Interpreting Workflows

A developer's guide to parsing the workflowResult object, from the overall status down to the granular details of each check.

Understanding the Workflow Response

After executing a workflow, the API returns a comprehensive workflowResult object. This object is the key to understanding the outcome of every check performed. This guide provides a structured, top-down walkthrough of how to parse this response, using a real-world example to illustrate each part of the object.

The examples in this guide refer to the following API response for workflow execution 01JZHEX5FQA4DJB0MMJFZR26JS. Click to expand and see the full structure.

1{
2 "individual": {
3 "entityId": "99f16410-2613-4181-8cf1-048625900013",
4 "name": { "displayName": "MARY TESTFOURTEEN", ... },
5 ...
6 },
7 "requestId": "01JZHEX0WX2QEM6EY139D5NNP1",
8 "workflowResult": {
9 "workflowExecutionId": "01JZHEX5FQA4DJB0MMJFZR26JS",
10 "workflowExecutionState": "COMPLETED",
11 "status": "PASS",
12 "result": "PASS",
13 "riskAssessment": {
14 "riskLevel": "LOW",
15 "riskScore": 12,
16 "riskFactors": [ { "factor": "entity_type", "value": "INDIVIDUAL", "score": 2 }, { "factor": "entity_age", "value": "62", "score": 10 } ]
17 },
18 "steps": {
19 "passed": [ "START", "MATCHLIST", "KYC", "AML", "DECISION", "FINISH" ],
20 "failed": [ "IDV" ],
21 "order": [ "START", "MATCHLIST", "KYC", "IDV", "AML", "TOGGLE_MONITORING", "DECISION", "FINISH" ],
22 ...
23 },
24 "issues": [],
25 "workflowStepResults": [
26 {
27 "stepName": "KYC",
28 "result": "MATCH",
29 "processResults": [
30 {
31 "class": "KYC",
32 "objectType": "NAME",
33 "result": "MATCH",
34 "providerResult": {
35 "name": "con_testbed-docs",
36 "source": "au-govid1-pp"
37 },
38 ...
39 }
40 ],
41 "summary": {
42 "matchedRules": [
43 {
44 "ruleName": "gov_id_only",
45 "isVerified": true,
46 "matchDetails": [
47 {
48 "provider": "con_testbed-docs",
49 "source": "au-govid1-pp",
50 "attributesMatched": [ "dateOfBirth", "govId", "name" ]
51 }
52 ]
53 }
54 ]
55 },
56 ...
57 },
58 ...
59 ]
60 }
61}

Part 1: The Overall Outcome (The Final Verdict)

Always start by checking the top-level fields of the workflowResult object. These give you the final, authoritative outcome.

Field NameImportanceDescription
status‼️This is the most important field. It is the conclusive recommendation (e.g., PASS, FAIL, REVIEW), including any manual overrides. Base your business logic on this value.
workflowExecutionState‼️This confirms the workflow’s technical status. It must be COMPLETED. If it’s anything else (e.g., ERROR), the workflow did not finish, and the status is not final.
result⚠️This represents the original, automated outcome of the workflow before any manual overrides. Useful for auditing.
issues⚠️An array of problems that may require manual review. If the status is REVIEW, this array will contain the specific reasons why. An empty array, as seen in our example, is a good sign.

In our example, the status is PASS and workflowExecutionState is COMPLETED, so we can confidently treat this as a successful verification.

Part 2: The Step-by-Step Breakdown (workflowStepResults)

The workflowStepResults array shows the outcome of each individual check and explains why the overall status was reached. Each object in this array corresponds to a step in your workflow.

Analyzing the KYC Step From our full example, let’s inspect the KYC step object.

JSON
1{
2 "stepName": "KYC",
3 "result": "MATCH",
4 "summary": {
5 "matchedRules": [
6 {
7 "ruleName": "gov_id_only",
8 "isVerified": true,
9 "matchDetails": [
10 {
11 "provider": "con_testbed-docs",
12 "source": "au-govid1-pp",
13 "attributesMatched": [
14 "dateOfBirth",
15 "govId",
16 "name"
17 ]
18 }
19 ]
20 }
21 ]
22 },
23 "processResults": [...]
24}

The step result is MATCH, indicating a successful verification.

The summary.matchedRules object shows exactly how the MATCH was achieved. In this case, the gov_id_only rule was satisfied by matching the name, dateOfBirth, and govId against the au-govid1-pp data source (the passport check).

