This section outlines the various ways you can integrate your systems with ecrop’s OmniEagle platform. Choosing the right integration approach depends on your business needs, technical capabilities, and desired level of control over your AML compliance processes. We’ll describe three primary integration scenarios, focusing on the responsibilities of your system, the ecrop system, and how compliance officers and end-users interact with the platform. We’ll also cover key aspects of integration, including data security, compliance, and regulatory considerations.

Key Terms

  • Client: You, the organization integrating with ecrop.
  • Compliance Officer: Your designated personnel responsible for overseeing and managing AML compliance processes within your organization.
  • End-user (Party): Your customer, the individual or entity whose data and transactions are being analyzed for AML compliance purposes. All end users (security owners and emitters) are referred to as Party in the API.
  • CDD (Customer Due Diligence): The process of verifying customer identities and assessing the risks associated with the business relationship.
  • EDD (Enhanced Due Diligence): Additional due diligence measures applied to high-risk customers or transactions.
  • Transaction: A financial activity (e.g., transfer, deposit, withdrawal) that is monitored for suspicious activity.
  • SAR (Suspicious Activity Report): A report filed with the FIU when suspicious activity is detected.

Core Components

  • ecrop OmniEagle: The core engine of ecrop’s AML compliance solution. OmniEagle handles:

    • Party Risk Assessment: CDD for Legal entities and individuals, AML for identifying risky customers and transactions.
    • Real-Time Transaction Monitoring: Continuously analyzes transactions to detect suspicious activity as it occurs, enabling immediate intervention and preventing illicit funds from entering the financial system.
    • AI Anomaly Detection: Leverages advanced machine learning algorithms to identify subtle and emerging patterns of money laundering that rule-based systems might miss, reducing false positives and improving the efficiency of transaction monitoring.
    • EDD Workflow Management: Automates and streamlines the Enhanced Due Diligence process, guiding compliance officers through necessary steps, requesting information, and securely managing documentation for high-risk cases.

  • ecrop Frontends (optional)):

    • OmniBoss: A web application providing a unified view of all data, analytics, and reporting related to your AML program, as well as a case management solution for EDD.
    • OmniPersona mobile App: A secure portal for customers to submit requested documents for EDD purposes.

  • Client System: Your IT infrastructure and applications that interact with OmniEagle via API. Responsibilities vary based on the integration scenario (see below).

Integration Scenarios

1

Full API Integration

This scenario offers maximum flexibility and control, allowing you to integrate OmniEagle’s AML capabilities directly into your existing systems.

  • Client System Responsibilities:

    • Submits customer data to OmniEagle’s Legal-Natural Person Assessment API (CDD process).
    • Submits transaction data to OmniEagle’s Transaction Assessment API.
    • Provides a mechanism for compliance officers to review alerts generated by OmniEagle within your existing systems.
    • Manages the EDD workflow, including requesting and receiving documentation from customers (Optional - OmniEagle provides a customizable Client Portal).
    • Handles SAR filing with the FIU (or uses OmniEagle’s automated SAR generation capabilities).

  • ecrop OmniEagle Responsibilities:

    • Provides the Legal-Natural Person Assessment API for risk assessment.
    • Provides the Transaction Assessment API for real-time monitoring.
    • Generates alerts based on rule-based and AI-driven anomaly detection.
    • Maintains all AML-related data.
    • Provides a customizable reporting interface through OmniBoss (Optional).

  • Compliance Officer Interaction: The compliance officer interacts with OmniEagle functionality (alerts, customer data, EDD workflow) primarily through your system’s custom-built interface.

  • Authentication:

    • Client System: Bearer token-based authentication.
2

API Integration with OmniBoss for EDD and Case Management

This scenario allows you to leverage OmniEagle’s backend for risk assessment and transaction monitoring while using OmniBoss for a streamlined EDD and case management workflow.

  • Client System Responsibilities:

    • Submits customer data to OmniEagle’s Legal-Natural Person Assessment API (CDD process).
    • Submits transaction data to OmniEagle’s Transaction Assessment API.
    • Integration with OmniBoss for display of reports or to initiate EDD processes.

  • ecrop OmniEagle Responsibilities:

    • Provides Legal-Natural Person Assessment API.
    • Provides Transaction Assessment API.
    • Handles EDD workflow via OmniBoss, including communication with customers and document management.
    • Provides the OmniBoss UI for case management, alert review, and compliance officer tasks.
    • Provides all regulatory required functions, including security measurements, auditing and reporting capabilities, etc.

  • Compliance Officer Interaction: Compliance officers primarily interact with OmniEagle through the OmniBoss user interface.

  • Authentication:

    • Client System: Bearer token-based authentication.
    • Compliance Officer: Leverages access roles and access rights management for permissions.
3

End-to-End Compliance with OmniBoss

This scenario offers the simplest integration path, as OmniEagle handles the entire AML process, managed through OmniBoss.

  • Client System Responsibilities: Minimal integration. May involve providing an initial customer data feed to OmniEagle.

  • ecrop OmniEagle Responsibilities: Manages the entire AML process, including CDD, EDD, transaction monitoring, alert management, and SAR filing, all within the OmniBoss platform.

  • Compliance Officer Interaction: Compliance officers primarily interact with OmniEagle through the OmniBoss user interface for all AML tasks.

  • Authentication: Fully handled by ecrop.

Data Security and Compliance

  • OmniEagle adheres to strict data security standards and complies with GDPR requirements for data privacy.
  • All data transmitted between your systems and OmniEagle is encrypted using TLS.
  • OmniEagle undergoes regular security audits to ensure the confidentiality, integrity, and availability of your data.

Regulatory Considerations

  • GWG Compliance: Ensure that all data submitted to OmniEagle meets the requirements of the German Anti-Money Laundering Act (GwG).
  • BaFin Guidelines: Adhere to BaFin’s guidelines on AML compliance when integrating and using OmniEagle.
  • International Regulations: Understand and comply with relevant international AML regulations if your operations extend beyond Germany.
  • Periodic Audits: Understand the available reports and audit logs are available in the product.
API ConsiderationsOnboarding