PEP and Sanctions Screening
The PEP (Politically Exposed Persons) and Sanctions Screening API allows you to screen individuals against global watchlists to identify potential compliance risks. This endpoint checks for matches against PEP databases and various sanctions lists.
Prerequisites
To use this service, you must contact Taktikal support to obtain a valid flowKey
for your account. This flow key is required for all screening requests and ensures proper tracking and compliance.
Contact Support: hjalp@taktikal.is
Endpoint
POST /api/watchlist/person
Request Parameters
Parameter | Type | Required | Description |
---|---|---|---|
countryCode | string | Yes | Two-letter ISO country code (e.g., "US", "SE", "GB") |
firstName | string | Yes | First name of the person to screen |
middleName | string | No | Middle name (not available in all watchlist services) |
lastName | string | Yes | Last name of the person to screen |
originalName | string | No | Recommended: Full name in original script (Cyrillic, Arabic, Chinese, etc.) - provides better matching results |
dateOfBirth | string | No | Date of birth in YYYY-MM-DD format |
gender | string | No | Gender ("Male" or "Female") |
flowKey | string | Yes | Unique flow identifier for tracking |
MatchRate | number | No | Percentage threshold 1-100 indicating match confidence (default: 75) |
Parameter Notes
- OriginalName: Using the person's name in their native script (e.g., Cyrillic, Arabic, Chinese) significantly improves matching accuracy. If you cannot separate the name into First/Middle/Last components, use
originalName
instead. - MatchRate: A percentage from 1-100 where 1% is not close and 100% is very close. Lower values return more potential matches but may include false positives.
Example Request
curl --location 'https://onboarding.taktikal.is/api/watchlist/person' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YOUR_BASE64_ENCODED_CREDENTIALS' \
--data '{
"countryCode": "RU",
"firstName": "Vladimir",
"lastName": "Putin",
"dateOfBirth": "1952-10-07",
"flowKey": "0xx0c8f4xxe3",
"MatchRate": 75
}'
Response Format
The API returns a JSON response containing screening results:
{
"errors": [],
"id": [
{
"id": "b56a2eb7-15df-41eb-9fa1-6aab837e16e5"
}
],
"date": [
{
"date": "2025-09-26T09:40:05.9120000Z"
}
],
"match": [
{
"category": "PEP/SIP",
"categories": [
"Politically Exposed Person (PEP)",
"Special Interest Person (SIP) - Sanctions Lists"
],
"match_rate": 100.0,
"matchedFields": [
"PrimaryName",
"DOB",
"Country"
],
"gender": "Male",
"deceased": false,
"firstName": "Vladimir",
"middleName": "Vladimirovich",
"lastName": "Putin",
"fullName": "Vladimir Vladimirovich Putin",
"images": [
"https://www.acurisriskintelligence.com/cdn/content/ari0202017/Qjtmeq5VJ.PNG"
],
"dateOfBirth": "07 Oct 1952",
"countries": [],
"placeOfBirth": "Saint Petersburg, Russia",
"primaryLocation": "Russia",
"generalInfo": {
"nationality": "Russian"
},
"furtherInformation": [
"Listed as a sanctioned individual by the National Security and Defence Council of Ukraine",
"Currently listed as a sanctioned individual by the EU",
"Currently listed as a sanctioned individual by OFAC",
"Currently listed as a sanctioned individual by HMT"
],
"descriptions": [
{
"description1": "Politically Exposed Person (PEP)",
"description2": "PEP Tier 1"
},
{
"description1": "Special Interest Person (SIP)",
"description2": "Sanctions Lists"
}
],
"roles": [
{
"title": "President | Presidency of the Russian Federation",
"status": "Current",
"country": "Russia"
}
],
"officialLists": [
{
"keyword": "Office of Foreign Assets Control (OFAC)",
"description": "Office of Foreign Assets Control (OFAC)",
"isCurrent": true
},
{
"keyword": "European Union Council (EU)",
"description": "European Union Council (EU)",
"isCurrent": true
}
]
}
],
"status": [
{
"status": "Finished"
}
],
"request": {
"countryCode": "RU",
"firstName": "Vladimir",
"lastName": "Putin",
"dateOfBirth": "1952-10-07",
"matchRate": 75,
"flowKey": "0xx0c8f4xxe3"
},
"flowkey": "0xx0c8f4xxe3"
}
Response Fields
Field | Type | Description |
---|---|---|
errors | array | Array of any errors encountered during processing |
id | array | Unique identifier for the screening request |
date | array | Timestamp when the screening was performed |
match | array | Array of potential matches found |
match[].category | string | Primary match category (e.g., "PEP/SIP") |
match[].categories | array | Detailed categories of the match |
match[].match_rate | number | Confidence percentage of the match (0-100) |
match[].matchedFields | array | Fields that contributed to the match |
match[].gender | string | Gender of the matched person |
match[].deceased | boolean | Whether the person is deceased |
match[].firstName | string | First name from watchlist |
match[].middleName | string | Middle name from watchlist |
match[].lastName | string | Last name from watchlist |
match[].fullName | string | Complete name from watchlist |
match[].images | array | URLs to profile images if available |
match[].dateOfBirth | string | Date of birth from watchlist |
match[].placeOfBirth | string | Place of birth information |
match[].primaryLocation | string | Primary location/country |
match[].generalInfo | object | General information including nationality |
match[].furtherInformation | array | Additional context and sanctions details |
match[].descriptions | array | Category descriptions and tiers |
match[].roles | array | Current and former positions/roles |
match[].officialLists | array | Sanctions lists the person appears on |
status | array | Processing status information |
request | object | Echo of the original request parameters |
flowkey | string | Echo of the provided flow key |
Match Categories
The API screens against multiple categories of risk. The category
field in the response indicates the primary match type using the following classifications:
Category Types
Category | Full Name | Description |
---|---|---|
PEP | Politically Exposed Person | Current and former government officials, senior political party members, high-ranking military officers, heads of state-owned enterprises |
Sanction | Sanctioned Person | Individuals under international sanctions (UN, EU, OFAC, HMT, etc.) |
RCA | Relative or Close Associate | Family members, close relatives, or known associates of PEPs |
POI | Person of Interest | Individuals flagged for regulatory or compliance monitoring |
SIP | Special Interest Person | Persons requiring enhanced due diligence for various compliance reasons |
TER | Terrorism Related | Individuals associated with terrorism or terrorist organizations |
SIE | Special Interest Entity | Companies or organizations requiring enhanced monitoring |
SOE | State Owned Enterprise | Government-controlled companies or entities |
Combined Categories
The response may contain combined categories (e.g., "PEP/SIP") when a person matches multiple risk types. The categories
array provides detailed descriptions of all applicable classifications.
