Interpreting Workflows | FrankieOne

Understanding the Workflow Response

After executing a workflow, the API returns a comprehensive workflowResult object. This object is the key to understanding the outcome of every check performed. This guide provides a structured, top-down walkthrough of how to parse this response, using a real-world example to illustrate each part of the object.

View Full API Response Example

The examples in this guide refer to the following API response for workflow execution 01JZHEX5FQA4DJB0MMJFZR26JS. Click to expand and see the full structure.

1 {
2     "individual": {
3         "entityId": "99f16410-2613-4181-8cf1-048625900013",
4         "name": { "displayName": "MARY TESTFOURTEEN", ... },
5         ...
6     },
7     "requestId": "01JZHEX0WX2QEM6EY139D5NNP1",
8     "workflowResult": {
9         "workflowExecutionId": "01JZHEX5FQA4DJB0MMJFZR26JS",
10         "workflowExecutionState": "COMPLETED",
11         "status": "PASS",
12         "result": "PASS",
13         "riskAssessment": {
14             "riskLevel": "LOW",
15             "riskScore": 12,
16             "riskFactors": [ { "factor": "entity_type", "value": "INDIVIDUAL", "score": 2 }, { "factor": "entity_age", "value": "62", "score": 10 } ]
17         },
18         "steps": {
19             "passed": [ "START", "MATCHLIST", "KYC", "AML", "DECISION", "FINISH" ],
20             "failed": [ "IDV" ],
21             "order": [ "START", "MATCHLIST", "KYC", "IDV", "AML", "TOGGLE_MONITORING", "DECISION", "FINISH" ],
22             ...
23         },
24         "issues": [],
25         "workflowStepResults": [
26             {
27                 "stepName": "KYC",
28                 "result": "MATCH",
29                 "processResults": [
30                     {
31                         "class": "KYC",
32                         "objectType": "NAME",
33                         "result": "MATCH",
34                         "providerResult": {
35                             "name": "con_testbed-docs",
36                             "source": "au-govid1-pp"
37                         },
38                         ...
39                     }
40                 ],
41                 "summary": {
42                     "matchedRules": [
43                         {
44                             "ruleName": "gov_id_only",
45                             "isVerified": true,
46                             "matchDetails": [
47                                 {
48                                     "provider": "con_testbed-docs",
49                                     "source": "au-govid1-pp",
50                                     "attributesMatched": [ "dateOfBirth", "govId", "name" ]
51                                 }
52                             ]
53                         }
54                     ]
55                 },
56                 ...
57             },
58             ...
59         ]
60     }
61 }

Part 1: The Overall Outcome (The Final Verdict)

Always start by checking the top-level fields of the workflowResult object. These give you the final, authoritative outcome.

Field Name	Importance	Description
status	‼️	This is the most important field. It is the conclusive recommendation (e.g., PASS, FAIL, REVIEW), including any manual overrides. Base your business logic on this value.
workflowExecutionState	‼️	This confirms the workflow’s technical status. It must be COMPLETED. If it’s anything else (e.g., ERROR), the workflow did not finish, and the status is not final.
result	⚠️	This represents the original, automated outcome of the workflow before any manual overrides. Useful for auditing.
issues	⚠️	An array of problems that may require manual review. If the status is REVIEW, this array will contain the specific reasons why. An empty array, as seen in our example, is a good sign.

In our example, the status is PASS and workflowExecutionState is COMPLETED, so we can confidently treat this as a successful verification.

Part 2: The Step-by-Step Breakdown (workflowStepResults)

The workflowStepResults array shows the outcome of each individual check and explains why the overall status was reached. Each object in this array corresponds to a step in your workflow.

Analyzing the KYC Step From our full example, let’s inspect the KYC step object.

JSON

1 {
2     "stepName": "KYC",
3     "result": "MATCH",
4     "summary": {
5         "matchedRules": [
6             {
7                 "ruleName": "gov_id_only",
8                 "isVerified": true,
9                 "matchDetails": [
10                     {
11                         "provider": "con_testbed-docs",
12                         "source": "au-govid1-pp",
13                         "attributesMatched": [
14                             "dateOfBirth",
15                             "govId",
16                             "name"
17                         ]
18                     }
19                 ]
20             }
21         ]
22     },
23     "processResults": [...]
24 }

The step result is MATCH, indicating a successful verification.

The summary.matchedRules object shows exactly how the MATCH was achieved. In this case, the gov_id_only rule was satisfied by matching the name, dateOfBirth, and govId against the au-govid1-pp data source (the passport check).

