Skip to main content

Lucinity API (3.3)

Download OpenAPI specification:Download

Welcome to the Lucinity API!

Lucinity is an API-first SaaS solution for AML: our platform ingests your data to make integration and data publishing simple and seamless. Our modular approach separates the functionality of the user interface centered around customer use cases, but the backend APIs are unified so the system can scale with your needs.

Quickstart Guide

Use this section to get familarized with the Lucinity API's syntax, payload, and data structures.

Following the steps detailed below, you'll be able to ingest data in the Lucinity platform and get started to Make Money Good.

The hidden power of your data

One of the highlights of Lucinity’s AML platform is the actionable insights that reveal how much value you can unlock from the data you already have today. To surface these insights, Lucinity requires access to various data points from your system.

We understand that data integration projects can be intimidating. When designing Lucinity’s APIs, we set out to make data ingestion as integration-friendly as possible while also providing products with innovative and robust data analysis methodologies.

To get started, you can connect a basic set of data to quickly and easily become familiar with the integration. As your familiarity and confidence grow, Lucinity is capable of ingesting even more data to unlock its full potential.

Core Data Pillars

At the core of the Lucinity data model are Actors: the legal entities and natural persons that make up your customer base.

These Actors can have Accounts, the medium or ledger where funds are stored and moved to or from. The Actor’s relationship with an Account is defined via Actor Accounts.

Actors are also the owners of financial Transactions, where funds move between Accounts of an Actor and a Counterparty.

Going deeper, you can provide Actor Associates, describing a link between your Actors. If you have additional insights into various risks associated with an Actor, you can send Risk Assessments that you've already performed outside of Lucinity. You can also segment your Actors into your custom-built Segmentation-Categories and -Groups.

If you are not using Lucinity's Transaction Monitoring, or if you want to combine it with another detection system, the Lucinity Case Manager also offers direct integration. By sending us Observation and Case data surfaced by your legacy system, you can still gain the full benefits of our Case Manager.

You can bring all this data into the Lucinity platform using a rich yet simple set of APIs. This documentation describes the structure of each data model, including which fields are required and which are optional. However, the exact set of required data can vary depending on your product package and integration needs. For guidance on what is necessary in your setup, we recommend first discussing with your internal project lead, and if needed, reaching out to the Lucinity Customer Success team.

The APIs ingest and return JSON-encoded requests and responses, and use HTTP response codes to present the result of your request, allowing you to track and respond efficiently.

Access

As an AML solution intended for highly regulated financial institutions, Lucinity's APIs rest (no pun intended) on secure access through two authentication methods: API Keys and JWT Tokens, depending on the specific endpoint you're using.

See Authentication for how to obtain and use credentials for each method, and for guidance on keeping your API key secure.

Adding data

Lucinity's products (Case Manager, Actor Intelligence, Transaction Monitoring, and more) require you to at minimum add data for Actors, Transactions and (optionally) Accounts. To utilize the Case Manager with externally sourced alerts, you'll additionally need Observations and Cases.

The six simple steps below walk you through the process of using the Lucinity APIs to publish data to the platform and get your instance of Lucinity up and running.

You can send the data in any order. However, to make it easier and more organized for data integration projects, we have structured data ingest around Actors, Accounts and Transactions.

1. Get Your Authentication Credentials Ready

Make sure you have your authentication credentials ready to authenticate with the Lucinity platform:

  • For most endpoints: API Keys using the x-api-key header
  • For specific endpoints: JWT Token credentials (Client ID and Client Secret) using the Authorization: Bearer header

2. Ingest Actor Data

Collect your actor data and follow the data structure outlined below to ingest it to the Lucinity Platform.

The sidebar code snippet reflects the actor data fields required for initializing the system. See Actors for all available fields.

NOTE: There is a slight difference in the required fields between individuals and legal entities to ingest data. See the sidebar examples on how to ingest both actor types.

Transmitting Actor Data - Individual

const unirest = require("unirest");
unirest
.post("https://<your environment>/api/actors")
.headers({
  "X-Api-Key": "<Secret API Key>",
});
.send({
  id: "ACT985002241",
  asOfDate: "2019-08-24",
  status: "ACTIVE",
  type: "INDIVIDUAL",
  monitored: "YES",
  displayName: "Samantha Jones",
  name: "Samantha Jane Jones",
  dateOfBirth: "1966-01-21",
  gender: "FEMALE",
  addresses: [
    {
      type: "HOME",
      line1: "123 Bond Street",
      line2: "Mayfair",
      postcode: "W1S 1EJ",
      city: "London",
      country: "UK",
    },
  ],
  nationality: "UK",
  dataSource: "source-name"
});
.then((response) => {
  console.log(response.body);
})
.catch((err) => {
  console.log(err);
});

Transmitting Actor Data - Legal Entity

const unirest = require("unirest");
unirest
.post("https://<your environment>/api/actors")
.headers({
  "X-Api-Key": "<Secret API Key>",
});
.send({
  id: "ACT985002242",
  asOfDate: "2019-08-24",
  status: "ACTIVE",
  type: "LEGAL_ENTITY",
  monitored: "YES",
  displayName: "Vortexecurity",
  name: "Vortexecurity",
  legalEntity:
    {
      dateOfRegistration: "1991-01-09",
      type: "PARTNERSHIP_LIMITED",
      industry: [{
        code: "561621",
        type: "NAICS",
      }]
    },
  addresses: [
    {
      type: "HOME",
      line1: "123 Bond Street",
      line2: "Mayfair",
      postcode: "W1S 1EJ",
      city: "London",
      country: "UK",
    },
  ],
  nationality: "UK",
  dataSource: "source-name"
});
.then((response) => {
  console.log(response.body);
})
.catch((err) => {
  console.log(err);
});

3. Ingest Account Data

Collect your account data and follow the data structure outlined below to ingest it to the Lucinity Platform.

The sidebar code snippet reflects the account data fields required for initializing the system. See Accounts for all available fields.

Transmitting Accounts Data

const unirest = require("unirest");
unirest
    .send("https://<your environment>/api/accounts")
    .headers({
        "X-Api-Key": "<Secret API Key>",
    })
    .post({
        id: "ACC99140294",
        asOfDate: "2019-08-24",
        accountType: "CURRENT",
        currencyCode: "GBP",
        openedDate: "2019-08-24",
        terminationDate: null,
        accountNumber: "2340-234-234234",
        status: "ACTIVE",
        monitored: "YES",
        dataSource: "source-name",
    })
    .then((response) => {
        console.log(response.body);
    })
    .catch((err) => {
        console.log(err);
    });

4. Ingest Actor Account Mapping

Collect your customer’s and customer’s account data and follow the data structure outlined below to map Actors to Accounts in the Lucinity Platform.

Use the provided code snippet to try it out.

Transmitting Actor-Account Mapping

const unirest = require("unirest");
unirest
    .post("https://<your environment>/api/accounts/<Account ID>/actors")
    .headers({
        "X-Api-Key": "<Secret API Key>",
    })
    .send({
        asOfDate: "2019-08-24",
        actors: [
            {
                id: "ACT985002241",
                role: "OWNER",
            },
        ],
    })
    .then((response) => {
        console.log(response.body);
    })
    .catch((err) => {
        console.log(err);
    });

5. Ingest Transaction Data

Collect your transaction data and follow the data structure outlined below to ingest it to the Lucinity Platform.

The sidebar code snippet reflects the required transaction data fields for initializing the system, see Transactions for all available fields.

Transmitting Transaction Data

const unirest = require("unirest");
unirest
    .post("https://<your environment>/api/v2/transactions")
    .headers({
        "X-Api-Key": "<Secret API Key>",
    })
    .send({
        id: "TXN949000250",
        created_at: 1697470699,
        direction: "OUTBOUND",
        status: "COMPLETED",
        description: "Transfer for bill xx",
        channel: "ONLINE",
        account_id: "ACC99140294",
        amount: {
            value: 100.15,
            currency: "USD",
        },
        standardized_amount: 200.25,
        account_balance: 4000.05,
        account_owner_id: "ACT985002241",
        method: "WIRE_TRANSFER",
        purpose: "BILL_PAYMENT",
        counterparty: {
            object: "LEGAL_ENTITY",
            id: "CPid",
            name: "Vortexecurity",
            account_info: {
                account_number: "123-45-6789",
                iban: "GB61xxxxxxxxxxxxxxxxxxxx",
                country: "GBR",
            },
            industry: {
                classification_identifier: "NAICS",
                code: "561621",
            },
            metadata: {
                identifiable_as_actor: "true",
            },
        },
        metadata: {
            international: "false",
        },
    })
    .then((response) => {
        console.log(response.body);
    })
    .catch((err) => {
        console.log(err);
    });

6. Actor Associates & Risk Assessment (Optional)

You can enrich the data with any additional information about your customers to get a better risk overview, such as entities linked to customers, internal or external risk assessments, etc. Follow the data structure outlined below.

Use the provided code snippet to try it out. See Actor Associates and Risk Assessments for all available fields.

Transmitting Actor Associates

const unirest = require("unirest");
unirest
    .post("https://<your environment>/api/actors/<Actor ID>/associates")
    .headers({
        "X-Api-Key": "<Secret API Key>",
    })
    .send({
        asOfDate: "2019-08-24",
        actorAssociates: [
            {
                id: "AA842099",
                name: "Fred Patricks",
                type: "REPRESENTATIVE",
                customer: false,
                dataSource: "source-name",
            },
        ],
    })
    .then((response) => {
        console.log(response.body);
    })
    .catch((err) => {
        console.log(err);
    });

Transmitting Risk Assesment

const unirest = require("unirest");
unirest
    .post("https://<your environment>/api/actors/<Actor ID>/riskAssessments")
    .headers({
        "X-Api-Key": "<Secret API Key>",
    })
    .send([
        {
            asOfDate: "2019-08-24",
            type: "PEP",
            value: "1",
        },
    ])
    .then((response) => {
        console.log(response.body);
    })
    .catch((err) => {
        console.log(err);
    });

Make Money Good

That’s it! Expected more steps? Sorry to disappoint.

While there is a lot more you can do with the Lucinity APIs, including but not limited to Segmentation, Webhooks, and Workflows, this quick start guide should help you get started with the basics.

Congratulations, you are ready to Make Money Good with Lucinity. Have fun, and don't hesitate to reach out to us if you need assistance.


Authentication

Lucinity uses two different authentication methods depending on the API endpoint you're accessing:

  • Most API endpoints require API Key authentication using the x-api-key header
  • Specific endpoints require JWT Token authentication using the Authorization: Bearer header

Check each endpoint's documentation to see which authentication method is required. The API documentation clearly indicates whether an endpoint uses API Key or JWT Token authentication.

Authentication Methods

API Key Authentication

API Keys provide a simple and reliable way to authenticate with the Lucinity API. Most Lucinity API endpoints use API Key authentication, including:

  • Data ingestion endpoints (Actors, Accounts, Transactions, Observations)
  • Case management endpoints
  • Reporting and analytics endpoints

How it works:

  • API Keys are long-lived credentials that provide consistent access to your Lucinity environment

  • The client must send the key in an x-api-key header when making requests to protected resources

  • Generate and manage your API keys via the Lucinity Admin Portal, which also lets you manage system access, monitored Scenarios, workflows, and other platform configuration. If you don't have portal access, contact your Customer Success Team to have a key issued.

API Key Authentication

headers = { "x-api-key": "{API_KEY}" };

API Key

Treat your secret API key as carefully, or more carefully, than you would treat your password. We recommend keeping it out of any version control system you may be using. Grant access only to those who need it or secure them through their own API credentials.



JWT Token Authentication

JWT (JSON Web Tokens) are short-lived, signed tokens that carry user information and permissions. This is the authentication method used by Lucinity's newer API endpoints — most endpoints still use API Keys. Endpoints that require JWT Tokens are specifically labelled as such.

