Knogin
[Investigation]

Investigation Entity Linking

Sanctions evasion often works through name variation.

Module metadata

Sanctions evasion often works through name variation.

Back to All Modules

Source reference

content/modules/investigation-entity-linking.md

Last Updated

Feb 5, 2026

Category

Investigation

Content checksum

a52e8524dc0b425d

Tags

investigationaireal-timecompliancegeospatial

Overview#

Sanctions evasion often works through name variation. A subject listed as "Mohammed Al-Rashid" in one system appears as "M. Alrashid" in another and "Mohamed Al Rasheed" in a third. Without automated entity resolution, those records stay separate, and the connection to a sanctioned network stays hidden. The Entity Linking module closes that gap, resolving aliases, deduplicating fragmented profiles, and mapping relationships across all cases in the platform.

Designed for compliance teams, law enforcement agencies, and financial intelligence units, the module applies entity resolution algorithms to build networks of related individuals, organizations, wallets, and transactions. The result is a single, authoritative view of each subject, no matter how many variations of their identity appear across the data.

Diagram

graph LR
    A[Raw Entity Records] --> B[Entity Resolution Engine]
    B --> C[Deduplication]
    B --> D[Alias Matching]
    B --> E[Name Normalization]
    C --> F[Unified Entity Profile]
    D --> F
    E --> F
    F --> G[Relationship Mapper]
    G --> H[Direct Links]
    G --> I[Indirect Links]
    G --> J[Cross-Investigation Flags]
    H --> K[Investigation Graph]
    I --> K
    J --> K

Key Features#

  • Automated Relationship Discovery: AI detects indirect relationships across multiple degrees of separation, identifying connections that traditional manual methods frequently miss.
  • Entity Resolution and Deduplication: Advanced algorithms resolve entity aliases, misspellings, and name variations with high accuracy, consolidating fragmented intelligence into unified entity profiles.
  • Cross-Investigation Tracking: Automatically flags when subjects from one case appear in another investigation, enabling identification of organized networks and repeat offenders.
  • Real-Time Relationship Mapping: Processes entity graphs with tens of thousands of nodes in seconds, supporting real-time relationship discovery as new entities enter investigations.
  • Configurable Link Types: Supports financial, organizational, personal, and transactional relationship categories with confidence scoring and temporal modeling.
  • Evidence-Based Linking: Each discovered relationship is supported by specific evidence references, enabling investigators to validate and document connections for compliance and legal purposes.
  • Network Centrality Analysis: Identifies key players, bridge entities, and hub nodes within criminal networks through centrality metrics and influence scoring.
  • Bulk Entity Processing: Handles large-scale entity linking operations for portfolio-wide screening and periodic review cycles.
  • Link Strength Quantification: Multi-factor scoring considers entity overlap, temporal proximity, transaction patterns, and behavioral similarity to quantify relationship confidence.

Use Cases#

  • Criminal Network Discovery: Automated entity linking reveals organized criminal networks by connecting individuals, shell companies, and financial accounts across multiple investigations.
  • Sanctions Evasion Detection: Cross-case entity linking identifies sanctioned individuals operating through aliases, nominees, or intermediary entities to circumvent sanctions programs.
  • Beneficial Ownership Mapping: Entity linking traces ownership chains through multiple layers of corporate structures to identify the ultimate beneficial owners of suspicious assets.
  • Fraud Ring Identification: Pattern-based entity linking detects coordinated fraud activity by identifying shared identifiers, addresses, devices, and behavioral patterns across cases.
  • KYC Remediation: Entity resolution consolidates fragmented customer records to support know-your-customer remediation programs and ongoing due diligence.
  • Intelligence Sharing: Entity linking across organizational boundaries enables multi-agency cooperation by identifying shared subjects of interest.

Integration#

The Entity Linking module integrates with the investigation platform's case management, profile management, and graph visualization systems. Discovered relationships automatically populate investigation graphs, update entity profiles, and trigger alerts when high-risk connections are identified. The module connects to external data sources for entity enrichment and supports both real-time and batch processing modes.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14