Part 3: The Granular Evidence (processResults)

For the deepest level of detail, look inside a workflowStepResult at its processResults array. A Process Result Object (PRO) is the raw evidence from a single check against a single data source.

Example: A Single Process Result This PRO is one of three from the KYC step in our full example. It shows the NAME being matched.

JSON

1 {
2     "processResultId": "01JZ4H0P59KGQR9DZCWZ6JQRY0",
3     "class": "KYC",
4     "objectType": "NAME",
5     "result": "MATCH",
6     "state": "COMPLETED",
7     "systemStatus": "VALID",
8     "providerResult": {
9         "name": "con_testbed-docs",
10         "source": "au-govid1-pp"
11     },
12     "supplementaryData": {
13         "type": "KYC_NAME",
14         "matchStrengths": {
15             "fullName": 75,
16             "familyName": 75,
17             "givenName": 75
18         }
19     }
20 }

This tells us that for the NAME object, the con_testbed-docs provider returned a MATCH from the au-govid1-pp source. The supplementaryData shows the match strength scores for each part of the name.

Part 4: The Risk Profile (riskAssessment)

The riskAssessment object provides a comprehensive overview of the calculated risk based on the checks performed.

From our example:

JSON

1 "riskAssessment": {
2     "riskLevel": "LOW",
3     "riskScore": 12,
4     "riskFactors": [
5         {
6             "factor": "entity_type",
7             "value": "INDIVIDUAL",
8             "score": 2
9         },
10         {
11             "factor": "entity_age",
12             "value": "62",
13             "score": 10
14         }
15     ]
16 }

riskLevel: The final risk rating is LOW.
riskScore: The total score is 12.
riskFactors: This score was calculated from two factors: the entity_type contributing a score of 2, and the entity_age contributing a score of 10.

Appendix: Broader Definitions for Key Data Objects

For a deeper understanding of the data objects used in workflows, refer to the following sections:

Workflow Result Object

After executing a workflow, the results provide comprehensive insights into the outcomes of the checks performed. Each workflow consists of multiple steps, such as Know Your Customer (KYC) checks, Anti-Money Laundering (AML) screenings, Identity Verification (IDV), and risk assessments. Each step autonomously documents its findings, contributing to the overall workflow result.

To simplify reporting, step outcomes are grouped by category, ensuring that identical steps are aggregated and presented as a unified result. For example, KYC checks may be performed multiple times using various service providers and configurations, but the results are consolidated into a single step outcome that reflects the combined assessments. Below are the key fields and their significance:

Field name	Description	Importance
status	Indicates whether the individual passed all workflow requirements, providing a conclusive recommendation based on the checks performed. It also accounts for manual interventions, such as overriding the result outside the workflow.	‼️
statusOverrideAt	The UTC timestamp indicating when the `status` was manually overridden outside the workflow execution.	ℹ️
statusOverrideRequestId	The unique `requestId` of the request that manually overrode the `status` outside the workflow execution.	ℹ️
statusOverrideBy	The value of the `X-Frankie-Username` header in the request that manually overrode the `status` outside the workflow execution.	ℹ️
result	Represents the original outcome of the workflow at its completion. If manually overridden, this value may differ from the `status`.	⚠️
workflowExecutionState	Indicates whether the workflow executed to completion. A state other than “COMPLETED” suggests the workflow did not finish, and the result should be interpreted with caution.	‼️
workflowStepResults	A detailed list of all steps executed as part of the workflow, along with their individual outcomes.	⚠️
riskAssessment	Summarizes all risk factors encountered during workflow execution and the overall risk level of the entity based on those factors.	⚠️
issues	A summary of issues encountered during workflow execution, such as errors, insufficient data, or failed verifications. Typically present only if checks failed.	⚠️
workflowExecutionId	A unique identifier for the workflow execution, generated when the workflow is triggered.	ℹ️
serviceProfileId	The unique identifier of the service profile associated with the workflow execution, derived from the `serviceName` in the API request path.	ℹ️
workflowId	The unique ID of the executed workflow, derived from the `workflowName` in the API request path.	ℹ️
workflowName	The name of the executed workflow, derived from the `workflowName` in the API request path.	ℹ️
steps	A list of steps executed as part of the workflow.	ℹ️
entityType	Specifies the type of entity for which the workflow was executed, either `INDIVIDUAL` or `ORGANIZATION`.	ℹ️
errors	Lists any errors encountered during workflow execution.	⚠️
requestId	The unique identifier of the request that triggered the workflow execution.	ℹ️
entityId	The unique identifier of the individual or organization for which the workflow was executed.	ℹ️
startedAt	The timestamp indicating when the workflow execution began.	ℹ️
endedAt	The timestamp indicating when the workflow execution completed.	ℹ️
createdAt	The timestamp indicating when the process result was created.	ℹ️
updatedAt	The timestamp indicating when the process result was last updated.	ℹ️
updatedBy	Identifies who last updated the workflow execution, based on the `X-Frankie-Username` header of the request.	ℹ️
schemaVersion	Specifies the version of the schema returned, which is always 2 in the FrankieOne v2.x API.	ℹ️
notes	Captures any additional notes recorded during the workflow execution.	ℹ️

The statusOverrideAt field can be used to determine if the status was manually overridden.

