> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zenoo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Compliance Reports

> Generate and interpret a compliance report for a completed case via the API.

# Compliance Reports

This guide shows how to generate a compliance report once all checks and alerts for a case have been resolved. The report provides a structured summary suitable for regulatory filing and internal audit.

## Prerequisites

* A valid API key (see [Authentication](/getting-started/authentication))
* A case with all alerts resolved (see [End-to-End Onboarding](/use-cases/onboarding))

<Steps>
  <Step title="Get case details">
    Retrieve the case to confirm its current status and check progress.

    <CodeGroup>
      ```bash curl theme={null}
      curl -X GET "https://api.zenoo.com/v1/cases/cas_xyz789" \
        -H "Authorization: Bearer your-api-key"
      ```

      ```python Python theme={null}
      import requests

      response = requests.get(
          "https://api.zenoo.com/v1/cases/cas_xyz789",
          headers={"Authorization": "Bearer your-api-key"},
      )
      case = response.json()
      print(f"Status: {case['status']}")
      print(f"Risk Tier: {case['risk_tier']}")
      print(f"Open Alerts: {case['open_alerts_count']}")
      print(f"Checks: {case['checks_summary']['passed']}/{case['checks_summary']['total']} passed")
      ```

      ```javascript Node.js theme={null}
      const caseRes = await fetch("https://api.zenoo.com/v1/cases/cas_xyz789", {
        headers: { Authorization: "Bearer your-api-key" },
      });
      const caseData = await caseRes.json();
      console.log(`Status: ${caseData.status}`);
      console.log(`Risk Tier: ${caseData.risk_tier}`);
      console.log(`Open Alerts: ${caseData.open_alerts_count}`);
      console.log(
        `Checks: ${caseData.checks_summary.passed}/${caseData.checks_summary.total} passed`
      );
      ```
    </CodeGroup>

    **Response:**

    ```json theme={null}
    {
      "token": "cas_xyz789",
      "type": "Onboarding",
      "status": "Closed",
      "priority": "Medium",
      "risk_tier": "Medium",
      "risk_score": 45,
      "open_alerts_count": 0,
      "entity": {
        "token": "ent_abc123",
        "name": "Acme Holdings Ltd",
        "type": "company"
      },
      "checks_summary": {
        "total": 6,
        "passed": 5,
        "referred": 1,
        "failed": 0,
        "waived": 0,
        "reused": 0
      },
      "due_date": "2026-03-02T10:00:00Z",
      "completed_at": "2026-02-16T11:35:00Z",
      "created_at": "2026-02-16T10:01:00Z"
    }
    ```
  </Step>

  <Step title="Verify all alerts are resolved">
    Confirm there are no open alerts remaining on the case.

    <CodeGroup>
      ```bash curl theme={null}
      curl -X GET "https://api.zenoo.com/v1/cases/cas_xyz789/alerts?status=Open" \
        -H "Authorization: Bearer your-api-key"
      ```

      ```python Python theme={null}
      response = requests.get(
          "https://api.zenoo.com/v1/cases/cas_xyz789/alerts",
          headers={"Authorization": "Bearer your-api-key"},
          params={"status": "Open"},
      )
      open_alerts = response.json()
      if open_alerts["meta"]["total"] > 0:
          print(f"WARNING: {open_alerts['meta']['total']} alerts still open")
      else:
          print("All alerts resolved. Ready for report generation.")
      ```

      ```javascript Node.js theme={null}
      const alertsRes = await fetch(
        "https://api.zenoo.com/v1/cases/cas_xyz789/alerts?status=Open",
        { headers: { Authorization: "Bearer your-api-key" } }
      );
      const openAlerts = await alertsRes.json();
      if (openAlerts.meta.total > 0) {
        console.log(`WARNING: ${openAlerts.meta.total} alerts still open`);
      } else {
        console.log("All alerts resolved. Ready for report generation.");
      }
      ```
    </CodeGroup>

    <Warning>
      The compliance report endpoint returns an error if any alerts remain open. Resolve all alerts before generating the report.
    </Warning>
  </Step>

  <Step title="Generate the compliance report">
    Request the full compliance report. The report aggregates all case data, check results, alert resolutions, risk assessments, and audit trail entries into a single structured document.