Risk Assessment by Category
High Risk:
Sanction
- Requires immediate attention and potential transaction blockingTER
- Terrorism-related matches require strict compliance measures
Medium-High Risk:
PEP
- Enhanced due diligence requiredSIE
/SOE
- Additional scrutiny for entity relationships
Medium Risk:
RCA
- Associated persons requiring careful evaluationSIP
- Special monitoring and documentation needed
Monitoring Required:
POI
- Ongoing surveillance and periodic review recommended
Match Rate Threshold
The MatchRate
parameter controls the sensitivity of the screening:
- 90-100%: Exact or near-exact matches only
- 80-89%: High confidence matches with minor variations
- 70-79%: Medium confidence matches allowing for more variation
- 60-69%: Lower confidence matches, may include false positives
- Below 60%: Not recommended, high risk of false positives
Error Handling
Common HTTP Status Codes
Code | Description | Resolution |
---|---|---|
200 | Success | Request processed successfully |
400 | Bad Request | Check request parameters and format |
401 | Unauthorized | Verify API credentials |
429 | Too Many Requests | Implement rate limiting |
500 | Internal Server Error | Contact support |
Error Response Format
{
"error": "Invalid date format",
"message": "dateOfBirth must be in YYYY-MM-DD format",
"code": "INVALID_DATE_FORMAT"
}
Best Practices
- Use appropriate match thresholds: Start with 75% for balanced accuracy
- Store flow keys: Use unique flow keys for audit trails
- Handle false positives: Implement manual review processes for matches
- Regular updates: Watchlists are updated daily
- Data privacy: Follow local regulations for storing screening results
Compliance Considerations
This API is designed to support AML/KYC compliance requirements:
- Results should be reviewed by compliance officers
- Document screening decisions and rationales
- Maintain audit trails of all screening activities
- Consider local privacy and data protection laws
- Regular policy reviews and threshold adjustments
Implementation Examples
- JavaScript
- Python
const response = await fetch('https://onboarding.taktikal.is/api/watchlist/person', {
method: 'POST',
headers: {
'Authorization': 'Basic ' + btoa('companyKey:apiKey'),
'Content-Type': 'application/json'
},
body: JSON.stringify({
countryCode: 'RU',
firstName: 'Vladimir',
lastName: 'Putin',
dateOfBirth: '1952-10-07',
flowKey: '0xx0c8f4xxe3',
MatchRate: 75
})
});
const result = await response.json();
if (result.match && result.match.length > 0) {
console.log(`Found ${result.match.length} match(es)`);
result.match.forEach(match => {
console.log(`Match: ${match.fullName} (${match.match_rate}% confidence)`);
console.log(`Categories: ${match.categories.join(', ')}`);
});
} else {
console.log('No matches found');
}
import requests
import base64
# Encode credentials
credentials = base64.b64encode(b'companyKey:apiKey').decode('utf-8')
response = requests.post(
'https://onboarding.taktikal.is/api/watchlist/person',
headers={
'Authorization': f'Basic {credentials}',
'Content-Type': 'application/json'
},
json={
'countryCode': 'RU',
'firstName': 'Vladimir',
'lastName': 'Putin',
'dateOfBirth': '1952-10-07',
'flowKey': '0xx0c8f4xxe3',
'MatchRate': 75
}
)
result = response.json()
if 'match' in result and len(result['match']) > 0:
print(f"Found {len(result['match'])} match(es)")
for match in result['match']:
print(f"Match: {match['fullName']} ({match['match_rate']}% confidence)")
print(f"Categories: {', '.join(match['categories'])}")
else:
print("No matches found")
Support
For technical support or compliance guidance, contact:
- Technical Support: hjalp@taktikal.is
- Compliance Queries: hjalp@taktikal.is