Workflow Statuses & Results

Workflow execution statuses provide insights into the current state of the workflow. Workflow execution results provide insights into the final outcome of the workflow. Below are the possible statuses and results:

`status` or `result`	Outcome of a workflow execution. Results or Status can be one of:
UNCHECKED	The workflow has yet to be run and has no result.
IN_PROGRESS	The workflow is currently running and is awaiting completion.
REVIEW	The outcome of the workflow has produced results that require review. Check the risks and step results for more.
PASS	The workflow successfully completed to produce a PASS recommendation.
FAIL	The workflow finished with the recommendation being a FAIL.
COMPLETE	The workflow has finished and the results are considered to be complete. A PASS/FAIL in this case is not required.
INCOMPLETE	The workflow has finished and the results are considered to be incomplete. A PASS/FAIL in this case is not required.
NEEDS_APPROVAL	The workflow has reached a point where an approval process needs to be run. Once done, you should re-run this workflow.
APPROVED	The workflow has been run with the final outcome being approved, most likely by an external source, such as a human.
REJECTED	The workflow has been run with the final outcome being rejected, most likely by an external source, such as a human.
BLOCKED	The workflow has been blocked from completing. Manual review will be required.
CLEAR	The workflow has completed and there are no issues raised. Often used with ongoing monitoring workflows.
URGENT	The workflow has completed and there are matters deemed to require urgent review. Often used with ongoing monitoring workflows that return sanctions or similarly critical items of interest.
MONITOR	The workflow has completed and it is determined that further monitoring is required. Should be manually reviewed.

Workflow Steps

Each workflow consists of multiple steps, each representing a specific check or process. Below are common steps and their possible outcomes:

Step Name	Description	Possible Outcomes
START	Indicates the workflow has started.	`COMPLETE`
KYC	Performs identity verification checks.	`MATCH`, `NO_MATCH`
AML	Screens for AML risks.	`CLEAR`, `HIT`
RISK	Assesses the risk from the workflow steps.	`COMPLETE`
DECISION	Determines the final workflow outcome.	`PASS`, `FAIL`, `REVIEW`
FINISH	Indicates the workflow has completed.	`COMPLETE`

Supplementary Steps

Start Step

The start step signifies the successful initiation of the workflow. To confirm that the workflow started without issues, check if the execution result includes a start step with a result of COMPLETE. Typically, no processResults are expected for this step.

Decision Step

The decision step serves as a pivotal point in the workflow, determining its final status—PASS, FAIL, or REVIEW. This decision is based on the outcomes of the preceding steps. For example, if all prior steps were executed successfully and all checks were cleared, the workflow is typically marked as PASS. Conversely, if any step encountered an issue, such as a failed verification, the workflow is likely marked as FAIL. It is important to note that these statuses can be customized within the workflow builder.

Risk Step

The risk step in the workflow is a mandatory checkpoint for risk assessment. It doesn’t result in a pass or fail status. Instead, it’s simply marked as “COMPLETED” once a risk evaluation has been conducted. This step ensures that risks are always considered in the process, without directly affecting the workflow’s status. While the risk assessment itself doesn’t change the workflow, the information gathered may be useful for later steps.

Finish Step

The finish step indicates whether the workflow has completed successfully. This means all results have been collected and stored, ready for further analysis. To verify that the workflow finished without issues, look for a result of COMPLETE. Note that this only confirms the workflow’s completion, not the success of individual checks or the absence of errors. Typically, no processResults are generated for this step.

