Screening decisionsyour auditors can defend
Immutable evidence snapshots of every source reviewed. When FINMA asks what you saw, show them exactly that.
Built for compliance
The scenario that keeps compliance officers up at night
Your team screens "John Doe" and reviews 20 sources
All sources appear clean. No adverse keywords. Client cleared.
Two years later: John Doe arrested for fraud
FINMA asks: "Show us exactly what you reviewed"
If you only saved "risky" sources, you cannot prove the clean ones were actually clean.
NNSFlow stores every source reviewed, creating a legally defensible record of what your team saw at the moment of decision.
What NNSFlow does
A screening workflow built around evidence preservation and audit readiness.
Evidence Snapshots
Full content capture of every source. SHA-256 hashed. Immutable once screening is completed.
Decision Freeze
Configuration (keywords, sites, filters) frozen alongside evidence. No 'different settings' arguments.
Source Credibility
5-level classification: Official, Verified, Unverified, Allegation, Political. Auditors appreciate the distinction.
10-Year Retention
Evidence retained for the Swiss AML default period of 10 years, configurable per deployment. Deletion events are logged.
4-Eyes Approval
Maker-checker workflow built in. Submitters cannot approve their own decision; reviewers approve, reject, or escalate. Every step logged.
PDF Export
Auditor-ready PDF reports. Sources, decision snapshot, configuration, and audit chain bundled in a single package.
Two paths to sanctions screening
Pluggable provider integration. Pick the watchlist source that matches your coverage requirements and budget, or run both side-by-side.
OpenSanctions
Self-hosted, included
OpenSanctions data served by a self-hosted Yente instance. No per-search fees, no data leaves your network. Investigations match against the full aggregated dataset.
- OFAC SDN (United States)
- UN Consolidated List
- EU Sanctions
- SECO list (Switzerland)
- Global PEP and crime datasets
World-Check (Refinitiv / LSEG)
Enterprise tier: bring your license
Commercial-grade screening via the World-Check One API. Curated PEP profiles, adverse media, and linked-associate networks for institutions that already license World-Check.
- Curated PEP profiles with risk tiers
- Adverse media coverage
- Linked associates and family networks
- Refinitiv risk ratings
Hits from either provider land in the same evidence chain, confirmed or dismissed with a full audit trail, frozen alongside the screening decision.
How a screening works
Start Investigation
Enter entity name and type. Configure keywords and site filters.
Review Sources
Sources are surfaced as they're collected. Flag, classify, and add notes.
Make Decision
Complete with decision: Cleared, Flagged, Escalated, or Pending.
Evidence Locked
All sources become immutable. SHA-256 hashed. Audit log created.
Deployment options
Choose what fits your institution's requirements.
Cloud (SaaS)
Hosted solution
Planned hosted offering on dedicated bare-metal servers in OVH's Roubaix (France) data centre. EU jurisdiction, GDPR-aligned, no shared multi-tenant compute. Available on-premise today; SaaS launch date to be announced.
- No server management
- Managed updates
- Quick onboarding
On-Premise (Docker)
Full control
Full deployment within your infrastructure. Containerized application stack. For institutions requiring complete data sovereignty.
- Data never leaves your network
- Docker Compose deployment
- Implementation support available
Built for regulatory requirements
Designed around the documentation standards expected by Swiss and European regulators.
Swiss nFADP
Purpose-bound, proportionate data processing with clear documentation.
GDPR Art. 6
Legal basis under AML due-diligence obligations and legitimate interest.
FINMA Circulars
Traceability, reproducibility, and auditability requirements.
AML/KYC
Evidence snapshots for due diligence documentation.
Ready to see it in action?
Start with a free account or contact us to discuss enterprise deployment.