AML & Compliance - XentFi API Documentation

Overview

Why AML Compliance Matters

⚖️ Regulatory Compliance

Meet global regulatory requirements including FinCEN, FATF, and local regulations

🛡️ Risk Mitigation

Protect your business from exposure to sanctioned entities and illicit funds

🏦 Banking Relationships

Maintain banking partnerships with demonstrated compliance programs

🌍 Global Operations

Operate confidently across jurisdictions with automated compliance

📊 Audit Trail

Complete records of all screening activities for regulators

🔒 Customer Protection

Prevent your platform from being used for illicit activities

How AML Screening Works

Screening Capabilities

Sanctions Screening

Sanctions List	Coverage	Update Frequency
OFAC (US)	Comprehensive	Real-time
EU Sanctions	Full list	Real-time
UN Sanctions	Complete	Real-time
UK Sanctions	Full list	Real-time
Other Global	Major lists	Daily

Risk Assessment

Risk Level	Description	Action
Low	Normal transaction, no red flags	Auto-approve
Medium	Some risk indicators	Enhanced review
High	Multiple risk factors	Manual review required
Critical	Direct sanctions match	Auto-block

Transaction Monitoring

Monitor Type	What It Checks	Frequency
Source of funds	Origin wallet history	Real-time
Transaction patterns	Unusual behavior	Real-time
Counterparty risk	Recipient screening	Real-time
Velocity checks	Rapid transactions	Real-time

Use Cases

Payment Processing

Scenario	Screening Action	Outcome
Customer payment	Screen sender address	Approve/Block
Large transaction	Enhanced due diligence	Manual review
New customer	Full KYC + screening	Risk rating assigned
International payment	Cross-border checks	Enhanced monitoring

Wallet Management

Scenario	Screening Action	Outcome
New deposit address	Address screening	Approval required
Whitelist address	Pre-screening	Approved list only
Withdrawal request	Destination screening	Block if sanctioned
Internal transfer	Both parties screened	Auto-approve or block

Exchange Operations

Compliance Workflows

Standard Payment Flow

Customer Onboarding

Step	Action	Compliance Check
1	Customer registers	Identity verification
2	Submits address	Sanctions screening
3	Provides KYC docs	Document verification
4	Risk assessment	Risk score assigned
5	Account activated	Ongoing monitoring

Screening API

Check Single Address

curl -X GET https://api.xentfi.com/v1/aml/check/{address} \
  -H "apiKey: your-api-key" \
  -H "orgId: your-org-id"

{
    "data": {
        "address": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb0",
        "isSanctioned": false,
        "riskScore": 15,
        "riskLevel": "LOW",
        "identifications": [],
        "screeningTimestamp": "2024-01-15T10:30:00.000Z"
    }
}

Sanctioned Address Response

{
    "data": {
        "address": "0xSanctionedAddress...",
        "isSanctioned": true,
        "riskScore": 100,
        "riskLevel": "CRITICAL",
        "identifications": [
            {
                "category": "sanctions",
                "name": "Entity Name",
                "description": "OFAC sanctions designation",
                "url": "https://ofac.treasury.gov/sanctions/..."
            }
        ],
        "screeningTimestamp": "2024-01-15T10:30:00.000Z"
    }
}

Batch Address Check

curl -X POST https://api.xentfi.com/v1/aml/check-batch \
  -H "apiKey: your-api-key" \
  -H "orgId: your-org-id" \
  -H "Content-Type: application/json" \
  -d '{
    "addresses": [
      "0xAddress1...",
      "0xAddress2...",
      "0xAddress3..."
    ]
  }'

Compliance Rules Engine

Configurable Rules

Rule Type	Description	Example
Velocity limits	Max transactions per time period	10 transactions/hour
Value thresholds	Max amount per transaction	$50,000 per transfer
Country restrictions	Block certain jurisdictions	Block sanctioned countries
Entity blacklist	Block specific addresses	Custom blocklist
Risk score limits	Auto-block above threshold	Block risk score > 80

Automated Actions

Trigger	Action	Notification
Sanctions match	Immediate block	Compliance team alert
High risk score	Hold for review	Review queue
Suspicious pattern	Freeze account	Security alert
Velocity exceeded	Temporary lock	User notification

Compliance Dashboard

Key Metrics

Metric	Description	Update Frequency
Total screenings	Number of addresses screened	Real-time
Blocked transactions	Sanctions matches	Real-time
Risk distribution	Low/Medium/High breakdown	Hourly
Review queue	Pending manual reviews	Real-time
False positive rate	Accuracy metric	Daily
Average response time	Screening speed	Real-time