Part 3: The Granular Evidence (processResults)

For the deepest level of detail, look inside a workflowStepResult at its processResults array. A Process Result Object (PRO) is the raw evidence from a single check against a single data source.

Example: A Single Process Result This PRO is one of three from the KYC step in our full example. It shows the NAME being matched.

JSON
1{
2 "processResultId": "01JZ4H0P59KGQR9DZCWZ6JQRY0",
3 "class": "KYC",
4 "objectType": "NAME",
5 "result": "MATCH",
6 "state": "COMPLETED",
7 "systemStatus": "VALID",
8 "providerResult": {
9 "name": "con_testbed-docs",
10 "source": "au-govid1-pp"
11 },
12 "supplementaryData": {
13 "type": "KYC_NAME",
14 "matchStrengths": {
15 "fullName": 75,
16 "familyName": 75,
17 "givenName": 75
18 }
19 }
20}

This tells us that for the NAME object, the con_testbed-docs provider returned a MATCH from the au-govid1-pp source. The supplementaryData shows the match strength scores for each part of the name.

Part 4: The Risk Profile (riskAssessment)

The riskAssessment object provides a comprehensive overview of the calculated risk based on the checks performed.

From our example:

JSON
1"riskAssessment": {
2 "riskLevel": "LOW",
3 "riskScore": 12,
4 "riskFactors": [
5 {
6 "factor": "entity_type",
7 "value": "INDIVIDUAL",
8 "score": 2
9 },
10 {
11 "factor": "entity_age",
12 "value": "62",
13 "score": 10
14 }
15 ]
16}
  • riskLevel: The final risk rating is LOW.
  • riskScore: The total score is 12.
  • riskFactors: This score was calculated from two factors: the entity_type contributing a score of 2, and the entity_age contributing a score of 10.

Appendix: Broader Definitions for Key Data Objects

For a deeper understanding of the data objects used in workflows, refer to the following sections:

After executing a workflow, the results provide comprehensive insights into the outcomes of the checks performed. Each workflow consists of multiple steps, such as Know Your Customer (KYC) checks, Anti-Money Laundering (AML) screenings, Identity Verification (IDV), and risk assessments. Each step autonomously documents its findings, contributing to the overall workflow result.

To simplify reporting, step outcomes are grouped by category, ensuring that identical steps are aggregated and presented as a unified result. For example, KYC checks may be performed multiple times using various service providers and configurations, but the results are consolidated into a single step outcome that reflects the combined assessments. Below are the key fields and their significance:

Field nameDescriptionImportance
statusIndicates whether the individual passed all workflow requirements, providing a conclusive recommendation based on the checks performed. It also accounts for manual interventions, such as overriding the result outside the workflow.‼️
statusOverrideAtThe UTC timestamp indicating when the status was manually overridden outside the workflow execution.ℹ️
statusOverrideRequestIdThe unique requestId of the request that manually overrode the status outside the workflow execution.ℹ️
statusOverrideByThe value of the X-Frankie-Username header in the request that manually overrode the status outside the workflow execution.ℹ️
resultRepresents the original outcome of the workflow at its completion. If manually overridden, this value may differ from the status.⚠️
workflowExecutionStateIndicates whether the workflow executed to completion. A state other than “COMPLETED” suggests the workflow did not finish, and the result should be interpreted with caution.‼️
workflowStepResultsA detailed list of all steps executed as part of the workflow, along with their individual outcomes.⚠️
riskAssessmentSummarizes all risk factors encountered during workflow execution and the overall risk level of the entity based on those factors.⚠️
issuesA summary of issues encountered during workflow execution, such as errors, insufficient data, or failed verifications. Typically present only if checks failed.⚠️
workflowExecutionIdA unique identifier for the workflow execution, generated when the workflow is triggered.ℹ️
serviceProfileIdThe unique identifier of the service profile associated with the workflow execution, derived from the serviceName in the API request path.ℹ️
workflowIdThe unique ID of the executed workflow, derived from the workflowName in the API request path.ℹ️
workflowNameThe name of the executed workflow, derived from the workflowName in the API request path.ℹ️
stepsA list of steps executed as part of the workflow.ℹ️
entityTypeSpecifies the type of entity for which the workflow was executed, either INDIVIDUAL or ORGANIZATION.ℹ️
errorsLists any errors encountered during workflow execution.⚠️
requestIdThe unique identifier of the request that triggered the workflow execution.ℹ️
entityIdThe unique identifier of the individual or organization for which the workflow was executed.ℹ️
startedAtThe timestamp indicating when the workflow execution began.ℹ️
endedAtThe timestamp indicating when the workflow execution completed.ℹ️
createdAtThe timestamp indicating when the process result was created.ℹ️
updatedAtThe timestamp indicating when the process result was last updated.ℹ️
updatedByIdentifies who last updated the workflow execution, based on the X-Frankie-Username header of the request.ℹ️
schemaVersionSpecifies the version of the schema returned, which is always 2 in the FrankieOne v2.x API.ℹ️
notesCaptures any additional notes recorded during the workflow execution.ℹ️