    <CodeGroup>
      ```bash curl theme={null}
      curl -X GET "https://api.zenoo.com/v1/cases/cas_xyz789/compliance-report" \
        -H "Authorization: Bearer your-api-key"
      ```

      ```python Python theme={null}
      response = requests.get(
          "https://api.zenoo.com/v1/cases/cas_xyz789/compliance-report",
          headers={"Authorization": "Bearer your-api-key"},
      )
      report = response.json()
      print(f"Verdict: {report['overall_verdict']}")
      print(f"Risk Tier: {report['risk_assessment']['tier']}")
      print(f"CDD Completed: {report['compliance_metadata']['cdd_completed']}")
      ```

      ```javascript Node.js theme={null}
      const reportRes = await fetch(
        "https://api.zenoo.com/v1/cases/cas_xyz789/compliance-report",
        { headers: { Authorization: "Bearer your-api-key" } }
      );
      const report = await reportRes.json();
      console.log(`Verdict: ${report.overall_verdict}`);
      console.log(`Risk Tier: ${report.risk_assessment.tier}`);
      console.log(`CDD Completed: ${report.compliance_metadata.cdd_completed}`);
      ```
    </CodeGroup>

    **Response:**

    ```json theme={null}
    {
      "case_reference": "AML-2026-0042",
      "external_reference": "YOUR-REF-2026-0042",
      "overall_verdict": "Pass",
      "generated_at": "2026-02-16T12:00:00Z",

      "entity": {
        "name": "Acme Holdings Ltd",
        "type": "company",
        "registration_number": "12345678",
        "jurisdiction": "GB",
        "verification_status": "Verified"
      },

      "screening": {
        "pep_status": "Cleared",
        "sanctions_status": "No Hit",
        "adverse_media_status": "No Hit",
        "provider": "WorldCheck",
        "completed_at": "2026-02-16T10:15:00Z"
      },

      "related_entities": [
        {
          "name": "Jane Smith",
          "role": "Director",
          "pep_status": "No Hit",
          "sanctions_status": "No Hit",
          "verification_status": "Verified"
        },
        {
          "name": "John Doe",
          "role": "UBO",
          "ownership_percentage": 75,
          "pep_status": "Cleared",
          "sanctions_status": "No Hit",
          "verification_status": "Verified"
        }
      ],

      "risk_assessment": {
        "overall_score": 45,
        "tier": "Medium",
        "customer_risk": { "score": 40, "tier": "Medium" },
        "geographic_risk": { "score": 30, "tier": "Low" },
        "product_risk": { "score": 55, "tier": "Medium" },
        "channel_risk": { "score": 25, "tier": "Low" },
        "factors": [
          {
            "dimension": "Customer",
            "factor": "UBO identified as former PEP",
            "severity": "Medium"
          },
          {
            "dimension": "Product",
            "factor": "Financial Services industry",
            "severity": "Medium"
          }
        ]
      },

      "checks_summary": [
        { "type": "Company Registry", "result": "Pass", "provider": "Kyckr" },
        { "type": "Company Screening", "result": "Pass", "provider": "WorldCheck" },
        { "type": "Director Screening (Jane Smith)", "result": "Pass", "provider": "WorldCheck" },
        { "type": "UBO Screening (John Doe)", "result": "Refer", "provider": "WorldCheck", "resolution": "Approved" },
        { "type": "Identity (John Doe)", "result": "Pass", "provider": "ZenooVerify" },
        { "type": "Directors Verification", "result": "Pass", "provider": "Kyckr" }
      ],

