Skip to main content

Cases

A case represents an AML investigation into an entity. Cases aggregate alerts, risk assessments, verification checks, and reviewer workflows.

Resource fields

FieldTypeDescription
tokenstringUnique case identifier (prefix cas_)
namestringAuto-generated case reference (e.g., AML-2026-0042)
typestringCase type: Onboarding, Review, Perpetual
statusstringCurrent status. See Status Enums
prioritystringPriority level: Critical, High, Medium, Low
risk_tierstringOverall risk tier: High, Medium, Low
risk_scorenumberNumeric risk score (0-100)
entity_tokenstringToken of the primary entity under investigation
entity_namestringName of the primary entity
entity_typestringEntity type: company or person
assigned_toobjectAssigned analyst (see User object below)
escalated_toobjectManager the case is escalated to (see User object)
escalation_datestringISO 8601 timestamp of escalation
escalation_reasonstringReason for escalation
start_datestringISO 8601 timestamp of case creation
due_datestringISO 8601 date of SLA deadline
completed_atstringISO 8601 timestamp of case closure
resolution_notesstringResolution summary written at closure
open_alerts_countnumberCount of unresolved alerts on this case
external_referencestringYour external reference ID for idempotency
sla_statusstringSLA status: On Track, Warning, Critical, Breached
checks_summaryobjectSummary of check outcomes (see below)
risk_assessmentobjectLatest risk assessment (see below)
created_atstringISO 8601 timestamp of creation
updated_atstringISO 8601 timestamp of last modification

Nested objects

User object

FieldTypeDescription
idstringUser identifier
namestringDisplay name
emailstringEmail address

Checks summary object

FieldTypeDescription
totalnumberTotal checks created
passednumberChecks with Pass result
referrednumberChecks with Refer result
failednumberChecks with Fail result
waivednumberChecks manually waived
reusednumberChecks reused from other cases
pendingnumberChecks still in progress or pending

Risk assessment object

FieldTypeDescription
overall_scorenumberCalculated overall risk score (0-100)
tierstringOverall tier: High, Medium, Low
customer_riskobjectCustomer dimension { score, tier }
geographic_riskobjectGeographic dimension { score, tier }
product_riskobjectProduct/Service dimension { score, tier }
channel_riskobjectChannel dimension { score, tier }
override_tierstringAnalyst override tier (if applicable)
override_reasonstringOverride justification
edd_requiredbooleanWhether EDD is required based on risk

Example

{
  "token": "cas_xyz789",
  "name": "AML-2026-0042",
  "type": "Onboarding",
  "status": "In Progress",
  "priority": "Medium",
  "risk_tier": "Medium",
  "risk_score": 45,
  "entity_token": "ent_abc123",
  "entity_name": "Acme Holdings Ltd",
  "entity_type": "company",
  "assigned_to": {
    "id": "user_analyst01",
    "name": "Sarah Johnson",
    "email": "sarah@example.com"
  },
  "escalated_to": null,
  "escalation_date": null,
  "start_date": "2026-02-16T10:01:00Z",
  "due_date": "2026-03-02",
  "completed_at": null,
  "resolution_notes": null,
  "open_alerts_count": 1,
  "external_reference": "YOUR-REF-2026-0042",
  "sla_status": "On Track",
  "checks_summary": {
    "total": 6,
    "passed": 3,
    "referred": 1,
    "failed": 0,
    "waived": 0,
    "reused": 0,
    "pending": 2
  },
  "created_at": "2026-02-16T10:01:00Z",
  "updated_at": "2026-02-16T11:00:00Z"
}
EndpointMethodDescription
GET /v1/casesGETList cases with filters
POST /v1/casesPOSTCreate a new case
GET /v1/cases/{token}GETGet case details
POST /v1/cases/{token}/closePOSTClose a case
POST /v1/cases/{token}/escalatePOSTEscalate a case
GET /v1/cases/{token}/alertsGETList alerts for a case
GET /v1/cases/{token}/checksGETList checks for a case
GET /v1/cases/{token}/entitiesGETList entities for a case
GET /v1/cases/{token}/audit-logsGETList audit logs for a case
GET /v1/cases/{token}/commentsGETList comments for a case
GET /v1/cases/{token}/compliance-reportGETGenerate compliance report

See also