Ongoing Monitoring
Ongoing monitoring continuously screens your existing customers against updated watchlists and news sources. When sanctions lists update or new adverse media is published, TrustGate automatically alerts you to potential matches.
Why Ongoing Monitoring?
Regulatory Requirements
- FATF Recommendation 10: Ongoing due diligence is required throughout the business relationship
- EU AMLD: Continuous monitoring of transactions and updates to customer information
- FinCEN: Ongoing customer due diligence to maintain and update customer information
Risk Management
Situations change:
- A customer becomes a PEP (elected to office)
- A customer is added to sanctions list
- Negative news is published about a customer
- A customer's risk profile changes
Without ongoing monitoring, you may unknowingly maintain relationships with prohibited or high-risk individuals.
How It Works
Daily Batch Monitoring
Every 24 hours:
│
├─> Download latest watchlist updates
│ - OFAC daily updates
│ - Watchlist updates
│ - PEP database changes
│
├─> Compare all active customers against updates
│
├─> Generate alerts for new matches
│
└─> Notify compliance team via:
- Dashboard alerts
- Email notifications
- Webhook events
Real-Time News Monitoring
For adverse media:
- Continuous crawling of news sources
- AI-powered relevance filtering
- Near real-time alerts (within hours)
Setting Up Ongoing Monitoring
Enable for All Customers
In Settings > Workflows:
{
"ongoing_monitoring": {
"enabled": true,
"frequency": "daily",
"check_types": ["sanctions", "pep", "adverse_media"],
"alert_channels": ["dashboard", "email", "webhook"]
}
}
Enable via API
curl -X POST https://api.bytrustgate.com/v1/monitoring/enroll \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"applicant_id": "550e8400-e29b-41d4-a716-446655440000",
"check_types": ["sanctions", "pep", "adverse_media"],
"frequency": "daily"
}'
Enroll All Approved Applicants
import requests
API_KEY = "YOUR_API_KEY"
BASE_URL = "https://api.bytrustgate.com/v1"
# Get all approved applicants
applicants = requests.get(
f"{BASE_URL}/applicants?status=approved",
headers={"Authorization": f"Bearer {API_KEY}"},
).json()
# Enroll each in ongoing monitoring
for applicant in applicants["items"]:
requests.post(
f"{BASE_URL}/monitoring/enroll",
headers={"Authorization": f"Bearer {API_KEY}"},
json={
"applicant_id": applicant["id"],
"check_types": ["sanctions", "pep", "adverse_media"],
},
)
print(f"Enrolled {applicant['id']} in monitoring")
Monitoring Alerts
Alert Types
| Alert Type | Trigger | Priority |
|---|---|---|
| New Sanctions Match | Customer matches new sanctions entry | Critical |
| PEP Status Change | Customer becomes or no longer is PEP | High |
| New Adverse Media | Negative news about customer | Medium-High |
| List Removal | Customer removed from watchlist | Low (informational) |
Alert Response
{
"id": "alert_123456",
"alert_type": "new_sanctions_match",
"applicant_id": "550e8400-e29b-41d4-a716-446655440000",
"applicant_name": "John Smith",
"priority": "critical",
"created_at": "2025-01-20T08:00:00Z",
"details": {
"list_source": "ofac_sdn",
"list_update_date": "2025-01-20",
"matched_entry": {
"name": "John Smith",
"program": "SDGT",
"list_date": "2025-01-19",
"entry_id": "OFAC-12345"
},
"confidence": 94.5,
"matched_fields": ["name", "date_of_birth", "nationality"]
},
"status": "pending",
"requires_action": true
}
Webhook Notification
Configure webhooks to receive real-time alerts:
{
"event": "monitoring.alert_created",
"timestamp": "2025-01-20T08:00:15Z",
"data": {
"alert_id": "alert_123456",
"alert_type": "new_sanctions_match",
"applicant_id": "550e8400-e29b-41d4-a716-446655440000",
"applicant_external_id": "customer_12345",
"priority": "critical",
"requires_immediate_action": true
