Socure Watchlist Screening

Socure offers the module Global Watchlist for identity verification purposes.

Global Watchlist leverages a team of compliance and risk experts, engineers, data scientists, and sophisticated analytic techniques with continuous improvement feedback loops to verify the involvement of entities considered to pose a high risk of money laundering, terrorism, corruption, drug trafficking or other criminal activity in account opening or transactional flows.

Requirements

In order to use watchlist, you must:

You can pick the watchlist modules when running verification workflows or running verification for an entity on our dashboard:

16001600

There are three tiers of Watchlist modules:

Module

Tier

Description

watchliststandard

1

Critical core set of 32 Sanctions, and Enforcement sources including but not limited to OFAC SDN List, FinCen 311, EU Consolidated Sanctions, HM Treasury Office of Financial Sanctions, System for Award Management and OIG Exclusions.

watchlistplus

2

Most comprehensive global offering of more than 1100 Sanctions, Enforcement, and all four levels of PEP sources as defined by FATF.

watchlistpremier

3

Includes all lists in the Plus tier, and adds more than 4500 trusted Adverse Media sources.

Unit21 API

Once you have decided on a watchlist tier, you can use the Create Entity or Update Entity Unit21 API Endpoints to run Watchlist Workflows.

The user entity information below is required for watchlist:

Socure Property

Unit21 Fields

CSV Field

Required

firstName

user_data.first_name

first_name

YES

surName

user_data.last_name

last_name

YES

nationalId

user_data.ssn

ssn

dob

user_data.date_of_birth

date_of_birth

RECOMMENDED

ipAddress

digital_data.ip_addresses

ip_address

email

communication_data.email_addresses

email

mobileNumber

communication_data.phone_numbers

phone_number

country

location_data.country

country

state

location_data.state

state

city

location_data.city

city

zip

location_data.zip_code

zip_code

physicalAddress

location_data.building_number, location_data.street_name

street_address

curl -X POST \
  https://<API_ENDPOINT>/v1/entities/create \
  -H 'Content-Type: application/json' \
  -H 'u21-key: <YOUR_API_KEY>' \
  -d '{
    "user_data": {
      "first_name": "John",
      "middle_name": "Joseph",
      "last_name": "Smith",
      "day_of_birth": 14
    }
    "options": {
      "identity_verifications": {
        "workflow_id": "socure_watchlist",
        "run_verifications": true
      },
    }
  }'

In this example, a Device Risk Verification called socure_watchlist has already been created. See the Verification Workflows.

If an alert is generated via the workflow, you will receive the Socure response in the alert.

16001600

Sample Socure Response (Successful):

A successful API request that includes the Document Verification module will return objects that contain information about the document and a result:

There are 2 possible results:

  • SOCURE_MODIFIED
  • SOCURE_DELETED

The results will appear in the response as well as the header of the alert:

16001600

Understanding the Raw Response

You can view the raw response in the alert:

16001600
{
    "referenceId": "a1b2d3d4-1a23-12ab-a123-ab1cde2abc12",
    "globalWatchlist": {
    "reasonCodes": ["R186"],
    "matches": {
      "OFAC SDN List": [
        {
          "entityId": "ZaP+/U4Qa5w1a2QtH1F+0j+GiZP4fkc",
          "matchFields": [
            "nameExact",
            "dobFuzzy"
            ],
          "sourceUrls": ["http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx"],
          "comments": {
            "offense": "Sanction",
            "country": [
                "United States",
                "Ireland",
                "Puerto Rico"
            ],
            "originalCountryText": [
                "United Kingdom",
                "Ireland",
                "Puerto Rico"
            ],
             "name": [
                 "April Ludgate"
            ],
             "aka": [
                 "April Ludgate",
                 "April Dwyer-Ludage"
            ],
            "originalPlaceOfBirthText": [
              "United States"
            ],
            "dateOfBirth": [
              "1984-06-26"
            ],
            "address": [
              "Pawnee, Indiana"
            ],
            "legalBasis": [
              "Executive Order 12978 (Narcotics)"
            ],
            "ofacId": [
              "OFAC-11018"
            ],
            "program": [
              "SDNT"
            ],
            "sanctionType": [
              "Block"
            ],
            "activeStartDate": [
              "2018-08-28"
            ]
          }
        }
      ]
    }
  }
}

Global Watchlist returns field values in different formats, with different content, depending on the list source. This is because of the wide range of formats and characters in use by the lists queried by the Global Watchlist module.

In general, the response will contain the following fields, with the following information:

Field

Description

Example

reasonCodes

Array containing applicable reason codes for the transaction.

R186

matches

Sanctions, Enforcement, PEP, Adverse Media

OFAC SDN List

matchFields

Array containing the name and DOB match type.

  "dobFuzzy"
]```

sourceUrls

URL(s) for the given match.

http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx

Comments

If applicable, additional information associated with the match will be presented here. Format and contents will vary by the source material.

            "offense": "Sanction",
            "activeStartDate": [
              "2018-08-28"
            ]
}```

Did this page help you?