Skip to main content
The PEPs and Sanctions module in GBG GO allows you to screen individuals against global watchlists, including Politically Exposed Persons (PEPs), sanctions lists, and adverse media. This module helps you comply with regulatory requirements and mitigate risks associated with onboarding high-risk individuals. This module helps your organisation meet regulatory compliance requirements, particularly for Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) obligations. It compares customer information against international databases to identify potential matches. When the module detects a match, you can configure the journey to reject a customer, flag them for manual review, or apply additional checks.
You can view PEP and Sanctions screening results in the Investigation Portal. For more information, refer to the View details of a customer session documentation.
In this guide, you’ll learn about the various capabilities of the module and its variants. You’ll also learn how to test the module using GBG GO APIs.

​
Module variants

The PEPs and Sanctions module has variants that determine the scope of compliance checks performed on your customers.
  • UK Instance: Carries out two checks in the system:
    • Checks if an end-user is a PEP.
    • Checks if an end-user has sanctions against them.
  • UK Instance (with OGM): This variant includes Ongoing Monitoring (OGM), allowing you to track verified customers on an ongoing basis. The system automatically alerts you if an end-user compliance status changes, such as being added to a sanctions list or identified as a PEP after their initial verification.
Ongoing Monitoring requires direct configuration with a PEP and sanctions data supplier. If you have not configured this integration, contact your GBG account manager for assistance.
  • UK Instance (with Adverse Media and OGM): This variant screens end-users against negative news coverage, such as reports of fraud, financial crimes, or other risk-related activities. It returns details of any adverse media findings, including article titles, sources, and links. This variant also includes Ongoing Monitoring (OGM) to track end-users for new adverse media after their initial verification.
For more details on the PEPs and Sanctions module variants, refer to PEPs and Sanctions.

​
Capabilities and allowed values

Each PEPs and Sanctions variant supports different capabilities that determine what screening checks are performed. The table below defines the available capabilities and their allowed values.
CapabilitiesAllowed values, labels, and descriptions
PEPs and Sanctions Results: Results from PEPs and Sanctions check.
  • Example usage: PEPs and Sanctions Results + is any of + Not Available = MATCH. This results in a match because there is no data returned from the supplier.
View allowed values
  • PEPs and Sanctions Hit: A match was found on a PEPs or sanctions list.
  • PEPs and Sanctions No Hit: No match was found.
  • Not Available: Screening results are unavailable.
Sanctions Hit Type: Shows which customer data fields matched against a sanctions list entry. Values in this capability could indicate whether the match occurred through the customer’s full legal name, a known alias, or other matching criteria. This information helps you assess the accuracy and relevance of the match.
View allowed values (long list)
  • Full name, full address and year of birth matched: All three data points matched a sanctions entry.
  • Full name, full address and DOB matched: Full date of birth matched instead of just year.
  • Full name and full address matched: Name and complete address matched.
  • Full name, city and country matched: Name and location matched.
  • Full name, year of birth and country matched: Name, birth year, and country matched.
  • Full name, year of birth, city and country matched: Name, birth year, and full location matched
  • Full name and year of birth matched: Name and birth year matched
  • Full name, DOB and country matched: Name, full date of birth, and country matched.
  • Full name, DOB, city and country matched: Name, full date of birth, and full location matched.
  • Full name and DOB matched: Name and full date of birth matched.
  • A match was found against the full name: Only the end-user’s full name matched.
  • A match was found against a known alternate identity alias: Customer matched using a known alias.
  • Identity alias, DOB, City and country matched: Alias matched with date of birth and location.
  • Identity alias, DOB and country matched: Alias matched with date of birth and country.
  • Identity alias and Year of birth matched: Alias matched with birth year.
  • Identity alias, Year of birth, City and country matched: Alias matched with birth year and full location.
  • Identity alias, Year of birth and country matched: Alias matched with birth year and country.
  • Identity alias, City and Country matched: Alias matched with location
  • Identity alias and Full Address matched: Alias matched with complete address
  • Identity alias, Full Address and DOB matched: Alias matched with address and date of birth.
  • Identity alias, Full Address and Year of Birth matched: Alias matched with address and birth year
  • Identity alias and DOB matched: Alias matched with date of birth
  • Not Available: No sanctions match was found
Peps Hit Type: Shows which customer data fields matched against a PEPs database entry. This includes whether the customer is directly identified as a Politically Exposed Person or flagged as a family member or close associate of a PEP. It may also show if the match occurred through an alias or other matching criteria.
View allowed valuesSame values as Sanctions Hit Type.
Sent to OGM: Shows whether the customer has been added to Ongoing Monitoring for continuous tracking. When set to is true, this rule triggers a match if the customer has been enrolled in Ongoing Monitoring.
View allowed values
  • is true: End user has been added to Ongoing Monitoring.
  • is false: End user has not been added to Ongoing Monitoring.
Adverse Media Hit Type: Shows the nature and type of news coverage found for a customer during screening. This capability shows whether the customer has been linked to fraud, financial crimes, corruption, sanctions violations, or other compliance risks in news articles and media sources.
View allowed values
  • Match found for name: End user has adverse media coverage related to their name.
  • Not Available: No adverse media match was found or screening was not performed.

