Creating a Workflow

Exact's Underwriting Workflow API enables a partner to create custom rule set(s) to perform automated underwriting decisioning including KYC/KYB, AML and OFAC sanctions screening as required by bank sponsors, payment networks, and federal statute.

Getting Started

Create a Rule

Underwriting workflow enables creation of custom rule sets using boolean logic and sequenced to maximize automated decisioning.

Rule Types

Business Information

The Business Information rule allows a partner to make automated decisions based on any data element collected in the merchant application process.

The example below shows a rule designed to pend a merchant application for review based on the Min/Max values for Average Transaction Amount.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     
{
     "name": "High Ticket Workflow",
     "entryRule": "Max Ticket",
     "rules": [
          {
               "name": "Max Ticket",
               "type": "Business Information",
               "options": [
                    {
                         "field": "merchant.anticipatedTransAmounts.averageTicketSize",
                         "operator": "between",
                         "value1": 1,
                         "value2": 5000000
                    }
                          ],
               "onPass": "accept",
               "onFail": "review"
          }
     ]
}

Know Your Business (KYB)

This verification verifies the legitimacy of a business entity and its ownership structure to ensure compliance with global Anti-Money Laundering (AML) regulations. Merchant application data is routed to a 3rd party service, Trulioo, for analysis against the provider’s data sources.

  • Match - When a match is present, this field exists in the data source and matches the input value.
  • No Match - If no match is present, this field exists in the data source but does not match the value input.
  • Missing - A result of missing indicates either no data was sent in the request or no information about this field was validated by the data source.

The example below shows a rule designed to Pend a merchant application when the business can not be verified with the 3rd party data source.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     
 {   "name": "KYB Workflow",
     "entryRule": "KYB",
     "rules": [
          {    "name": "KYB",
               "type": "Trulioo KYB",
               "options":{},
               "onPass": "accept",
               "onFail": "review"
          }]
 }

Know Your Customer (KYC)

Identity verification is typically required in order to comply with Anti-Money Laundering (AML) and Know Your Customer (KYC) rules and regulations. All beneficial owner application data is routed to a 3rd party service, Trulioo, for analysis against the provider’s data sources, combined into a field-by-field match where match results are compared against the provider’s data sources.

  • Match - When a match is present, this field exists in the data source and matches the input value.
  • No Match - If no match is present, this field exists in the data source but does not match the value input.
  • Missing - A result of missing indicates either no data was sent in the request or no information about this field was validated by the data source.

The example below shows a rule designed to Decline a merchant application when the business can not be verified with the 3rd party data source.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     
 {   "name": "KYC Workflow",
     "entryRule": "KYC",
     "rules": [
          {    "name": "KYC",
               "type": "Trulioo KYC",
               "options":{},
               "onPass": "accept",
               "onFail": "review"
          }]
 }

*Mastercard Match**

Mastercard Alert To Control High-risk Merchants (MATCH) is typically required when evaluating a new merchant application. MATCH is a database of merchants previously terminated or marked as ineligible by another acquiring bank based on prior account history with that bank. Use this rule to identify potentially high-risk merchants before entering into an agreement.

  • M00 - No Match.
  • M01 - Exact Match.
  • M02 - Phonetic Match.

The example below shows a rule designed to Decline a merchant whose beneficial owner's name and DBA name are an exact match with the data source.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \

 {   "name": "MC MATCH Workflow",
     "entryRule": "MATCH",
     "rules": [
          {    "name": "MATCH",
               "type": "Mastercard Match",
               "options": {
                 "merchant": {
                     "Name": ["M01"],
                       "DoingBusinessAsName": ["M01"]
                                         }
                                },
               "onPass": "accept",
               "onFail": "reject"
          }
     ]
 }

OFAC

This service screens individuals and entities in coordination with the U.S. Department of Treasury. The search returns exact matches, as well as partial matches, which meet a minimum threshold as defined by the user. The higher the threshold, the fewer results will be returned and the higher the likelihood of a match. For example, if the minScore is set to at a low threshold (ex. 50), the service may return many results, most of which are not applicable to the applicant.

The example below shows a rule designed to Pend a merchant whose likelihood of a match against the watchlist is between 90-100%.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     
{   "name": "OFAC Scoring Workflow",
     "entryRule": "OFAC Score",
                "rules": [
          {     "name": "OFAC Score",
                    "type": "OFAC",
                "options": {
                    "min": 90,
                    "max": 100
                                 },
               "onPass": "accept",
               "onFail": "review"
          }
                    ]
}

Plaid Banking Authentication

This authentication integrates with Plaid's bank account verification service enabling real-time validation of the account owner and its status.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
         
{   "name": "Plaid Auth Workflow",
     "entryRule": "Plaid Auth",     
     "rules": [
          {     "name": "Plaid Auth",
                    "type": "Plaid Auth",
                "options":{},
                "onPass": "accept",
                "onFail": "review"
          }
                    ]
}

Watchlist

This Watchlist screening service offers comprehensive coverage of Global Anti-Money Laundering (AML) risk data sources including sanction lists, law enforcement lists, and regulatory bodies. This API screens against hundreds of lists around the world, and is updated in real-time.

The example below shows a rule designed to Decline a merchant which is an exact match on an international watchlist.

curl --request POST \
     --url https://api.exactpaysandbox.com/organization/{organizationId}/onboarding-workflow \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
                  
{   "name": "Watchlist Workflow",
     "entryRule": "Watchlist",     
     "rules": [
          {    "name": "Watchlist",
               "type": "Trulioo International Watchlist",
               "options":{},
               "onPass": "accept",
               "onFail": "reject"
          }
     ]
}