Pre-Arrival Risk Screening: You Cannot Find the Threat You Did Not Screen For

Border security agencies face a version of the coverage problem that has no analogue in most other government functions. A major international airport processes tens of millions of travellers annually. A busy seaport receives thousands of vessels. A land border crossing handles continuous vehicle flows every hour of every day. The number of people and conveyances passing through these points bears no relationship to the number of border officers available to examine them. The fundamental question is not whether to screen selectively — that is operationally unavoidable — but whether the selection is systematic, consistent, and evidence-based, or whether it is determined by what happens to be visible in the queue.

Manual pre-arrival screening processes operate on a fraction of the total traveller population. They focus on flagged records, known watchlist matches, and the structured intelligence that surfaces through formal reporting channels. What they cannot do, structurally, is assess the full population of inbound travellers against the full available data estate before those travellers arrive at the border. The traveller who should be in secondary examination but was not flagged in advance arrives at primary control with no information attached to their name. The officer at primary has seconds per traveller. The combination produces a coverage gap that is not a technology problem and cannot be solved by adding officers. It requires a different approach to the pre-arrival process itself.

The coverage problem and why it matters

The threat detection rate at a border is a product of two variables: the quality of the risk assessment applied to each traveller, and the proportion of travellers to whom any risk assessment is applied. A highly accurate model applied to 30 percent of the traveller population has a theoretical maximum detection rate of 30 percent, regardless of its precision within that fraction. The travellers not screened are not low-risk by determination. They are unknown risk by default.

The gap between screened and unscreened is not uniformly distributed. Known threats — individuals on watchlists, subjects of formal intelligence referrals, travellers with prior adverse immigration history — are more likely to be caught by existing screening because they have prior signals attached to their records. The travellers most likely to pass through undetected are those who have not previously generated a flag: first-time border crossers, individuals who have restructured their travel patterns to avoid prior indicators, and members of networks whose individual members do not have individual flags but whose association patterns are visible in aggregate. These are precisely the profiles that manual selective screening misses and that full-population automated scoring can address.

The false positive cost

The investment case for pre-arrival risk scoring is often presented as a detection improvement argument. It is equally, and in operational terms perhaps more immediately, a false positive reduction argument. Every legitimate traveller incorrectly referred to secondary examination consumes officer time, creates queue congestion at secondary, and generates the public friction that damages confidence in the border system. At a major hub, secondary examination capacity is a finite and constrained resource. Every referral that should not have been made is a referral that prevented a genuine risk from receiving timely attention.

A model that reduces the false positive referral rate by 10 percent at a major hub releases examination capacity that can be redirected to the population where genuine risk concentrates. The net effect is both more legitimate travellers cleared without unnecessary examination and more genuine threats receiving the officer attention they require. The two improvements are not in tension. They are the same improvement expressed at different ends of the risk distribution.

What effective pre-arrival AI screening looks like

The pre-arrival risk assessment draws on data that is either already available to border agencies or available through existing data sharing arrangements. Advance Passenger Information provides travel document and booking details before departure. Passenger Name Record data provides booking behaviour signals — route history, payment method, booking timing, ancillary service requests — that are individually innocuous but collectively characterise the travel pattern. Prior border encounter history, visa application records, and watchlist status all contribute to a risk profile that can be scored before the traveller’s flight departs.

The model should produce a tiered output rather than a binary flag. A small proportion of travellers — those with the strongest combination of adverse signals — are referred for pre-arrival action or flagged for immediate secondary examination upon arrival. A larger proportion receive an elevated attention flag that equips the primary officer with the context needed to make a more informed initial assessment. The majority are cleared with no flag, which means primary processing capacity is concentrated on the smaller populations where it adds genuine value.

The explainability of the scoring output is operationally critical. A border officer who receives a referral flag needs to know why the flag was generated — which data elements contributed to the score — to conduct a meaningful examination. A black-box score without supporting rationale produces referrals that officers cannot act on effectively and that cannot be defended in any subsequent legal or oversight process. The model architecture must produce an auditable decision record that supports both operational use and accountability review.

The technology dimension

Pre-arrival risk scoring processes data across multiple sources that, at most large border agencies, include core border management systems running on IBM Z. Passenger identity records, prior encounter history, watchlist data, and visa records are held in operational databases on the same platform that processes the arrival. Deploying AI-assisted risk scoring on IBM Z via IBM Machine Learning for z/OS enables full-population scoring within the pre-arrival processing window, using the full data estate without extraction, at the throughput required by major hub volumes. The scored output is available to officers at primary control before the traveller’s arrival.

What success looks like

The metrics are pre-arrival hit rate — the proportion of genuine risks identified through the automated scoring rather than through ad hoc officer detection — false positive referral rate, secondary examination capacity utilisation, and the proportion of the inbound traveller population covered by automated pre-arrival scoring. The last of these is the coverage metric that most pre-arrival screening programmes do not currently report but should. Coverage rate is the upstream variable that bounds every other detection metric. A programme that achieves a high hit rate on a low coverage population has not solved the threat detection problem. A programme that achieves full coverage at a proportionate false positive rate has changed the architecture of border security in a way that selective screening cannot replicate.