Core Concepts

Understanding these fundamental concepts will help you build powerful due diligence workflows with the KYC Genie API.

Start Here

If you're new to KYC Genie, read through these concepts to understand how the system works before diving into the API reference.

Questionnaires

A Questionnaire (also known as a Due Diligence Questionnaire or DDQ) is a reusable template containing structured questions about compliance, risk management, security, operations, and governance.

Questions

Questionnaires are composed of Question objects, each representing a single item in the questionnaire. Questions are organized into sections and subsections for logical grouping:

  • Section: High-level grouping (e.g., "Part 1", "Part 2")
  • Subsection: Detailed grouping within sections (e.g., "Data Security", "Incident Response")
  • Number: Question ordering within the subsection

Question Types

Type Description Use Case
text Free text input Company name, policy descriptions, detailed explanations
boolean Yes/No response Binary compliance questions (e.g., "Do you have a data breach policy?")
yes_no_na Yes/No/Not Applicable response Compliance questions where N/A is valid (e.g., "Do you process credit card data?")
text_and_date Combined text and date input Events requiring description and date (e.g., "Last security audit date and findings")

Note: File uploads are handled separately via the File Questions API.

API Endpoint

Access questionnaires via Questionnaires API

Responses

A Response represents a entity's answers to a questionnaire. It contains the answers, uploaded documents, and associated metadata.

Response Lifecycle

1
Created DRAFT or PREFILL

Response is created for an entity

2
Filled DRAFT

Entity answers questions and uploads documents

3
Submitted SUBMITTED

Entity submits completed response for review

4
Under Review UNDER_REVIEW

Your team is actively reviewing the submission

5
Reviewed REVIEWED

Analyst has completed initial review

6
Final Decision APPROVED or REJECTED

Compliance officer makes final approval decision

Changes Requested Loop

At any review stage, your team can request changes (CHANGES_REQUESTED status), which returns the response to the entity to update. Once resubmitted, the status becomes RESUBMITTED and re-enters the review workflow.

Creation Workflows

Workflow Initial Status Use Case
Standard DRAFT Response is created and directly sent to the entity for completion via a email link
Prefill PREFILL Response is created but can be pre-populated with data before sending to the entity for completion via a email link

Note: The prefill feature allows forms to be populated with information already known to reduce data entry and improve accuracy. All prefilled fields remain editable, and the final submission always requires explicit user confirmation. Legal declarations, consent statements, and authority confirmations should never be prefilled and must be completed manually by the submitter.

API Endpoint

Manage responses via Responses API

Entities

An Entity is the central object in KYC Genie, representing any company or individual that requires due diligence. Every questionnaire response, screening, verification, and document is linked to an entity, making it the core organizational unit for all compliance data.

Entity Types

Type Description Subtypes
company Legal entities including corporations, funds, trusts, and partnerships LLC, Corporation, Fund, Trust, Partnership, SPV, and 20+ more
individual Natural persons requiring identification and verification Beneficial owners, directors, authorized signatories, key personnel

What Links to Entities

Entities serve as the central anchor point for all compliance activities:

  • Responses: Questionnaire submissions are about specific entities (subject_entity)
  • Screenings: Sanctions and watchlist checks are performed on entities
  • Documents: Supporting files and evidence are associated with entities
  • Identity Verification: KYC/AML verification sessions link to individual entities
  • Entity Relationships: Corporate structures and beneficial ownership connect entities to each other
Data Protection

Sensitive personal data is encrypted at rest using field-level encryption. These controls support compliance with GDPR and other applicable data protection regulations.

API Endpoint

Create and manage entities via Entities API

Due Diligence Methods

KYC Genie provides multiple independent methods to perform due diligence on entities. You can use any combination of these tools based on your compliance requirements.

Available Methods

Method Description Use Case
Questionnaires Send structured questionnaires to entities for them to complete and submit for review Vendor assessments, security reviews, operational due diligence
Compliance Screening Check entities against sanctions lists, PEP databases, watchlists, and adverse media AML compliance, sanctions screening, reputational risk assessment
Identity Verification Send verification link for individuals to prove identity via document upload and liveness checks KYC for beneficial owners, directors, authorized signatories
Non-Document Checks Non-documentary verification against credit bureaus and electoral registers Identity confirmation, address verification, fraud prevention
Company Search Retrieve official company data including legal name, officers, shareholders, and filing history Corporate verification, UBO identification, registration confirmation
Flexible Workflow

These methods are independent and can be used in any combination. For example, you can screen an entity without sending a questionnaire, or verify identity without performing non-document checks.

Compliance Screening

Compliance Screening checks entities against global sanctions lists, regulatory watchlists, politically exposed persons (PEPs) databases, and adverse media sources.

Screening Categories

Category Description
Sanctions Global sanctions programs (OFAC, UN, EU, UK HMT, and others)
PEP (Politically Exposed Persons) Government officials, political figures, and their close associates
Adverse Media Negative news coverage indicating financial crime, fraud, or reputational risks
Watchlists Regulatory enforcement actions, disqualifications, and disciplinary proceedings

Screening Results

Each screening returns match details including:

  • Match Score: Numerical score indicating match strength from the screening provider
  • Match Types: Reasons for the match (e.g., name_exact, year_of_birth, nationality)
  • Risk Indicators: Specific sanctions, PEP status, adverse media, or watchlist hits
  • Associated Countries: Jurisdictions linked to the matched profile
  • Also Known As: Alternative names associated with the entity

Note: Continuous monitoring is enabled by default for all screened entities to capture new risks over time. This can be disabled in your account settings if not required.

Test Mode

Test API keys return simulated screening results to enable development and testing without consuming credits or triggering live compliance checks.

Response Workflow States

Response submissions follow a structured approval workflow with defined status transitions. The workflow supports both analyst-reviewed and manager-approved paths.

Standard Approval Flow

0
Prefill (Optional) PREFILL

Pre-populate response data via API before sending to entity

1
Draft DRAFT

Entity fills out questionnaire and uploads documents

2
Submitted SUBMITTED

Entity submits completed response for review

3
Under Review UNDER_REVIEW

Your team actively reviewing the submission

4a
Reviewed REVIEWED

Analyst completed review, awaiting manager approval

OR
4b
Skip to Final Decision

Manager can approve/reject directly

5
Final Decision APPROVED or REJECTED

Manager makes final approval or rejection decision

Changes Requested Loop

At any review stage (UNDER_REVIEW or REVIEWED), your team can request changes from the entity:

1
Changes Requested CHANGES_REQUESTED

Team requests updates from entity

2
Entity Updates DRAFT

Entity makes requested changes to response

3
Resubmitted RESUBMITTED

Entity resubmits updated response

4
Back to Review UNDER_REVIEW

Re-enters review workflow from step 3

Approval Hierarchy

Analyst: Can review and mark as REVIEWED, but cannot give final approval.
Manager: Can approve or reject at any review stage, with or without analyst review.

Entity Relationships

Track relationships between entities to map corporate structures, ownership chains, and personnel connections. Relationships define how entities are connected through roles, ownership, and governance.

Relationship Structure

Each relationship links two entities with specific attributes:

  • From Entity: The person or organization holding the role or ownership
  • To Entity: The company or organization where the role is held
  • Role: The type of relationship (director, shareholder, beneficial owner, officer, etc.)
  • Ownership Percentage: For shareholders and beneficial owners
  • Role Title: Specific title (e.g., "CEO", "Chief Investment Officer")
  • Status: Active, inactive, resigned, or deceased
to navigate Enter to select Esc to close