}
}
Responding to Alerts
Critical Alerts (Sanctions)
When a customer matches a new sanctions entry:
- Immediately freeze the relationship (no new transactions)
- Investigate the match (same process as initial screening)
- If confirmed true:
- File required reports (SAR, blocking report)
- Terminate relationship
- Block assets as required
- If false positive:
- Document thoroughly
- Resume normal relationship
- Mark alert as resolved
High Priority Alerts (PEP Changes)
When a customer becomes a PEP:
- Apply enhanced due diligence
- Get senior management approval to continue relationship
- Update monitoring frequency (more frequent re-screening)
- Document the EDD measures applied
Medium Priority Alerts (Adverse Media)
When negative news is published:
- Assess severity of the news
- Verify the news is about your customer (not someone with same name)
- Update risk rating if warranted
- Consider enhanced monitoring or relationship review
Monitoring Configuration
Frequency Options
| Frequency | Best For | Notes |
|---|---|---|
real_time | High-risk customers | Immediate alerts, higher cost |
daily | Standard customers | Balanced approach (recommended) |
weekly | Low-risk customers | Cost-effective, slight delay |
Risk-Based Monitoring
Configure different frequencies based on risk:
# Get applicant risk level
applicant = get_applicant(applicant_id)
risk_level = applicant["risk_level"]
# Set monitoring frequency based on risk
frequency_map = {
"high": "real_time",
"medium": "daily",
"low": "weekly",
}
enroll_monitoring(
applicant_id=applicant_id,
frequency=frequency_map.get(risk_level, "daily"),
)
Monitoring Scope
| Setting | Options | Description |
|---|---|---|
check_types | sanctions, pep, adverse_media | What to screen for |
lists | ofac, eu, un, uk (or "all") | Which sanctions lists |
adverse_media_categories | financial_crime, corruption, etc. | News categories |
pep_tiers | [1, 2, 3, 4] or "all" | Which PEP tiers |
Monitoring Dashboard
View Active Monitoring
curl -X GET https://api.bytrustgate.com/v1/monitoring/enrolled \
-H "Authorization: Bearer YOUR_API_KEY"
Response:
{
"total_enrolled": 1250,
"by_frequency": {
"real_time": 50,
"daily": 1000,
"weekly": 200
},
"by_check_type": {
"sanctions": 1250,
"pep": 1200,
"adverse_media": 800
},
"last_batch_run": "2025-01-20T06:00:00Z",
"next_batch_run": "2025-01-21T06:00:00Z",
"pending_alerts": 3
}
View Pending Alerts
curl -X GET https://api.bytrustgate.com/v1/monitoring/alerts?status=pending \
-H "Authorization: Bearer YOUR_API_KEY"
Resolve Alert
curl -X PATCH https://api.bytrustgate.com/v1/monitoring/alerts/{alert_id} \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"status": "resolved",
"resolution": "false_positive",
"notes": "Different person - applicant DOB 1985-03-15, list entry DOB 1960-08-22"
}'
Unenrolling from Monitoring
Individual Unenrollment
When a customer relationship ends:
curl -X DELETE https://api.bytrustgate.com/v1/monitoring/enrolled/{applicant_id} \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"reason": "relationship_terminated"
}'
Automatic Unenrollment
Applicants are automatically unenrolled when:
- Status changes to
rejectedorwithdrawn - Applicant is deleted (GDPR deletion)
- Subscription/billing issues
Cost Considerations
Ongoing monitoring pricing is typically based on:
- Number of enrolled customers
- Monitoring frequency
- Check types enabled
- List sources included
Optimize costs by:
- Using risk-based frequency (not real-time for everyone)
- Excluding low-risk customers from adverse media
- Consolidating to daily batch where appropriate
Next Steps
- Sanctions Screening - Understanding sanctions
- Hit Resolution - Resolving alerts
- Screening Lists - Data sources
- Webhooks - Real-time notifications