Workflow Step Results

The table below represents the overall result of a workflow step. Each value provides a specific status or outcome of the step, depending on the context and its intended operation:

Result	Description
UNCHECKED	The step was not attempted, typically due to a failure in a previous step. An error or message will indicate the reason.
SKIPPED	The step was skipped because it was unnecessary to run or had already been completed with acceptable results.
MISSING_DATA	The step requires additional data to complete. Details will be provided in the associated error objects.
PASS	The step completed successfully, meeting the requested goals. Often used for binary outcomes or manually applied results.
FAIL	The step completed but did not meet the requested goals. Often used for binary outcomes or manually applied results.
COMPLETE	The step finished successfully without a specific pass/fail scenario, indicating that the required process was completed.
INCOMPLETE	The step was unable to finish successfully without a specific pass/fail scenario, indicating that the required process was not completed.
MATCH	The step produced a fully successful match against the requested source(s).
NO_MATCH	The step produced no match against the requested source(s).
PARTIAL	The step produced a partially successful match against the requested source(s).
CLEAR	The step checked against a list/source (generally negative in nature) and found no match, which is a positive outcome.
HIT	The step checked against a list/source (generally negative in nature) and found a match.
CLEARED	The step resolved previously found matches against a list/source (generally negative in nature).
EXPIRED	The data found in this step has expired.
NOT_APPLICABLE	The step was determined to be unnecessary, such as checking for a visa when the individual is already a citizen of the country.
ERROR	The step encountered an unrecoverable error, preventing a useful result from being determined.

Service Provider Result

The KYC workflow step reflects the overall outcome from the service provider, represented by the serviceProviders.result field.

1 {
2     "workflowResult": {
3         "workflowStepResults": [
4             {
5                 "endedAt": "2024-05-14T04:04:12.663190Z",
6                 "objectId": "{objectId}",
7                 "objectType": "INDIVIDUAL",
8                 "processResults": [...],
9                 "requestId": "{requestId}",
10                 "result": "MATCH",
11                 "serviceProviders": [
12                     {
13                         "endedAt": "2024-05-14T04:04:12.663187286Z",
14                         "provider": "dvs",
15                         "result": "MATCH",
16                         "startedAt": "2024-05-14T04:04:11.849152Z"
17                     }
18                 ],
19                 "startedAt": "2024-05-14T04:04:11.849152Z",
20                 "stepData": {...},
21                 "stepName": "kyc",
22                 "stepResultId": "{stepResultId}",
23                 "workflowExecutionId": "{workflowExecutionId}"
24             }
25         ]
26     }
27 }

Step Summaries

The workflow step summary provides a concise overview of the results of each step executed as part of the workflow. It can include one of the following summaries:

Summary	Description
Start	Indicates the initiation of the workflow and its readiness for execution.
KYC	Provides a summary of the identity verification checks performed during the KYC step.
ID	Details the results of identity document verification, such as passport or driver’s license checks.
NameValidation	Summarizes the validation of the individual’s name against provided documents or databases.
Visa	Provides results of visa checks, including validity and compliance with immigration requirements.
AML	Summarizes the results of the AML screening process, including any matches or clearances.
Matchlist	Details the results of matchlist checks, such as PEP or sanctions screening.
Duplicate	Summarizes checks for duplicate records or entities within the system.
Decision	Summarizes the final decision made during the workflow, such as PASS, FAIL, or REVIEW.
Finish	Marks the completion of the workflow, summarizing the overall execution status.

Each summary provides insights into the specific checks performed during the workflow execution, allowing organizations to assess the effectiveness of their KYC processes and make informed decisions based on the results. For more details on each step, refer to the public API documentation.

Process Results: Data Source Match Details

Credit Header Failure Result

In FrankieOne v2, the credit header failure result can be found under processResults[].notes, where the class is KYC and the kvpKey follows the same format: Important.CreditBureauMatch.X, with X being either Equifax or Experian.

KYC match details are represented as processResults existing under the workflow step results for steps that require verification or checks to be run. These details vary based on the context of what the check is trying to accomplish. For checks against external data sources, the processResults aim to capture what exactly has matched against which source. Steps typically return an array of all the individual process results that were used in determining that step’s result.

After a KYC step has been executed, various elements require examination to determine the final outcome.

Legend for Importance

Symbol	Description
⚠️	Context on why the entity may have passed or failed.
ℹ️	Information-only, no contribution to whether the entity has passed or failed.
‼️	Results that determine whether the entity has passed or failed, or if the workflow failed to execute to completion.

