technical details

Pass a document number to trigger the Golden Key; tune the rest in the Console.

curl -X POST https://verification.didit.me/v3/aml/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "first_name": "Maria",
    "last_name": "Gonzalez",
    "date_of_birth": "1984-03-12",
    "country": "ES",
    "document_number": "X1234567Z"
  }'

With tuned weights and thresholds, low-confidence records arrive pre-classified as False Positive, and only the rest reach review:

{
  "aml_status": "Approved",
  "risk_score": 22,
  "matches": [
    { "profile_id": "prf_aa01", "match_score": 41, "match_status": "False Positive", "categories": ["Adverse Media"] },
    { "profile_id": "prf_aa02", "match_score": 38, "match_status": "False Positive", "categories": ["PEP 4"] }
  ]
}

Auditability. Every suppressed record retains its match_status and score, so the audit trail shows precisely why each non-match was dismissed — "Match Score 41, below the 93 threshold." That's a defensible answer to a regulator, not a black box.

Price. $0.20 per check; all tuning is included, no premium tier for threshold control.

Use cases

• Fintech. Shift weight to date of birth and raise the match threshold to cut namesake noise on high-volume consumer onboarding.
• Crypto / Web3. Use the Golden Key on document-backed KYC so confirmed identities skip namesake review entirely.
• Lending. Keep the review threshold conservative for borrowers — accept a slightly larger queue where a missed PEP is costly.
• Marketplaces. Auto-approve low-risk confirmed matches so high-volume seller onboarding doesn't bottleneck on review staff.
• iGaming. Document the exact weights and thresholds run per regulator, since every suppression is auditable by score and state.

How to integrate with Didit

1. Baseline first. Run screening with defaults and measure your false-positive rate before changing anything.
2. Re-weight the Match Score toward the signals you collect reliably (usually date of birth), keeping the weights summing to 100.
3. Tune the match threshold to set how aggressively low-confidence records are auto-dismissed.
4. Tune the risk thresholds so low-risk confirmed matches auto-approve and only real concern queues.
5. Pass document numbers wherever you have them to fire the Golden Key.

Frequently asked questions

What's the single best way to cut false positives?

If you collect date of birth, shift Match Score weight toward it (away from name) and pass a document number where you have one to trigger the Golden Key. Both attack namesake collisions directly.

Can I tune the weights and thresholds myself?

Yes — match-score weights (summing to 100), the match threshold (default 93), and the risk thresholds (default approve 80 / review 100) are all configurable in the Console.

Won't aggressive tuning make me miss real hits?

Tuning targets identity confidence, not risk. The Golden Key and DOB-weighted matching dismiss namesakes — people who aren't your customer — so genuine matches still surface. You set the threshold to your own risk appetite.

What is the Golden Key?

A matching document number overrides the Match Score to 100%, because a document number is a definitive identity signal. It removes namesake ambiguity for that subject entirely.

Is threshold tuning extra?

No. All configuration is included in the $0.20-per-check price; there's no premium tier for control over your own thresholds.

Ready to get started?

Read the AML Screening overview in the docs, see the controls on the AML Screening product page, and check transparent per-check pricing on the pricing page. When you're ready, start free — 500 free KYC checks every month, with AML screening at $0.20 per check.