Risk Intelligence API
AI-powered composite risk scoring for businesses and individuals
Overview
The Risk Intelligence API produces a 0–1000 composite risk score for any business or individual by aggregating data from sanctions lists (OFAC SDN, BIS Entity List, UN/EU/UK), SAM.gov, HHS OIG LEIE, SEC EDGAR, FMCSA, ATF FFL, court records, and adverse media. Custom-trained advanced AI models synthesize 70+ risk factors across 7 categories with industry-adjusted weights, producing an executive summary, key findings, risk narrative, mitigating factors, and recommended actions. Supports sync scoring and async batch jobs with webhook, polling, PDF, and S3 delivery.
Key Features
Risk Score Interpreter Cheat Sheet
Quick-reference guide for interpreting risk scores, understanding score bands, reviewing confidence levels, and applying use-case-specific actions.
View Cheat SheetUse Cases
Pre-built scenarios included in the Postman collection. Each demonstrates a different risk profile with real entity data.
Business — Sanctioned
Huawei Technologies (BIS Entity List, CMIC)
Chinese telecom on BIS Entity List and OFAC CMIC list. Tests sanctions screening, jurisdiction risk (CN=HIGH), and multi-list matching.
Iran Air (OFAC SDN)
Iranian national airline on OFAC SDN list. Tests comprehensive sanctions detection and SANCTIONED jurisdiction (IR).
ZTE Corporation (BIS Entity List)
Chinese telecom with BIS Entity List history. Tests export control screening and regulatory enforcement signals.
Business — US Low Risk
Procter & Gamble
Established US consumer goods company (NYSE: PG). Clean sanctions, no regulatory issues. Demonstrates low-risk baseline with full identifiers.
Costco Wholesale
Large US retailer (NASDAQ: COST). Clean compliance profile. Tests entity resolution with EIN and stock identifiers.
Deere & Company
US agricultural machinery manufacturer (NYSE: DE). Clean profile. Tests scoring for manufacturing industry vertical.
Business — US High Risk
Wells Fargo (CFPB enforcement)
Major US bank with significant CFPB enforcement actions. Tests regulatory enforcement factor detection and financial industry weighting.
Boeing (FAA enforcement, DOJ)
US aerospace company with FAA enforcement actions and DOJ deferred prosecution. Tests multi-agency regulatory signals.
Purdue Pharma (DOJ settlement)
US pharmaceutical company with major DOJ settlement related to opioid crisis. Tests legal/enforcement factor detection.
Business — Shell Company
Newly formed DE LLC (0 employees)
Shell company indicators: 2025 formation, 0 employees, registered agent address in Wilmington DE. Tests shell company risk analysis.
Individual — Sanctioned
Viktor Bout (OFAC SDN)
Russian arms dealer on OFAC SDN list with multiple aliases. Tests individual sanctions matching and alias disambiguation.
Individual — US Low Risk
Sarah Chen (Software Engineer)
Clean US technology professional. Tests baseline low-risk scoring with employer and industry context.
Michael Davis (Teacher)
Clean US education professional. Tests low-risk scoring in non-regulated industry.
Jennifer Martinez (CPA)
Clean US accounting professional at major firm. Tests low-risk scoring in financial services adjacent role.
Individual — US High Risk
Elizabeth Holmes (SEC fraud)
Former Theranos CEO convicted of wire fraud. Tests SEC enforcement and adverse media signal detection.
Martin Shkreli (Securities fraud)
Former pharma CEO convicted of securities fraud. Tests SEC enforcement and healthcare industry risk weighting.
Bernard Madoff (Ponzi scheme)
Convicted of largest Ponzi scheme in history. Tests financial fraud detection and adverse media signals.
Glossary of Terms
Key regulatory acronyms and data sources referenced by this API.
OFAC
Office of Foreign Assets Control — U.S. Treasury department that administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.
SDN List
Specially Designated Nationals and Blocked Persons List — OFAC's primary sanctions list. U.S. persons are generally prohibited from transacting with individuals and entities on this list, and their assets are blocked.
BIS Entity List
Bureau of Industry and Security Entity List — U.S. Commerce Department list of foreign parties subject to export license requirements. Being listed means U.S. exporters need a license (usually denied) to send controlled items to the entity.