How it works:

  • JWTs are personalized tokens, coded for specific permissions, with a built-in expiration
  • JWTs expire automatically after a short time, while API Keys have a longer expiration that can be extended as needed
  • You'll need to request a new token for each session or when the current token expires

Getting Started:

  1. Obtain Credentials: Contact Lucinity to get your Client ID and Client Secret
  2. Request Token: Send a POST request to the authorization server to get your JWT token
  3. Use Token: Include the JWT token in the Authorization header for API requests

Step 1: Request JWT Token

// Request a new JWT token
const tokenResponse = await fetch("[Authorization Server URL]", {
    method: "POST",
    headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        Host: "<your-environment>",
    },
    body: "grant_type=client_credentials&client_id=<clientId>&client_secret=<clientSecret>",
});

const { access_token } = await tokenResponse.json();

Step 2: Use JWT Token

// Use the JWT token for API requests
headers = {
    Authorization: `Bearer ${access_token}`,
};

Core Data

Core Data represents the data points you add to Lucinity from sources like your KYC pipeline, transactions, etc.

After ingested, it is then used by the Lucinity platform to calculate risk scores and other operations that gives the AML team intelligent insight into customer behavior.

Actors

Add Actor

Add actor to Lucinity.

Authorizations:
ApiKeyAuth
Request Body schema: application/json
required

The Actor to be added to Lucinity.

id
required
string

Primary identifier for the record, provided by you. Should be unique across records of the same type and stable across updates.

asOfDate
required
string <date>

Date the record became valid for the Actor, in ISO 8601 format (YYYY-MM-DD).

The record with the latest asOfDate (not the most recently ingested) is treated as the current state.

type
required
object (ActorType)
Enum: "INDIVIDUAL" "LEGAL_ENTITY"

Whether this Actor is an individual person (INDIVIDUAL) or a company (LEGAL_ENTITY). Required.

Determines which other fields are expected.

dataSource
string

The name of your system where this record originated (e.g. CORE_BANKING, CRM). Used to trace records back to their source system.

ingestDate
string <date-time>

Timestamp when Lucinity ingested this record, in ISO 8601 format. Read-only.

Array of objects (Reference)

External-system references — a list of (system name, external id) pairs that let you correlate this record with other systems you operate. See the Reference schema.

Array of objects (address)

A list of physical or legal addresses associated with the Actor.

object (CustomData)

A key-value map for additional Actor attributes not already covered by the public API. Where possible, use the official fields — built-in functionality is limited for data stored in customData.

customerSince
string <date>

Date the Actor first became a customer of the institution, in ISO 8601 format (YYYY-MM-DD).

dateOfBirth
string <date>

Date of birth of the individual Actor, in ISO 8601 format (YYYY-MM-DD).

Not applicable to legal entities.

domicile
string

The legal jurisdiction considered the Actor's permanent home for legal purposes, as an ISO 3166 country code.

Use alpha-3 (e.g. GBR) for new integrations; alpha-2 (e.g. GB) is accepted for backwards compatibility but considered legacy.

Array of objects (emailAddress)

A list of email addresses associated with the Actor.

gender
string (ActorGender)
Enum: "FEMALE" "MALE" "OTHER" "UNSPECIFIED"

Gender of an individual Actor — MALE, FEMALE, UNSPECIFIED, or OTHER.

Not applicable to legal entities.

Array of objects (GovernmentId)

A list of government-issued identifiers for the Actor (passport, national ID, tax ID, etc.).

See the GovernmentId schema for supported types.

object (LegalEntity)

Company-specific attributes (registration date, country of incorporation, legal structure, industry, website).

Expected when type is LEGAL_ENTITY.

object (Metadata)

Additional metadata attached to the Actor as a key/value map.

Not intended for extra business data — use customData for that.

name
string

The Actor's full name. For individuals, the complete name (e.g. "Samantha Jane Jones"); for legal entities, the registered company name.

nationality
string

The Actor's nationality, as an ISO 3166 country code.

Use alpha-3 (e.g. GBR) for new integrations; alpha-2 (e.g. GB) is accepted for backwards compatibility but considered legacy.

Array of objects (phone)

A list of phone numbers associated with the Actor.

Array of objects (Link)

Links to external resources related to the Actor (e.g. profile in another system, regulatory filings).

Each Link carries a URL and a label.

status
string
Enum: "ACTIVE" "TERMINATED"

Lifecycle state of the Actor — ACTIVE (currently recognized by the institution) or TERMINATED (the relationship has ended).

subType
Array of strings (ActorSubType)
Items Enum: "CUSTOMER" "EMPLOYEE" "MERCHANT" "PSP"

One or more roles this Actor plays relative to the financial institution. An Actor can hold multiple subtypes simultaneously (e.g. an employee who is also a customer).

  • CUSTOMER — a direct or indirect customer of the integrating client.
  • EMPLOYEE — employed by a customer of the integrating client.
  • MERCHANT — engaged in selling goods or services.
  • PSP — Payment Service Provider; a legal entity that facilitates electronic payments between businesses, customers, and other financial institutions.
displayName
string
Deprecated

DEPRECATED — use name. Previously: human-friendly name used by the Lucinity UI when surfacing this Actor.

object (Employee)
Deprecated

DEPRECATED. Previously: employment details (designation, department, office) for an Actor whose subType includes EMPLOYEE.

firstName
string
Deprecated

DEPRECATED — use name. Previously: given (first) name of an individual Actor.

isActive
boolean
Deprecated

DEPRECATED — use status. Previously: a single boolean for whether the Actor was active; replaced by the more granular status lifecycle field.

lastName
string
Deprecated

DEPRECATED — use name. Previously: family (last) name of an individual Actor.

middleName
string
Deprecated

DEPRECATED — use name. Previously: middle name of an individual Actor.

monitored
string
Deprecated
Enum: "NO" "YES"

DEPRECATED — control monitoring scope via the Actor Exclusion endpoint. Previously: a YES/NO flag that excluded the Actor from Transaction Monitoring when set to NO.

Array of objects (Link)
Deprecated

DEPRECATED. Previously: links to other Lucinity Accounts related to this Actor.

validationStatus
string (ValidationStatus)
Deprecated
Enum: "DUE_DILIGENCE" "MANUAL_ENTRY" "UNVALIDATED" "VALIDATED" "VENDOR_SUPPLIED_DATA"

DEPRECATED. Previously: validation status for actor data.

object (AccessClassification)
Deprecated

DEPRECATED. Previously: an access-classification reference controlling record visibility.

object (Classification)
Deprecated

DEPRECATED. Previously: an internal classification reference for the record.

Responses

Request samples

Content type
application/json
Example
{
  • "id": "LUCINITY_ACTOR_ID_0002221233984",
  • "dataSource": "Lucinity",
  • "references": [
    ],
  • "metadata": {
    },
  • "type": "INDIVIDUAL",
  • "subType": [
    ],
  • "gender": "FEMALE",
  • "name": "Wendy Byrde",
  • "displayName": "Wendy Byrde",
  • "firstName": "Wendy",
  • "middleName": null,
  • "lastName": "Byrde",
  • "status": "ACTIVE",
  • "monitored": "YES",
  • "addresses": [
    ],
  • "phones": [
    ],
  • "emails": [],
  • "nationality": "US",
  • "domicile": "US",
  • "taxResidency": "US",
  • "asOfDate": "2023-01-01",
  • "governmentIds": [
    ],
  • "relatedLinks": [],
  • "validationStatus": "VALIDATED",
  • "customData": {
    }
}

Response samples

Content type
application/json
Example
{
  • "id": "LUCINITY_ACTOR_ID_0002221233984",
  • "dataSource": "Lucinity",
  • "references": [
    ],
  • "metadata": {
    },
  • "type": "INDIVIDUAL",
  • "subType": [
    ],
  • "gender": "FEMALE",
  • "name": "Wendy Byrde",
  • "displayName": "Wendy Byrde",
  • "firstName": "Wendy",
  • "middleName": null,
  • "lastName": "Byrde",
  • "status": "ACTIVE",
  • "monitored": "YES",
  • "addresses": [
    ],
  • "phones": [
    ],
  • "emails": [],
  • "nationality": "US",
  • "domicile": "US",
  • "taxResidency": "US",
  • "asOfDate": "2023-01-01",
  • "governmentIds": [
    ],
  • "relatedLinks": [],
  • "validationStatus": "VALIDATED",
  • "customData": {
    }
}

Get Actor

Retrieves a single actor by identifier.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Responses

Response samples

Content type
application/json
Example
{
  • "id": "LUCINITY_ACTOR_ID_0002221233984",
  • "dataSource": "Lucinity",
  • "references": [
    ],
  • "metadata": {
    },
  • "type": "INDIVIDUAL",
  • "subType": [
    ],
  • "gender": "FEMALE",
  • "name": "Wendy Byrde",
  • "displayName": "Wendy Byrde",
  • "firstName": "Wendy",
  • "middleName": null,
  • "lastName": "Byrde",
  • "status": "ACTIVE",
  • "monitored": "YES",
  • "addresses": [
    ],
  • "phones": [
    ],
  • "emails": [],
  • "nationality": "US",
  • "domicile": "US",
  • "taxResidency": "US",
  • "asOfDate": "2023-01-01",
  • "governmentIds": [
    ],
  • "relatedLinks": [],
  • "validationStatus": "VALIDATED",
  • "customData": {
    }
}

Add Actor Associates

Add associates to actors by ID.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Request Body schema: application/json
required

Associates to be tagged to an actor.

Array of objects (ActorAssociate)

A list of actors and their relationship to the actor in the path parameter.

asOfDate
string <date>

Date this set of associates became valid, in ISO 8601 format (YYYY-MM-DD).

Defaults to today if not provided.

Responses

Request samples

Content type
application/json
{
  • "actorAssociates": [
    ],
  • "asOfDate": "2023-04-22"
}

Response samples

Content type
application/json
{
  • "actorAssociates": [
    ],
  • "asOfDate": "2023-04-22"
}

Add Actor Exclusion

Define a monitoring exclusion on an actor, and the level of exclusion.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Request Body schema: application/json
required

Exclusion to be added for an actor.

exclusion_type
required
string
Enum: "MONITORED" "NOT_MONITORED" "SUPPRESSED"

The type of exclusion.

  • MONITORED - The actor will be monitored on the Lucinity platform (this is the default value for all actors).

  • NOT_MONITORED - The actor will not be monitored in any shape or form by the Lucinity platform.

  • SUPPRESSED - The actor will be monitored on the Lucinity platform, but no alerts will be raised for the actor; instead, signals will be stored internally. Suppressed signals can be retrieved through the Get Suppressed Signals endpoint.

stored_at
string <date-time>

The datetime when the exclusion was stored defaults to current time.

Responses

Request samples

Content type
application/json
{
  • "exclusion_type": "MONITORED",
  • "stored_at": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
"ACTOR_ID_100000"

Add Actor RiskAssessment.

Add risk assessment information to the actor.

Risk Assessments are data points that describe various risk vectors of the actor, and are most often updated independently of the actor's core information.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Request Body schema: application/json
required

Risk Assessment to be added for an actor.

If the payload includes multiple risk assessments of the same type, only the one with the latest asOfDate is stored.

Array
asOfDate
required
string <date>

Date the record became valid for this risk assessment, in ISO 8601 format (YYYY-MM-DD).

The record with the latest asOfDate (not the most recently ingested) is treated as the current state.

type
required
string
Enum: "ADVERSE_MEDIA" "INTERNAL" "INTP" "PEP" "PP" "SANCTIONS" "SAR"

Used to specify Risk Assessment type. The type can be any string, depending on organizational guidelines, except for the following which are reserved for specific Risk Assessments:

  • INTERNAL - Internal Risk Assessment of the actor (The risk score that is derived from the CDD process). The value should be numeric on a scale decided in co-operation with Lucinity.

  • PEP - Politically Exposed Person. The value should be "1" for PEPs and "0" otherwise.

