Summary: We have updated the Kyboa risk scoring model to make risk ratings more precise, more transparent, and less likely to over-escalate neutral or low-severity matches.
This is a technical update for existing users. It explains the current risk calculation thresholds and why a screening run today may receive a different rating from a similar screening run before this update.
The goal is to make higher risk classifications more meaningful. A strong name similarity result in a neutral reference dataset should not be treated the same way as a genuine sanctions or hard-watchlist match. The updated model is designed to reduce review noise so users can prioritise the findings that most need attention.
What changed?
The previous model was more score-first. A high match score alone could push a screening into a higher risk band, even when the underlying source was informational, KYB-related, reference-based, ownership-related, or otherwise not a hard watchlist.
The updated model is more dataset-aware and topic-family-aware. It gives more weight to the type of source and the nature of the match, not just the numeric name match score.
In practical terms:
- Hard watchlist and sanctions-family matches can still drive the highest risk bands.
- PEP-only findings are handled separately and are capped at Medium risk.
- Neutral or informational sources no longer escalate risk on raw name similarity alone.
- Adverse media is now based on active review-aware news results.
- Dismissed review decisions are excluded from later active risk calculation.
- Clearly deceased candidates are excluded from active risk scoring while remaining visible for transparency.
Current risk scoring thresholds
Hard watchlist and sanctions-family matches
Only active hard watchlist or sanctions-family candidates can drive the upper risk bands through match score.
| Condition | Risk rating |
|---|---|
| Active hard-family match with score 1.00 | Very High |
| Active hard-family match with score 0.86 to 0.99 | High |
| Active hard-family match with score 0.61 to 0.85 | Medium |
| Active hard-family match below 0.61 | Does not rise above Low unless another explicit signal applies |
A hard-family match means the result is linked to a genuine sanctions, watchlist, enforcement, wanted, debarment, export-control, or similar high-severity source family. A broad aggregate source or neutral dataset is not enough on its own.
PEP-only findings
PEP-only findings are now de-escalated relative to sanctions and hard watchlists.
| Condition | Risk rating |
|---|---|
| PEP-only match with strong score from 0.85 to 1.00 | Medium |
| Weaker PEP-only finding | Below Medium unless another explicit signal applies |
This means a PEP finding still matters, but it is not treated the same as a sanctions or hard-watchlist match. PEP status is a review factor, not automatically a high-risk determination.
Informational, KYB, reference, ownership and banking datasets
Informational and reference-style datasets no longer escalate risk on name similarity alone.
For example, a strong name match in a neutral company, ownership, reference, banking, or KYB-related source is no longer enough by itself to produce Medium, High, or Very High risk.
These results may still be useful for context and review, but they should not inflate the risk rating unless they are connected to a genuine hard watchlist, sanctions-family, PEP or adverse-media signal.
Adverse media and news results
Adverse media is now a live risk input again, but only through active review-aware news results.
| Active adverse-media results | Risk effect |
|---|---|
| 0 active results | No adverse-media risk escalation |
| 1 to 9 active results | Medium adverse-media risk |
| 10 or more active results | High adverse-media risk |
Adverse-media results are discovery results for review. They do not prove wrongdoing, and they should be assessed manually for relevance, identity ambiguity, source quality and context.
Review decisions now affect active risk
For entity-linked screenings, review decisions are now part of the active risk calculation.
If a sanctions, watchlist, media or web result is dismissed, Kyboa excludes that result from later active risk calculation, active report sections and monitoring comparison. Confirmed and undecided results remain active.
This is particularly important for ongoing monitoring. A recurring false positive should not continue to trigger the same level of review effort after it has been dismissed against the maintained entity record.
Important review boundaries
- Review decisions apply to entity-linked screenings.
- Quick one-off screenings remain separate and do not use stored entity review decisions.
- Dismissed results are not deleted; they remain available for transparency and audit context.
- Existing completed screenings and reports are not rewritten when later review decisions change.
Deceased candidates
Clearly deceased watchlist candidates are now excluded from active risk scoring and monitoring new-match logic.
This exclusion only applies where structured death-date information is present. Kyboa does not infer deceased status from unstructured text, captions, snippets or descriptions.
Deceased candidates remain visible for transparency, but they no longer create unnecessary operational noise. If a screening only contains deceased watchlist evidence, it remains Low risk and records an explicit rationale explaining that deceased candidates were excluded.
What changed compared with the previous model?
Under the previous rules, higher scores and broad topics could escalate risk more aggressively. For example, a top match score of 0.85 or above could produce High risk, a score of 0.60 or above could produce Medium risk, and any PEP topic could produce Medium risk.
The updated model is stricter about what is allowed to count toward higher risk bands. It separates hard watchlist and sanctions-family evidence from PEP, adverse media, and neutral reference material.
This is why a repeated screening may now receive a lower rating than an earlier screening against the same or similar subject.
How to interpret differences between older and newer screenings
Screening reports remain point-in-time records. An older report reflects the scoring model and data available at the time it was generated.
When comparing older screenings with new screenings, users should consider:
- whether the new model has downgraded neutral or informational matches
- whether PEP-only findings are now capped differently
- whether adverse-media results are active, dismissed, or absent
- whether review decisions have excluded previously dismissed findings
- whether a candidate is now identified as deceased through structured metadata
The risk rating is intended to support triage and review prioritisation. It does not replace manual review, identity verification, or a final compliance decision.
Confidence scoring
This update is mainly about risk rating inputs, thresholds, exclusions and reason codes. It is not a broad rewrite of the confidence model.
Confidence remains a separate indicator. It reflects how complete and reliable the screening inputs are, rather than the severity of the risk itself.
Recommended user action
No action is required to use the updated model. New screenings and monitoring runs use the current scoring logic automatically.
For maintained entities, users should continue to review active findings, dismiss known false positives where appropriate, and confirm findings that remain relevant to the entity. This will help future monitoring runs focus on genuinely new or unresolved issues.