      "alerts_summary": [
        {
          "category": "PEP Match",
          "entity": "John Doe",
          "resolution": "Approved",
          "notes": "Former local councillor (2010-2014). Low risk position.",
          "resolved_by": "analyst@example.com",
          "resolved_at": "2026-02-16T11:30:00Z"
        }
      ],

      "compliance_metadata": {
        "cdd_completed": true,
        "cdd_completed_at": "2026-02-16T11:35:00Z",
        "edd_required": false,
        "reviewed_by": "analyst@example.com",
        "case_type": "Onboarding",
        "sla_met": true,
        "audit_log_count": 18
      }
    }
    ```
  </Step>

  <Step title="Interpret the report sections">
    The compliance report contains six sections. Use them to drive your onboarding decision.

    ### Section reference

    | Section               | Contains                                                        |
    | --------------------- | --------------------------------------------------------------- |
    | `entity`              | Primary entity details and verification status                  |
    | `screening`           | PEP, sanctions, and adverse media screening outcomes            |
    | `related_entities`    | Directors, UBOs, shareholders with individual screening results |
    | `risk_assessment`     | 4-dimension risk score breakdown with contributing factors      |
    | `checks_summary`      | Every check executed with result and provider                   |
    | `alerts_summary`      | Every alert generated with resolution, notes, and resolver      |
    | `compliance_metadata` | CDD/EDD status, SLA compliance, reviewer, audit log count       |

    ### Decision matrix

    | Verdict | Risk Tier | Recommended Action                                |
    | ------- | --------- | ------------------------------------------------- |
    | `Pass`  | Low       | Auto-approve. Proceed with onboarding.            |
    | `Pass`  | Medium    | Approve with enhanced monitoring schedule.        |
    | `Refer` | Medium    | Route to compliance analyst for manual review.    |
    | `Refer` | High      | Route to senior compliance officer. Consider EDD. |
    | `Fail`  | Any       | Reject. Escalate to compliance team.              |

    <Tip>
      Store the full report JSON in your system for regulatory audit purposes. The `case_reference` and `audit_log_count` fields support traceability back to the immutable audit trail.
    </Tip>

    ### Export format

    The compliance report can also be requested as a PDF for filing:

    ```bash theme={null}
    curl -X GET "https://api.zenoo.com/v1/cases/cas_xyz789/compliance-report?format=pdf" \
      -H "Authorization: Bearer your-api-key" \
      -o "compliance-report-AML-2026-0042.pdf"
    ```
  </Step>
</Steps>

## Monitoring schedule

After onboarding is complete, set up ongoing review based on the risk tier:

| Risk Tier  | Review Frequency | Monitoring Level              | Rationale                                                                           |
| ---------- | ---------------- | ----------------------------- | ----------------------------------------------------------------------------------- |
| **High**   | Every 6 months   | Enhanced screening + approval | Highest regulatory scrutiny. Frequent changes in sanctions lists and PEP databases. |
| **Medium** | Every 12 months  | Enhanced screening + review   | Standard CDD cycle. Aligns with most regulatory frameworks.                         |
| **Low**    | Every 24 months  | Standard ongoing screening    | Reduced frequency appropriate for low-risk customers with stable profiles.          |

These intervals are recommendations. Your compliance program may require different schedules based on jurisdiction, customer type, or regulatory guidance.

<Tip>
  Implement a review calendar that automatically schedules re-screening based on the risk tier returned in the compliance report. Use the `next_review_date` field from the compliance metadata to track when each customer is due.
</Tip>

<Info>
  Use case type `Perpetual` for ongoing monitoring cases and `Review` for periodic re-review cases. See [Case Lifecycle Guide](/guides/case-lifecycle) for details.
</Info>

## Next steps

* [Case Lifecycle Guide](/guides/case-lifecycle). Understand case types and review schedules.
* [Risk Scoring Guide](/guides/risk-scoring). Deep dive into the 4-dimension risk model.
* [Audit Trail Guide](/guides/audit-trail). Query the full audit history for a case.
* [Webhook Events](/data-model/webhook-events). Automate post-onboarding monitoring workflows.