  • SANCTIONS - On a sanctions list. The value should be "1" if the actor appears on any sanctions list and "0" otherwise.

  • ADVERSE_MEDIA - Has appeared in an Adverse Media report. Value should be "1" if true and "0" otherwise.

  • INTP - Actor is an intermediary processing entity for transactions. Value should be "1" if true and "0" otherwise.

  • PP - Actor is a payment processor. Value should be "1" if true and "0" otherwise.

  • SAR - Suspicious Activity Report. Value should be the number of SARs the actor has had.

value
required
string

The value of the given risk type for the actor.

The expected format (e.g. a numeric score, or "1"/"0") depends on which type is used — see type for details.

comment
string

Reason for the risk, or a related comment.

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
[
  • {
    }
]

Get Actor RiskAssessment

Get actor risk assessment.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Add Actor Extended Info

Add actor extended information.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Request Body schema: application/json
required

Summary information on balances, number of products the actor has with the institution and dates when products were acquired

depositsTotalBalanceLcy
number

Total balance of deposits

depositsFixedTermBalanceLcy
number

The total position of fixed deposits

depositsAvailableBalanceLcy
number

Total balance of deposits

loansBalanceLcy
number

Total balance of loans

loansPrincipalLcy
number

Loan total original value, converted to LCY

loansOverdraftLcy
number

Overdraft total balance, converted to LCY

loansCreditLimitLcy
number

Total credit limit for loans

securitiesBalanceLcy
number

Total balance for securities

derivativesBalanceLcy
number

Total balance for derivatives

numberOfBankAccounts
number

Number of bank accounts the customer has

numberOfDepositAccounts
number

Number of deposit accounts the customer has

numberOfCreditCards
number

Number of credit cards the customer has

numberOfLoans
number

Number of loans the customer has

numberOfSecuritiesPortfolios
number

Securities number of portfolios

numberOfDerivativesPortfolios
number

Derivatives number of portfolios

firstProductDate
string <date>

The first known product that a customer had

lastProductDate
string <date>

Last known product by a customer

asOfDate
string <date>

The date when this record became valid. Defaults to today if not provided.

Responses

Request samples

Content type
application/json
{
  • "depositsTotalBalanceLcy": 100000,
  • "depositsFixedTermBalanceLcy": 100000,
  • "depositsAvailableBalanceLcy": 100000,
  • "loansBalanceLcy": 100000,
  • "loansPrincipalLcy": 100000,
  • "loansOverdraftLcy": 100000,
  • "loansCreditLimitLcy": 100000,
  • "securitiesBalanceLcy": 100000,
  • "derivativesBalanceLcy": 100000,
  • "numberOfBankAccounts": 100000,
  • "numberOfDepositAccounts": 100000,
  • "numberOfCreditCards": 100000,
  • "numberOfLoans": 100000,
  • "numberOfSecuritiesPortfolios": 100000,
  • "numberOfDerivativesPortfolios": 100000,
  • "firstProductDate": "2019-08-24",
  • "lastProductDate": "2019-08-24",
  • "asOfDate": "2019-08-24"
}

Response samples

Content type
application/json
{
  • "depositsTotalBalanceLcy": 100000,
  • "depositsFixedTermBalanceLcy": 100000,
  • "depositsAvailableBalanceLcy": 100000,
  • "loansBalanceLcy": 100000,
  • "loansPrincipalLcy": 100000,
  • "loansOverdraftLcy": 100000,
  • "loansCreditLimitLcy": 100000,
  • "securitiesBalanceLcy": 100000,
  • "derivativesBalanceLcy": 100000,
  • "numberOfBankAccounts": 100000,
  • "numberOfDepositAccounts": 100000,
  • "numberOfCreditCards": 100000,
  • "numberOfLoans": 100000,
  • "numberOfSecuritiesPortfolios": 100000,
  • "numberOfDerivativesPortfolios": 100000,
  • "firstProductDate": "2019-08-24",
  • "lastProductDate": "2019-08-24",
  • "asOfDate": "2019-08-24",
  • "actorId": "string"
}

Get Actor Extended Info

Get actor extended information.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Actor ID

Responses

Response samples

Content type
application/json
{
  • "depositsTotalBalanceLcy": 100000,
  • "depositsFixedTermBalanceLcy": 100000,
  • "depositsAvailableBalanceLcy": 100000,
  • "loansBalanceLcy": 100000,
  • "loansPrincipalLcy": 100000,
  • "loansOverdraftLcy": 100000,
  • "loansCreditLimitLcy": 100000,
  • "securitiesBalanceLcy": 100000,
  • "derivativesBalanceLcy": 100000,
  • "numberOfBankAccounts": 100000,
  • "numberOfDepositAccounts": 100000,
  • "numberOfCreditCards": 100000,
  • "numberOfLoans": 100000,
  • "numberOfSecuritiesPortfolios": 100000,
  • "numberOfDerivativesPortfolios": 100000,
  • "firstProductDate": "2019-08-24",
  • "lastProductDate": "2019-08-24",
  • "asOfDate": "2019-08-24",
  • "actorId": "string"
}

Add Actor Risk Score

Add a risk score to a specific actor based on id

Authorizations:
BearerToken
path Parameters
id
required
string

Actor ID

Request Body schema: application/json
required

The risk object to associate with the actor.

risk_rule_id
required
string

Identifier for the risk rule used to generate the score.

as_of_date
required
string <date>

The date when this record became valid.

final_score
required
number

The numeric risk score to be used for this actor and risk-rule. Should be the same as the calculated_score unless it has been overridden, in which case this should be the score assigned during override.

calculated_score
float

The underlying numeric risk score produced by the risk logic or engine, based on underlying data and parameters.

data_source
string

An identifier that represents the system from which the record is originated.

object (Metadata)

Reference attribute

override
boolean

Boolean flag indicating whether the final_score was manually set by a user, overriding the calculated value.

override_reason
string

Explanation or justification for manual override (512-character limit).

risk_rule_version
string

The specific version of the rule that produced the score, ensuring auditability and reproducibility.

object

A named key-value mapping of sub-score components contributing to the overall score (e.g., jurisdiction risk, product risk). Enables explainability.

Responses

Request samples

Content type
application/json
{
  • "as_of_date": "2019-08-24",
  • "final_score": 0.68,
  • "risk_rule_id": "r001",
  • "calculated_score": 0.76,
  • "data_source": "Lucinity - Risk Engine",
  • "metadata": {
    },
  • "override": true,
  • "override_reason": "Manual review",
  • "risk_rule_version": "v2.0.0",
  • "sub_scores": {
    }
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Get Actor Risk Score

Get actors risk scores.

Authorizations:
BearerToken
query Parameters
filter.actor_ids.in[]
string
Example: filter.actor_ids.in[]=actor1,actor2

Comma seperated list of actor ids to filter by

filter.data_source
string
Example: filter.data_source=Risk Engine

Filter the risk scores by the data source, reserved values: 'Lucinity - On Demand Risk Calculations', 'Lucinity - Risk Engine'

filter.ingested_at.from
string <date-time>
Example: filter.ingested_at.from=2025-10-05T12:00:00Z

Filter by when the Risk Score was received or stored at, only returning Risk Scores received later than the given timestamp

filter.ingested_at.to
string <date-time>
Example: filter.ingested_at.to=2025-10-05T12:00:00Z

Filter by when the Risk Score was received or created at, only returning Risk Scores received earlier than the given timestamp

filter.newest_entry
boolean
Example: filter.newest_entry=true

Filter the risk scores by returning only the newest Risk Score entry for each Actor

risk_rule_id
string
Example: risk_rule_id=6d9e94e2-bc8a-45b4-91cf-3b2b1f9e34b6

Filter the Risk Scores by only returning the Risk Scores that were created by the risk rule corresponding to given id

offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Accounts

Add Account

Add a single account to Lucinity. Accounts are the medium or ledger where funds are stored and moved to or from.

Authorizations:
ApiKeyAuth
Request Body schema: application/json
required

Account JSON passed in request body.

id
required
string

Primary identifier for the record, provided by you. Should be unique across records of the same type and stable across updates.

asOfDate
required
string <date>

Date the record became valid for the Account, in ISO 8601 format (YYYY-MM-DD).

The record with the latest asOfDate (not the most recently ingested) is treated as the current state.

accountType
required
string (AccountType)
Enum: "BOTH_HIC_AND_COD" "CASH_ON_DELIVERY" "CREDIT_CARD" "CURRENT" "HELD_IN_CUSTODY" "LOAN" "MONEY_MARKET" "PRE_PAID_CARD" "SAVINGS" "TERM_DEPOSIT" "TRADING"

The high-level type of Account. Required.

Can have implications on which type-specific attributes apply (loan, termDeposit). See supported values.

dataSource
string

The name of your system where this record originated (e.g. CORE_BANKING, CRM). Used to trace records back to their source system.

ingestDate
string <date-time>

Timestamp when Lucinity ingested this record, in ISO 8601 format. Read-only.

Array of objects (Reference)

External-system references — a list of (system name, external id) pairs that let you correlate this record with other systems you operate. See the Reference schema.

accountNumber
string

The identifier assigned by the financial institution to the Account.

bankCode
string

The identifier of the bank or financial institution where the Account resides.

currencyCode
string

The currency for the balance on this Account, as an ISO 4217 three-letter currency code (e.g. USD, EUR).

object (CustomData)

A key-value map for additional Account attributes not already covered by the public API.

Where possible, use the official fields — built-in functionality is limited for data stored in customData.

iban
string

International Bank Account Number (IBAN); identifies the Account in cross-border transactions.

object (LoanFacility)

Loan-specific attributes (principal, installment, term, security status).

Expected when accountType is LOAN.

object (Metadata)

Additional metadata attached to the Account as a key/value map.

Not intended for extra business data — use customData for that.

name
string

A user-friendly name for the Account, used when surfacing it in the Lucinity UI (e.g. "Personal Checking").

openedDate
string <date>

Date the Account was originally opened, in ISO 8601 format (YYYY-MM-DD).

productId
string

The product identifier your institution uses internally for this Account.

Companion to productType.

productType
string

The product name your institution uses internally for this Account (e.g. CURRENT-X300, PREMIER_SAVINGS).

Unlike accountType, this is a free-form label — use it to carry your own product taxonomy alongside Lucinity's high-level type.

status
string
Enum: "ACTIVE" "CLOSED" "LOCKED" "NO_TRADING" "TERMINATED"

Lifecycle state of the Account.

  • ACTIVE — the Account is open and in use.
  • CLOSED — the Account has been closed.
  • TERMINATED — the Account relationship has ended. Functionally equivalent to CLOSED; kept for backwards compatibility.
  • NO_TRADING — the Account is open but frozen: no further transaction activity is permitted.
  • LOCKED — the Account is temporarily locked (e.g. fraud hold, pending review).
subType
string
Enum: "BUSINESS" "PERSONAL"

Distinguishes personal from business use — PERSONAL or BUSINESS.

object (TermDepositFacility)

Term-deposit-specific attributes (start date, maturity, interest rate).

Expected when accountType is TERM_DEPOSIT.

accountAgreementId
string
Deprecated

DEPRECATED. Previously: agreement identifier associated with the Account.

accountInDefault
boolean
Deprecated

DEPRECATED. Previously: boolean indicating the Account is in default or overdraft.

accountInDefaultDays
integer
Deprecated

DEPRECATED. Previously: number of days the Account has been in default or overdraft.

object (AccountBalance)
Deprecated

DEPRECATED. Previously: Account balance details.

beneficiaryOwnerId
string
Deprecated

DEPRECATED. Previously: identifier of the beneficial owner of the Account.

object (TradingAccount)
Deprecated

DEPRECATED. Previously: trading account details.

closingBalance
number
Deprecated

DEPRECATED. Previously: balance when the Account was closed.

collateral
boolean
Deprecated

DEPRECATED. Previously: boolean indicating the Account is held as collateral.

object (CreditFacility)
Deprecated

DEPRECATED. Previously: credit facility details.

depositable
boolean
Deprecated

DEPRECATED. Previously: boolean indicating deposits are allowed.

domicile
string
Deprecated

DEPRECATED. Previously: 2-letter country code of the Account's jurisdiction.

