action) and how risk assessment logic is applied to that data (sourceOfRiskLevel) the API to serve multiple use cases, from historic data migration (where risk is already known) to live customer onboarding (where risk must be calculated in real-time).
Request Control Parameters
The behavior of the endpoints is controlled by two key attributes in the request body.| Attribute | Description |
|---|---|
action | Determines the persistence strategy. • CREATE: Creates a new record. Fails if the record exists.• UPDATE: Modifies an existing record. |
sourceOfRiskLevel | Determines if the Risk Engine should trigger. • IMPORT: Bypasses evaluation. Used when migrating data or manually overriding risk.• EVALUATE: Triggers the Risk Engine to calculate risk based on the payload. |
Lifecycle Matrix
The combination ofaction and sourceOfRiskLevel results in four distinct processing behaviors.
| Combination | Behavior Description | Typical Use Case |
|---|---|---|
| 1. CREATE + IMPORT | Direct Ingestion Creates a new record but skips the risk engine. The risk level provided in the payload is saved “as is.” | • Data Migration • System Restoration • Importing pre-vetted archives |
| 2. CREATE + EVALUATE | New Assessment Creates a new record and immediately runs the risk engine to calculate and assign a risk level. | • New Customer Onboarding • First-time application processing |
| 3. UPDATE + IMPORT | Manual Override / Correction Updates existing attributes without re-triggering risk calculation. | • Fixing typos (e.g., name misspelling) • Admin manual override of a risk score |
| 4. UPDATE + EVALUATE | Re-Assessment Updates attributes and re-runs the risk engine to determine if the changes affect the risk profile. | • KYC Refresh (Periodic Review) • Change in customer circumstances (e.g., new country of residence) |