> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zenoo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Alerts

> Complete field reference for the Alert resource in the Zenoo CLM API.

# Alerts

Alerts represent compliance issues that require analyst review. They are generated automatically from check results (screening matches, identity failures) or created manually. Each alert belongs to a case and optionally links to a specific entity.

## Resource fields

| Field                     | Type    | Description                                                      |
| ------------------------- | ------- | ---------------------------------------------------------------- |
| `token`                   | string  | Unique alert identifier (prefix `alt_`)                          |
| `type`                    | string  | Alert type. See [types](#alert-types)                            |
| `category`                | string  | Alert category. See [categories](#alert-categories)              |
| `title`                   | string  | Human-readable alert title                                       |
| `description`             | string  | Detailed description with source and match details               |
| `status`                  | string  | Current status. See [statuses](#alert-statuses)                  |
| `priority`                | string  | Priority: `Critical`, `High`, `Medium`, `Low`                    |
| `priority_score`          | number  | Composite priority score (0-290)                                 |
| `risk_tier`               | string  | Risk tier assigned by assessor: `High`, `Medium`, `Low`          |
| `match_score`             | number  | Screening match confidence (0-100)                               |
| `case_token`              | string  | Parent case token                                                |
| `entity_name`             | string  | Name of the entity this alert relates to                         |
| `entity_token`            | string  | Token of the related entity                                      |
| `assigned_to`             | object  | Assigned analyst `{ id, name, email }`                           |
| `resolved_by`             | object  | User who resolved `{ id, name, email }`                          |
| `resolved_at`             | string  | ISO 8601 timestamp of resolution                                 |
| `resolution_action`       | string  | Resolution action. See [resolution actions](#resolution-actions) |
| `resolution_notes`        | string  | Resolution justification                                         |
| `sla_due_date`            | string  | ISO 8601 timestamp of SLA deadline                               |
| `sla_status`              | string  | SLA status: `On Track`, `Warning`, `Critical`, `Breached`        |
| `sla_hours_remaining`     | number  | Hours until SLA breach                                           |
| `source_data`             | object  | Raw screening match data from provider                           |
| `ai_research`             | object  | AI research results (see [AI fields](#ai-research-fields))       |
| `auto_triaged`            | boolean | Whether auto-triage was attempted                                |
| `auto_disposed`           | boolean | Whether the alert was auto-disposed                              |
| `auto_disposition_reason` | string  | Detailed rationale for auto-disposition                          |
| `qa_sample`               | boolean | Whether flagged for QA review                                    |
| `created_at`              | string  | ISO 8601 timestamp of creation                                   |
| `updated_at`              | string  | ISO 8601 timestamp of last modification                          |

## AI research fields

The `ai_research` object is populated when AI analysis is triggered:

| Field                        | Type   | Description                                    |
| ---------------------------- | ------ | ---------------------------------------------- |
| `status`                     | string | `pending`, `processing`, `completed`, `failed` |
| `assessment`                 | string | Detailed narrative analysis of the match       |
| `confidence`                 | number | AI confidence in its assessment (0-100)        |
| `false_positive_probability` | number | Estimated false positive probability (0-100)   |
| `recommended_action`         | string | AI-suggested resolution action                 |
| `sources`                    | array  | Array of `{ title, url }` sources consulted    |
| `researched_at`              | string | ISO 8601 timestamp of research completion      |

## Alert statuses

| Status           | Description                               |
| ---------------- | ----------------------------------------- |
| `Open`           | Created, awaiting analyst review          |
| `Acknowledged`   | Analyst has claimed the alert             |
| `Resolved`       | Resolved with an action and notes         |
| `False Positive` | Confirmed as a false positive match       |
| `Escalated`      | Escalated to a senior reviewer or manager |