Reporting & Audit

Available Reports

Report Type	Contents	Frequency
Transaction log	All screened transactions	On-demand
Sanctions hits	Sanctions matches	Daily/Weekly
Risk assessment	Customer risk ratings	Monthly
Suspicious activity	SAR filing data	As needed
Compliance summary	Executive overview	Monthly

Audit Trail

Every screening creates a permanent record:

{
    "screeningId": "scr_123e4567",
    "timestamp": "2024-01-15T10:30:00.000Z",
    "address": "0xAddress...",
    "result": "PASS",
    "riskScore": 15,
    "screenedBy": "system",
    "requestId": "req_123e4567",
    "ipAddress": "203.0.113.0",
    "userId": "user_123"
}

Best Practices

Screen every address - Never skip screening for any transaction
Monitor continuously - Re-screen addresses periodically
Keep records - Maintain audit trail for 7+ years
Train staff - Ensure team understands compliance procedures
Update policies - Review rules regularly
Report suspicious activity - File SARs when required

Regulatory Compliance

Key Regulations

Regulation	Jurisdiction	Requirement
Bank Secrecy Act	USA	AML program, recordkeeping
FinCEN Rules	USA	MSB registration, SAR filing
FATF Recommendations	Global	Travel Rule, KYC/CDD
5th AMLD	EU	Customer due diligence
Travel Rule	Global	Beneficiary information

Compliance Certifications

Certification	Status	Description
SOC 2 Type II	✅	Security & availability
ISO 27001	✅	Information security
PCI DSS Level 1	✅	Payment security
GDPR	✅	Data protection

Risk Scoring

Risk Score Calculation

Factor	Weight	Description
Sanctions match	100	Direct match = blocked
Country risk	0-30	Jurisdiction risk level
Transaction size	0-20	Amount thresholds
Velocity	0-20	Transaction frequency
New address	0-10	Age of address
Historical activity	0-20	Previous behavior

Risk Levels

Score	Level	Action
0-20	Low	Auto-approve
21-50	Medium	Enhanced monitoring
51-80	High	Manual review required
81-100	Critical	Auto-block

Troubleshooting

False positive sanctions match

Solution:

Verify address is correct
Submit for manual review
Request OFAC reconsideration if needed

Screening timeout

Possible causes:

Network issues
High volume
API rate limits

Solution: Implement retry logic with exponential backoff.

Customer blocked incorrectly

Solution:

Review screening details
Collect additional information
Manual override with justification
Document decision

Pricing

Feature	Starter	Professional	Business	Enterprise
Address screening	✅	✅	✅	✅
Real-time sanctions	✅	✅	✅	✅
Risk scoring	Basic	Advanced	Premium	Custom
Batch screening	❌	✅	✅	✅
Manual review queue	❌	✅	✅	✅
Custom rules	❌	❌	✅	✅
API access	Limited	Full	Full	Full
Priority support	❌	❌	✅	24/7

Performance Metrics

Metric	Target	Description
Screening time	< 500ms	Time to check address
Batch screening	< 5 seconds	Per 100 addresses
Update frequency	Real-time	Sanctions list updates
Availability	99.9%	API uptime

Webhooks

Real-time compliance notifications

Payment Links

Screened payment processing

Master Wallets

Compliance-ready wallets

Next Steps

Screen your first address in API Reference
Configure compliance rules in dashboard
Set up compliance webhooks for real-time alerts
Generate audit reports for regulators

Documentation Index

​Overview

​Why AML Compliance Matters

⚖️ Regulatory Compliance

🛡️ Risk Mitigation

🏦 Banking Relationships

🌍 Global Operations

📊 Audit Trail

🔒 Customer Protection

​How AML Screening Works

​Screening Capabilities

​Sanctions Screening

​Risk Assessment

​Transaction Monitoring

​Use Cases

​Payment Processing

​Wallet Management

​Exchange Operations

​Compliance Workflows

​Standard Payment Flow

​Customer Onboarding

​Screening API

​Check Single Address

​Sanctioned Address Response

​Batch Address Check

​Compliance Rules Engine

​Configurable Rules

​Automated Actions

​Compliance Dashboard

​Key Metrics

​Reporting & Audit

​Available Reports

​Audit Trail

​Best Practices

​Regulatory Compliance

​Key Regulations

​Compliance Certifications

​Risk Scoring

​Risk Score Calculation

​Risk Levels

​Troubleshooting

​Pricing

​Performance Metrics

​Related Products