Array of objects (Interest)
Deprecated

DEPRECATED. Previously: interest details for the Account.

internal
boolean
Deprecated

DEPRECATED. Previously: boolean indicating the Account is owned by the bank.

monitored
string
Deprecated
Enum: "NO" "YES"

DEPRECATED. Previously: YES/NO flag documented as experimental — did not actually affect Lucinity's monitoring.

primaryRepresentativeId
string
Deprecated

DEPRECATED. Previously: identifier of the primary representative for the Account.

terminated
boolean
Deprecated

DEPRECATED. Previously: boolean flag indicating the Account was terminated. Redundant with the status field.

terminationDate
string <date>
Deprecated

DEPRECATED. Previously: date when the Account was terminated.

withdrawable
boolean
Deprecated

DEPRECATED. Previously: boolean indicating withdrawals are allowed.

object (AccessClassification)
Deprecated

DEPRECATED. Previously: an access-classification reference controlling record visibility.

object (Classification)
Deprecated

DEPRECATED. Previously: an internal classification reference for the record.

Responses

Request samples

Content type
application/json
{
  • "id": "568975e1-d16b-4e5a-9ecd-16cb105a6976",
  • "dataSource": "SWAGGER_API",
  • "ingestDate": "2020-05-03T14:03:41.089Z",
  • "references": [
    ],
  • "accountType": "BOTH_HIC_AND_COD",
  • "asOfDate": "2019-08-24",
  • "accountNumber": "string",
  • "bankCode": "string",
  • "currencyCode": "string",
  • "customData": {
    },
  • "iban": "string",
  • "loan": {
    },
  • "metadata": {
    },
  • "name": "Mez's account",
  • "openedDate": "2019-08-24",
  • "productId": "string",
  • "productType": "string",
  • "status": "ACTIVE",
  • "subType": "BUSINESS",
  • "termDeposit": {
    },
  • "accountAgreementId": "string",
  • "accountInDefault": true,
  • "accountInDefaultDays": 0,
  • "balance": {
    },
  • "beneficiaryOwnerId": "string",
  • "brokerage": {
    },
  • "closingBalance": 9865,
  • "collateral": true,
  • "credit": {
    },
  • "depositable": true,
  • "domicile": "string",
  • "interest": [
    ],
  • "internal": true,
  • "monitored": "NO",
  • "primaryRepresentativeId": "string",
  • "terminated": true,
  • "terminationDate": "2019-08-24",
  • "withdrawable": true,
  • "accessClassification": {
    },
  • "classification": {
    }
}

Response samples

Content type
application/json
{
  • "id": "568975e1-d16b-4e5a-9ecd-16cb105a6976",
  • "dataSource": "SWAGGER_API",
  • "ingestDate": "2020-05-03T14:03:41.089Z",
  • "references": [
    ],
  • "accountType": "BOTH_HIC_AND_COD",
  • "asOfDate": "2019-08-24",
  • "accountNumber": "string",
  • "bankCode": "string",
  • "currencyCode": "string",
  • "customData": {
    },
  • "iban": "string",
  • "loan": {
    },
  • "metadata": {
    },
  • "name": "Mez's account",
  • "openedDate": "2019-08-24",
  • "productId": "string",
  • "productType": "string",
  • "status": "ACTIVE",
  • "subType": "BUSINESS",
  • "termDeposit": {
    },
  • "accountAgreementId": "string",
  • "accountInDefault": true,
  • "accountInDefaultDays": 0,
  • "balance": {
    },
  • "beneficiaryOwnerId": "string",
  • "brokerage": {
    },
  • "closingBalance": 9865,
  • "collateral": true,
  • "credit": {
    },
  • "depositable": true,
  • "domicile": "string",
  • "interest": [
    ],
  • "internal": true,
  • "monitored": "NO",
  • "primaryRepresentativeId": "string",
  • "terminated": true,
  • "terminationDate": "2019-08-24",
  • "withdrawable": true,
  • "accessClassification": {
    },
  • "classification": {
    }
}

Add Account Balance

Add balance for an account.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

The account id.

Request Body schema: application/json
required

A balance for the account

currency
required
string/[A-Z]{3}/

ISO currency of the balance

current
required
number

The balance on the account at the end of day

asOfDate
string <date>

The date when this record became valid

available
number

The available balance on the account at the end of day

type
string (BalanceType)
Value: "CLOSING"

The type of balance, e.g. CLOSING indicating EOD balance

Responses

Request samples

Content type
application/json
{
  • "currency": "USD",
  • "current": 5000,
  • "asOfDate": "2019-08-24",
  • "available": 4000,
  • "type": "CLOSING"
}

Response samples

Content type
application/json
{
  • "currency": "USD",
  • "current": 5000,
  • "accountId": "ACC0001",
  • "asOfDate": "2019-08-24",
  • "available": 4000,
  • "ingestDate": "2019-08-24T14:15:22Z",
  • "internalId": "a083f3a8-f055-4252-a22d-ed476ca082ed",
  • "type": "CLOSING"
}

Add Actor to Account

Add actor/actors to account by ID. This provides association between the two entities.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

The account id to add the actors.

Request Body schema: application/json
required

The Actor (single or multiple) object that needs to be associated to the account

required
Array of objects

List of the actors associated with account and their role

asOfDate
string <date>

The date when this record became valid. Defaults to today if not provided.

Responses

Request samples

Content type
application/json
{
  • "actors": [
    ],
  • "asOfDate": "2024-01-01"
}

Response samples

Content type
application/json
{
  • "actors": [
    ],
  • "asOfDate": "2024-01-01"
}

Remove Actor from Account

Remove actor from account. This removes the association between the two entities.

Authorizations:
BearerToken
path Parameters
account_id
required
string

The account id to remove from the actor.

actor_id
required
string

The actor id to remove from the account.

Responses

Response samples

Content type
application/json
{
  • "error": "Account Actor relation does not exist"
}

Transactions

Add Transaction

Notes:

  • Transaction screening is a feature that is configured by Lucinity, and may not be configured for your environment. Please contact Lucinity support for more information.
  • Monitoring is not bi-directional when both the account_owner_id and the counterparty are customers. In such cases, a separate transaction must be sent with the roles reversed (the counterparty becoming the account_owner_id, with the opposite direction).
Authorizations:
ApiKeyAuth
query Parameters
blocking
string

If the screening process is synchronous or asynchronous, currently blocking=true is only supported and MUST be set. example: blocking=true

operations
string

Comma-separated list of what kind of screening the transaction should return. Supported values FRAUD and SANCTIONS. example: operations=FRAUD,SANCTIONS

header Parameters
idempotency-key
string
Example: 96760494-8c70-4279-a7c3-0d11e3c9aa6c

Unique value generated by the client which the resource server uses to recognize subsequent retries of the same request

Request Body schema: application/json
required
id
required
string

Primary identifier for the transaction.

created_at
required
number

The timestamp of when the transaction occurred.

Measured in seconds in unix epoch timestamp.

direction
required
string
Enum: "INBOUND" "OUTBOUND"

The direction of a transaction is OUTBOUND when funds are sent from the account owner, and INBOUND when funds are received by the account owner.

status
required
string
Enum: "CANCELLED" "COMPLETED" "FAILED" "PENDING"

Status or condition of the transaction.

  • COMPLETED The transaction took place and was successfully settled.
  • PENDING The transaction has not yet been fully processed by the merchant.
  • CANCELLED The transaction was cancelled or voided before it was settled.
  • FAILED The transaction failed to be settled.

Note: Only COMPLETED transactions are included in Lucinity's Rule Engine calculations.

required
object (Amount)

Amount and currency code of the transaction that occurred.

standardized_amount
required
number

Value of the transaction in the default currency configured in the Lucinity platform.

Always a positive value.

account_id
required
string

The identifier of the Account the money is moving into or out of.

required
any
Enum: "EMPTY" "INDIVIDUAL" "ACCOUNT_INFO" "LEGAL_ENTITY" "NAMED_ENTITY"

Counterparty represents the other party in the transaction, and can be one of the following:

  • EMPTY Indicates that there is no counterparty for the transaction. This should not be used if the counterparty is unknown, only for cases where there is no counterparty, e.g. for cash withdrawals.
  • INDIVIDUAL Represents an individual counterparty, referring to a natural person involved in the transaction.
  • ACCOUNT_INFO Represents a counterparty identified by account information, providing details such as bank name, account number, etc.
  • LEGAL_ENTITY Represents a legal entity counterparty, referring to a company involved in the transaction.
  • NAMED_ENTITY Represents an entity counterparty, referring to an entity involved in the transaction where some information, such as the name, is known, but it's unknown if it's a legal entity or an individual.
account_owner_id
required
string

The identifier of the Actor who owns the Account.

This Actor will be monitored for the transaction.

account_balance
number

The balance on the account after the transaction is settled.

channel
string
Enum: "ATM" "BRANCH" "ONLINE" "POS" "UNKNOWN"

The type of channel that was used to initiate the transaction. If this property is not provided it will default to UNKNOWN.

  • BRANCH Represents a transaction initiated through a physical branch location of the financial institution, where the customer interacts with a bank representative in person.
  • ONLINE Represents a transaction initiated through an online channel, typically through a web-based platform or internet banking service provided by the financial institution.
  • ATM Represents a transaction initiated through an Automated Teller Machine (ATM).
  • POS Represents a transaction initiated through a Point of Sale (POS) system, typically used in retail environments.
  • UNKNOWN The channel used to initiate the transaction is unknown or not specified. It can be used when the specific channel information is not available or not applicable.
channel_location_id
string

The unique identifier for the channel location associated with the transaction.

Has to match a location code ingested through /channel_locations.

object (schemas-CustomData)

A key-value map for additional Transaction attributes not already covered by the public API. Where possible, use the official fields — built-in functionality is limited for data stored in custom_data.

description
string

A free-form description of the transaction — typically the memo or narration field from the originating system.

object (Device)

Device section contains information on the device which the transaction was performed on.

object (Metadata)

Metadata describing the object. This field is not intended to add additional information to the object, rather add information about the object's attributes.

Reserved Metadata Keywords:

  • exclude_from_monitoring: When set to "true", this keyword excludes the transaction from Lucinity's Rule Engine. Excluded transactions will only be used for display but not in any calculations or graphs. If this keyword is missing or set to "false", the transaction is included.
  • international: When set to "true" this transaction is marked as an international transaction, "false" when it is a domestic transaction.
  • data_source: An identifier that represents the system from which the record is originated.
method
string
Enum: "CARD" "CASH" "CHECK" "DIRECT_DEBIT" "VIRTUAL" "WIRE_TRANSFER"

Method of the transaction.

  • CARD A card was used as the payment method for this transaction.
  • CASH The transaction involved the use of physical currency.
  • CHECK A paper check was used for the transaction.
  • VIRTUAL The transaction utilized a virtual currency or digital payment method.
  • WIRE_TRANSFER The transaction involved the transfer of funds between bank accounts.
  • DIRECT_DEBIT Pre-authorized payment where funds are automatically withdrawn from a customer's bank account by a third party.

Either Method or Purpose should be set for transaction monitoring to work as intended

purpose
string
Enum: "BILL_PAYMENT" "CHARGEBACK" "CLOSING" "CORRECTION" "FEE" "FUNDING" "INTEREST_PAYMENT" "INTRA_ACTOR" "LOAN_INSTALLMENT" "LOAN_ORIGINAL_AMOUNT" "PAY_IN" "PAY_OUT" "PRINCIPAL_PAYMENT" "REFUND" "REVERSE" "SETTLEMENT"

Purpose of the transaction.