When a process result object is first created, it is assigned an ID. When updating the process result object, make sure you set the processResultID to the ID of the process result object you are referring to

Field Name	Description	Importance
processResultId	Represents the unique identifier of the process result.	ℹ️
schemaVersion	The version of the schema returned.	ℹ️
entityId	The unique identifier of the entity associated with the process result.	ℹ️
requestId	The unique request ID for the API call made. Example: `01HN9XHZN6MGXM9JXG50K59Q85`.	ℹ️
stepName	The name of the workflow step that generated this process result.	ℹ️
stepType	The type of the workflow step that generated this process result.	ℹ️
objectType	The type of object being checked (e.g., `INDIVIDUAL`, `DOCUMENT`).	ℹ️
objectId	The unique identifier of the object being checked.	ℹ️
createdAt	The timestamp when the process result was created.	ℹ️
updatedAt	The timestamp when the process result was last updated.	ℹ️
groupId	A unique identifier tying related process results together.	ℹ️
providerResult	Details about the provider’s result, including confidence, name, reference, and source.	⚠️
result	The actual pass/fail result of the element check.	⚠️
class	Provides more clarity of the result class, especially for more generic element types like `person`.	ℹ️
supplementaryData	Additional data related to the process result.	ℹ️
errors	Any errors encountered as part of the process.	⚠️
notes	Additional notes or context about the process result.	ℹ️
systemStatus	Indicates the system status applied to the process result. Default: `VALID`.	⚠️
manualStatus	Any manual status set after the results have been reviewed.	⚠️
state	Denotes the final disposition of this element’s check result. Possible values: `IN_PROGRESS`, `COMPLETED`, `TIMEOUT`, `ERROR`.	⚠️
riskFactors	Any risk factors identified during the process.	⚠️
updatedBy	The user or system that last updated the process result.	ℹ️

Example: KYC Data Source Match Details

Process Result Objects (PROs) encapsulate the outcomes of specific processes (check, comparison, verification etc.). They play a crucial role in evaluating the overall outcome of relevant workflow steps.

Let’s break down the following KYC process result:

The class is “KYC” which indicates the process is in relation to a KYC database verification check.
The address of the entity has been successfully verified against the Australian Electoral Roll:
- Based on the objectType we can see that the specific element checked was an “ADDRESS”
- The providerResult array contains the details of the service provider that the entity was checked against:
  - The service provider is the Document Verification Service as indicated by the name field (“dvs”)
  - The specific data source that was checked is the Australian Electoral Roll as indicated by the source (“au-elec-roll”) and sourceNormalized (“au-elec-roll”) fields
- The result is “MATCH” indicating that the address was successfully matched.
The check was completed successfully (state is “COMPLETED”) and hasn’t yet been invalidated in any way (systemStatus is “VALID”), therefore it’s safe to determine that the process ran to completion and was indeed used in determining the successful result.
There has been no manual status applied to the process (due to the absence of a manualStatus field)

1 "processResults": [
2 {
3 	"class": "KYC",
4 	"createdAt": "2024-07-11T23:57:08.197185Z",
5 	"entityId": "{entityId}",
6 	"groupId": "{groupId}",
7 	"notes": {...},
8 	"objectId": "{objectId}",
9 	"objectType": "ADDRESS",
10 	"processResultId": "{processResultId}",
11 	"providerResult": {
12 		"confidence": "100",
13 		"name": "dvs",
14 		"reference": "{referenceId",
15 		"source": "au-elec-roll",
16 		"sourceNormalized": "au-elec-roll"
17 	},
18 	"supplementaryData": {
19 		"matchStrengths": {
20 			"fullAddress": 100,
21 			"streetNumber": 100,
22 			"streetName": 100
23 			"streetType": 100,
24 			"locality": 100,
25 			"district": 100,
26 			"subdivision": 100,
27 			"postalCode": 100,
28 			"country": 100,
29 		},
30 		"fuzziness": {
31 			"normalized": 0,
32 			"actual": 0
33 		},
34 		"wasNameMatchStrongEnough": true
35 	},
36 	"requestId": "{requestId}",
37 	"result": "MATCH",
38 	"schemaVersion": 2,
39 	"state": "COMPLETED",
40 	"stepName": "KYC",
41 	"systemStatus": "VALID",
42 	"updatedAt": "2024-07-11T23:57:08.197185Z"
43 }

Example: KYC Data Source Non-Match Details

Similar to Process Results (PROs) for KYC database verification matches, process results that result in no match will be generated during step execution and will provide insights into why the data source could NOT be matched.

Let’s break down the following KYC process result:

The class is “KYC” which indicates the process is in relation to a KYC database verification check.
The address of the entity has been checked but wasn’t verified against the Australian Electoral Roll:
- Based on the objectType we can see that the specific element checked was an “NAME”
- The providerResult array contains the details of the service provider that the entity was checked against:
  - The service provider is the Document Verification Service as indicated by the name field (“dvs”)
  - The specific data source that was checked is the Australian Electoral Roll as indicated by the source (“au-elec-roll”) and sourceNormalized (“au-elec-roll”) fields
- The result is “MATCH” indicating that the address was successfully matched.
The matchStrengths within supplementaryData shows that no part of the name matched at all.
The fuzziness within supplementaryData shows that an exact match (normalized as “0”) was required, potentially restricting any passable partial matching (“Sarah”, “Sara”).
The check was completed successfully (state is “COMPLETED”) and hasn’t yet been invalidated in any way (systemStatus is “VALID”), therefore it’s safe to determine that the process ran to completion and was indeed used in determining the successful result.
There has been no manual status applied to the process (due to the absence of a manualStatus field).

