HomeKnowledge baseVerification via Provider: Comply Advantage
Explore Knowledge Base

Verification via Provider: Comply Advantage

23. 12. 2024

An Integration with ComplyAdvantage as a KYC service provider was implemented through NodeRed low-code solution.

The set of basic external provider APIs to perform Customer identification checks were implemented. Also, the set of internal SDK APIs for changing users identification status according to the provider results inside the SDK system was extended.

So the SDK system implemented the technical integration through NodeRed solution with basic features for ComplyAdvantage API for Customer Screening and Monitoring and embedded it into the onboarding process within the SDK system. All features that will be available from the vendor (ComplyAdvantage) to the client (for both, the source code or cloud clients) depend on the client’s needs and their agreements with the vendor. On the SDK side, a quick way to integrate with the provider from the SDK system.

To start using

  1. Make an Agreement with the provider. There is a requirement for the client to make an agreement with the KYC service provider. All features that will be available from the vendor (ComplyAdvantage) to the client (for both, the source code or cloud clients) depend on the client’s needs and their agreements with the vendor (ComplyAdvantage).
  2. Get credentials from the provider. After the agreement, the service provider provides the client with the credentials to access the Test and Production Environment. Generate API-key on the provider environment and use it for ComplyAdvantage integration setup.
  3. Set up the provider connectivity settings in the NodeRed instance. Set up the system configuration file.
  4. Set up the connectivity settings between Kafka`s and NodeRed instances. Provide access for NodeRed to certain Kafka topics with required rights (read/write)
  5. Activate ComplyAdvantage KYC service in the SDK Core App. Set up the system configuration file.

How it works

The User of the SDK platform provides User Profile data and uploads the documents within the front-end app (web or mobile). The Compliance Manager within the SDK system initiates checks via 3rd party KYC service provider. The SDK submits user data to Kafka`s topics (regarding the conditions). After the NodeRed system reads the topics, processes the data, and passes it to ComplyAdvantage via provider REST APIs. When the response from the provider is received NodeRed calls SDK APIs to change the status of the user identification (according to the response from the provider) and create notes about the user with provider response details.

Watch this quick demo video to see how you can verify users:

Current solutions allow to extend the flow and change the configuration for integration without development in the code of Core SDK application.

Supported operations

Note, that all features that will be available from the vendor (ComplyAdvantage) to the client (for both, the source code or cloud clients) depend on the client’s needs and their agreements with the vendor (ComplyAdvantage).

The ComplyAdvantage KYC integration service in the SDK platform supported the POST/searches method of the API Customer Screening and Monitoring Solution (CSOM documentation). The supported methods of this integration can be easily extended according to the business requirements after elicitation.

Flow supported on the Test Environment

The Compliance Manager can submit user profile data for verification to the ComplyAdvantage KYC service provider. After the provider response, the System will automatically change the user identification status due to check results. 

In the test flow implementation, the provider performs checks by User name (First, Last, Middle), year of birth, and Company name (for Merchant users).

Business process and APIs flow

Integration setup

As a Platform Owner:

  1. Sign an agreement with the ComplyAdvantage provider (to get access credentials)
  2. Register at the ComplyAdvantage system (to generate your API key and manage searches and cases)

As an Administrator of the platform:

  1. Check in the SDK Core configuration the availability of the ComplyAdvantage Integration Service in the configuration file.
  2. Check NodeRed instance availability and set up provider credentials on the NodeRed environment variables (set api-key that was generated via ComplyAdvantage back-office)
  3. Check Kafka instance availability

There are preliminary steps that must be done as part of integration settings before the checks via the KYC service provider will be performed by the Compliance Manager.

 

Initiate the submission of user profile data for verification to the ComplyAdvantage KYC service provider from the SDK platform

  1. As a Business User:
  1. Register at the SDK system
  2. Provide user profile data (via UI or API) at least User name (First, Last, Middle), year of berth, and Company name (for Merchant users) must be provided to perform KYC checks
  3. Upload identification documents for verification (via UI or API) after documents uploading the user DocumentApprovalStatus=PENDING and OrganizationStatus=pending
  1. As a Compliance Manager (after the User uploads documents during the onboarding process):
  1. The Compliance Manager reviews and confirms the user’s documents (via UI or API) after Compliance approves Document ApprovalStatus is “APPROVED” and the system transits OrganizationStatus to “pending”, or uses API PATCH /v1​/profiles​/{userId} for manual OrganizationStatus updating
  2. The SDK System submits the User Profile data to the Kafka topic user-profile-data, if all conditions are satisfied (see required conditions below) use API POST /profiles/{userId} with providerKey=complyadvantage for manual user profile data submission
  3. The NodeRed System reads the data from user-profile-data and passes it to the provider via API for verification
  4. After the response from the provider is received the NodeRed System submits the response details to separate topics (user-profile-data-response-complyadvantage and user-profile-data-response-complyadvantage-errors due to received results) and calls SDK API to change user organization status and make notes regarding current user with provider response details (APIs POST /v1​/profiles​/{userId}​/approve and POST​/v1​/users​/note is used). Compliance can review notes with provider response details (via UI or API GET ​/v1​/users​/note​/{userId})

Required conditions to submit user profile data to 3rd party verification:

  • DocumentApprovalStatus = APPROVED
  • OrganizationStatus=pending
  • complyAdvantage provider is specified in the property (use GET /v1​/kyc-providers to check)

providers: 

  • – complyAdvantage
  • property

kyc-integration:

 service:

   enabled: ${KYC_INTEGRATION_ENABLED:true}

   kafka:

    topic: ${KAFKA_KYC_INTEGRATION_TOPIC:user-profile-data}

if all conditions are satisfied the system submits the User Profile data to the topic user-profile-data 

NodeRed flows behavior depending on the provider response:

  • if the received from the provider identification status (match_status) is no_match – the integrator (NodeRed) will call APIs ​POST /v1/profiles/{userId}/approve to change OrganizationStatus to APPROVED and POST /v1​/users​/note to create a note with search details regarding current user
  • if the received from the provider identification status (match_status) is any other, the integrator (NodeRed) will call POST /v1​/users​/note only to create the note with search details regarding the current user. When the system receives POST /v1​/users​/note and all conditions are satisfied the system changes OrganizationStatus for this user to REVIEW_REQUIRED. After the compliance manager can check the case manually and consider further OrganizationStatus transition (APIs to manage User Identification Status)

The required conditions to change OrganizationStatus to REVIEW_REQUIRED (when POST /v1​/users​/note was received):

  • if kyc via 3rd party is available (provider is presence)
  • if current OrganizationStatus=pending

List of APIs (SDK and Comply Advantage) that are used in KYC verification via 3rd party KYC service provider use case

SDK ComplyAdvantage
API Description API Description
POST /v1​/profile-documents​/view View all profile documents    
POST /v1​/profile-documents​/{profileDocumentId}​/approve Approve the profile document    
POST /v1/profiles/{userId}/approve Decline the profile document    
GET ​/v1​/kyc-providers Use this API to get available third-party KYC providers    
PATCH /v1​/profiles​/{userId} Update organization status (user identification status)    
POST /profiles/{userId} To send user profile data for verification to third party KYC service provider POST /searches Create a new search by POSTing search terms, parameters and filters. By default creating a search will pull the first 100 results (if that many exist) from our database. By using offset and limit parameters, you can expand this, or create multiple searches which “paginate” through our data sources.
POST /v1/profiles/{userId}/approve To approve user identification status    
POST /v1​/users​/note To create notes about user    
GET ​/v1​/users​/note​/{userId} To get notes about user