Skip to main content

Compliance Status

The Compliance Status API lets you check whether an individual or a business is compliant according to the risk monitoring configured for your company in Taktikal. It surfaces PEP hits, outstanding requirements (such as AML or MiFID flows that have not been completed), and an overall is_compliant flag that you can use to gate onboarding or transaction flows.

Two endpoints are available, one for individuals and one for businesses.

Endpoints

GET /api/management/compliances/individuals/status
GET /api/management/compliances/businesses/status

Individual Compliance Status

Returns the compliance status of a single person, identified by their SSN or email + phone. The response reflects the person's standing against your company's compliance configuration — PEP/sanctions screening, AML/MiFID requirements, and any other risk monitoring you have enabled.

Request

GET /api/management/compliances/individuals/status

Query Parameters

ParameterTypeRequiredDescription
SsnstringNoThe individual's SSN (kennitala)
EmailstringNoEmail address of the individual.
PhonestringNoPhone number of the individual.

Example Request

curl --location 'https://onboarding.taktikal.is/api/management/compliances/individuals/status?email=jon@example.com&phone=5551234' \
--header 'Authorization: Basic YOUR_BASE64_ENCODED_CREDENTIALS'

Response

{
"pep_found": false,
"status": "compliant",
"status_messages": [],
"requirements": [],
"is_compliant": true
}

Response Fields

FieldTypeDescription
pep_foundbooleantrue if the person matched a PEP or sanctions list
statusstringOverall status. "compliant" means the person meets all requirements; any other value indicates an issue (see status_messages)
status_messagesarray of stringHuman-readable reasons when the person is not compliant (see values below)
requirementsarrayCompliance flows the person still needs to complete. Present when status_messages contains "does not meet all requirements" or "missed due dates"
requirements[].compliance_typestringType of requirement: "PEP", "AML", or "MIFID"
requirements[].answered_datestring (ISO date) | nullWhen the requirement was last answered
requirements[].next_datestring (ISO date) | nullWhen the requirement is next due
requirements[].flow_keystringKey of the Taktikal flow that fulfills this requirement
is_compliantbooleanShortcut for status === "compliant"

Possible status_messages Values

MessageMeaning
pep foundThe individual matched a PEP list
has not been risk evaluatedYour company has not completed a risk evaluation for this person yet
missed due datesOne or more recurring requirements are overdue
does not meet all requirementsThe person has open requirements that must be completed — see the requirements array for the relevant flows

HTTP Status Codes

CodeDescription
200Status retrieved successfully
401Missing or invalid credentials
404The individual was not found in your company's compliance records

A 404 means the person has never been registered in compliance for your company. This is expected for first-time users and typically means you need to route them through your onboarding requirement flows before the compliance check can succeed.


Business Compliance Status

Returns the compliance status of a legal entity (business), identified by its registration SSN (kennitala). The response shape is nearly identical to the individual endpoint, minus the pep_found flag.

Request

GET /api/management/compliances/businesses/status

Query Parameters

ParameterTypeRequiredDescription
SsnstringNoThe business's SSN (kennitala)
NamestringNoName of the business.

Example Request

curl --location 'https://onboarding.taktikal.is/api/management/compliances/businesses/status?name=Acme%20ehf.' \
--header 'Authorization: Basic YOUR_BASE64_ENCODED_CREDENTIALS'

Response

{
"status": "compliant",
"status_messages": [],
"requirements": [],
"is_compliant": true
}

Response Fields

FieldTypeDescription
statusstringOverall status. "compliant" means the business meets all requirements
status_messagesarray of stringReasons why the business is not compliant, if any
is_compliantbooleanShortcut for status === "compliant"

HTTP Status Codes

CodeDescription
200Status retrieved successfully
401Missing or invalid credentials
404The business was not found in your company's compliance records