How Do Cases, Entities, and Alerts Work?
Before you start reviewing work in Case Management, it helps to understand how the data is structured. This guide explains the hierarchy of cases, entities, checks, and alerts — and how they relate to each other.
What you’ll learn
- What a case represents and the three case types
- What entities are and how they relate to cases
- How checks work and when they generate alerts
- The difference between alerts and checks
- How the hierarchy fits together visually
The hierarchy at a glance
What is a case?
A case is an investigation. It represents a compliance review of a customer (individual or company) and everything connected to them. Every case has a type, a status, an assigned analyst, and a due date.
Case types
| Type | When it is created | What it covers |
|---|
| Onboarding | A new customer starts verification | Initial KYC/KYB review of the customer and all related persons |
| Review | A periodic review is triggered | Re-assessment of an existing customer’s risk profile and documentation |
| Perpetual | Ongoing monitoring detects a change | Investigation of new screening hits or risk changes for a previously approved customer |
Case statuses
A case moves through these statuses during its lifecycle:
A case cannot be closed while it has open alerts. All alerts must be resolved, marked as false positive, or dismissed before the case can move to Closed.
What is an entity?
An entity is a person or company linked to a case. Every case has at least one entity (the primary subject). Company cases typically have many entities — the company itself plus its directors, UBOs, and shareholders.
Entity roles
| Role | Description | Typical checks required |
|---|
| Primary | The main subject of the case (company or individual) | Screening, adverse media, identity (if individual) |
| UBO | Ultimate Beneficial Owner (25%+ ownership) | Identity, screening, address, adverse media, source of wealth (if high risk) |
| Director | Director or officer of the company | Identity, screening, adverse media, source of wealth (if high risk) |
| Shareholder | Shareholder without UBO-level ownership | Identity, screening |
What is a check?
A check is a verification task that runs against an entity. Checks are automatically created based on the entity’s role and the due diligence level (standard CDD or enhanced EDD). Some checks run automatically via API; others require manual action or document uploads.
Check statuses
| Status | Meaning |
|---|
| Pending | Not yet started |
| Queued | Waiting to be executed by the system |
| In Progress | Currently running |
| Awaiting Client | Waiting for the customer to take action (e.g., complete identity verification) |
| Awaiting Document | Waiting for a document upload |
| Complete | Finished — result is Pass, Refer, or Fail |
| Failed | Technical failure after retries |
| Waived | Skipped with a documented reason |
| Reused | Result carried over from a previous valid check on the same entity |
| Cancelled | No longer needed |
What is an alert?
An alert is a compliance issue that requires human review. Alerts are generated when checks find problems — a sanctions match, a PEP flag, a name mismatch, a document issue. Alerts are the primary work items for compliance analysts.
Alert types and categories
| Type | Categories | Example |
|---|
| Screening | PEP Match, Sanctions Hit, Adverse Media | WorldCheck found a match against a sanctions list |
| Identity | Name Mismatch, DOB Mismatch | OCR-extracted name does not match submitted name |
| Document | Document Expired, Tampering Detected | Passport expiry date is in the past |
| Company | Registry Mismatch, Dissolved Company | Company is listed as dissolved in the registry |
| Financial | Unusual Transaction, Source of Wealth | Financial patterns that require review |
The difference between checks and alerts
Think of checks as the tests and alerts as the failed results. A check always runs. An alert is only created when a check finds something that needs attention.
- A PEP screening check runs against WorldCheck. If it finds a match, it creates a PEP Match alert.
- An identity check extracts data from a document. If the name does not match, it creates a Name Mismatch alert.
- A company registry check looks up the company. If the company is dissolved, it creates a Dissolved Company alert.
What’s next?