1 "processResults": [
2 {
3 	"class": "KYC",
4 	"createdAt": "2024-07-11T23:57:08.197185Z",
5 	"entityId": "{entityId}",
6 	"groupId": "{groupId}",
7 	"notes": {...},
8 	"objectId": "{objectId}",
9 	"objectType": "NAME",
10 	"processResultId": "{processResultId}",
11 	"providerResult": {
12 		"confidence": "0",
13 		"name": "dvs",
14 		"reference": "{referenceId}",
15 		"source": "au-elec-roll",
16 		"sourceNormalized": "au-elec-roll"
17 	},
18 	"supplementaryData": {
19 		"matchStrengths": {
20 			"fullname": 0,
21 			"familyName": 0,
22 			"givenName": 0,
23 			"otherNames": 0,
24 			"firstInitialFamilyName": 0
25 		},
26 		"fuzziness": {
27 			"normalized": 0,
28 			"actual": 0
29 		}
30 	}
31 	"requestId": "{requestId}",
32 	"result": "NO_MATCH",
33 	"schemaVersion": 2,
34 	"state": "COMPLETED",
35 	"stepName": "KYC",
36 	"systemStatus": "VALID",
37 	"updatedAt": "2024-07-11T23:57:08.197185Z"
38 }

Example: AML Screening & Match Details

AML screening results are reflected in the result field, which clearly indicates the steps outcome. This field summarizes the steps result, taking into account all the processed data. For instance, if an individual’s details such as name show up on any AML screening lists like PEP or Sanctions lists, the result will be HIT. If not, the result will be CLEAR.

1 {
2     "workflowResult": {
3         "workflowStepResults": [
4             {
5                 "endedAt": "2024-05-14T04:04:12.66319Z",
6                 "objectId": "{objectId}",
7                 "objectType": "INDIVIDUAL",
8                 "processResults": [...],
9                 "requestId": "{requestId}",
10                 "result": "CLEAR",
11                 "serviceProviders": [
12                     {
13                         "endedAt": "2024-05-14T04:04:12.663187286Z",
14                         "provider": "complyadvantage",
15                         "result": "CLEAR",
16                         "startedAt": "2024-05-14T04:04:11.849152Z"
17                     }
18                 ],
19                 "startedAt": "2024-05-14T04:04:11.849152Z",
20                 "stepData": {...},
21                 "stepName": "aml",
22                 "stepResultId": "{stepResultId}",
23                 "workflowExecutionId": "{workflowExecutionId}"
24             },
25         ]
26     }
27 }

processResults exist under the workflow step results for steps that require verification or some sort of checks to be run and differ based on the context of what the check is trying to accomplish. For checks against external data sources, the processResults will aim to capture what exactly has matched against what source. Steps typically return an array of all the individual process results that were used in determining that step’s result.

Take for instance the following example:

1 "processResults": [
2 	{
3 		"class": "AML",
4 		"createdAt": "2024-05-14T04:04:12.566065Z",
5 		"entityId": "{entityId}",
6 		"notes": {...},
7 		"objectId": "{objectId}",
8 		"objectType": "name",
9 		"processResultId": "{processResultId}",
10 		"providerResult": {
11 			"confidence": "100",
12 			"name": "complyadvantage",
13 			"reference": "{referenceId}",
14 			"riskScore": 0
15 		},
16 		"result": "HIT",
17 		"state": "COMPLETED",
18 		"stepName": "pep",
19 		"supplementaryData": {...},
20 		"systemStatus": "VALID",
21 		"updatedAt": "2024-05-14T04:04:12.566065Z"
22 	}

KYC Matching Rule Results

The matchedRules field offers a comprehensive breakdown of the rules applied during workflow execution. This field is instrumental in understanding how specific checks were conducted and which data sources were utilized to verify the individual’s information.

To delve deeper into the personal information matched against specific sources, refer to the matchedRules. Typically, a single ruleMatches entry outlines the outcome of a specific rule defined in the workflow.

For example, a rule might stipulate that both a name and either a date of birth or an address must be verified against two independent data sources. The matchTypes field highlights the exact elements verified, while the matchSources field identifies the data sources used for confirmation. Any data sources consulted but yielding no matches will be listed under nonMatchSources.

