Country Risk
Geographic location is a key factor in compliance risk assessment. TrustGate provides comprehensive country risk management based on sanctions, corruption indices, and AML effectiveness.
Risk Categories
Sanctioned Countries
Countries with comprehensive sanctions programs:
| Category | Countries | Risk Impact |
|---|---|---|
| OFAC Comprehensive | Cuba, Iran, North Korea, Syria, Crimea | +50 |
| OFAC Sectoral | Russia, Venezuela | +30 |
| EU Sanctions | Belarus, Myanmar | +35 |
| UN Sanctions | Various | +40 |
High-Risk Countries
Countries with elevated AML/CFT risk:
| Category | Criteria | Risk Impact |
|---|---|---|
| FATF High-Risk | Countries on FATF blacklist | +25 |
| FATF Increased Monitoring | Countries on FATF grey list | +15 |
| High Corruption | CPI score < 30 | +20 |
| Tax Haven | Non-cooperative jurisdictions | +10 |
Current FATF Lists (October 2025)
Black List (Call for Action):
- Iran (IR)
- North Korea (KP)
- Myanmar (MM)
Grey List (Increased Monitoring) - 21 Countries:
| Country | Code | Risk Score |
|---|---|---|
| Syria | SY | 85 |
| Yemen | YE | 80 |
| South Sudan | SS | 75 |
| Lebanon | LB | 70 |
| Venezuela | VE | 70 |
| DR Congo | CD | 65 |
| Haiti | HT | 65 |
| Algeria | DZ | 60 |
| Angola | AO | 60 |
| Bolivia | BO | 60 |
| Cameroon | CM | 60 |
| Côte d'Ivoire | CI | 60 |
| Lao PDR | LA | 60 |
| Vietnam | VN | 60 |
| British Virgin Islands | VG | 55 |
| Bulgaria | BG | 55 |
| Kenya | KE | 55 |
| Namibia | NA | 55 |
| Nepal | NP | 55 |
| Monaco | MC | 50 |
Removed from Grey List (2025):
- Philippines (Feb 2025)
- Croatia, Mali, Tanzania (June 2025)
- Burkina Faso, Mozambique, Nigeria, South Africa (Oct 2025)
Viewing Country Risk
Get Country Risk Rating
curl -X GET "https://api.bytrustgate.com/v1/country-risk/{country_code}" \
-H "Authorization: Bearer YOUR_API_KEY"
Response
{
"country_code": "RU",
"country_name": "Russia",
"risk_level": "high",
"risk_score": 75,
"factors": {
"sanctions": {
"status": "sectoral",
"programs": ["OFAC Russia", "EU Russia"],
"contribution": 30
},
"fatf": {
"status": "increased_monitoring",
"contribution": 15
},
"corruption": {
"cpi_score": 28,
"contribution": 20
},
"aml_effectiveness": {
"rating": "low",
"contribution": 10
}
},
"restrictions": [
"Enhanced due diligence required",
"Senior management approval needed",
"Certain sectors prohibited"
],
"last_updated": "2025-01-15T00:00:00Z"
}
List All Countries
curl -X GET "https://api.bytrustgate.com/v1/country-risk?risk_level=high" \
-H "Authorization: Bearer YOUR_API_KEY"
Country Risk Configuration
Custom Risk Levels
Override default risk levels:
curl -X PUT https://api.bytrustgate.com/v1/settings/country-risk \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"overrides": [
{
"country_code": "NG",
"risk_level": "high",
"risk_score": 65,
"reason": "Elevated fraud risk in our customer base"
},
{
"country_code": "SG",
"risk_level": "low",
"risk_score": 15,
"reason": "Strong AML framework, low fraud history"
}
]
}'
Block Countries
Completely block applicants from certain countries:
curl -X PUT https://api.bytrustgate.com/v1/settings/country-risk/blocked \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"blocked_countries": ["CU", "IR", "KP", "SY"],
"block_reason": "Comprehensive sanctions - cannot onboard",
"block_action": "reject",
"allow_exceptions": false
}'
Require Enhanced Due Diligence
Configure EDD for FATF grey list countries:
curl -X PUT https://api.bytrustgate.com/v1/settings/country-risk/edd-required \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"edd_countries": [
"SY", "YE", "SS", "LB", "VE", "CD", "HT",
"DZ", "AO", "BO", "CM", "CI", "LA", "VN",
"VG", "BG", "KE", "NA", "NP", "MC"
],
"edd_requirements": [
"source_of_funds",
"source_of_wealth",
"senior_approval"
]
}'
Country Risk Rules
Auto-Escalate High-Risk Countries
