Skip to main content
Every KYB decision includes two composite risk signals on the registry check: risk_level (LOW, MEDIUM, HIGH) and ownership_complexity (SIMPLE, COMPLEX). They give your compliance team a quick directional read of the business without having to re-score each sub-check on your side.

Inputs to risk_level

risk_level is a composite Didit computes from the checks that actually ran on the session. The main signals:
SignalContribution
Registry statusAn ACTIVE / AUTHORISED company sits at the low end. DISSOLVED, STRUCK_OFF, CLOSED, UNAUTHORISED push toward high. INACTIVE or statuses that require manual inspection sit in the middle.
Company AML screeningThe company’s AML score and hits count. Clean screens sit low; confirmed sanction or adverse-media matches push high.
Person AML across key peopleThe worst AML result across UBOs, directors, and other key people. Any confirmed sanction / PEP match pushes high.
Document completenessWhether every required document group is approved, vs missing or failed documents.
Country of incorporationCountry risk tier, based on FATF and OFAC guidance and your dangerous-country policy.
When risk_level is HIGH, the workflow typically routes the session to IN_REVIEW or DECLINED depending on your configuration.
Exact weighting evolves over time as we tune the model. Treat risk_level as a directional signal and combine it with your own policy before making onboarding decisions.

Inputs to ownership_complexity

ownership_complexity reflects how hard the ownership structure is to unpack. Simple structures have direct natural-person ownership with few UBOs and no opaque intermediaries; complex structures run through multiple corporate layers, cross-border holdings, or trust / foundation / nominee entities.
ValueTypical shape
SIMPLEDirect natural-person ownership, few UBOs above threshold, no opaque corporate intermediaries
COMPLEXMulti-layer corporate chains, cross-border ownership, or trust / foundation / nominee structures
COMPLEX doesn’t automatically imply high risk — but it usually warrants enhanced due diligence.

Configuration

Risk thresholds and related defaults are configurable per workflow in the Business Console:
  • Workflows → [KYB workflow] → Risk → AML thresholds — set the match-score and risk-score thresholds for approve/review/decline. See AML risk score and AML match score.
  • Workflows → [KYB workflow] → Risk → UBO threshold — ownership percentage at which someone is classified as a UBO (typically 10%, 25% or 50%).
  • Workflows → [KYB workflow] → Risk → Document policy — which documents are required vs optional.
  • Settings → Blocklist → Countries — the dangerous-country list used in the country input.

Illustrative examples

The examples below are illustrative of how different signals land — not an exact formula.

Simple UK Ltd, clean AML

  • Registry ACTIVE
  • Company AML clean
  • All key people AML clean
  • Documents complete
  • Country GBR
risk_level = LOW, ownership_complexity = SIMPLE. Approved.

Multi-layer holding with a PEP UBO

  • Registry ACTIVE
  • Company AML clean
  • One UBO has an IN_REVIEW PEP hit
  • Documents complete
  • Country LUX
risk_level = MEDIUM, ownership_complexity = COMPLEX (multi-layer chain). Session routes to IN_REVIEW.

Sanctioned subsidiary detected

  • Registry ACTIVE
  • Company AML: confirmed sanctions match
  • One director on a sanctions list
risk_level = HIGH. Session auto-declined with reason aml_confirmed_sanction.

Risk color coding in the console

  • 🟢 LOW — green badge.
  • 🟡 MEDIUM — yellow badge.
  • 🔴 HIGH — red badge.
COMPLEX ownership is shown alongside the risk badge with a small chain icon.

Using the risk fields on your side

if (decision.status === 'APPROVED' && decision.risk_level === 'HIGH') {
  // Approved by the engine but still worth a manual reviewer glance
  await routeToEnhancedDueDiligence(decision);
}

if (decision.ownership_complexity === 'COMPLEX') {
  await requireExtraDocumentation(decision);
}

Next steps

Statuses

Status taxonomy.

AML scoring

Two-score system used throughout Didit.

Response schema

Where risk fields appear.