Matched and Unmatched Rules

The matchedRules and unmatchedRules fields within the KYC workflow step summary share the same structure but differ in their outcomes. matchedRules represents rules successfully matched, while unmatchedRules represents rules that were not.

These rulesets are defined within the KYC workflow step configuration and determine whether the required number of data source matches have been met for each entity element (e.g., name, date of birth, address) for the verification to be considered successful.

By default, at least one matching rule record is provided at the conclusion of a KYC step, offering clarity on whether the verification criteria were satisfied.

Rule Details

Field Name	Description	Default Value	Example
ruleName	The name given to this rule.	`default`	`default`
ruleOrder	The priority order of this matching rule.	`1`	`1`
ruleMatches	The list of matches that made up this rule.

Rule Matches

Summary of all KYC matches for a given set of criteria.

Field Name	Description	Example
matchTypes	The match types that this overall count and result refer to.	`{ "address": { "matchCount": 1, "matchSources": ["au-elec-roll"], "checked": true, "verified": true } }`
matchCount	Number of matches for this set of match types.	`2`
matchCountRequired	Number of distinct matches required for this set of match types.	`1`
hasAllRequiredSourcesMatched	True if there was a full complement of required match sources, e.g., electoral roll.	`true`
requiredSourcesMatched	The list of required sources that did get a match.	`["au-elec-roll"]`
requiredSourcesNotMatched	The list of required sources that did not get a match.	`[]`
isVerified	True if there are enough matches to meet the matching requirement.	`false`
matchDetails	Summary of matched details.
nonMatchDetails	Summary of non-matched details.

Match Types

The match types that this overall count and result refer to. Currently, one or more of the following:

name
address
dob
gender

These will be keys in a map whose values hold the values for the individual match types. For example:

KYC Example 1

Let’s break down the following match result:

name, dob and address were checked as they’re listed under matchTypes
Based on the matchCount we can determine how many data sources we were able to match against for each element:
name matched against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”)
address matched against the Australian Electoral Roll (“au-elec-roll”) only
dateOfBirth matched against the Equifax Public Credit Data Header (“au-efax-cdh-pub”)
matchCount equals the matchCountRequired which means we were able to find enough matches for a positive result
requiredSourcesMatched indicates that the Australian Electoral Roll (“au-elec-roll”) was a source that was required to be matched against, which it was (name, address)
isVerified indicates that the match requirements were satisfied based on the rule criteria

1 "summary": {
2 "matchedRules": [
3 {
4     "ruleName": "SafeHarbour2x2",
5     "ruleOrder": 1,
6     "ruleMatches": [
7     {
8         "matchTypes": {
9         "name": {
10             "objectId": "{objectId}",
11             "matchCount": 2,
12             "matchSources": ["au-elec-roll", "au-efax-cdh-pub"],
13             "nonMatchSources": ["au-efax-cdh-consumer"],
14             "isChecked": true,
15             "isVerified": true
16         },
17         "address": {
18             "objectId": "{objectId}",
19             "matchCount": 1,
20             "matchSources": ["au-elec-roll"],
21             "nonMatchSources": ["au-efax-cdh-pub", "au-efax-cdh-consumer"],
22             "isChecked": true,
23             "isVerified": true
24         },
25         "dateOfBirth": {
26             "objectId": "{objectId}",
27             "matchCount": 1,
28             "matchSources": ["au-efax-cdh-pub"],
29             "nonMatchSources": ["au-elec-roll", "au-efax-cdh-consumer"],
30             "isChecked": true,
31             "isVerified": true
32         }
33         },
34         "matchCount": 2,
35         "matchCountRequired": 2,
36         "hasAllRequiredSourcesMatched": true,
37         "requiredSourcesMatched": ["au-elec-roll"],
38         "isVerified": true
39     }
40     ]
41 }
42 ],

KYC Example 2

Similarly to the matchedRules, the unmatchedRules contains a singular ruleMatches entry detailing the outcome of a particular rule established in the workflow that hasn’t been met.

