DEV Community

NydarTrading
NydarTrading

Posted on • Originally published at nydar.co.uk

We Built an AML Screening Tool That Replaces $100K Enterprise Contracts

#fintech #security #saas #startup

If you work in fintech, you know the drill. Before you can open an account, process a payment, or onboard a business customer, you need to run AML (Anti-Money Laundering) checks. It's not optional — regulators will shut you down if you don't.

The problem is the tooling. Enterprise AML platforms like Refinitiv World-Check, ComplyAdvantage, and LexisNexis cost $15,000 to $100,000 per year. For a startup, a small bank, or a crypto exchange in its early stages, that's a brutal line item for what amounts to searching a few databases.

So we built our own.

What Enterprise AML Tools Actually Do

Strip away the sales decks and the enterprise pricing, and here's what these platforms actually do:

  1. Search sanctions lists — OFAC SDN, EU consolidated list, UN sanctions, OpenSanctions
  2. Search criminal watchlists — Interpol Red Notices, FBI Most Wanted
  3. Check for Politically Exposed Persons (PEPs) — FARA foreign agent registrations, campaign finance records
  4. Verify corporate entities — OpenCorporates, LEI databases, FDIC insurance status
  5. Detect shell companies — Nominee directors, bearer shares, shell haven jurisdictions
  6. Score the risk — Combine signals into a risk tier: Low, Medium, High, or Prohibited

Every single one of these data sources is publicly available. OFAC publishes their SDN list. Interpol has a public API. OpenCorporates is open data. The SEC, CFPB, and FDIC all publish their records.

The enterprise tools charge $100K/year to query public data and put a dashboard on top.

What We Built

Our Financial Crime Screening MCP is a single API endpoint that runs 13 data sources in parallel and returns a structured AML risk classification. It's available as an MCP server, which means any AI agent or LLM client can call it directly.

It exposes 8 tools:

Tool What It Does
comprehensive_entity_screen Full screening across sanctions, criminal watchlists, and corporate registries
sanctions_deep_check Focused OFAC + OpenSanctions check with fuzzy matching
criminal_watchlist_scan Interpol Red Notices + FBI Most Wanted search
pep_influence_analysis FARA foreign agent + FEC campaign finance check
corporate_shell_detection Shell company indicators, haven jurisdictions, nominee directors
financial_institution_verify FDIC insurance status + consumer complaint analysis
proximity_to_crime_score Multi-signal convergence scoring across all categories
aml_risk_classification Full 13-source AML risk tier classification

How It Scores Risk

The full classification runs every data source and scores across five dimensions:

  • Sanctions exposure — Any direct sanctions match automatically triggers PROHIBITED tier
  • Corporate transparency — Missing LEI, shell haven registration, nominee directors
  • Political exposure — FARA registrations, significant campaign finance activity
  • Financial regulatory standing — FDIC status, consumer complaint volume
  • Proximity to crime — Signal convergence across multiple adverse categories

The key insight is convergence. A single CFPB complaint doesn't mean much. But if someone has consumer complaints AND shows up in FARA records AND is registered in a shell haven AND has no LEI — that convergence of signals is far more telling than any individual hit.

The output gives you a clear risk tier (LOW / MEDIUM / HIGH / PROHIBITED) with a recommendation for each level — from "standard processing" to "file SAR and escalate to compliance."

Example Output

Here's what a comprehensive entity screen returns:

{
    "entity": "Acme Holdings Ltd",
    "entityType": "company",
    "sanctions": {
        "ofac": { "hits": 0, "records": [] },
        "openSanctions": { "hits": 2, "records": ["..."] }
    },
    "criminalWatchlists": {
        "interpol": { "hits": 0, "records": [] },
        "fbi": { "hits": 0, "records": [] }
    },
    "corporate": {
        "registrations": ["..."],
        "lei": []
    },
    "totalHits": 2
}
Enter fullscreen mode Exit fullscreen mode

Two OpenSanctions hits and no LEI. That's a flag — needs further investigation. The aml_risk_classification tool would score this across all dimensions and return a risk tier with a specific recommendation.

Who This Is For

Fintech startups — You need AML screening to get licensed, but you can't afford $50K/year before you have revenue. This gets you compliant for a few dollars per check.

Crypto exchanges — High volume, low margin. Running sanctions checks on every user at enterprise pricing doesn't work. At $1.50-3 per query, the math works even at scale.

Compliance teams at small banks — You have the regulatory requirement but not the Refinitiv budget. This covers the same data sources at a fraction of the cost.

Legal and advisory firms — KYC/KYB checks for client onboarding. Run a quick screen before engagement, without a six-figure annual contract.

AI agent developers — Because this is an MCP server, any AI agent framework can call it. Build compliance workflows that screen entities automatically as part of a larger pipeline.

Cost Comparison

Solution Annual Cost Per-Check Cost
Refinitiv World-Check $30,000 - $100,000 Included (but you pay regardless)
ComplyAdvantage $15,000 - $50,000 Included
LexisNexis $20,000 - $80,000 Included
Our tool $0 annual fee $1.50 - $3 per check

No annual contract. No minimum spend. Pay only when you run a check.

For a startup running 500 checks per month, that's $750-$1,500/month vs. $30,000+ upfront for enterprise alternatives. For low-volume use cases (law firms running 50 checks/month), it's $75-$150/month vs. tens of thousands annually.

What This Doesn't Replace

I want to be honest about the limitations:

  • This is not a compliance program. It's a screening tool. You still need policies, procedures, a compliance officer, and a framework for how you handle hits.
  • No ongoing monitoring. This runs point-in-time checks. Enterprise tools offer continuous monitoring with alerts. You'd need to schedule periodic re-screening yourself.
  • No case management. When you get a hit, enterprise tools have workflows for investigation, escalation, and documentation. Here, you get the data — what you do with it is up to you.
  • Fuzzy matching has limits. Name matching across languages, transliterations, and aliases is hard. Enterprise tools have decades of tuning behind their matching algorithms.

For many use cases — especially early-stage companies, low-volume screening, and developer-built compliance workflows — the tradeoff is worth it. You get 80% of the capability at 2% of the cost.

Try It

The tool is live on the Apify Store. You can connect it as an MCP server from any compatible client (Claude Desktop, Cursor, or your own agent framework).

We also have a Counterparty Due Diligence MCP for corporate KYB screening (18 data sources, beneficial ownership analysis, jurisdiction risk scoring) and an ESG Supply Chain Risk MCP for environmental and labor compliance checks.

If you're building in fintech and spending more on compliance tooling than on your actual product, there's a better way.

We build trading analytics and data infrastructure at Nydar. More on what we're building at dev.to/nydartrading.

Top comments (0)