CMIC List
Chinese Military-Industrial Complex Companies List — OFAC list of Chinese entities identified as operating in China's defense and surveillance technology sectors. U.S. persons are prohibited from purchasing or selling publicly traded securities of listed companies.
CSL
Consolidated Screening List — A unified U.S. government database that merges 13+ export screening lists (SDN, Entity List, Denied Persons, Unverified, Military End User, etc.) into a single searchable API maintained by the International Trade Administration.
SAM.gov
System for Award Management — The official U.S. government system for entity registration and federal procurement data. Contains exclusion records (debarments and suspensions) that bar entities from receiving federal contracts or grants.
HHS OIG LEIE
Health and Human Services Office of Inspector General — List of Excluded Individuals/Entities. Federal database of healthcare providers and entities excluded from participation in Medicare, Medicaid, and other federal healthcare programs due to fraud, patient abuse, licensing violations, or other offenses.
SEC EDGAR
Securities and Exchange Commission — Electronic Data Gathering, Analysis, and Retrieval system. Public database of corporate filings including 10-K annual reports, enforcement actions (AAERs), and litigation releases. Used to identify securities fraud, financial irregularities, and regulatory enforcement actions.
SEC AAER
Accounting and Auditing Enforcement Releases — SEC enforcement actions related to accounting fraud, auditor misconduct, and financial reporting violations.
FMCSA
Federal Motor Carrier Safety Administration — U.S. DOT agency that regulates the trucking and bus industries. Maintains safety records, compliance reviews, and out-of-service orders for motor carriers and drivers.
ATF FFL
Bureau of Alcohol, Tobacco, Firearms and Explosives — Federal Firearms License. ATF issues FFLs to dealers, manufacturers, and importers of firearms. The API checks for license validity, revocations, and enforcement actions.
CFPB
Consumer Financial Protection Bureau — U.S. agency that enforces consumer financial protection laws. Maintains a public enforcement action database covering banks, lenders, and financial service companies for unfair, deceptive, or abusive practices.
FINRA
Financial Industry Regulatory Authority — Self-regulatory organization overseeing broker-dealers in the U.S. Maintains BrokerCheck database with disciplinary actions, bars, suspensions, and customer complaints against registered representatives and firms.
FDA
Food and Drug Administration — U.S. agency responsible for protecting public health by ensuring safety and efficacy of drugs, medical devices, food supply, and cosmetics. Issues warning letters, import alerts, and enforcement actions tracked by the API.
EPA
Environmental Protection Agency — U.S. federal agency that enforces environmental laws. Maintains enforcement and compliance history (ECHO) database with violations, penalties, and consent decrees.
OSHA
Occupational Safety and Health Administration — U.S. Department of Labor agency that sets and enforces workplace safety standards. Inspection data and violation records are used as risk signals for labor and safety compliance.
BOI
Beneficial Ownership Information — Under the Corporate Transparency Act (CTA), certain U.S. companies must report their beneficial owners to FinCEN. The API cross-references BOI registry data for shell company and ownership risk analysis.
PEP
Politically Exposed Person — An individual who holds or has held a prominent public function (e.g., head of state, senior politician, military general, senior executive of a state-owned corporation). PEP status increases risk due to potential for corruption and bribery.
EDD
Enhanced Due Diligence — A more rigorous level of customer investigation applied to higher-risk entities. Involves deeper background checks, source-of-funds verification, and ongoing monitoring beyond standard KYC procedures.
KYC
Know Your Customer — Regulatory framework requiring financial institutions and other regulated entities to verify the identity of their clients. Includes identity verification, risk assessment, and ongoing monitoring.
AML
Anti-Money Laundering — Set of laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income. AML compliance typically includes transaction monitoring, suspicious activity reporting, and customer due diligence.
SAR
Suspicious Activity Report — A document filed by financial institutions with FinCEN when there is suspected involvement in money laundering, fraud, or other financial crimes. Filing is mandatory for transactions over certain thresholds or exhibiting suspicious patterns.
FCRA
Fair Credit Reporting Act — U.S. federal law that regulates the collection, dissemination, and use of consumer information, including consumer credit information. The Risk Intelligence API is NOT a consumer report under FCRA and must not be used for credit, employment, or tenant screening decisions.