The statusOverrideAt field can be used to determine if the status was manually overridden.

Workflow execution statuses provide insights into the current state of the workflow. Workflow execution results provide insights into the final outcome of the workflow. Below are the possible statuses and results:

status or resultOutcome of a workflow execution. Results or Status can be one of:
UNCHECKEDThe workflow has yet to be run and has no result.
IN_PROGRESSThe workflow is currently running and is awaiting completion.
REVIEWThe outcome of the workflow has produced results that require review. Check the risks and step results for more.
PASSThe workflow successfully completed to produce a PASS recommendation.
FAILThe workflow finished with the recommendation being a FAIL.
COMPLETEThe workflow has finished and the results are considered to be complete. A PASS/FAIL in this case is not required.
INCOMPLETEThe workflow has finished and the results are considered to be incomplete. A PASS/FAIL in this case is not required.
NEEDS_APPROVALThe workflow has reached a point where an approval process needs to be run. Once done, you should re-run this workflow.
APPROVEDThe workflow has been run with the final outcome being approved, most likely by an external source, such as a human.
REJECTEDThe workflow has been run with the final outcome being rejected, most likely by an external source, such as a human.
BLOCKEDThe workflow has been blocked from completing. Manual review will be required.
CLEARThe workflow has completed and there are no issues raised. Often used with ongoing monitoring workflows.
URGENTThe workflow has completed and there are matters deemed to require urgent review. Often used with ongoing monitoring workflows that return sanctions or similarly critical items of interest.
MONITORThe workflow has completed and it is determined that further monitoring is required. Should be manually reviewed.

Each workflow consists of multiple steps, each representing a specific check or process. Below are common steps and their possible outcomes:

Step NameDescriptionPossible Outcomes
STARTIndicates the workflow has started.COMPLETE
KYCPerforms identity verification checks.MATCH, NO_MATCH
AMLScreens for AML risks.CLEAR, HIT
RISKAssesses the risk from the workflow steps.COMPLETE
DECISIONDetermines the final workflow outcome.PASS, FAIL, REVIEW
FINISHIndicates the workflow has completed.COMPLETE

Supplementary Steps

The start step signifies the successful initiation of the workflow. To confirm that the workflow started without issues, check if the execution result includes a start step with a result of COMPLETE. Typically, no processResults are expected for this step.

The decision step serves as a pivotal point in the workflow, determining its final status—PASS, FAIL, or REVIEW. This decision is based on the outcomes of the preceding steps. For example, if all prior steps were executed successfully and all checks were cleared, the workflow is typically marked as PASS. Conversely, if any step encountered an issue, such as a failed verification, the workflow is likely marked as FAIL. It is important to note that these statuses can be customized within the workflow builder.

The risk step in the workflow is a mandatory checkpoint for risk assessment. It doesn’t result in a pass or fail status. Instead, it’s simply marked as “COMPLETED” once a risk evaluation has been conducted. This step ensures that risks are always considered in the process, without directly affecting the workflow’s status. While the risk assessment itself doesn’t change the workflow, the information gathered may be useful for later steps.

The finish step indicates whether the workflow has completed successfully. This means all results have been collected and stored, ready for further analysis. To verify that the workflow finished without issues, look for a result of COMPLETE. Note that this only confirms the workflow’s completion, not the success of individual checks or the absence of errors. Typically, no processResults are generated for this step.