​
Example: Testing the PEPs and Sanctions module using GO API

This section walks you through testing the PEPs and Sanctions module.

​
Step 1: Add the module to your journey

To test the PEPs and Sanctions module, you first need to add it to a customer journey.
  1. Create a new journey or open an existing one in the Journey builder.
  2. Click Browse and add modules.
  3. Search for PEPs and Sanctions or navigate to the Compliance Screening category.
  4. Select the PEPs and Sanctions module.
  5. Choose a variant.
The UK Instance (with Adverse Media and OGM) variant is used for testing during these steps.
  1. Click Add to journey.
  2. Click Configure outcomes.
  • Rules:
    • Match: PEPs and Sanctions Results + is any of + PEPs and Sanctions Hit. This rule means that if the PEPs and Sanctions check results in a hit, then there is a match.
    • No Match: PEPs and Sanctions Results + is any of + PEPs and Sanctions No Hit. This rule means that if the PEPs and Sanctions check results in a no hit, then there is no match.
  1. Click Close.
You have successfully added the PEPs and Sanctions module to your journey and configured the evaluation rules. Next, publish the journey to Preview for testing.

​
Step 2: Publish the journey

After adding and configuring the module:
  1. Click Publish to Preview.
  2. Go to the GBG GO Dashboard and copy your Resource ID and Version for testing.
For more information on publishing journeys, refer to the Publish journey guide.

​
Step 3: Start journey with test data

Use the Start journey endpoint to trigger the PEPs and Sanctions screening with test customer data. Send a POST request to /journey/start: Request body:
cURL
curl --request POST \
  --url https://eu.platform.go.gbgplc.com/v2/captain/api/journey/start \
  --header 'Authorization: Bearer your_access_token' \
  --header 'Content-Type: application/json' \
  --data '{
    "resourceId": "23cdfdf1822ce2750399eac9508116af26a1403c72996851715c950de09a8983@69wllt84",
    "context": {
      "config": { "delivery": "api" },
      "subject": {}
    }
  }'
Replace your_access_token with a valid access token. Replace the resourceId value with your journey’s Resource ID and Version. What happens:
  • The API creates a journey instance and returns an instanceId that you use in the following steps to drive and inspect the journey.
Response:
JSON
{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY",
    "status": "started",
    "message": "Journey 8OIK7NODGJdqYkBLDs2znY started successfully"
}
For more details on starting a journey, refer to the Start a journey guide.