ITAR
International Traffic in Arms Regulations — U.S. regulations controlling the export and import of defense-related articles and services on the U.S. Munitions List. ITAR violations carry severe criminal and civil penalties.
EAR
Export Administration Regulations — U.S. Commerce Department regulations governing the export of commercial and dual-use items. Items are classified by ECCN (Export Control Classification Number) and may require a license depending on destination country and end-use.
DUNS
Data Universal Numbering System — A unique nine-digit identifier assigned by Dun & Bradstreet to business entities worldwide. Used as a strong identifier for entity disambiguation in risk scoring.
UEI
Unique Entity Identifier — The official identifier for entities doing business with the U.S. federal government, replacing DUNS for federal procurement. Assigned through SAM.gov registration.
EIN
Employer Identification Number — A nine-digit number (XX-XXXXXXX) assigned by the IRS to U.S. business entities for tax identification. One of the strongest identifiers for entity resolution in the API.
LEI
Legal Entity Identifier — A 20-character alphanumeric code that uniquely identifies legally distinct entities that engage in financial transactions. Managed by the Global LEI Foundation under ISO 17442.
NPI
National Provider Identifier — A unique 10-digit identification number issued by CMS to healthcare providers in the U.S. Used as a strong identifier for individual healthcare professionals in risk scoring.
Endpoints
/v1/risk/business/v1/risk/individual/v1/risk/batch/v1/risk/batch/:jobId/v1/risk/batch/:jobId/results/v1/risk/factors/v1/risk/attributesQuick Example
import ComplianceGrid from "@compliancegrid/sdk";
const cg = new ComplianceGrid({
apiKey: process.env.COMPLIANCEGRID_API_KEY,
});
// Score a business (include identifiers for best accuracy)
const biz = await cg.risk.scoreBusiness({
name: "Acme Trading Corp",
country: "US",
ein: "12-3456789",
industry: "Government Contracting",
officers: ["John Smith", "Jane Doe"],
});
console.log(biz.data.score); // 320
console.log(biz.data.band); // "MEDIUM"
console.log(biz.data.entityResolution.confidence); // "HIGH"
console.log(biz.data.summary.executiveSummary);
// "Medium risk — SAM.gov suspension and adverse media signals identified."
// Score an individual (dateOfBirth improves accuracy)
const ind = await cg.risk.scoreIndividual({
firstName: "John",
lastName: "Smith",
country: "US",
dateOfBirth: "1985-03-15",
employer: "Acme Corp",
industry: "Financial Services",
});
console.log(ind.data.score); // 85
console.log(ind.data.band); // "LOW"Sample Response
{
"success": true,
"data": {
"id": "risk_abc123",
"entityType": "BUSINESS",
"entityName": "Acme Trading Corp",
"score": 320,
"band": "MEDIUM",
"version": "1.0",
"categoryScores": [
{
"category": "REGULATORY_ENFORCEMENT",
"categoryName": "Regulatory & Enforcement",
"score": 180,
"maxScore": 1240,
"factorCount": 1
},
{
"category": "REPUTATIONAL_MEDIA",
"categoryName": "Reputational & Media",
"score": 140,
"maxScore": 540,
"factorCount": 2
}
],
"factors": [
{
"factorCode": "BIZ_SAM_DEBARMENT",
"factorName": "SAM.gov debarment or suspension",
"points": 180,
"maxPoints": 180,
"severity": "CRITICAL",
"accusationOnly": false,
"matchConfidence": "HIGH",
"confidenceScore": 85,
"confidenceReasons": ["Match confidence: HIGH"]
}
],
"summary": {
"executiveSummary": "Medium risk — SAM.gov suspension identified.",
"keyFindings": ["SAM.gov suspension from federal contracting"],
"recommendedActions": ["Verify SAM.gov suspension status"],
"confidence": 0.82,
"model": "cg-risk-v1"
},
"entityResolution": {
"confidence": "HIGH",
"identifierCount": 3,
"identifiersProvided": ["country", "ein", "industry"],
"identifiersMissing": ["duns", "uei", "website"],
"warnings": []
},
"meta": {
"dataSourcesUsed": ["ComplianceGrid CSL", "SAM.gov", "OIG LEIE"],
"processingTimeMs": 2340
}
}
}