The table below represents the overall result of a workflow step. Each value provides a specific status or outcome of the step, depending on the context and its intended operation:

ResultDescription
UNCHECKEDThe step was not attempted, typically due to a failure in a previous step. An error or message will indicate the reason.
SKIPPEDThe step was skipped because it was unnecessary to run or had already been completed with acceptable results.
MISSING_DATAThe step requires additional data to complete. Details will be provided in the associated error objects.
PASSThe step completed successfully, meeting the requested goals. Often used for binary outcomes or manually applied results.
FAILThe step completed but did not meet the requested goals. Often used for binary outcomes or manually applied results.
COMPLETEThe step finished successfully without a specific pass/fail scenario, indicating that the required process was completed.
INCOMPLETEThe step was unable to finish successfully without a specific pass/fail scenario, indicating that the required process was not completed.
MATCHThe step produced a fully successful match against the requested source(s).
NO_MATCHThe step produced no match against the requested source(s).
PARTIALThe step produced a partially successful match against the requested source(s).
CLEARThe step checked against a list/source (generally negative in nature) and found no match, which is a positive outcome.
HITThe step checked against a list/source (generally negative in nature) and found a match.
CLEAREDThe step resolved previously found matches against a list/source (generally negative in nature).
EXPIREDThe data found in this step has expired.
NOT_APPLICABLEThe step was determined to be unnecessary, such as checking for a visa when the individual is already a citizen of the country.
ERRORThe step encountered an unrecoverable error, preventing a useful result from being determined.

The KYC workflow step reflects the overall outcome from the service provider, represented by the serviceProviders.result field.

1{
2 "workflowResult": {
3 "workflowStepResults": [
4 {
5 "endedAt": "2024-05-14T04:04:12.663190Z",
6 "objectId": "{objectId}",
7 "objectType": "INDIVIDUAL",
8 "processResults": [...],
9 "requestId": "{requestId}",
10 "result": "MATCH",
11 "serviceProviders": [
12 {
13 "endedAt": "2024-05-14T04:04:12.663187286Z",
14 "provider": "dvs",
15 "result": "MATCH",
16 "startedAt": "2024-05-14T04:04:11.849152Z"
17 }
18 ],
19 "startedAt": "2024-05-14T04:04:11.849152Z",
20 "stepData": {...},
21 "stepName": "kyc",
22 "stepResultId": "{stepResultId}",
23 "workflowExecutionId": "{workflowExecutionId}"
24 }
25 ]
26 }
27}

The workflow step summary provides a concise overview of the results of each step executed as part of the workflow. It can include one of the following summaries:

SummaryDescription
StartIndicates the initiation of the workflow and its readiness for execution.
KYCProvides a summary of the identity verification checks performed during the KYC step.
IDDetails the results of identity document verification, such as passport or driver’s license checks.
NameValidationSummarizes the validation of the individual’s name against provided documents or databases.
VisaProvides results of visa checks, including validity and compliance with immigration requirements.
AMLSummarizes the results of the AML screening process, including any matches or clearances.
MatchlistDetails the results of matchlist checks, such as PEP or sanctions screening.
DuplicateSummarizes checks for duplicate records or entities within the system.
DecisionSummarizes the final decision made during the workflow, such as PASS, FAIL, or REVIEW.
FinishMarks the completion of the workflow, summarizing the overall execution status.

Each summary provides insights into the specific checks performed during the workflow execution, allowing organizations to assess the effectiveness of their KYC processes and make informed decisions based on the results. For more details on each step, refer to the public API documentation.

Credit Header Failure Result

In FrankieOne v2, the credit header failure result can be found under processResults[].notes, where the class is KYC and the kvpKey follows the same format: Important.CreditBureauMatch.X, with X being either Equifax or Experian.

KYC match details are represented as processResults existing under the workflow step results for steps that require verification or checks to be run. These details vary based on the context of what the check is trying to accomplish. For checks against external data sources, the processResults aim to capture what exactly has matched against which source. Steps typically return an array of all the individual process results that were used in determining that step’s result.

After a KYC step has been executed, various elements require examination to determine the final outcome.

SymbolDescription
⚠️Context on why the entity may have passed or failed.
ℹ️Information-only, no contribution to whether the entity has passed or failed.
‼️Results that determine whether the entity has passed or failed, or if the workflow failed to execute to completion.