  • BILL_PAYMENT Payment of a bill.
  • CHARGEBACK Chargeback, initiated to reverse a previous payment made by a cardholder.
  • CLOSING Closure or finalization of an account or financial arrangement.
  • CORRECTION Adjustment to rectify an error or discrepancy in a previous transaction.
  • FEE Fee charged for a service or transaction.
  • FUNDING Provision of funds to an account or financial instrument.
  • INTRA_ACTOR Movement of funds between internal accounts of the same actor within the client's ecosystem.
  • INTEREST_PAYMENT Payment of accrued interest.
  • PAY_IN Incoming payment or deposit into an account.
  • PAY_OUT Outgoing payment or withdrawal from an account.
  • PRINCIPAL_PAYMENT Payment of the principal amount owed.
  • REFUND Refunding a previous payment.
  • REVERSE Reversal or cancellation of a previous transaction.
  • SETTLEMENT Finalization or clearing of a transaction or series of transactions.
  • LOAN_ORIGINAL_AMOUNT The payout of the original loan amount to the loan holder. This transaction represents the initial payout of the principal, excluding any interest or fees.
  • LOAN_INSTALLMENT Automated or pre-defined installment paid into the loan account.
user_id
string

User ID of the entity performing the transaction.

For example, the user of a corporate card, or the user ID in an online platform that initiated the transaction.

user_name
string

User name of the entity performing the transaction.

Responses

Request samples

Content type
application/json
Example
{
  • "id": "1b9c926d-52d1-4c2f-bc1d-8a1d8f9d5e89",
  • "created_at": 1654236000,
  • "direction": "OUTBOUND",
  • "status": "COMPLETED",
  • "description": "Payment for goods",
  • "channel": "ONLINE",
  • "channel_location_id": "3121f4a3-e89b-12d3-a456-426618394724",
  • "account_id": "5f1bcb7e-7e39-42e0-9d4c-d10be236cd28",
  • "amount": {
    },
  • "standardized_amount": 200.25,
  • "account_balance": 500.25,
  • "account_owner_id": "1deb5316-cd35-4fe9-bce9-08a8bd3933b1",
  • "method": "CARD",
  • "purpose": "BILL_PAYMENT",
  • "metadata": {
    },
  • "custom_data": {
    },
  • "device": {
    },
  • "counterparty": {
    }
}

Response samples

Content type
application/json
Example
{
  • "transaction_id": "1b9c926d-52d1-4c2f-bc1d-8a1d8f9d5e89",
  • "request_id": "ccb3f54c-4aa2-47cf-8a0b-c1b34a43a520",
  • "screening_results": [
    ]
}

Get Transaction

Retrieves a single transaction by identifier.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

The identifier for the transaction.

Responses

Response samples

Content type
application/json
Example
{
  • "id": "1b9c926d-52d1-4c2f-bc1d-8a1d8f9d5e89",
  • "created_at": 1654236000,
  • "direction": "OUTBOUND",
  • "status": "COMPLETED",
  • "description": "Payment for goods",
  • "channel": "ONLINE",
  • "channel_location_id": "3121f4a3-e89b-12d3-a456-426618394724",
  • "account_id": "5f1bcb7e-7e39-42e0-9d4c-d10be236cd28",
  • "amount": {
    },
  • "standardized_amount": 200.25,
  • "account_balance": 500.25,
  • "account_owner_id": "1deb5316-cd35-4fe9-bce9-08a8bd3933b1",
  • "method": "CARD",
  • "purpose": "BILL_PAYMENT",
  • "metadata": {
    },
  • "custom_data": {
    },
  • "device": {
    },
  • "counterparty": {
    }
}

Create Channel Location

Allows customers to add new locations to the platform. This method is used to populate the location information that will later be referenced in transactions.

Authorizations:
BearerToken
Request Body schema: application/json
required
id
required
string

Unique identifier for the channel location.

type
required
string
Enum: "ATM" "BRANCH" "OTHER"

Defines the type of the location.

required
object

Responses

Request samples

Content type
application/json
{
  • "id": "location-123",
  • "type": "ATM",
  • "address": {
    }
}

Response samples

Content type
application/json
{ }

Get All Channel Locations

Retrieves a list of all channel locations in the platform, with optional parameters for pagination, filtering, and sorting.

Authorizations:
BearerToken
query Parameters
offset
integer
Default: 0

The zero-based offset index in the result set. For example, an offset of 10 skips the first 10 items.

limit
integer [ 1 .. 1000 ]
Default: 200

The maximum number of items to return in this query.

filter_type
string
Enum: "ATM" "BRANCH" "OTHER"

Filters the list by location type.

sort_by
string

Sorts the results by a specified field (e.g., id, type).

Responses

Response samples

Content type
application/json
{
  • "locations": [
    ]
}

Observations

Add Observation

Add an Observation to Lucinity. Observations represent alerts, findings, or reviews on an Actor that Lucinity uses to build cases.

The following observation types can be created via this endpoint:

  • GenericObservation — the default for most workflows, including AML transaction monitoring, onboarding review, and other custom review needs.
  • FraudObservation — fraud alerts from your fraud detection systems. Can be used for real-time case reviews.
  • SanctionsObservation — sanctions or watchlist matches from your screening systems. Can be used for real-time case reviews.
Authorizations:
ApiKeyAuth
query Parameters
create_case
string
Deprecated

DEPRECATED. Previously: would create a case automatically containing this observation, and affect the response payload accordingly.

Request Body schema: application/json
required

The observation object to be sent to Lucinity.

One of
transaction_ids
required
Array of strings

List of transaction IDs that triggered this observation.

Will be displayed in the case.

type
required
string
Value: "ALERT_GENERIC"

Identifies the observation type. Fixed per concrete type (e.g. ALERT_GENERIC, ALERT_FRAUD).

date
required
number

The timestamp of the event this observation refers to. Measured in seconds since the Unix epoch.

required
Array of objects (ObservationActor)

The Actor(s) this observation applies to.

id
required
string

Primary identifier for the record, provided by you. Should be unique across records of the same type and stable across updates.

description
string

Longer human-readable description of the observation.

title
string

Short human-readable title for the observation.

dataSource
string

The name of your system where this record originated (e.g. CORE_BANKING, CRM). Used to trace records back to their source system.

object (Metadata)

A key-value map of metadata about the record. Not intended for extra business data — use custom_data for that.

Array of objects (Reference)

External-system references — a list of (system name, external id) pairs that let you correlate this record with other systems you operate. See the Reference schema.

batchId
string

Optional batch identifier from your system, used to group observations that were detected or ingested together.

behaviorDescription
string

Longer human-readable description of the compliance risk covered by the detector.

behaviorId
string

Identifier of the detector that created this observation — e.g. a rule ID, scenario ID, or internal reference from your detection system.

behaviorName
string

Human-readable name of the compliance risk covered by the detector.

object (CustomData)

A key-value map for additional observation attributes not already covered by the schema.

Where possible, use the official fields — built-in functionality is limited for data stored in custom_data.

Array of objects (ObservationFeatures)

List of features (attribute–value pairs) that contributed to raising this observation.

Used to explain why the observation was triggered.

Array of objects (RuleObject)

List of rules that triggered this observation.

See the RuleObject schema.

version
string

The version of this observation, if it has been sent multiple times — for example, with corrections or additional information.

Can be a number, an arbitrary string, or an internal record identifier.

object (AccessClassification)
Deprecated

DEPRECATED. Previously: an access-classification reference controlling record visibility.

object (Classification)
Deprecated

DEPRECATED. Previously: an internal classification reference for the record.

Responses

Request samples

Content type
application/json
Example
{
  • "transaction_ids": [
    ],
  • "description": "string",
  • "title": "string",
  • "type": "ALERT_GENERIC",
  • "id": "568975e1-d16b-4e5a-9ecd-16cb105a6976",
  • "dataSource": "SWAGGER_API",
  • "metadata": {
    },
  • "references": [
    ],
  • "actors": [
    ],
  • "date": 1654236000,
  • "batchId": "string",
  • "behaviorDescription": "string",
  • "behaviorId": "string",
  • "behaviorName": "string",
  • "custom_data": {
    },
  • "features": [
    ],
  • "rules": [
    ],
  • "version": "string",
  • "accessClassification": {
    },
  • "classification": {
    }
}

Response samples

Content type
application/json
[
  • {
    }
]

Get Observation

Retrieves a single Observation by identifier. Any observation type may be returned.

AmlV2Observation and RuleObservation are Lucinity-managed types generated internally by the platform's detection engines. They cannot be created through the POST endpoint.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

The observation ID.

Responses

Response samples

Content type
application/json
Example
{
  • "transaction_ids": [
    ],
  • "description": "string",
  • "title": "string",
  • "type": "ALERT_GENERIC",
  • "id": "568975e1-d16b-4e5a-9ecd-16cb105a6976",
  • "dataSource": "SWAGGER_API",
  • "metadata": {
    },
  • "references": [
    ],
  • "actors": [
    ],
  • "date": 1654236000,
  • "batchId": "string",
  • "behaviorDescription": "string",
  • "behaviorId": "string",
  • "behaviorName": "string",
  • "custom_data": {
    },
  • "features": [
    ],
  • "rules": [
    ],
  • "version": "string",
  • "accessClassification": {
    },
  • "classification": {
    },
  • "ingestDate": "2019-08-24T14:15:22Z",
  • "internalId": "6868d0ce-34a2-4e78-b137-31229ba3e81a",
  • "businessDate": "2019-08-24T14:15:22Z",
  • "caseId": "string",
  • "finalized": true,
  • "submitterInternalId": "string",
  • "taxonomyDescription": "string"
}

Add Actors to Observation

Add actors to observation.

Authorizations:
ApiKeyAuth
path Parameters
id
required
string

Observation id

Request Body schema: application/json
required

Actors to be added for a given observation.

Array
actorId
required
string

An id for an actor that is to be reviewed as part of the observation.

primary
boolean

Whether this Actor is the primary subject of the observation, rather than only peripherally related to it.

Each observation should have at least one primary Actor.

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "status": "success"
}

Cases

Get Cases

Retrieves a list of cases.

Authorizations:
BearerToken
query Parameters
limit
number
Example: limit=10

Sets the max number of items returned in the result set for this query. Defaults to 200.

offset
number
Example: offset=30

Sets the offset on the index into the list of items in the result set. Defaults to 0.

sort.by
string

Sorts the results based on specified fields and directions.

Example:

  • sort.by=<field>:<direction>
    • <field>: created_at or updated_at (default).
    • <direction>: Sorting order, asc (ascending) or desc (descending, default).
filter.workflow.id.in[]
string

Filters the results based on the workflow id.

Examples:

  • filter.workflow.id.in[]=1
  • filter.workflow.id.in[]=1&filter.workflow.id.in[]=2
filter.workflow.step_id.in[]
string

Filters the results based on the workflow step_id.

Examples:

  • filter.workflow.step_id.in[]=1
  • filter.workflow.step_id.in[]=1&filter.workflow.step_id.in[]=2
filter.workflow.status.in[]
string

Filters the results based on the workflow status.

Examples:

  • filter.workflow.status.in[]=1
  • filter.workflow.status.in[]=1&filter.workflow.status.in[]=2
filter.workflow.state.in[]
string

Filters the results based on the workflow state.

Examples:

  • filter.workflow.state.in[]=1
  • filter.workflow.state.in[]=1&filter.workflow.state.in[]=2
filter.type.in[]
string

Filters the results based on the case type.

Examples:

  • filter.type.in[]=ANALYSIS
  • filter.type.in[]=ANALYSIS&filter.type.in[]=FILING
filter.assigned
boolean

Filters the results based on the case assignment status.

Examples:

  • filter.assigned=true
  • filter.assigned=false
filter.tags.id.in[]
string

Filters the results based on cases with any of the given flags.

