Continuous Monitoring

Continuous monitoring provides ongoing compliance surveillance for customer transactions. Unlike one-time onboarding checks, this module screens transactions against sanctions lists and PEP databases on an ongoing basis, generates risk alerts, and provides a resolution workflow.

How It Works

1. A scheduled job or manual trigger screens transactions within a date range.
2. Transactions matching watchlist criteria generate alerts with a risk level.
3. Compliance officers review and resolve alerts through the management API.

Trigger Screening
  │
  ▼
Match Against Watchlists (sanctions, PEPs, adverse media)
  │
  ▼
Generate Alerts (HIGH / MEDIUM / LOW)
  │
  ▼
Review & Resolve (CLEARED / ESCALATED / BLOCKED)

Trigger Screening

Run a compliance screening pass over transactions in a date range, optionally filtering by minimum amount.

POST /api/v1/monitoring/continuous-screening

cURL

curl -X POST https://api.korastratum.com/api/v1/cba/monitoring/continuous-screening \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Tenant-ID: demo_bank" \
  -H "Content-Type: application/json" \
  -d '{
    "date_from": "2026-04-01",
    "date_to": "2026-04-07",
    "min_amount": 1000000.00
  }'

Node.js

const screening = await cbaRequest("POST", "/api/v1/monitoring/continuous-screening", token, {
  date_from: "2026-04-01",
  date_to: "2026-04-07",
  min_amount: 1000000.0,
});

Python

screening = cba_request("POST", "/api/v1/monitoring/continuous-screening", token, {
    "date_from": "2026-04-01",
    "date_to": "2026-04-07",
    "min_amount": 1000000.00,
})

Go

screening, err := cbaRequest(ctx, "POST", "/api/v1/monitoring/continuous-screening", token, map[string]interface{}{
    "date_from":  "2026-04-01",
    "date_to":    "2026-04-07",
    "min_amount": 1000000.00,
})

Response:

{
  "screening_id": "scr-uuid",
  "status": "COMPLETED",
  "transactions_screened": 1247,
  "alerts_generated": 3,
  "date_from": "2026-04-01",
  "date_to": "2026-04-07",
  "min_amount": 1000000.00,
  "completed_at": "2026-04-07T14:30:00Z"
}

tip

Schedule continuous screening as a daily EOD job using the scheduler triggers. For high-risk tenants, consider running screening multiple times per day with lower amount thresholds.

List Alerts

Retrieve compliance alerts with filtering by status and risk level.

GET /api/v1/monitoring/alerts?status=OPEN&risk_level=HIGH

Query parameters:

Parameter	Type	Description
status	string	OPEN, IN_REVIEW, RESOLVED
risk_level	string	HIGH, MEDIUM, LOW
screening_id	string	Filter by screening run
customer_id	string	Filter by customer
date_from	string	Alert creation date range start
date_to	string	Alert creation date range end
limit	integer	Page size (default 20, max 100)
cursor	string	Pagination cursor

cURL

curl "https://api.korastratum.com/api/v1/cba/monitoring/alerts?status=OPEN&risk_level=HIGH" \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Tenant-ID: demo_bank"

Node.js

const alerts = await cbaRequest("GET", "/api/v1/monitoring/alerts?status=OPEN&risk_level=HIGH", token);

Python

alerts = cba_request("GET", "/api/v1/monitoring/alerts?status=OPEN&risk_level=HIGH", token)

Go

alerts, err := cbaRequest(ctx, "GET", "/api/v1/monitoring/alerts?status=OPEN&risk_level=HIGH", token, nil)

Response:

{
  "alerts": [
    {
      "id": "alert-uuid",
      "screening_id": "scr-uuid",
      "customer_id": "cust-uuid",
      "customer_name": "Acme Trading Ltd",
      "transaction_ref": "TRN20260405001234",
      "amount": 5000000.00,
      "risk_level": "HIGH",
      "match_type": "SANCTIONS",
      "match_details": "Partial name match against OFAC SDN list (score: 0.87)",
      "status": "OPEN",
      "created_at": "2026-04-07T14:30:00Z"
    }
  ],
  "total": 3
}

Resolve an Alert

POST /api/v1/monitoring/alerts/:id/resolve

cURL

curl -X POST https://api.korastratum.com/api/v1/cba/monitoring/alerts/alert-uuid/resolve \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Tenant-ID: demo_bank" \
  -H "Content-Type: application/json" \
  -d '{
    "resolution": "CLEARED",
    "notes": "False positive - confirmed different entity. Customer DOB and nationality do not match sanctioned individual."
  }'

Node.js

const resolved = await cbaRequest("POST", "/api/v1/monitoring/alerts/alert-uuid/resolve", token, {
  resolution: "CLEARED",
  notes: "False positive - confirmed different entity.",
});

Python

resolved = cba_request("POST", "/api/v1/monitoring/alerts/alert-uuid/resolve", token, {
    "resolution": "CLEARED",
    "notes": "False positive - confirmed different entity.",
})

Go

resolved, err := cbaRequest(ctx, "POST", "/api/v1/monitoring/alerts/alert-uuid/resolve", token, map[string]interface{}{
    "resolution": "CLEARED",
    "notes":      "False positive - confirmed different entity.",
})

Resolution types:

Resolution	Description
CLEARED	False positive — no action required
ESCALATED	Escalated to senior compliance officer or regulator
BLOCKED	Customer or transaction blocked pending investigation

warning

Resolving an alert as BLOCKED automatically freezes the associated customer account. A manager role is required to unfreeze.

Name Enquiry Responder

When other banks perform a NIP name enquiry against your institution, this endpoint validates and returns the account holder information.

GET /api/v1/accounts/lookup/:account_number

curl https://api.korastratum.com/api/v1/cba/accounts/lookup/1001234567 \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Tenant-ID: demo_bank"

Response:

{
  "account_number": "1001234567",
  "account_name": "JOHN DOE",
  "status": "active",
  "bank_code": "999",
  "bank_name": "Demo Bank"
}

note

This endpoint is called automatically by the NIP gateway when name enquiry requests arrive from other banks. You can also use it for internal account validation.

Next Steps

• NIP Transfers — Outbound and inbound NIP transfer flows.
• Transactions — Transaction history and limits.
• Webhooks — Subscribe to compliance alert events.