When a process result object is first created, it is assigned an ID. When updating the process result object, make sure you set the processResultID to the ID of the process result object you are referring to

Field NameDescriptionImportance
processResultIdRepresents the unique identifier of the process result.ℹ️
schemaVersionThe version of the schema returned.ℹ️
entityIdThe unique identifier of the entity associated with the process result.ℹ️
requestIdThe unique request ID for the API call made. Example: 01HN9XHZN6MGXM9JXG50K59Q85.ℹ️
stepNameThe name of the workflow step that generated this process result.ℹ️
stepTypeThe type of the workflow step that generated this process result.ℹ️
objectTypeThe type of object being checked (e.g., INDIVIDUAL, DOCUMENT).ℹ️
objectIdThe unique identifier of the object being checked.ℹ️
createdAtThe timestamp when the process result was created.ℹ️
updatedAtThe timestamp when the process result was last updated.ℹ️
groupIdA unique identifier tying related process results together.ℹ️
providerResultDetails about the provider’s result, including confidence, name, reference, and source.⚠️
resultThe actual pass/fail result of the element check.⚠️
classProvides more clarity of the result class, especially for more generic element types like person.ℹ️
supplementaryDataAdditional data related to the process result.ℹ️
errorsAny errors encountered as part of the process.⚠️
notesAdditional notes or context about the process result.ℹ️
systemStatusIndicates the system status applied to the process result. Default: VALID.⚠️
manualStatusAny manual status set after the results have been reviewed.⚠️
stateDenotes the final disposition of this element’s check result. Possible values: IN_PROGRESS, COMPLETED, TIMEOUT, ERROR.⚠️
riskFactorsAny risk factors identified during the process.⚠️
updatedByThe user or system that last updated the process result.ℹ️

Process Result Objects (PROs) encapsulate the outcomes of specific processes (check, comparison, verification etc.). They play a crucial role in evaluating the overall outcome of relevant workflow steps.

Let’s break down the following KYC process result:

  • The class is “KYC” which indicates the process is in relation to a KYC database verification check.
  • The address of the entity has been successfully verified against the Australian Electoral Roll:
    • Based on the objectType we can see that the specific element checked was an “ADDRESS”
    • The providerResult array contains the details of the service provider that the entity was checked against:
      • The service provider is the Document Verification Service as indicated by the name field (“dvs”)
      • The specific data source that was checked is the Australian Electoral Roll as indicated by the source (“au-elec-roll”) and sourceNormalized (“au-elec-roll”) fields
    • The result is “MATCH” indicating that the address was successfully matched.
  • The check was completed successfully (state is “COMPLETED”) and hasn’t yet been invalidated in any way (systemStatus is “VALID”), therefore it’s safe to determine that the process ran to completion and was indeed used in determining the successful result.
  • There has been no manual status applied to the process (due to the absence of a manualStatus field)
1"processResults": [
2{
3 "class": "KYC",
4 "createdAt": "2024-07-11T23:57:08.197185Z",
5 "entityId": "{entityId}",
6 "groupId": "{groupId}",
7 "notes": {...},
8 "objectId": "{objectId}",
9 "objectType": "ADDRESS",
10 "processResultId": "{processResultId}",
11 "providerResult": {
12 "confidence": "100",
13 "name": "dvs",
14 "reference": "{referenceId",
15 "source": "au-elec-roll",
16 "sourceNormalized": "au-elec-roll"
17 },
18 "supplementaryData": {
19 "matchStrengths": {
20 "fullAddress": 100,
21 "streetNumber": 100,
22 "streetName": 100
23 "streetType": 100,
24 "locality": 100,
25 "district": 100,
26 "subdivision": 100,
27 "postalCode": 100,
28 "country": 100,
29 },
30 "fuzziness": {
31 "normalized": 0,
32 "actual": 0
33 },
34 "wasNameMatchStrongEnough": true
35 },
36 "requestId": "{requestId}",
37 "result": "MATCH",
38 "schemaVersion": 2,
39 "state": "COMPLETED",
40 "stepName": "KYC",
41 "systemStatus": "VALID",
42 "updatedAt": "2024-07-11T23:57:08.197185Z"
43}

Similar to Process Results (PROs) for KYC database verification matches, process results that result in no match will be generated during step execution and will provide insights into why the data source could NOT be matched.