Examples:

  • filter.tags.id.in[]=d5fe3bde-cc2b-448d-a7ef-31b0021af3ad
  • filter.tags.id.in[]=d5fe3bde-cc2b-448d-a7ef-31b0021af3ad&filter.tags.id.in[]=1eac5ee8-1566-4122-94d0-725a1f87df9f
filter.tags.id.all[]
string

Filters the results based on cases with all of the given flags.

Examples:

  • filter.tags.id.all[]=d5fe3bde-cc2b-448d-a7ef-31b0021af3ad
  • filter.tags.id.all[]=d5fe3bde-cc2b-448d-a7ef-31b0021af3ad&filter.tags.id.all[]=1eac5ee8-1566-4122-94d0-725a1f87df9f
filter.created_at.from
string <date-time>

Filters the results based on the creation date of the case.

Examples:

  • filter.created_at.from=2024-11-24T00:00:00Z
filter.created_at.to
string <date-time>

Filters the results based on the creation date of the case.

Examples:

  • filter.created_at.to=2024-11-25T23:59:59Z
filter.updated_at.from
string <date-time>

Filters the results based on the update date of the case.

Examples:

  • filter.updated_at.from=2024-11-24T00:00:00Z
filter.updated_at.to
string <date-time>

Filters the results based on the update date of the case.

Examples:

  • filter.updated_at.to=2024-11-25T23:59:59Z

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create a new Case

Create a new Case in the Lucinity platform. The Case will be created with the provided details.

Authorizations:
BearerToken
Request Body schema: application/json
required
id
string <uuid>

Optional unique identifier for the case. Used to support idempotent creation, allowing the same request to be safely retried without creating duplicate cases.

focal_actor_id
string
Deprecated

The actor id of the focal actor of the case.

Array of objects (CaseActor) <= 1000 items

List of actor ids associated with the case.

observation_ids
Array of strings

List of observation ids that are associated with the case.

object (Metadata)

Metadata describing the object. This field is not intended to add additional information to the object, rather add information about the object's attributes.

Reserved Metadata Keywords:

  • external_reference_id: An identifier that represents the case in the an external system. For instance if an investigation is being tracked in external system.
  • data_source: An identifier that represents the system from which the record is originated.
Array of objects (Communication)

List of communications that are associated with the case. Each communication should include detailed information such as the type, sender, receiver, subject, and content.

type
string

The type of case being created. If the property is not provided it will default to ANALYSIS.

  • ANALYSIS: A case focused on examining and evaluating data for potential financial crimes.
  • FILING: A case involving the preparation and submission of regulatory reports.
workflow_id
string

Specifies the workflow to which the case should be assigned. The workflow defines the associated workboard where the case will appear. If the workflow_id is not provided, the case will be placed in the default workflow. The workflow_id can be obtained in the platform settings.

created_at
string or null <date-time>

The creation date of the case, in ISO 8601 format. Defaults to the current timestamp.

Responses

Request samples

Content type
application/json
Example
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "focal_actor_id": "2928938-29892-92983-923892839",
  • "actors": [
    ],
  • "observation_ids": [
    ],
  • "metadata": {
    },
  • "communications": [
    ],
  • "type": "ANALYSIS",
  • "workflow_id": "string",
  • "created_at": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "case_id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74"
}

Update a Case

Update an existing Case in the Lucinity platform. The Case will be updated with the provided details.

Authorizations:
BearerToken
Request Body schema: application/json
required
communication_ids
Array of strings

List of communication ids that should be associated with the case.

Array of objects

List of communication objects to create and associate with the case

Responses

Request samples

Content type
application/json
{
  • "communication_ids": [
    ],
  • "communications": [
    ]
}

Response samples

Content type
application/json
{
  • "case_id": "CASE25618010303001",
  • "communicationIds": [
    ]
}

Get Case

Retrieves a single case by identifier.

Authorizations:
BearerToken
path Parameters
id
required
string

The Case Id.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2025-01-06T13:39:659123Z",
  • "updated_at": "2025-01-07T14:44:359729Z",
  • "assignee": {},
  • "workflow": {
    },
  • "actors": [
    ],
  • "observations": [
    ],
  • "tags": [
    ],
  • "metadata": {
    },
  • "resolution": "string",
  • "source": "string",
  • "jurisdiction": "AUS",
  • "type": "ANALYSIS",
  • "narrative": "The case involves a potentially suspicious financial transaction in Australia,\nexhibiting characteristics commonly associated with rapid movement of funds.",
  • "property1": "string",
  • "property2": "string"
}

Update case

Updates the fields in the case that has the provided ID. Notes:

  • Updating an array is an additive insert operation, meaning that the new values are appended to the existing array.
Authorizations:
BearerToken
path Parameters
id
required
string

The Case ID.

Request Body schema: application/json
required
Resolution (string) or Resolution (number) or Resolution (integer) or Resolution (boolean) or Resolution (object) or Array of Resolution (arrays) (Resolution)

Describes the reason behind a case closure. The content and structure of this field are flexible and can vary depending on the context. It is defined through the Custom Properties, which allows for dynamic extension and customization based on specific business needs.

additional property
string or number or integer or boolean or object or Array of arrays

Custom properties whose keys must start with the prefix c__.

Responses

Request samples

Content type
application/json
{
  • "resolution": "Not Suspicious",
  • "c__custom_string_property": "custom_value",
  • "c__custom_number_property": 12345,
  • "c__custom_object_property": {
    }
}

Response samples

Content type
text/plain
OK

Add an actor to a case

Creates a new actor entity and assigns it to the specified case.

Authorizations:
BearerToken
path Parameters
id
required
string

The ID of the case to add the actor to.

header Parameters
lucinity-rfd-id
string <uuid>

The rfd_id used to retrieve information about the request. Include it to complete an rfd item.

Request Body schema: application/json
required
required
Individual (object) or LegalEntity (object) (schemas-Actor)
type
string (CaseActorType)
Enum: "CONNECTION" "FOCAL"

The role that the actor has in the case.

Defaults to FOCAL.

object (components-schemas-CustomData)

The custom data property can be used to add data in a key, value format to the object. This can e.g. be used for display purposes. Maximum length of this property is 10000 characters.

Responses

Request samples

Content type
application/json
{
  • "type": "CONNECTION",
  • "custom_data": {
    },
  • "actor": {
    }
}

Update multiple case actors

Updates multiple case actor relationships in a case. Maximum 1000 actors in each request.

Authorizations:
BearerToken
path Parameters
id
required
string

The ID of the case the actors belong to.

Request Body schema: application/json
required
Array
actor_id
string

The ID of the actor.

object

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Update a case actor

Updates the fields in the case actor that has the provided ID.

Authorizations:
BearerToken
path Parameters
case_id
required
string

The ID of the case

actor_id
required
string

The ID of the actor

Request Body schema: application/json
required
Decision (string) or Decision (number) or Decision (integer) or Decision (boolean) or Decision (object) or Array of Decision (arrays) (Decision)

The decision made on the case actor. The content and structure of this field are flexible and can vary depending on the context. It is defined through the Custom Properties, which allows for dynamic extension and customization based on specific business needs.

additional property
string or number or integer or boolean or object or Array of arrays or null (schemas-CustomProperties)

Custom properties whose keys must start with the prefix c__.

Responses

Request samples

Content type
application/json
{
  • "c__custom_string_property": "custom_value",
  • "c__custom_number_property": 12345,
  • "c__custom_object_property": {
    }
}

Add a communication to a case

Creates a new communication entity and assigns it to the case.

Authorizations:
BearerToken
path Parameters
id
required
string

The case_id.

header Parameters
lucinity-rfd-id
string <uuid>

The rfd_id used to retrieve information about the request. Include it to complete the rfd item.

Request Body schema: application/json
required
id
required
string <uuid>

The unique identifier for the communication.

type
required
string

The type of communication (e.g., email, SMS).

receiver_id
required
string

Identifies the receiver uniquely in the system where the communication originates. For example if this is an email it could be the email address, if it is from a messaging system it could be the user handle in that system. Alternatively can be provided as Actor/Entity id, as provided in the Actor endpoint, If so then metadata should be used. metadata.receiver_identifiable_as_actor=true.

sender_id
required
string

Identifies the sender uniquely in the system where the communication originates. For example if this is an email it could be the email address. If it is from a messaging system it could be the user handle in that system. Alternatively can be provided as Actor/Entity id, as provided in the Actor endpoint. If so then metadata should be used. metadata.sender_identifiable_as_actor=true.

subject
required
string

The subject title of the message in the communication.

content
string

The content of the communication.

object (components-schemas-CustomData)

The custom data property can be used to add data in a key, value format to the object. This can e.g. be used for display purposes. Maximum length of this property is 10000 characters.

object (schemas-Metadata)

Metadata describing the communication. This field is not intended to add additional information to the communication, rather add information about the communication's attributes.

Responses

Request samples

Content type
application/json
{
  • "id": "6f83db65-50e0-4f7c-b42a-61115110a928",
  • "type": "email",
  • "content": "Please update your account information.",
  • "custom_data": {
    },
  • "metadata": {
    },
  • "receiver_id": "[email protected]",
  • "sender_id": "[email protected]",
  • "subject": "Urgent: Update Required"
}

Upload a file to a case

Uploads a file related to a specific case.

File size may not exceed 50MB.

Valid file formats are:

  • Images (JPG, PNG, GIF)
  • Docs (PDF, DOC, DOCX, EXCEL, JSON, TXT, CSV)
Authorizations:
BearerToken
path Parameters
id
required
string

The case_id

header Parameters
lucinity-rfd-id
string <uuid>

The rfd_id used to retrieve information about the request. Include it to complete the rfd item.

Request Body schema: multipart/form-data
required
file
string <binary>

Responses

Workflows

Get Workflows

Retrieves a list of workflows.

Authorizations:
BearerToken
query Parameters
limit
number
Example: limit=10

Sets the max number of items returned in the result set for this query. Defaults to 200.

offset
number
Example: offset=10

Sets the offset on the index into the list of items in the result set. Defaults to 0.

sort.by
string

Sorts the results based on specified fields and directions.

Example:

  • sort.by=<field>:<direction>
    • <field>: id or version.
    • <direction>: Sorting order, asc (ascending) or desc (descending).

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Webhooks

A Webhook is an automated message that Lucinity sends to your system in real time whenever a specific event occurs — for example, when a case is created or a workflow transitions. Rather than polling the Lucinity API for updates, you register an endpoint URL once, and Lucinity delivers an HTTP POST request to that URL as events happen.

This lets your systems react to Lucinity events immediately, without the overhead of constant polling.

Note: Every webhook event Lucinity sends requires an acknowledgment from your receiving system. If Lucinity doesn't receive one, it will eventually conclude that no listener exists for that webhook and disable it. If this happens, you'll need to detect the disabled state and reactivate the webhook — design your integration with this possibility in mind.

Webhook

List registered webhooks

List registered webhooks.

Authorizations:
BearerToken

Responses

Response samples

Content type
application/json
{
  • "name": "My Webhook for handling claimed cases",
  • "events": [
    ],
  • "id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74",
  • "status": "ACTIVE",
  • "secret": "%D^u~k:pc<y9Hv",
  • "created": 1692294086682,
  • "tenant": "lucinity"
}

Create and register a new Webhook

Authorizations:
BearerToken
Request Body schema: application/json
required
name
required
string

The name of the Webhook given by the Webhook creator

url
required
string <uri>

The target URL for the Webhooks. Typically an endpoint in the customer API that can accept the Lucinity events

events
required
Array of strings

List of events to subscribe to. If '*' all events will be delivered. If empty, the Webhook will be disabled.

