commit c349519e345b7544e754218ce1b11953cfc8750c
parent bf488d7e28a4624aa0dec45d6e340899c6b19fe8
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Tue, 24 Jun 2025 14:11:52 +0200
robocop documentation, fixes #10074
Diffstat:
1 file changed, 61 insertions(+), 1 deletion(-)
diff --git a/taler-kyc-manual.rst b/taler-kyc-manual.rst
@@ -1,7 +1,7 @@
..
This file is part of GNU TALER.
- Copyright (C) 2014-2024 Taler Systems SA
+ Copyright (C) 2014-2025 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
@@ -970,6 +970,66 @@ from ``https://git.taler.net/wallet-core.git/``, compile and copy the file
from the ``dist/prod``.
+.. _sanctions:
+
+Sanction list checking
+======================
+
+The **taler-exchange-sanctionlist** service can be used to automatically check
+KYC records against sanction lists. The service is not run by default but
+must be explicitly enabled. It can run in incremental mode, processing
+incoming KYC records immediately when new data is submitted. When a new
+sanction list is released, use the "--reset" option to re-process all existing
+records, checking them again against the latest list. To only reset the
+position but keep checking in the background, add "--norun". Finally, to run
+the tool manually and exit immediately once all existing KYC records have been
+processed (and not wait for new records to eventually be submitted from new
+customers), use "--test".
+
+The tool operates by decrypting all of the KYC attributes from the exchange
+database and passes them to a helper program which must then determine
+
+ * which sanction list record matches best,
+ * how well that sanction list record matches, and
+ * how certain the tool is that the match is accurate.
+
+Based on this assessment by the helper program, **taler-exchange-sanctionlist**
+will then either
+
+ * freeze the account and flag it for investigation (likely match),
+ * only flag the account for investigation (possible match), or
+ * allow the account to continue as normal (no match)
+
+To avoid the same account being flagged repeatedly for investigation
+due to a false-positive match with the sanction list, AML staff can
+mark an account with the "SANCTION_LIST_SUPPRESS: true"
+property, in which case hits on the sanction list are ignored.
+
+Robocop
+-------
+
+Robocop is an implementation of a sanction list helper that can be used to
+match KYC records against sanction lists. It consists of a generic matching
+tool that computes the editing distance between a provided KYC record and each
+sanction list entry. The sanction list entries must be provided in a file that
+contains a JSON array with all sanction list entries where each entry is a
+JSON object with fields matching the KYC attributes from the GANA registry,
+plus a special field "ssid" that identifies the sanction list entry. Each
+regular attribute field must be mapped to an array of strings where each
+string is a possible spelling for values of this field, for example to allow
+aliases to be given for names.
+
+Given such a sanction list, Robocop finds the best match for
+each KYC record read from standard input (one record per line)
+and outputs the match quality, confidence and the "ssid" of the
+best match in the format expected by **taler-exchange-sanctionlist**.
+
+Robocop additionally includes Python script to convert the Swiss
+sanction list (provided in XML) to its internal JSON format, and
+a shell script to optimize the resulting JSON data by removing
+empty fields.
+
+
.. _ExchangeTemplateCustomization:
KYC Process Template Customization