Let’s break down the following KYC process result:

  • The class is “KYC” which indicates the process is in relation to a KYC database verification check.
  • The address of the entity has been checked but wasn’t verified against the Australian Electoral Roll:
    • Based on the objectType we can see that the specific element checked was an “NAME”
    • The providerResult array contains the details of the service provider that the entity was checked against:
      • The service provider is the Document Verification Service as indicated by the name field (“dvs”)
      • The specific data source that was checked is the Australian Electoral Roll as indicated by the source (“au-elec-roll”) and sourceNormalized (“au-elec-roll”) fields
    • The result is “MATCH” indicating that the address was successfully matched.
  • The matchStrengths within supplementaryData shows that no part of the name matched at all.
  • The fuzziness within supplementaryData shows that an exact match (normalized as “0”) was required, potentially restricting any passable partial matching (“Sarah”, “Sara”).
  • The check was completed successfully (state is “COMPLETED”) and hasn’t yet been invalidated in any way (systemStatus is “VALID”), therefore it’s safe to determine that the process ran to completion and was indeed used in determining the successful result.
  • There has been no manual status applied to the process (due to the absence of a manualStatus field).
1"processResults": [
2{
3 "class": "KYC",
4 "createdAt": "2024-07-11T23:57:08.197185Z",
5 "entityId": "{entityId}",
6 "groupId": "{groupId}",
7 "notes": {...},
8 "objectId": "{objectId}",
9 "objectType": "NAME",
10 "processResultId": "{processResultId}",
11 "providerResult": {
12 "confidence": "0",
13 "name": "dvs",
14 "reference": "{referenceId}",
15 "source": "au-elec-roll",
16 "sourceNormalized": "au-elec-roll"
17 },
18 "supplementaryData": {
19 "matchStrengths": {
20 "fullname": 0,
21 "familyName": 0,
22 "givenName": 0,
23 "otherNames": 0,
24 "firstInitialFamilyName": 0
25 },
26 "fuzziness": {
27 "normalized": 0,
28 "actual": 0
29 }
30 }
31 "requestId": "{requestId}",
32 "result": "NO_MATCH",
33 "schemaVersion": 2,
34 "state": "COMPLETED",
35 "stepName": "KYC",
36 "systemStatus": "VALID",
37 "updatedAt": "2024-07-11T23:57:08.197185Z"
38}

AML screening results are reflected in the result field, which clearly indicates the steps outcome. This field summarizes the steps result, taking into account all the processed data. For instance, if an individual’s details such as name show up on any AML screening lists like PEP or Sanctions lists, the result will be HIT. If not, the result will be CLEAR.

1{
2 "workflowResult": {
3 "workflowStepResults": [
4 {
5 "endedAt": "2024-05-14T04:04:12.66319Z",
6 "objectId": "{objectId}",
7 "objectType": "INDIVIDUAL",
8 "processResults": [...],
9 "requestId": "{requestId}",
10 "result": "CLEAR",
11 "serviceProviders": [
12 {
13 "endedAt": "2024-05-14T04:04:12.663187286Z",
14 "provider": "complyadvantage",
15 "result": "CLEAR",
16 "startedAt": "2024-05-14T04:04:11.849152Z"
17 }
18 ],
19 "startedAt": "2024-05-14T04:04:11.849152Z",
20 "stepData": {...},
21 "stepName": "aml",
22 "stepResultId": "{stepResultId}",
23 "workflowExecutionId": "{workflowExecutionId}"
24 },
25 ]
26 }
27}

processResults exist under the workflow step results for steps that require verification or some sort of checks to be run and differ based on the context of what the check is trying to accomplish. For checks against external data sources, the processResults will aim to capture what exactly has matched against what source. Steps typically return an array of all the individual process results that were used in determining that step’s result.

Take for instance the following example:

1"processResults": [
2 {
3 "class": "AML",
4 "createdAt": "2024-05-14T04:04:12.566065Z",
5 "entityId": "{entityId}",
6 "notes": {...},
7 "objectId": "{objectId}",
8 "objectType": "name",
9 "processResultId": "{processResultId}",
10 "providerResult": {
11 "confidence": "100",
12 "name": "complyadvantage",
13 "reference": "{referenceId}",
14 "riskScore": 0
15 },
16 "result": "HIT",
17 "state": "COMPLETED",
18 "stepName": "pep",
19 "supplementaryData": {...},
20 "systemStatus": "VALID",
21 "updatedAt": "2024-05-14T04:04:12.566065Z"
22 }

The matchedRules field offers a comprehensive breakdown of the rules applied during workflow execution. This field is instrumental in understanding how specific checks were conducted and which data sources were utilized to verify the individual’s information.

To delve deeper into the personal information matched against specific sources, refer to the matchedRules. Typically, a single ruleMatches entry outlines the outcome of a specific rule defined in the workflow.

For example, a rule might stipulate that both a name and either a date of birth or an address must be verified against two independent data sources. The matchTypes field highlights the exact elements verified, while the matchSources field identifies the data sources used for confirmation. Any data sources consulted but yielding no matches will be listed under nonMatchSources.