Responses

Request samples

Content type
application/json
{}

Response samples

Content type
application/json
{
  • "name": "My Webhook for handling claimed cases",
  • "events": [
    ],
  • "id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74",
  • "status": "ACTIVE",
  • "secret": "%D^u~k:pc<y9Hv",
  • "created": 1692294086682,
  • "tenant": "lucinity"
}

Retrieve a Webhook by Id

Authorizations:
BearerToken
path Parameters
id
required
string

Unique Webhook Id

Responses

Response samples

Content type
application/json
{
  • "name": "My Webhook for handling claimed cases",
  • "events": [
    ],
  • "id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74",
  • "status": "ACTIVE",
  • "created": 1692294086682,
  • "tenant": "lucinity"
}

Remove a Webhook by Id

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

Unique Webhook Id

Responses

Response samples

Content type
application/json
{
  • "name": "My Webhook for handling claimed cases",
  • "events": [
    ],
  • "id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74",
  • "status": "ACTIVE",
  • "created": 1692294086682,
  • "tenant": "lucinity"
}

Update Webhook

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

Unique Webhook Id

Request Body schema: application/json

The status update object. If omitted it will attempt to toggle the status.

name
string

The name of the Webhook given by the Webhook creator

url
string <uri>

The target URL for the Webhooks. Typically an endpoint in the customer API that can accept the Lucinity events

events
Array of strings

List of events to subscribe to. If '*' all events will be delivered. If empty, the Webhook will be disabled.

status
string (WebhookStatus)
Enum: "ACTIVE" "INACTIVE"

Responses

Request samples

Content type
application/json
{}

Response samples

Content type
application/json
{
  • "name": "My Webhook for handling claimed cases",
  • "events": [
    ],
  • "id": "5fa9e93b-3a93-4e6a-82cd-6d9dad7b0d74",
  • "status": "ACTIVE",
  • "secret": "%D^u~k:pc<y9Hv",
  • "created": 1692294086682,
  • "tenant": "lucinity"
}

Test a Webhook

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

Unique Webhook Id

Responses

Case Events

Case Assigned Webhook

Request Body schema: application/json

Information about an event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.assigned"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for case claimed

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.assigned",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Case Closed Webhook

Request Body schema: application/json

Information about an event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.closed"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for case case closed

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.closed",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Case Created Webhook

Request Body schema: application/json

Information about an event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.created"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for case case created

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.created",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Case Workflow Action Performed Webhook

Request Body schema: application/json

Information about an event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.workflow.actioned"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detailed event data for when an action on a workflow is performed in a case.

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.workflow.actioned",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Case Workflow Step Transitioned Webhook

Request Body schema: application/json

Information about a workflow transition of case in the system

id
string

The id for the event created by Lucinity.

name
string
Value: "case.workflow.transitioned"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for when a workflow transition occurs in a case

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.workflow.transitioned",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Commented on a case event Webhook

Request Body schema: application/json

Information about a comment event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.commented"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detailed event data for when a comment is added to a case

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.commented",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Transaction Decision Update Event Webhook

Request Body schema: application/json

Information about an event in the systems

id
string

The id for the event created by Lucinity.

name
string
Value: "case.transaction.decision.updated"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for transaction decision update

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.transaction.decision.updated",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Case Observation Feedback Updated Webhook

Request Body schema: application/json

Information about an event in the system

id
string

The id for the event created by Lucinity.

name
string
Value: "case.observations.feedback.updated"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for observation added

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.observations.feedback.updated",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Observation Actioned Event Webhook

Request Body schema: application/json

Information that a event has been actioned, typically a case observation. This event is triggered when an observation is actioned. Currently only supports "WHITELIST" action.

id
string

The id for the event created by Lucinity.

name
string
Value: "case.observations.actioned"

The type of the event

createdAt
integer <int64>

The Unix timestamp (in milliseconds) indicating when this event was created.

object

Detail event data for observation actioned.

Responses

Request samples

Content type
application/json
{
  • "id": "1",
  • "name": "case.observations.actioned",
  • "createdAt": 1711360775327,
  • "data": {
    }
}

Reporting

The reporting APIs offer customers real time access to various reports pulled from the Lucinity platform. They are grouped into categories and listed out below.

Observation Reporting

Get Observation Feedback

Authorizations:
ApiKeyAuth
query Parameters
startDate
required
string <date-time>
Example: startDate=2023-11-21

Is in ISO 8601 date format and must be after startDate.

endDate
required
string <date-time>
Example: endDate=2023-11-21

Is in ISO 8601 date format and must be after startDate.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Signals Reporting

Get Suppressed Signals

Retrieve signals that were suppressed due to actor exclusion (suppression) or alert management (snooze) in a detection rule.

Authorizations:
ApiKeyAuth
query Parameters
startDate
required
string <date>
Example: startDate=2023-11-21

Is in ISO 8601 date format and must predate or equal endDate.

endDate
required
string <date>
Example: endDate=2023-11-21

Is in ISO 8601 date format and must postdate or equal startDate.

limit
integer
Example: limit=100

The maximum number of suppressed signals that will be returned. The default setting is 100, with a maximum limit of 1000.

offset
integer
Example: offset=0

The offset of the suppressed signals that will be returned. The default setting is 0.

Responses

Response samples

Content type
application/json
{
  • "limit": 10,
  • "number_of_signals": 1,
  • "offset": 0,
  • "signals_suppressed": [
    ]
}

Audit Logs

Get Audit Logs

Get audit logs within certain criteria.

Authorizations:
ApiKeyAuth
query Parameters
startDate
required
string <date-time>
Example: startDate=2023-11-21T00:00:00

Is in ISO 8601 datetime format and must proceed endDate.

endDate
required
string <date-time>
Example: endDate=2023-11-21T23:59:59

Is in ISO 8601 datetime format and must be after startDate.

logType
string (AuditLogType)
Enum: "ALL" "READ" "UPDATE"

The audit log type. If not provided the default is ALL

offset
number

Number of rows to skip before returning results. Must be a positive number. If not provided the default is 0

limit
number

Maximum number of retrived entries. Must be a positive number not greater than 1000. If not provided the default is 200

caseId
string

Get audit logs for a single case

Responses

Response samples

Content type
application/json
{
  • "offset": 0,
  • "limit": 200,
  • "number_of_values": 10,
  • "values": [
    ]
}

Segmentation

The Segmentation API provides a flexible and efficient way to categorize and group legal entities, enabling precise targeting and analysis within your detection scenarios and investigations.

Segmentation is structured around Categories and Groups:

  • A Category represents a broad classification or theme, such as “Industry Classification” or “Annual Turnover.”
  • Within each Category, there are multiple Groups that serve as specific subsets. For example, the “Industry Classification” Category might include Groups like “Healthcare Providers,” “Financial Services,” “Manufacturing,” and “Retail.”
  • Each Group belongs exclusively to one Category and can contain multiple legal entities (actors).
  • Roles can be assigned to actors in a Group
    • For the scenario engine to be able to monitor the activities of all actors in a Group, at least one actor has to have the role Owner of the group. The Owner does not have to be in the Group to be the Owner
    • Note: The group owner must also be included as a member of the group in order for his activity to be monitored if you are using group monitoring.
  • A legal entity (actor) can be assigned to multiple Groups across different Categories, allowing for comprehensive segmentation based on various criteria.

Example:

If you want to segment legal entities by their Industry Classification, you can create a Category called “Industry Classification” and define Groups such as:

  • “Healthcare Providers,” including entities like hospitals, clinics, and pharmaceutical companies.
  • “Financial Services,” covering banks, insurance companies, and investment firms.
  • “Manufacturing,” for entities involved in producing goods, such as automotive or electronics manufacturers.
  • “Retail,” which includes department stores, online retailers, and supermarkets.

Additionally, you could use another Category, such as Annual Turnover, to group entities by their revenue. Under this Category, you might define Groups like:

  • “Up to $1 Million”
  • “$1 Million to $10 Million”
  • “$10 Million to $100 Million”
  • “Over $100 Million”

Legal entities can be assigned to the relevant Groups based on their primary business activities and annual turnover. This segmentation allows for the development of tailored rules and detection scenarios, such as monitoring for industry-specific compliance risks or conducting focused market analyses.

By utilizing the Segmentation API, you gain the ability to create dynamic and customized classifications that support more targeted decision-making and strategic planning.

Categories

Create a Segmentation Category

Create a single Segmentation Category.

Authorizations:
BearerToken
Request Body schema: application/json
required

The Segmentation Category to create.

name
required
string

This is a unique field. The name of the Category, e.g. "Age" or "Annual Turnover".

description
string

The description of the Category, e.g. "Segmentation by age".

Responses

Request samples

Content type
application/json
{
  • "name": "Age",
  • "description": "Segmentation by age"
}

Response samples

Content type
application/json
{
  • "id": "12345678-1234-1234-1234-123456789012"
}

Get Segmentation Categories

Get all Segmentation Categories.

Authorizations:
BearerToken
query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "categories": [
    ],
  • "offset": 2,
  • "limit": 3
}

Get Segmentation Category

Get a single Segmentation Category by id.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Category to fetch.

Responses

Response samples

Content type
application/json
{
  • "id": "12345678-1234-1234-1234-123456789012",
  • "name": "Age",
  • "description": "Segmentation by age",
  • "created_at": 1637539200,
  • "changed_at": 1637539200,
  • "created_by": "John Doe",
  • "changed_by": "Jane Smith",
  • "type": "COMPUTED_BY_CUSTOMER"
}

Update Segmentation Category

Update a single Segmentation Category by id.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Category to update.

Request Body schema: application/json
required

The Segmentation Category to update.

name
string

This is a unique field. The name of the Category, e.g. "Age" or "Annual Turnover".

description
string

The description of the Category, e.g. "Segmentation by age".

Responses

Request samples

Content type
application/json
{
  • "name": "Age",
  • "description": "Segmentation by age"
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Delete a Segmentation Category

Delete a single Segmentation Category by id.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Category to delete.

Responses

Get all Segmentation Groups under a Segmentation Category

Get all Segmentation Groups under a Segmentation Category.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Category to fetch Groups from.

query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "groups": [
    ],
  • "offset": 2,
  • "limit": 3
}

Get all Actors that belong to a Segmentation Category

Get all Actors that belong to a Segmentation Category.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Category to get Actors from.

query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "actor_ids": [
    ],
  • "offset": 2,
  • "limit": 3
}

Groups

Create a Segmentation Group

Create a Segmentation Group.

Authorizations:
BearerToken
Request Body schema: application/json
required

The Segmentation Group to create.

name
required
string

This field is unique per Category id. The name of the Segmentation Group.

category_id
required
string

The Segmentation Category id.

description
string

The description of the Segmentation Group .

Responses

Request samples

Content type
application/json
{
  • "category_id": "12345678-1234-1234-1234-123456789012",
  • "name": "Ages 0-25",
  • "description": "This Group contains Actors aged 0-25."
}

Response samples

Content type
application/json
{
  • "id": "12345678-1234-1234-1234-123456789012"
}

Get a single Segmentation Group

Get a single Segmentation Group.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group to get.

Responses

Response samples

Content type
application/json
{
  • "id": "12345678-1234-1234-1234-123456789012",
  • "category_id": "12345678-1234-1234-1234-123456789012",
  • "name": "Age Group",
  • "description": "Segmentation by age Group ",
  • "created_at": 1637539200,
  • "changed_at": 1637539200,
  • "created_by": "John Doe",
  • "changed_by": "Jane Smith"
}

Update a Segmentation Group

Update a Segmentation Group.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group to update.

Request Body schema: application/json
required

The Segmentation Group to update.

name
string

This field is unique per Category id. The name of the Segmentation Group.

description
string

The description of the Segmentation Group .

Responses

Request samples

Content type
application/json
{
  • "name": "Ages 0-25",
  • "description": "This Group contains Actors aged 0-25."
}

Response samples

Content type
application/json
{
  • "errors": [
    ]
}

Delete a Segmentation Group

Delete a Segmentation Group.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group to delete.

Responses

Add Actors to a Segmentation Group

Add Actors to a Segmentation Group.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group to add Actors to.

Request Body schema: application/json
required

The Actor ids to add to the Group. This has an upper limit of 1000 Actors.

