PEP and Sanctions Screening

The PEP (Politically Exposed Persons) and Sanctions Screening API allows you to screen individuals against global watchlists to identify potential compliance risks. This endpoint checks for matches against PEP databases and various sanctions lists.

Prerequisites

To use this service, you must contact Taktikal support to obtain a valid flowKey for your account. This flow key is required for all screening requests and ensures proper tracking and compliance.

Contact Support: hjalp@taktikal.is

Endpoint

POST /api/watchlist/person

Request Parameters

Parameter	Type	Required	Description
`countryCode`	string	Yes	Two-letter ISO country code (e.g., "US", "SE", "GB")
`firstName`	string	Yes	First name of the person to screen
`middleName`	string	No	Middle name (not available in all watchlist services)
`lastName`	string	Yes	Last name of the person to screen
`originalName`	string	No	Recommended: Full name in original script (Cyrillic, Arabic, Chinese, etc.) - provides better matching results
`dateOfBirth`	string	No	Date of birth in YYYY-MM-DD format
`gender`	string	No	Gender ("Male" or "Female")
`flowKey`	string	Yes	Unique flow identifier for tracking
`MatchRate`	number	No	Percentage threshold 1-100 indicating match confidence (default: 75)

Parameter Notes

OriginalName: Using the person's name in their native script (e.g., Cyrillic, Arabic, Chinese) significantly improves matching accuracy. If you cannot separate the name into First/Middle/Last components, use originalName instead.
MatchRate: A percentage from 1-100 where 1% is not close and 100% is very close. Lower values return more potential matches but may include false positives.

Example Request

curl --location 'https://onboarding.taktikal.is/api/watchlist/person' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic YOUR_BASE64_ENCODED_CREDENTIALS' \
  --data '{
    "countryCode": "RU",
    "firstName": "Vladimir",
    "lastName": "Putin",
    "dateOfBirth": "1952-10-07",
    "flowKey": "0xx0c8f4xxe3",
    "MatchRate": 75
  }'

Response Format

The API returns a JSON response containing screening results:

{
  "errors": [],
  "id": [
    {
      "id": "b56a2eb7-15df-41eb-9fa1-6aab837e16e5"
    }
  ],
  "date": [
    {
      "date": "2025-09-26T09:40:05.9120000Z"
    }
  ],
  "match": [
    {
      "category": "PEP/SIP",
      "categories": [
        "Politically Exposed Person (PEP)",
        "Special Interest Person (SIP) - Sanctions Lists"
      ],
      "match_rate": 100.0,
      "matchedFields": [
        "PrimaryName",
        "DOB",
        "Country"
      ],
      "gender": "Male",
      "deceased": false,
      "firstName": "Vladimir",
      "middleName": "Vladimirovich",
      "lastName": "Putin",
      "fullName": "Vladimir Vladimirovich Putin",
      "images": [
        "https://www.acurisriskintelligence.com/cdn/content/ari0202017/Qjtmeq5VJ.PNG"
      ],
      "dateOfBirth": "07 Oct 1952",
      "countries": [],
      "placeOfBirth": "Saint Petersburg, Russia",
      "primaryLocation": "Russia",
      "generalInfo": {
        "nationality": "Russian"
      },
      "furtherInformation": [
        "Listed as a sanctioned individual by the National Security and Defence Council of Ukraine",
        "Currently listed as a sanctioned individual by the EU",
        "Currently listed as a sanctioned individual by OFAC",
        "Currently listed as a sanctioned individual by HMT"
      ],
      "descriptions": [
        {
          "description1": "Politically Exposed Person (PEP)",
          "description2": "PEP Tier 1"
        },
        {
          "description1": "Special Interest Person (SIP)",
          "description2": "Sanctions Lists"
        }
      ],
      "roles": [
        {
          "title": "President | Presidency of the Russian Federation",
          "status": "Current",
          "country": "Russia"
        }
      ],
      "officialLists": [
        {
          "keyword": "Office of Foreign Assets Control (OFAC)",
          "description": "Office of Foreign Assets Control (OFAC)",
          "isCurrent": true
        },
        {
          "keyword": "European Union Council (EU)",
          "description": "European Union Council (EU)",
          "isCurrent": true
        }
      ]
    }
  ],
  "status": [
    {
      "status": "Finished"
    }
  ],
  "request": {
    "countryCode": "RU",
    "firstName": "Vladimir",
    "lastName": "Putin",
    "dateOfBirth": "1952-10-07",
    "matchRate": 75,
    "flowKey": "0xx0c8f4xxe3"
  },
  "flowkey": "0xx0c8f4xxe3"
}

Response Fields

Field	Type	Description
`errors`	array	Array of any errors encountered during processing
`id`	array	Unique identifier for the screening request
`date`	array	Timestamp when the screening was performed
`match`	array	Array of potential matches found
`match[].category`	string	Primary match category (e.g., "PEP/SIP")
`match[].categories`	array	Detailed categories of the match
`match[].match_rate`	number	Confidence percentage of the match (0-100)
`match[].matchedFields`	array	Fields that contributed to the match
`match[].gender`	string	Gender of the matched person
`match[].deceased`	boolean	Whether the person is deceased
`match[].firstName`	string	First name from watchlist
`match[].middleName`	string	Middle name from watchlist
`match[].lastName`	string	Last name from watchlist
`match[].fullName`	string	Complete name from watchlist
`match[].images`	array	URLs to profile images if available
`match[].dateOfBirth`	string	Date of birth from watchlist
`match[].placeOfBirth`	string	Place of birth information
`match[].primaryLocation`	string	Primary location/country
`match[].generalInfo`	object	General information including nationality
`match[].furtherInformation`	array	Additional context and sanctions details
`match[].descriptions`	array	Category descriptions and tiers
`match[].roles`	array	Current and former positions/roles
`match[].officialLists`	array	Sanctions lists the person appears on
`status`	array	Processing status information
`request`	object	Echo of the original request parameters
`flowkey`	string	Echo of the provided flow key