Matched and Unmatched Rules

The matchedRules and unmatchedRules fields within the KYC workflow step summary share the same structure but differ in their outcomes. matchedRules represents rules successfully matched, while unmatchedRules represents rules that were not.

These rulesets are defined within the KYC workflow step configuration and determine whether the required number of data source matches have been met for each entity element (e.g., name, date of birth, address) for the verification to be considered successful.

By default, at least one matching rule record is provided at the conclusion of a KYC step, offering clarity on whether the verification criteria were satisfied.

Rule Details

Field NameDescriptionDefault ValueExample
ruleNameThe name given to this rule.defaultdefault
ruleOrderThe priority order of this matching rule.11
ruleMatchesThe list of matches that made up this rule.

Rule Matches

Summary of all KYC matches for a given set of criteria.

Field NameDescriptionExample
matchTypesThe match types that this overall count and result refer to.{ "address": { "matchCount": 1, "matchSources": ["au-elec-roll"], "checked": true, "verified": true } }
matchCountNumber of matches for this set of match types.2
matchCountRequiredNumber of distinct matches required for this set of match types.1
hasAllRequiredSourcesMatchedTrue if there was a full complement of required match sources, e.g., electoral roll.true
requiredSourcesMatchedThe list of required sources that did get a match.["au-elec-roll"]
requiredSourcesNotMatchedThe list of required sources that did not get a match.[]
isVerifiedTrue if there are enough matches to meet the matching requirement.false
matchDetailsSummary of matched details.
nonMatchDetailsSummary of non-matched details.

Match Types

The match types that this overall count and result refer to. Currently, one or more of the following:

  • name
  • address
  • dob
  • gender

These will be keys in a map whose values hold the values for the individual match types. For example:

Let’s break down the following match result:

  • name, dob and address were checked as they’re listed under matchTypes
  • Based on the matchCount we can determine how many data sources we were able to match against for each element:
  • name matched against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”)
  • address matched against the Australian Electoral Roll (“au-elec-roll”) only
  • dateOfBirth matched against the Equifax Public Credit Data Header (“au-efax-cdh-pub”)
  • matchCount equals the matchCountRequired which means we were able to find enough matches for a positive result
  • requiredSourcesMatched indicates that the Australian Electoral Roll (“au-elec-roll”) was a source that was required to be matched against, which it was (name, address)
  • isVerified indicates that the match requirements were satisfied based on the rule criteria
1"summary": {
2"matchedRules": [
3{
4 "ruleName": "SafeHarbour2x2",
5 "ruleOrder": 1,
6 "ruleMatches": [
7 {
8 "matchTypes": {
9 "name": {
10 "objectId": "{objectId}",
11 "matchCount": 2,
12 "matchSources": ["au-elec-roll", "au-efax-cdh-pub"],
13 "nonMatchSources": ["au-efax-cdh-consumer"],
14 "isChecked": true,
15 "isVerified": true
16 },
17 "address": {
18 "objectId": "{objectId}",
19 "matchCount": 1,
20 "matchSources": ["au-elec-roll"],
21 "nonMatchSources": ["au-efax-cdh-pub", "au-efax-cdh-consumer"],
22 "isChecked": true,
23 "isVerified": true
24 },
25 "dateOfBirth": {
26 "objectId": "{objectId}",
27 "matchCount": 1,
28 "matchSources": ["au-efax-cdh-pub"],
29 "nonMatchSources": ["au-elec-roll", "au-efax-cdh-consumer"],
30 "isChecked": true,
31 "isVerified": true
32 }
33 },
34 "matchCount": 2,
35 "matchCountRequired": 2,
36 "hasAllRequiredSourcesMatched": true,
37 "requiredSourcesMatched": ["au-elec-roll"],
38 "isVerified": true
39 }
40 ]
41}
42],

Similarly to the matchedRules, the unmatchedRules contains a singular ruleMatches entry detailing the outcome of a particular rule established in the workflow that hasn’t been met.

