About Risk Scoring

TrustGate's Risk Engine provides intelligent, configurable risk scoring to help you make informed decisions about customers and transactions.

What is Risk Scoring?

Risk scoring quantifies the potential risk associated with an applicant, company, or transaction based on multiple factors. A higher score indicates higher risk.

Risk Score Scale

Score Range	Risk Level	Typical Action
0-25	Low	Auto-approve
26-50	Medium	Standard review
51-75	High	Enhanced review
76-100	Critical	Senior escalation

How Risk Scores are Calculated

┌─────────────────────────────────────────────────────────┐
│                    RISK INPUTS                          │
├─────────────┬─────────────┬─────────────┬──────────────┤
│ Identity    │ Screening   │ Geography   │ Behavior     │
│ Factors     │ Results     │ Risk        │ Signals      │
└──────┬──────┴──────┬──────┴──────┬──────┴───────┬──────┘
       │             │             │              │
       v             v             v              v
┌─────────────────────────────────────────────────────────┐
│              RISK ENGINE (AI + Rules)                   │
│  • Weight factors based on configuration                │
│  • Apply business rules                                 │
│  • Adjust for context                                   │
└─────────────────────────┬───────────────────────────────┘
                          │
                          v
┌─────────────────────────────────────────────────────────┐
│                  RISK SCORE (0-100)                     │
│          + Factor Breakdown + Recommendations           │
└─────────────────────────────────────────────────────────┘

Risk Score Components

Identity Risk

Factors from identity verification:

Factor	Impact
Document verification failed	+20
Biometric match failed	+25
Multiple verification attempts	+10
Data inconsistencies	+15

Screening Risk

Factors from AML screening:

Factor	Impact
Sanctions match	+50
PEP match	+25
Adverse media (high risk)	+20
Adverse media (medium risk)	+10

Geographic Risk

Factors from location data:

Factor	Impact
High-risk country (residence)	+20
High-risk country (nationality)	+15
Sanctioned jurisdiction	+40
Tax haven jurisdiction	+10

Behavioral Risk

Factors from applicant behavior:

Factor	Impact
Multiple applications	+10
Rapid resubmission	+15
Device fingerprint anomaly	+20
VPN/proxy detected	+10

Viewing Risk Scores

Get Applicant Risk Score

curl -X GET "https://api.bytrustgate.com/api/v1/applicants/{applicant_id}/risk-breakdown" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "applicant_id": "550e8400-e29b-41d4-a716-446655440000",
  "risk_score": 45,
  "risk_level": "medium",
  "calculated_at": "2025-01-20T14:30:00Z",
  "factors": [
    {
      "category": "screening",
      "factor": "pep_match",
      "contribution": 25,
      "details": "PEP Tier 2 - Family member of government official"
    },
    {
      "category": "geography",
      "factor": "high_risk_country",
      "contribution": 15,
      "details": "Nationality: Country with elevated AML risk"
    },
    {
      "category": "identity",
      "factor": "verification_passed",
      "contribution": 0,
      "details": "All identity checks passed"
    }
  ],
  "recommendation": "enhanced_review",
  "recommendation_reason": "PEP status requires enhanced due diligence"
}

Company Risk Scores

Company risk scoring is coming soon. Currently, company risk levels can be set during company review via the POST /api/v1/companies/{company_id}/review endpoint.

Risk Score History

Track risk score changes over time:

curl -X GET "https://api.bytrustgate.com/api/v1/workflows/risk/{applicant_id}/history" \
  -H "Authorization: Bearer YOUR_API_KEY"

{
  "history": [
    {
      "score": 25,
      "level": "low",
      "calculated_at": "2025-01-15T10:00:00Z",
      "trigger": "initial_verification"
    },
    {
      "score": 45,
      "level": "medium",
      "calculated_at": "2025-01-16T14:30:00Z",
      "trigger": "screening_completed",
      "change_reason": "PEP match identified"
    }
  ]
}

Recalculating Risk

Manual Recalculation

curl -X POST "https://api.bytrustgate.com/api/v1/workflows/risk/{applicant_id}/recalculate" \
  -H "Authorization: Bearer YOUR_API_KEY"

Automatic Triggers

Risk scores recalculate when:

Verification status changes
Screening results update
Documents are verified
Cases are resolved
Monitoring alerts trigger

Risk-Based Decisions

Risk-based decisions (auto-approve, auto-reject, escalation) are configured through workflow rules, not a dedicated settings endpoint. Use the workflow rules API to create rules that trigger actions based on risk score thresholds:

curl -X POST "https://api.bytrustgate.com/api/v1/workflows/rules" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Auto-approve low risk",
    "conditions": {"risk_score_max": 25, "all_checks_passed": true},
    "action": "approve"
  }'

See Workflow Rules for full configuration options including auto-reject and escalation rules.

Best Practices

Calibrate thresholds: Adjust score thresholds based on your risk appetite
Review edge cases: Manually review scores near threshold boundaries
Monitor trends: Track average scores to identify systematic issues
Document decisions: Record rationale for risk-based decisions
Periodic review: Reassess scoring weights quarterly

Next Steps

Risk Factors - Detailed factor configuration
Workflow Rules - Automate risk-based actions
Country Risk - Geographic risk configuration

What is Risk Scoring?​

Risk Score Scale​

How Risk Scores are Calculated​

Risk Score Components​

Identity Risk​

Screening Risk​

Geographic Risk​

Behavioral Risk​

Viewing Risk Scores​

Get Applicant Risk Score​

Response​

Company Risk Scores​

Risk Score History​

Recalculating Risk​

Manual Recalculation​

Automatic Triggers​

Risk-Based Decisions​

Best Practices​

Next Steps​