## Alert types

| Type              | Description                                       |
| ----------------- | ------------------------------------------------- |
| `Screening`       | Generated from PEP/sanctions/adverse media checks |
| `Identity`        | Generated from identity verification failures     |
| `Company`         | Generated from company registry check issues      |
| `Document`        | Generated from document verification failures     |
| `Financial`       | Generated from financial or credit check issues   |
| `Client Input`    | Created when client input is required             |
| `Internal Review` | Created for internal compliance review            |

## Alert categories

| Category                 | Type      | Description                       |
| ------------------------ | --------- | --------------------------------- |
| `PEP Match`              | Screening | Politically Exposed Person match  |
| `Sanctions Hit`          | Screening | Sanctions list match              |
| `Adverse Media`          | Screening | Negative media coverage match     |
| `Name Mismatch`          | Identity  | Name differs between documents    |
| `DOB Mismatch`           | Identity  | Date of birth discrepancy         |
| `Criminal Investigation` | Screening | Criminal investigation record     |
| `Regulatory Action`      | Screening | Regulatory enforcement action     |
| `API Failure`            | Company   | External API check failure        |
| `Watchlist Match`        | Screening | Other watchlist match             |
| `Ongoing Screening`      | Screening | Hit from ongoing monitoring       |
| `RCA Match`              | Screening | Relative or close associate match |

## Resolution actions

| Action                    | Description                                |
| ------------------------- | ------------------------------------------ |
| `Approve`                 | Alert reviewed, no issues or risk accepted |
| `Decline`                 | Confirmed compliance issue, reject entity  |
| `Escalate`                | Route to senior reviewer                   |
| `Request Document`        | Request additional evidence from client    |
| `Approve with Conditions` | Accept with caveats (e.g., monitoring)     |

## Example

```json theme={null}
{
  "token": "alt_001",
  "type": "Screening",
  "category": "PEP Match",
  "title": "PEP Match: John Doe",
  "description": "WorldCheck screening returned a PEP match for 'John Doe' against UK political figures database.",
  "status": "Open",
  "priority": "High",
  "priority_score": 78,
  "risk_tier": "Medium",
  "match_score": 92,
  "case_token": "cas_xyz789",
  "entity_name": "John Doe",
  "entity_token": "ent_ubo789",
  "assigned_to": {
    "id": "user_analyst01",
    "name": "Sarah Johnson",
    "email": "sarah@example.com"
  },
  "sla_due_date": "2026-02-18T10:00:00Z",
  "sla_status": "On Track",
  "sla_hours_remaining": 46.5,
  "source_data": {
    "provider": "WorldCheck",
    "matched_name": "John Doe",
    "match_type": "Exact",
    "pep_category": "Former Local Councillor"
  },
  "ai_research": null,
  "auto_triaged": false,
  "auto_disposed": false,
  "qa_sample": false,
  "created_at": "2026-02-16T10:15:00Z",
  "updated_at": "2026-02-16T10:15:00Z"
}
```

## Related endpoints

| Endpoint                              | Method | Description              |
| ------------------------------------- | ------ | ------------------------ |
| `GET /v1/alerts`                      | GET    | List alerts with filters |
| `GET /v1/alerts/{token}`              | GET    | Get alert details        |
| `POST /v1/alerts/{token}/resolve`     | POST   | Resolve an alert         |
| `POST /v1/alerts/{token}/acknowledge` | POST   | Acknowledge an alert     |
| `POST /v1/alerts/{token}/escalate`    | POST   | Escalate an alert        |
| `POST /v1/alerts/{token}/ai-research` | POST   | Trigger AI research      |
| `GET /v1/alerts/{token}/ai-research`  | GET    | Get AI research results  |
| `POST /v1/alerts/bulk/resolve`        | POST   | Bulk resolve alerts      |
| `POST /v1/alerts/bulk/acknowledge`    | POST   | Bulk acknowledge alerts  |
| `POST /v1/alerts/bulk/assign`         | POST   | Bulk assign alerts       |

## See also

* [Alert Management Guide](/guides/alert-management)
* [AI Research Guide](/guides/ai-research)
* [Status Enums Reference](/reference/status-enums)