​
Step 4: Fetch interaction

After the journey starts, fetch the next interaction to find out which fields the journey needs from the end-user. This is also where you obtain the interactionId you’ll need when submitting data. Send a POST request to /journey/interaction/fetch: Request body:
cURL
curl --request POST \
  --url https://eu.platform.go.gbgplc.com/v2/captain/api/journey/interaction/fetch \
  --header 'Authorization: Bearer your_access_token' \
  --header 'Content-Type: application/json' \
  --data '{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY"
  }'
What you receive:
  • The interactionId for the current interaction. You will pass this back in the next step.
  • The interaction’s collects list, which describes the data the journey can accept.
  • An outstanding list, which highlights the fields that must be supplied before the journey can progress.
Example response:
JSON
{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY",
    "interactionId": "grn:::gbg:design:interaction:segment1@latest",
    "journey": {
        "status": "InProgress"
    },
    "interaction": {
        "grId": "grn:::gbg:design:interaction:segment1@latest",
        "resource": {
            "id": "segment1",
            "name": "segment1",
            "version": "latest",
            "type": "interaction",
            "data": {
                "pages": [
                    {
                        "id": "personal_details",
                        "label": "Personal details",
                        "cards": [
                            { "id": "NameCard" },
                            { "id": "GenderCard" },
                            { "id": "DateOfBirthCard" },
                            { "id": "ControlCard" }
                        ]
                    },
                    {
                        "id": "address_details",
                        "label": "Address details",
                        "cards": [
                            {
                                "id": "AddressCard",
                                "config": {
                                    "secrets": {
                                        "loqateApiKey": { "value": "WJ28-WP43-WG34-YD87" }
                                    }
                                }
                            },
                            { "id": "ControlCard" }
                        ]
                    }
                ]
            }
        },
        "collects": [
            { "ref": "FullName", "spec": "required" },
            { "ref": "Gender", "spec": "optional" },
            { "ref": "DateOfBirth", "spec": "optional" },
            { "ref": "CurrentAddress", "spec": "optional", "parentSpec": "optional" }
        ],
        "consumes": []
    },
    "outstanding": [
        "FullName"
    ]
}

​
Step 5: Submit the end-user’s details

Submit the customer data the journey is waiting on. The outstanding list from the previous step shows that FullName is required. dateOfBirth is optional but recommended, as it improves screening accuracy. Send a POST request to /journey/interaction/submit: Request body:
cURL
curl --request POST \
  --url https://eu.platform.go.gbgplc.com/v2/captain/api/journey/interaction/submit \
  --header 'Authorization: Bearer your_access_token' \
  --header 'Content-Type: application/json' \
  --data '{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY",
    "interactionId": "grn:::gbg:design:interaction:segment1@latest",
    "context": {
      "subject": {
        "identity": {
          "firstName": "John",
          "lastNames": ["Doe"],
          "dateOfBirth": "1985-03-15"
        }
      }
    },
    "participants": [
      { "domainElementId": "FullName" }
    ]
  }'
Use the instanceId from Step 3 and the interactionId from Step 4. The participants array tells the journey which domain element the submitted data belongs to. Response:
JSON
{
    "status": "success"
}
A success status confirms that the submitted data was accepted. The journey continues processing in the background. Move on to the next step to retrieve the screening result.

