TABLE OF CONTENTS


Summary

Compliance rules allow you to automatically add or suggest requirements to cases based on customisable conditions. These rules help ensure that frontline teams collect the right documents and follow proper procedures according to your AML programme.


  • Rules apply based on conditions like CDD level, entity type, or verification status

  • Requirements can be added as suggested, recommended, or mandatory




Which user roles can create compliance rules?

Only Compliance admins can create and configure new rules and edit and remove any default rules.


Creating a compliance rule

You can create compliance rules to automatically apply requirements when certain conditions are met. To create a new rule:

  1. Go to Admin Panel > Settings > Manifest > Compliance Rules

  2. Click + Add rule

  3. Enter a name for your rule (e.g. PEP Match – Enhanced CDD)

  4. Under Related to, select either Individual or Entity depending on who the rule should apply to

  5. Under the When section, add one or more conditions

    • Example: Entity Type = Trust

  6. After selecting conditions, complete the Outcomes section.

    • In most cases, this will be one or more requirements to be triggered based on the conditions

    • For example, for a trust, the outcome is requirement of Collect trust deed or amendment deed

  7. Under each requirement, choose how it should apply:

    • Suggested - User can accept or dismiss

    • Recommended - Automatically added, but can be removed by the user

    • Mandatory - Must be collected and cannot be removed

Important:

  •  If a requirement is set as mandatory and the compliance rule is later edited or removed, that requirement will still be    mandatory for any existing cases where it was previously applied.

  • This remains true even if the case is reopened or the profile is retrieved again in the future

  • Changes to mandatory status only apply to new cases going forward

  1. Click Save to activate the rule for all new cases going forward




Available conditions

Compliance rules rely on case-specific conditions to determine when a rule should trigger. These conditions vary depending on whether the rule applies to an individual or an entity case. Conditions act as filters that determine whether a rule’s requirements are applicable.


Individual case conditions:

  • CDD Level
  • Office
  • Risk Level
  • Individual Verification Result


Entity case conditions:

  • CDD Level
  • Entity Type
  • Registered Country
  • Entity Properties
  • Entity Verification Result
  • Office
  • Risk Level


If no conditions are set, the rule applies to all individuals or entities.

Available Outcomes

The outcomes available will depend on the type of compliance rule you are configuring whether it is related to an individual, entity, or a case. 

  • If you select Individual or Entity
    The only available outcome is Requirements.
    You can choose specific requirements that will be added to the case when the rule is triggered.
  • If you select Case
    You will have two types of outcomes to choose from:
    • Requirements - Case requirements are only able to be a selection of a risk assessment or custom form
    • Case Reviewer - This allows you to automatically assign reviewers to a case based on the rule.

Managing compliance rules

  • Use the search bar to find rules by name

  • Filter by Individual or Entity case type

  • Click Apply filters to refine results or Reset filters to show all

  • Use the 3-dot menu to Edit or Delete rules


Default compliance rules

Your platform includes several default compliance rules to help teams get started, such as suggesting proof of address when electronic verification fails.

  • These default rules reflect common AML practices and provide a baseline for your compliance programme

  • All default rules can be viewed, edited, or deleted by Compliance Admins to better suit your organisation’s needs



Can First AML help me with creating compliance rules?

We are unable to prescribe specific compliance rules for our customers however we are able to refer you to trusted industry AML partners and consultants who will be able to suggest what rules your organisation should implement.


Things to note


Changing conditions after rule application


When a rule is triggered and conditions are later changed within a case, what happens depends on whether the requirement was accepted or not:

  • Unaccepted suggestion: If the rule only suggested a requirement and the user hasn’t accepted it yet, it will be removed when the condition no longer applies.
  • Accepted requirement: If the user accepted the suggestion, the requirement will remain on the case even if the condition changes.
  • Reverting to a previous condition:
    • If the requirement was previously suggested but not accepted or dismissed, it will be suggested again when the condition is met again.
    • If the requirement was previously dismissed or accepted, it will not be suggested again even if the condition re-applies.


Rules that add the same requirement


When multiple rules apply the same requirement:

  • The requirement is added only once per case.
  • If one rule applies it as mandatory or recommended, and another as suggested, the higher-priority version (mandatory/recommended) takes precedence.
  • If the user previously dismissed the same requirement from another rule, new rules will not re-add it.


Condition logic


The logic of how multiple conditions behave when building a rule:

  • OR Logic: Multiple values within the same condition behave as OR logic.
    • e.g. CDD Level is Simplified OR Enhanced → triggers if either applies.
  • AND Logic: Multiple different condition types behave as AND logic.
    • e.g. CDD Level is Simplified AND Country is NZ → triggers only if both apply. 


Conflicting values in the same condition (e.g. CDD Level = Simplified AND Enhanced) will break the rule as only one CDD level can apply at a time.