Array
string

Responses

Request samples

Content type
application/json
[
  • [
    ]
]

Response samples

Content type
application/json
{
  • "actor_id": true
}

Get all Actors for a Segmentation Group

Get all Actors for a Segmentation Group.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Groups to get Actors for.

query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "actor_ids": [
    ],
  • "offset": 2,
  • "limit": 3
}

Remove Actors from a Segmentation Category

Remove Actors from a Segmentation Category.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group to remove the Actors from.

Request Body schema: application/json
required

The Actor ids to remove from the Group. Limit of 1000 Actors.

Array
string

Responses

Request samples

Content type
application/json
[
  • "string"
]

Get Segmentation Groups responding to an Actor

Get all Segmentation Groups that an Actor belongs to.

Authorizations:
BearerToken
path Parameters
id
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Actor to get Segmentation Groups for.

query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "groupIds": [
    ],
  • "offset": 2,
  • "limit": 3
}

Roles

Set an owner for a Segmentation Group

Set an owner for a Segmentation Group.

Authorizations:
BearerToken
path Parameters
groupId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group.

actorId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Actor to set as owner.

Responses

Response samples

Content type
application/json
{
  • "message": "Successfully created group role"
}

Get the owners for a Segmentation Group

Get the owners for a Segmentation Group.

Authorizations:
BearerToken
path Parameters
groupId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group.

actorId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Actor to get as owner.

query Parameters
offset
integer <int32>
Example: offset=2

The offset for pagination.

limit
integer <int32>
Example: limit=3

Maximum number of retrived entries. Must be a positive number not greater than 1000.

Responses

Response samples

Content type
application/json
{
  • "actorIds": [
    ],
  • "offset": 2,
  • "limit": 3
}

Remove an owner from a Segmentation Group

Remove an owner from a Segmentation Group.

Authorizations:
BearerToken
path Parameters
groupId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Segmentation Group.

actorId
required
string
Example: 12345678-1234-1234-1234-123456789012

The id of the Actor to remove as owner.

Responses

Response samples

Content type
application/json
{
  • "message": "Successfully deleted group role"
}

Identity and Access Management

Users

Get Users

Get multiple users.

Authorizations:
BearerToken
query Parameters
offset
number

Number of rows to skip before returning results. Must be a positive number. If not provided the default is 0

limit
number

Maximum number of retrived entries. Must be a positive number. If not provided the default is 100

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get User by ID

Get a single platform user by their unique identifier.

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

The user's unique identifier.

Responses

Response samples

Content type
application/json
{
  • "user_id": "33ff36c2-91ea-4dd7-b239-31bb97875cce",
  • "username": "user",
  • "email": "[email protected]",
  • "first_name": "User",
  • "last_name": "Platform",
  • "enabled": true,
  • "created_at": 1754046259851,
  • "groups": [ ]
}

Custom Properties

Retrieves a list of custom properties

This endpoint will fetch the custom properties that have been defined. The custom properties are used to store additional information about the entity.

Currently supported entities are:

  • case
  • case.actor
Authorizations:
BearerToken
query Parameters
limit
number
Example: limit=5

Sets the max number of items returned in the result set for this query

offset
number
Example: offset=35

Sets the offset on the index into the list of items in the result set

filter.entity
string
Example: filter.entity=case

The entity containing the custom property.

filter.name
string
Example: filter.name=c__actor_decision

The custom property name.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Request for Data

Get RFD by Id

Retrieves an RFD object using its unique Id.

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

The unique identifier for the RFD.

Responses

Response samples

Content type
application/json
{
  • "type": "string",
  • "case_id": "c74269e5-1f97-4e20-9164-ffbe3494d8d6",
  • "status": "COMPLETED",
  • "request": {
    },
  • "created_at": "2019-08-24T14:15:22Z"
}

Reject an RFD request.

Cancels the RFD flow and marks the RFD request as rejected. After calling this endpoint, the SLA will be disabled and the case will eventually revert to its previous state before the RFD process was initiated. Note that if you try to reject a RFD that has already been completed you will get a 400 error.

Authorizations:
BearerToken
path Parameters
id
required
string <uuid>

The unique identifier of the RFD.

Request Body schema: application/json
required
reason
string

Reason for rejection.

Responses

Request samples

Content type
application/json
{
  • "reason": "Actor not found."
}

RFD Schema

Create or update an RFD schema.

Defines or updates the schema used for RFD validation.

Since RFDs have a dynamic schema, this endpoint allows submitting a JSON Schema-compliant format. The schema is used by the RFD endpoints to validate incoming payloads as they pass through the system.

To update an existing schema, the entire payload must be resubmitted, including both unchanged values and any modifications.

Authorizations:
BearerToken
Request Body schema: application/json
required
type
required
string^[a-zA-Z0-9_-]+$

A predefined identifier specifying the type of schema to be used in different flows in the RFD service. This type should match the type in the /request_for_data endpoints. Must be only alphabetical symbols, numbers, underscore and hyphen.

required
object

The schema settings used to validate the request payloads in the RFD service. Must be in JSON schema format.

created_at
string <date-time>

The time and date when the schema was created in ISO 8601.

Responses

Request samples

Content type
application/json
{
  • "type": "ACTOR",
  • "schema": {
    },
  • "created_at": "2019-08-24T14:15:22Z"
}

Retrieve a list of RFD schemas

Fetches a list of all RFD schemas.

Authorizations:
BearerToken
query Parameters
limit
number
Example: limit=5

Sets the max number of items returned in the result set for this query

offset
number
Example: offset=35

Sets the offset on the index into the list of items in the result set

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Retrieve RFD schema by type

Fetches a specific request for data schema by type.

Authorizations:
BearerToken
path Parameters
type
required
string

Responses

Response samples

Content type
application/json
{
  • "type": "ACTOR",
  • "schema": {
    },
  • "created_at": "2019-08-24T14:15:22Z"
}

Glossary

AML

Anti-Money Laundering (AML) is the set of regulations, processes, and technology financial institutions use to detect and prevent the disguising of illegally obtained funds as legitimate income. Lucinity's platform organizes its detection capabilities around three AML disciplines: Transaction Monitoring, Fraud Detection, and Sanctions Screening — each looking for a different kind of risk signal across the same underlying data (Actors, Accounts, and Transactions).

Transaction Monitoring

Transaction Monitoring is the ongoing review of an Actor's transaction activity to detect patterns consistent with money laundering — for example, unusual volume, velocity, or counterparties relative to what's expected of that Actor. It is inherently retrospective: because it looks for patterns rather than judging any single transaction in isolation, Transaction Monitoring reviews activity after it has already settled, rather than blocking it in real time.

Fraud Detection

Fraud Detection identifies transactions that are themselves illegitimate — for example, an unauthorized payment or a manipulated instruction — rather than transactions that look legitimate individually but form a suspicious pattern over time. Unlike Transaction Monitoring, Fraud Detection often needs to act before a transaction settles, supporting real-time review and blocking decisions.

Sanctions Screening

Sanctions Screening checks Actors, Counterparties, and other transaction participants against sanctions lists, watchlists, and other restricted-party databases (such as those maintained by OFAC) to prevent transacting with a sanctioned individual or entity. Like Fraud Detection, it frequently operates in real time, ahead of a transaction settling.

Actor

An Actor is any person or organization whose financial activity Lucinity monitors — most often a financial institution's own customer, but also other parties who need to be reviewed in their own right, such as the customers of a business customer. Actors are the central subject of AML: Transaction Monitoring, Fraud Detection, and Sanctions Screening are all ultimately evaluating the activity and identity of Actors.

Transaction

A Transaction is a single movement of monetary value involving an Actor — a payment, transfer, deposit, withdrawal, or similar. Transactions are the primary evidence AML disciplines examine: their amount, timing, and counterparties are what Transaction Monitoring and Fraud Detection evaluate for risk.

Direction

Direction describes which way funds move relative to the Actor: inbound, when the Actor receives funds, or outbound, when the Actor sends them. Rather than modeling a fixed sender and receiver role like the traditional Originator/Beneficiary model used in payments and wire transfers, Lucinity always frames the transaction from the perspective of the Actor being monitored, with the Counterparty as whoever is on the other side of that movement.

Counterparty

A Counterparty is the other party in a Transaction — the entity funds are sent to or received from, relative to the Actor being monitored. A Counterparty doesn't need to be a Lucinity Actor; if it needs to be monitored in its own right, it should also be modeled as an Actor.

Segmentation

Segmentation is the practice of grouping Actors by shared characteristics — such as customer type, product line, or geography — so that detection, review, and reporting can be tailored to each group rather than applied uniformly across your entire customer base.

KYC

Know Your Customer (KYC) is the due-diligence process financial institutions perform to verify an Actor's identity and understand their expected activity before and during a business relationship. KYC establishes the baseline — who an Actor is and what behavior is normal for them — that Transaction Monitoring later compares actual activity against.

Risk Assessment

A Risk Assessment is a structured judgment about an Actor's risk level, recorded against a specific risk type — for example, an internal risk score derived from the KYC process, or a flag for a specific concern such as being a Politically Exposed Person. Risk Assessments accumulate over an Actor's lifetime and inform how closely their activity should be scrutinized.

PEP

A Politically Exposed Person (PEP) is an individual who holds, or has held, a prominent public position — or who is closely associated with someone who does. PEPs are considered higher risk because their position could be used to facilitate bribery, corruption, or other financial crime, so financial institutions apply enhanced scrutiny to them.

Scenario / Behavior

A Scenario (also called a Behavior) is a description of a known AML risk pattern you want to detect — for example, rapid movement of funds through multiple accounts, or an Actor transacting well outside their established norm. A Scenario on its own doesn't do anything; it needs a Detector to actually watch for it in your data.

Detector

A Detector is any mechanism that watches your data for a Scenario and raises an Observation when it finds a match. Lucinity's Scenario Builder lets you configure your own Detectors as Rules; you can also bring your own Detectors — including machine learning Models — and send their results to Lucinity as Observations.

Rule

A Rule is a Detector built from explicit, configurable conditions — for example, flagging any cash withdrawal over a given amount. Rules are the type of Detector you configure directly in Lucinity's Scenario Builder.

Model

A Model is a Detector built using machine learning or other statistical methods, rather than explicit conditions — for example, a system trained to recognize an Actor's typical transacting pattern and flag deviations from it. External detection systems that use Models can send their results to Lucinity as Observations, the same as a Rule would.

Observation / Alert

An Observation (also called an Alert) is the output produced when a Detector finds a match for a Scenario in an Actor's activity, flagging that activity for analyst review. Observations can come from any of the three AML disciplines: Transaction Monitoring, Fraud Detection, or Sanctions Screening.

False Positive / True Positive

When an analyst reviews an Observation, they classify the outcome as a False Positive if the activity turns out not to be suspicious after all, or a True Positive if it's confirmed as genuine risk. You can use this feedback to refine your own detectors over time.

Case

A Case is an investigation opened to review one or more Observations about an Actor. It brings together the relevant Observations, Actors, Accounts, and Transactions so an analyst can decide whether the activity is genuinely suspicious.

Case Summary

A Case Summary is the analyst's write-up of a Case's findings — what was reviewed, what was found, and why the Case was resolved the way it was. It's the record that documents the reasoning behind a Case's outcome.

Case Management

Case Management is the overall practice of reviewing, investigating, and resolving Cases — from an Observation creating a Case, through analyst investigation and a Case Summary, to a final resolution. Workboards and Workflows are the tools Lucinity provides to organize this practice at scale.

Workboard

A Workboard is a queue of Cases awaiting action, typically grouped by their current stage or by which team is responsible for them. Analysts work from Workboards to pick up and progress Cases.

Workflow

A Workflow defines the stages a Case moves through from creation to resolution — for example, initial triage, investigation, and closure — and which Workboard the Case appears on at each stage.

Filing

Filing is the act of submitting a regulatory report — such as a Suspicious Activity Report (SAR), or the equivalent report required in your jurisdiction — to the appropriate authority once a Case's investigation concludes that the activity should be formally reported.