Match Categories

The API screens against multiple categories of risk. The category field in the response indicates the primary match type using the following classifications:

Category Types

Category	Full Name	Description
`PEP`	Politically Exposed Person	Current and former government officials, senior political party members, high-ranking military officers, heads of state-owned enterprises
`Sanction`	Sanctioned Person	Individuals under international sanctions (UN, EU, OFAC, HMT, etc.)
`RCA`	Relative or Close Associate	Family members, close relatives, or known associates of PEPs
`POI`	Person of Interest	Individuals flagged for regulatory or compliance monitoring
`SIP`	Special Interest Person	Persons requiring enhanced due diligence for various compliance reasons
`TER`	Terrorism Related	Individuals associated with terrorism or terrorist organizations
`SIE`	Special Interest Entity	Companies or organizations requiring enhanced monitoring
`SOE`	State Owned Enterprise	Government-controlled companies or entities

Combined Categories

The response may contain combined categories (e.g., "PEP/SIP") when a person matches multiple risk types. The categories array provides detailed descriptions of all applicable classifications.

Risk Assessment by Category

High Risk:

Sanction - Requires immediate attention and potential transaction blocking
TER - Terrorism-related matches require strict compliance measures

Medium-High Risk:

PEP - Enhanced due diligence required
SIE/SOE - Additional scrutiny for entity relationships

Medium Risk:

RCA - Associated persons requiring careful evaluation
SIP - Special monitoring and documentation needed

Monitoring Required:

POI - Ongoing surveillance and periodic review recommended

Match Rate Threshold

The MatchRate parameter controls the sensitivity of the screening:

90-100%: Exact or near-exact matches only
80-89%: High confidence matches with minor variations
70-79%: Medium confidence matches allowing for more variation
60-69%: Lower confidence matches, may include false positives
Below 60%: Not recommended, high risk of false positives

Error Handling

Common HTTP Status Codes

Code	Description	Resolution
200	Success	Request processed successfully
400	Bad Request	Check request parameters and format
401	Unauthorized	Verify API credentials
429	Too Many Requests	Implement rate limiting
500	Internal Server Error	Contact support

Error Response Format

{
  "error": "Invalid date format",
  "message": "dateOfBirth must be in YYYY-MM-DD format",
  "code": "INVALID_DATE_FORMAT"
}

Best Practices

Use appropriate match thresholds: Start with 75% for balanced accuracy
Store flow keys: Use unique flow keys for audit trails
Handle false positives: Implement manual review processes for matches
Regular updates: Watchlists are updated daily
Data privacy: Follow local regulations for storing screening results

Compliance Considerations

This API is designed to support AML/KYC compliance requirements:

Results should be reviewed by compliance officers
Document screening decisions and rationales
Maintain audit trails of all screening activities
Consider local privacy and data protection laws
Regular policy reviews and threshold adjustments

Implementation Examples

JavaScript
Python

const response = await fetch('https://onboarding.taktikal.is/api/watchlist/person', {
  method: 'POST',
  headers: {
    'Authorization': 'Basic ' + btoa('companyKey:apiKey'),
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    countryCode: 'RU',
    firstName: 'Vladimir',
    lastName: 'Putin',
    dateOfBirth: '1952-10-07',
    flowKey: '0xx0c8f4xxe3',
    MatchRate: 75
  })
});

const result = await response.json();

if (result.match && result.match.length > 0) {
  console.log(`Found ${result.match.length} match(es)`);
  result.match.forEach(match => {
    console.log(`Match: ${match.fullName} (${match.match_rate}% confidence)`);
    console.log(`Categories: ${match.categories.join(', ')}`);
  });
} else {
  console.log('No matches found');
}

import requests
import base64

# Encode credentials
credentials = base64.b64encode(b'companyKey:apiKey').decode('utf-8')

response = requests.post(
    'https://onboarding.taktikal.is/api/watchlist/person',
    headers={
        'Authorization': f'Basic {credentials}',
        'Content-Type': 'application/json'
    },
    json={
        'countryCode': 'RU',
        'firstName': 'Vladimir',
        'lastName': 'Putin',
        'dateOfBirth': '1952-10-07',
        'flowKey': '0xx0c8f4xxe3',
        'MatchRate': 75
    }
)

result = response.json()

if 'match' in result and len(result['match']) > 0:
    print(f"Found {len(result['match'])} match(es)")
    for match in result['match']:
        print(f"Match: {match['fullName']} ({match['match_rate']}% confidence)")
        print(f"Categories: {', '.join(match['categories'])}")
else:
    print("No matches found")

Support

For technical support or compliance guidance, contact:

Technical Support: hjalp@taktikal.is
Compliance Queries: hjalp@taktikal.is

Prerequisites​

Endpoint​

Request Parameters​

Parameter Notes​

Example Request​

Response Format​

Response Fields​

Match Categories​

Category Types​

Combined Categories​

Risk Assessment by Category​

Match Rate Threshold​

Error Handling​

Common HTTP Status Codes​

Error Response Format​

Best Practices​

Compliance Considerations​

Implementation Examples​

Support​