Let’s break down the following non matched result:

  • name, dob and address were checked as they’re listed under matchTypes
  • Based on the matchCount we can see no matchSources present which tells us that there were no matches.
  • The nonMatchSources lists the sources that were checked against but without a successful match result
  • name didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
  • address didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
  • dateOfBirth didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
  • matchCount doesn’t equal the matchCountRequired which means we weren’t able to find enough matches for a positive result
  • requiredSourcesMatched indicates that the Australian Electoral Roll (“au-elec-roll”) was also a source that was required to be matched against, which wasn’t
  • isVerified indicates that the match requirements weren’t satisfied based on the rule criteria
1"summary": {
2 "unmatchedRules": [
3 {
4 "ruleName": "SafeHarbour2x2",
5 "ruleOrder": 1,
6 "ruleMatches": [
7 {
8 "matchTypes": {
9 "name": {
10 "matchCount": 0,
11 "nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub", "au-efax-cdh-consumer"],
12 "isChecked": true,
13 "isVerified": false
14 },
15 "address": {
16 "matchCount": 0,
17 "nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub", "au-efax-cdh-consumer"],
18 "isChecked": true,
19 "isVerified": false
20 },
21 "dateOfBirth": {
22 "matchCount": 0,
23 "nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub" "au-efax-cdh-consumer"],
24 "isChecked": true,
25 "isVerified": false
26 }
27 },
28 "matchCount": 0,
29 "matchCountRequired": 2,
30 "hasAllRequiredSourcesMatched": false,
31 "requiredSourcesNotMatched": ["au-elec-roll"],
32 "isVerified": false
33 }
34 ]
35 }
36 ]

The workflow risk assessment provides a comprehensive overview of the risk factors associated with the individual entity based on the checks performed during the workflow execution. It includes details such as:

Field NameDescription
serviceProfileIdUnique ID of the service profile.
riskAssessmentIdUnique ID of the risk assessment.
workflowIdUnique ID of the workflow.
workflowExecutionIdUnique ID of the workflow execution.
entityIdUnique ID of the entity.
schemaVersionVersion of the risk assessment summary record schema.
createdAtThe timestamp when the risk assessment was created.
updatedAtThe timestamp when the risk assessment was updated.
updatedByThe user or system that updated this assessment.
updatedRequestIdThe ID of the request that updated this assessment.
workflowRiskScoreThe risk score of the workflow.
workflowRiskLevelThe risk level of the workflow. Possible values: UNKNOWN, LOW, MEDIUM, HIGH, UNACCEPTABLE.
riskScoreThe overall risk score of the entity.
riskLevelThe overall risk level of the entity. Possible values: UNKNOWN, LOW, MEDIUM, HIGH, UNACCEPTABLE.
isOutdatedIndicates whether the assessment is currently out of date. Default: false.

Each risk factor provides additional context about the risks identified during the workflow execution. Below are the details of each risk factor:

Field NameDescription
riskFactorIdUnique ID of the risk factor.
factorFrankie risk factor name.
valueValue of the risk factor.
scoreFrankie-assigned risk score (based on customer configuration).
descriptionDescription of the risk factor.
workflowExecutionIdUnique ID of the workflow execution in which the risk factor was generated.
stepResultIdUnique ID of the step result if the factor came from a step.
manualOverrideScoreIf present, this score overrides the total and is the only one counted in the final score.
statusThe current status of the risk factor. Possible values: VALID, STALE, OVERRIDDEN, DISCARDED.
createdAtThe timestamp when the risk factor was created.
updatedAtThe timestamp when the risk factor was updated.
updatedByThe user or system that updated this risk factor.
updatedRequestIdThe ID of the request that updated this risk factor.
createdServiceProfileIdThe ID of the service profile associated with this risk factor when it was created.
createdWorkflowExecutionIdWorkflow execution identifier that originally created the risk factor.
createdStepResultIdStep result identifier that originally created the risk factor.

The status field provides additional context about the risk factor:

  • VALID: The risk factor is applicable for the entity.
  • STALE: The risk factor is no longer applicable for the entity.
  • OVERRIDDEN: The risk factor was manually overridden, and the manualOverrideScore (if present) was used for the risk score calculation.
  • DISCARDED: The risk factor was added during the workflow execution but discarded later in the same workflow.

Best Practices for Integration

  • Check workflowExecutionState first: Always confirm the workflow COMPLETED before parsing the status.
  • Automate based on status: Use the top-level status field for your primary business logic (e.g., approve account, deny account, flag for review).
  • Debug with workflowStepResults: When you get an unexpected FAIL or REVIEW, loop through the workflowStepResults to find which stepName has a non-passing result. The summary and processResults within that step will tell you why.
  • Log the workflowExecutionId: This ID is your key for auditing, support queries, and correlating results.