Compliance API¶

Access compliance-related endpoints for sanctions screening, PEP checks, and audit logs.

Sanctions Check¶

Screen an identity against global sanctions lists including OFAC, EU, and UN.

Endpoint¶

POST /api/v1/compliance/sanctions

Request Body¶

{
  "full_name": "John Doe",
  "date_of_birth": "1990-01-15",
  "country": "US"
}

Response¶

{
  "status": "clear",
  "checked_lists": [
    "OFAC SDN",
    "EU Consolidated",
    "UN Security Council"
  ],
  "matches": [],
  "checked_at": "2024-01-15T10:30:00Z"
}

Status Values¶

Status	Description
`clear`	No matches found
`potential_match`	Possible match, review required
`confirmed_match`	Confirmed sanctions hit

PEP Check¶

Check if an identity is a Politically Exposed Person.

Endpoint¶

POST /api/v1/compliance/pep

Request Body¶

{
  "full_name": "John Doe",
  "country": "US"
}

Response¶

{
  "is_pep": false,
  "pep_level": null,
  "positions": [],
  "relatives": [],
  "checked_at": "2024-01-15T10:30:00Z"
}

PEP Levels¶

Level	Description
`level_1`	Heads of state, cabinet members
`level_2`	Senior government officials
`level_3`	Regional/local officials
`relative`	Close family member of PEP
`associate`	Known business associate of PEP

Audit Log¶

Retrieve audit logs for compliance reporting.

Endpoint¶

GET /api/v1/compliance/audit-log

Query Parameters¶

Parameter	Type	Default	Description
`start_date`	string	30 days ago	Start date (ISO 8601)
`end_date`	string	now	End date (ISO 8601)
`action`	string	all	Filter by action type
`limit`	integer	100	Max records to return
`offset`	integer	0	Pagination offset

Response¶

{
  "logs": [
    {
      "id": "log_abc123",
      "timestamp": "2024-01-15T10:30:00Z",
      "action": "eligibility_check",
      "identity_hash": "sha256:abc...",
      "result": "found",
      "ip_address": "192.168.1.1",
      "user_agent": "CircuitKYC-Python/1.0"
    }
  ],
  "pagination": {
    "total": 1500,
    "limit": 100,
    "offset": 0,
    "has_more": true
  }
}

Action Types¶

Action	Description
`eligibility_check`	Check eligibility API call
`risk_assessment`	Risk assessment API call
`credential_issued`	Credential issuance
`credential_verified`	Credential verification
`data_ingested`	Data ingestion
`sanctions_check`	Sanctions screening
`pep_check`	PEP screening

Export Compliance Report¶

Generate a compliance report for regulatory requirements.

Endpoint¶

POST /api/v1/compliance/report

Request Body¶

{
  "start_date": "2024-01-01",
  "end_date": "2024-01-31",
  "format": "pdf",
  "include": [
    "summary",
    "audit_log",
    "sanctions_checks",
    "pep_checks"
  ]
}

Response¶

{
  "report_id": "rpt_abc123",
  "status": "generating",
  "estimated_completion": "2024-01-15T10:35:00Z"
}

Reports are generated asynchronously. You'll receive a webhook when complete, or poll the status:

GET /api/v1/compliance/report/rpt_abc123

Data Retention¶

Configure data retention policies for compliance.

Endpoint¶

GET /api/v1/compliance/retention

Response¶

{
  "policy": {
    "audit_logs": "7 years",
    "identity_data": "5 years after last activity",
    "credentials": "until revoked + 1 year"
  },
  "last_purge": "2024-01-01T00:00:00Z",
  "next_purge": "2024-02-01T00:00:00Z"
}

Credit Costs¶

Operation	Credits
Sanctions check	2
PEP check	2
Audit log query	0
Report generation	5

Regulatory Compliance¶

Circuit KYC helps you comply with:

AML - Anti-Money Laundering regulations
KYC - Know Your Customer requirements
GDPR - Data protection (EU)
CCPA - California Consumer Privacy Act
SOC 2 - Security and availability standards

For Enterprise compliance needs, contact us.