Let’s break down the following non matched result:

name, dob and address were checked as they’re listed under matchTypes
Based on the matchCount we can see no matchSources present which tells us that there were no matches.
The nonMatchSources lists the sources that were checked against but without a successful match result
name didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
address didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
dateOfBirth didn’t match against the Australian Electoral Roll (“au-elec-roll”) and Equifax Public Credit Data Header (“au-efax-cdh-pub”) or Equifax Consumer Credit Data Header (“au-efax-cdh-consumer”)
matchCount doesn’t equal the matchCountRequired which means we weren’t able to find enough matches for a positive result
requiredSourcesMatched indicates that the Australian Electoral Roll (“au-elec-roll”) was also a source that was required to be matched against, which wasn’t
isVerified indicates that the match requirements weren’t satisfied based on the rule criteria

1 "summary": {
2   "unmatchedRules": [
3 	{
4 	  "ruleName": "SafeHarbour2x2",
5 	  "ruleOrder": 1,
6 	  "ruleMatches": [
7 		{
8 		  "matchTypes": {
9 				"name": {
10 			  	"matchCount": 0,
11 			  	"nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub", "au-efax-cdh-consumer"],
12 			  	"isChecked": true,
13 			  	"isVerified": false
14 			},
15  			"address": {
16 			  "matchCount": 0,
17 			  "nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub", "au-efax-cdh-consumer"],
18 			  "isChecked": true,
19 			  "isVerified": false
20 			},
21  			"dateOfBirth": {
22 			  "matchCount": 0,
23 			  "nonMatchSources": ["au-elec-roll", "au-efax-cdh-pub" "au-efax-cdh-consumer"],
24 			  "isChecked": true,
25 			  "isVerified": false
26 			}
27 		  },
28 		  "matchCount": 0,
29 		  "matchCountRequired": 2,
30 		  "hasAllRequiredSourcesMatched": false,
31 		  "requiredSourcesNotMatched": ["au-elec-roll"],
32 		  "isVerified": false
33 		}
34 	  ]
35 	}
36   ]

Workflow Risk Assessment

The workflow risk assessment provides a comprehensive overview of the risk factors associated with the individual entity based on the checks performed during the workflow execution. It includes details such as:

Field Name	Description
serviceProfileId	Unique ID of the service profile.
riskAssessmentId	Unique ID of the risk assessment.
workflowId	Unique ID of the workflow.
workflowExecutionId	Unique ID of the workflow execution.
entityId	Unique ID of the entity.
schemaVersion	Version of the risk assessment summary record schema.
createdAt	The timestamp when the risk assessment was created.
updatedAt	The timestamp when the risk assessment was updated.
updatedBy	The user or system that updated this assessment.
updatedRequestId	The ID of the request that updated this assessment.
workflowRiskScore	The risk score of the workflow.
workflowRiskLevel	The risk level of the workflow. Possible values: `UNKNOWN`, `LOW`, `MEDIUM`, `HIGH`, `UNACCEPTABLE`.
riskScore	The overall risk score of the entity.
riskLevel	The overall risk level of the entity. Possible values: `UNKNOWN`, `LOW`, `MEDIUM`, `HIGH`, `UNACCEPTABLE`.
isOutdated	Indicates whether the assessment is currently out of date. Default: `false`.

Risk Factors

Each risk factor provides additional context about the risks identified during the workflow execution. Below are the details of each risk factor:

Field Name	Description
riskFactorId	Unique ID of the risk factor.
factor	Frankie risk factor name.
value	Value of the risk factor.
score	Frankie-assigned risk score (based on customer configuration).
description	Description of the risk factor.
workflowExecutionId	Unique ID of the workflow execution in which the risk factor was generated.
stepResultId	Unique ID of the step result if the factor came from a step.
manualOverrideScore	If present, this score overrides the total and is the only one counted in the final score.
status	The current status of the risk factor. Possible values: `VALID`, `STALE`, `OVERRIDDEN`, `DISCARDED`.
createdAt	The timestamp when the risk factor was created.
updatedAt	The timestamp when the risk factor was updated.
updatedBy	The user or system that updated this risk factor.
updatedRequestId	The ID of the request that updated this risk factor.
createdServiceProfileId	The ID of the service profile associated with this risk factor when it was created.
createdWorkflowExecutionId	Workflow execution identifier that originally created the risk factor.
createdStepResultId	Step result identifier that originally created the risk factor.

The status field provides additional context about the risk factor:

VALID: The risk factor is applicable for the entity.
STALE: The risk factor is no longer applicable for the entity.
OVERRIDDEN: The risk factor was manually overridden, and the manualOverrideScore (if present) was used for the risk score calculation.
DISCARDED: The risk factor was added during the workflow execution but discarded later in the same workflow.

Best Practices for Integration

Check workflowExecutionState first: Always confirm the workflow COMPLETED before parsing the status.
Automate based on status: Use the top-level status field for your primary business logic (e.g., approve account, deny account, flag for review).
Debug with workflowStepResults: When you get an unexpected FAIL or REVIEW, loop through the workflowStepResults to find which stepName has a non-passing result. The summary and processResults within that step will tell you why.
Log the workflowExecutionId: This ID is your key for auditing, support queries, and correlating results.