Response schema

Every POST /v1/screen call returns a single deterministic JSON object with the same top-level shape, regardless of which sources matched.

Example response

{
  "id": "b3c1e2a4-5f6d-4a8b-9c0e-1f2d3a4b5c6d",
  "entity": "Acme Corporation SA",
  "risk_score": 78,
  "risk_level": "high",
  "flags": [
    {
      "type": "sanctions",
      "source": "ofac_direct",
      "list": "SDN",
      "match_score": 0.94,
      "details": { "program": "UKRAINE-EO13662", "entity_id": "26438" }
    },
    {
      "type": "adverse_media",
      "source": "namescan",
      "list": "ADVERSE_MEDIA",
      "match_score": 0.71,
      "details": {
        "headline": "Regulator opens probe into Acme supply chain",
        "published_at": "2026-02-14"
      }
    }
  ],
  "sources_queried": [
    "opensanctions",
    "ofac_direct",
    "eu_direct",
    "sanctions_io",
    "namescan"
  ],
  "sources_matched": ["ofac_direct", "namescan"],
  "cache_hit": false,
  "duration_ms": 312,
  "timestamp": "2026-04-15T09:00:00Z"
}

Top-level fields

id

string (UUID) — unique identifier for this screening. Use it with GET /v1/screen/:id to retrieve the result later. Retained for 24 months.

entity

string — the normalized query string after trimming, case-folding, and unicode normalisation.

risk_score

integer 0–100 — composite score derived from every flag. See Risk scoring.

risk_level

string — one of low, medium, high, or critical, derived from risk_score.

flags[]

array — every individual match returned by any source. Empty array when nothing matched. See the Flag object below.

sources_queried

string[] — all sources eupeak.io contacted for this request, whether they matched or not.

sources_matched

string[] — subset of sources_queried that returned at least one match above the request threshold.

cache_hit

boolean — true when the entire response was served from the Redis cache. Cached responses carry the same id as the original live screening.

duration_ms

integer — end-to-end time in milliseconds, measured from request receipt to response flush.

timestamp

string (ISO 8601) — UTC timestamp at which the screening was executed.

Flag object

Each element of flags[] describes a single match returned by a single source. A screening may contain many flags from many sources, or none at all.

type

"sanctions" · "pep" · "watchlist" · "adverse_media"

source

Normalized source identifier: e.g. ofac_direct, eu_direct, un_sc, uk_ofsi, opensanctions, sanctions_io, dilisense, namescan.

list

Specific list or sub-programme, e.g. SDN, EU_CONSOLIDATED, UN_CONSOLIDATED, ADVERSE_MEDIA.

match_score

number 0–1 — fuzzy match confidence (Jaro-Winkler). 1.0 means exact case-insensitive match.

details

object — the source-specific raw payload. The keys vary by source; never assume a fixed shape. Use it for display, linking back to the underlying record, or for populating your own audit reports.

Risk scoring

eupeak.io assigns a composite risk score on a 0–100 scale based on the strongest flags in the response. The weighting is deterministic and stable — the same input will always produce the same score.

sanctions

60 points — any direct-feed sanctions hit

pep

40 points — politically exposed person or close associate

watchlist

30 points — aggregated watchlist hit

adverse_media

20 points — credible adverse media finding

multi-source bonus

+10 points when two or more independent sources confirm

Risk level thresholds

eupeak.io does not make compliance decisions on your behalf. Risk levels are advisory thresholds; the final decision rests with qualified personnel in your organisation.