Sanctions · PEP · Adverse media

Screen any name against the world's watchlists — on an engine you actually own.

PROOViD AML is a multi-tenant, API-first screening service for sanctions, PEP and adverse-media checks. We run our own matching and risk engine, so there's no per-lookup aggregator lock-in — buy it as a hosted API, or self-host the whole thing in your own cloud with one Docker stack.

Start screening Read the API docs

Own engine, not a reseller
Self-hostable Docker
GDPR-minded, EU focus

POST /v1/screenings/check

{
  "isMatch": true,
  "score": 0.97,
  "classification": "PotentialMatch",
  "decision": "Review",
  "riskScore": 83,
  "riskBand": "Medium",
  "matchedEntities": [
    { "sourceList": "OFAC",
      "score": 0.97 }
  ]
}

How it works

From a name to a decision in one call

No SDK gymnastics, no batch ceremony. A single REST call returns a normalized, actionable verdict.

1
Onboard a tenant

One POST /v1/tenants provisions a tenant, an API key, a default risk profile and an optional signed webhook. Multi-tenant from the first request.
2
Screen a subject

Send a name (plus optional DoB, nationality, aliases). We match across sanctions, PEP and adverse-media sources with fuzzy, phonetic and nickname-aware matching.
3
Get a clear verdict

Back comes a normalized isMatch + score, a classification (True / Potential / False / Unknown), a risk band and a Pass / Review / Fail decision you can act on.
4
Monitor continuously

Flag a subject for ongoing monitoring and we re-screen on every watchlist change, firing an HMAC-signed monitoring.alert webhook only when the outcome moves.

Features

A full compliance engine, not a lookup proxy

Everything you need to stand up screening — and everything an auditor will ask for later.

Broad watchlist coverage

Sanctions (UN, OFAC, EU, UK), PEP and adverse media — ingested directly per watchlist, normalized into one model.

Fuzzy & phonetic matching

Levenshtein/trigram, Jaro-Winkler, token-based phonetic and nickname-aware matching with DoB confirmation to cut false positives.

Per-tenant risk scoring

Configurable country, category and criminal-record weights map matches to a 0–100 score and a Low / Medium / High band.

Ongoing monitoring

Enrol a subject once; we re-screen on list changes and alert you only when the decision actually moves.

HMAC-signed webhooks

screening.completed and monitoring.alert delivered with SHA-256 signatures and replay protection. Payloads are PII-light.

Bulk screening

Screen a portfolio in one request with POST /v1/screenings/bulk — onboarding back-books and periodic sweeps, not just one-offs.

Case management

Review and disposition matches (open / cleared / confirmed / escalated) with an audit-note thread and a bundled back-office console.

Full audit log

Every state change is recorded immutably and exportable to CSV — built for the conversation you'll have with a regulator.

Own identity provider

A dedicated OpenIddict-based IdP — machine and human auth — so there's no hard dependency on an external identity system.

Why us

Own the engine. Own your data. Own your costs.

Aggregators such as Dilisense, SumSub and sanctions.io resell a shared data layer behind their API. We took the other road.

Typical aggregator

× Per-lookup pricing on someone else's data layer
× Hosted only — your PII leaves your perimeter
× Matching logic is a black box you can't tune
× Vendor lock-in: switching means re-integrating

PROOViD AML

✓ Our own matching & risk engine — no aggregator middleman
✓ Self-host the full stack in your own cloud (any cloud)
✓ Transparent, per-tenant tunable matching and risk weights
✓ Bring your own commercial provider on top, with your key, when you want more depth

Buy it hosted, or self-host it — same engine, same API. Talk to us about volume and self-host licensing. Start free →

Built to be trusted

Designed for compliance teams & the engineers who serve them

GDPR

EU-focused, PII-light webhooks and field-level handling of personal data.

Multi-tenant

Strict per-tenant isolation, keys, quotas and risk profiles out of the box.

API-first

Versioned /v1 REST, idempotency keys, RFC 7807 errors, signed webhooks.

Self-host

Cloud-agnostic Docker — Postgres, S3-compatible storage, no managed-cloud lock-in.

Reference customers and case studies coming soon — be one of the first to pilot.

Stand up screening this week.

Onboard a tenant, screen your first subject and wire a webhook in well under an hour.

Start free Developer docs

Prefer to talk first? Email us at [ enable JavaScript to view ].