curl -X POST https://api.bytrustgate.com/v1/workflows/rules \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"rule_id": "escalate_high_risk_country",
"trigger": "applicant_created",
"conditions": {
"any": [
{"field": "nationality_risk_level", "operator": "eq", "value": "high"},
{"field": "residence_risk_level", "operator": "eq", "value": "high"}
]
},
"actions": [
{
"type": "add_flag",
"flag": "high_risk_geography"
},
{
"type": "create_case",
"case_type": "aml",
"priority": "high",
"title": "High-Risk Country Review"
}
]
}'
Block Sanctioned Countries
curl -X POST https://api.bytrustgate.com/v1/workflows/rules \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"rule_id": "block_sanctioned_country",
"trigger": "applicant_created",
"conditions": {
"any": [
{"field": "nationality", "operator": "in", "value": ["CU", "IR", "KP", "SY"]},
{"field": "residence_country", "operator": "in", "value": ["CU", "IR", "KP", "SY"]}
]
},
"actions": [
{
"type": "update_status",
"status": "rejected",
"reason": "Sanctioned jurisdiction"
},
{
"type": "send_notification",
"template": "sanctioned_country_block"
}
]
}'
Residence vs Nationality
Different risk weights can apply:
| Factor | Description | Typical Weight |
|---|---|---|
| Nationality | Country of citizenship | Higher weight |
| Residence | Current country of residence | Standard weight |
| Birth Country | Country of birth | Lower weight |
| Address Country | Provided address location | Standard weight |
Configure Weights
curl -X PUT https://api.bytrustgate.com/v1/settings/country-risk/weights \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"nationality_weight": 1.0,
"residence_weight": 0.8,
"birth_country_weight": 0.3,
"address_weight": 0.8,
"use_highest": true
}'
Risk Data Sources
TrustGate aggregates data from:
| Source | Data Provided |
|---|---|
| OFAC | US sanctions lists and programs |
| EU Sanctions | European Union consolidated list |
| UN Sanctions | United Nations Security Council |
| FATF | AML/CFT effectiveness ratings |
| Transparency International | Corruption Perception Index |
| Tax Justice Network | Financial secrecy rankings |
| World Bank | Governance indicators |
Updates and Monitoring
Automatic Updates
Country risk data updates automatically:
- Sanctions lists: Real-time
- FATF status: When published (typically quarterly)
- CPI scores: Annually
- Internal scoring: Monthly review
Country Risk Alerts
Get notified of changes:
curl -X POST https://api.bytrustgate.com/v1/webhooks \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://your-system.com/webhooks",
"events": ["country_risk.updated", "country_risk.sanctions_change"],
"active": true
}'
Alert Payload
{
"event": "country_risk.updated",
"country_code": "VE",
"previous_risk_level": "high",
"new_risk_level": "critical",
"change_reason": "New OFAC sanctions program announced",
"effective_date": "2025-01-20",
"affected_applicants_count": 45
}
Remediation
Review Affected Applicants
When country risk changes:
curl -X GET "https://api.bytrustgate.com/v1/applicants?country=VE&status=approved" \
-H "Authorization: Bearer YOUR_API_KEY"
Bulk Review
curl -X POST https://api.bytrustgate.com/v1/applicants/bulk/flag \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"filter": {
"nationality": "VE",
"status": "approved"
},
"action": {
"add_flag": "country_risk_review",
"create_case": true,
"case_type": "aml",
"case_title": "Country Risk Change Review"
}
}'
Best Practices
- Review regularly: Check country risk settings quarterly
- Document rationale: Record reasons for custom overrides
- Monitor changes: Subscribe to sanctions and FATF updates
- Test rules: Verify country rules work as expected
- Train staff: Ensure team understands geographic restrictions
Next Steps
- About Risk Scoring - Overview
- Risk Factors - All risk factors
- Workflow Rules - Automate decisions