​
Step 6: Poll for the screening result

The PEPs and Sanctions screening runs asynchronously. Poll the Fetch journey state endpoint until the journey status is Completed. Send a POST request to /journey/state/fetch: Request body:
cURL
curl --request POST \
  --url https://eu.platform.go.gbgplc.com/v2/captain/api/journey/state/fetch \
  --header 'Authorization: Bearer your_access_token' \
  --header 'Content-Type: application/json' \
  --data '{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY"
  }'
What you receive:
  • The overall journey status. Continue polling while the status is InProgress.
  • A steps array, where each step describes a module that ran in the journey. The PEPs and Sanctions step includes the outcome (for example, MATCH), the advice (decision, hit types, OGM enrolment, candidate scores) and the note block (PEP and sanctions match details such as aliases, positions, addresses, and sanctioning bodies).
Example response:
JSON
{
    "instanceId": "8OIK7NODGJdqYkBLDs2znY",
    "status": "Completed",
    "context": {
        "result": {
            "status": "complete",
            "advice": {}
        },
        "process": {
            "instance": {
                "instanceId": "8OIK7NODGJdqYkBLDs2znY",
                "id": "8OIK7NODGJdqYkBLDs2znY"
            },
            "journey": {
                "id": "1334c341594dbec363c1b40ebea28933aab653ea37d9d4d3c209842786898a90",
                "version": "1bfgzreq",
                "name": "Journey Name",
                "startedAt": "2026-05-14T08:55:55.850Z",
                "endedAt": "2026-05-14T08:58:59.540Z",
                "durationMilliSec": 183690,
                "terminateInteraction": {
                    "grId": "grn:::gbg:design:interaction:end@latest",
                    "resource": {
                        "id": "end",
                        "name": "interactionEnd",
                        "version": "latest",
                        "type": "interaction",
                        "data": {
                            "pages": [
                                {
                                    "id": "pagesForEnd",
                                    "cards": [
                                        { "id": "AllDoneCard" }
                                    ]
                                }
                            ]
                        }
                    },
                    "collects": [],
                    "consumes": []
                }
            },
            "steps": [
                {
                    "nodeId": "mp58t9mvo2ainb8t4r",
                    "result": {
                        "outcome": "MATCH",
                        "advice": {
                            "sent_to_ogm": true,
                            "pep_candidate_score": 99,
                            "sanction_candidate_score": 99,
                            "customDecision": null,
                            "decision": "hit",
                            "sanctions_hit": "A match was found against the full name",
                            "pep_hit": "A match was found against the full name",
                            "adverse_media_hit": "Not Available"
                        },
                        "note": {
                            "pep_match_details": [
                                {
                                    "personId": 153448,
                                    "nationality": "US - United States",
                                    "fullname": "John Michael Doe",
                                    "aliases": [
                                        "John Doe",
                                        "J. Michael Doe",
                                        "Johnny Doe"
                                    ],
                                    "positions": [
                                        {
                                            "position": "Member, Federal Legislature (Legislative Branch) (2021-present)",
                                            "country": "US"
                                        },
                                        {
                                            "position": "Former Member, Upper Chamber (2011-2016)",
                                            "country": "US"
                                        }
                                    ],
                                    "tier": 1,
                                    "gender": "Male",
                                    "addresses": [
                                        {
                                            "country": "",
                                            "superAdministrativeArea": "",
                                            "lines": [
                                                "1 Example Street"
                                            ],
                                            "locality": "Chicago"
                                        }
                                    ],
                                    "dates": [
                                        {
                                            "type": "Birth",
                                            "date": "1985-03-15"
                                        }
                                    ]
                                }
                            ],
                            "sanctions_match_details": [
                                {
                                    "aliases": [
                                        "John Doe",
                                        "J. Michael Doe",
                                        "Johnny Doe"
                                    ],
                                    "addresses": [
                                        {
                                            "locality": "Chicago",
                                            "country": "",
                                            "superAdministrativeArea": "",
                                            "lines": [
                                                "1 Example Street"
                                            ]
                                        }
                                    ],
                                    "dates": [
                                        {
                                            "type": "Birth",
                                            "date": "1985-03-15"
                                        }
                                    ],
                                    "fullName": "John Michael Doe",
                                    "bodies": [
                                        "Office of Foreign Assets Control (OFAC)",
                                        "Her Majesty's Treasury/Office of Financial Sanction Implementation (HMT/OFSI)",
                                        "European Union Council (EU)",
                                        "United Kingdom Foreign, Commonwealth & Development Office"
                                    ]
                                }
                            ]
                        },
                        "status": "complete"
                    },
                    "process": {}
                }
            ]
        },
        "subject": {
            "identity": {
                "firstName": "John",
                "lastNames": [
                    "Doe"
                ]
            }
        }
    }
}
The response indicates that there was a hit and therefore, the outcome is a β€œMATCH”.
If the status is Completed, the PEPs and Sanctions screening has finished processing.