TBML Investigation Report

Trade-Based Money Laundering investigation reports generated in minutes — not weeks. This actor is built for AML compliance officers, trade finance banks, and financial investigators who need a scored TBML risk assessment backed by data from 14+ authoritative sources and five independent forensic algorithms. Feed in an entity name and a trade corridor; get back a structured report with a SAR evidence package ready for regulatory filing.

TBML screening traditionally requires manual lookups across UN trade databases, corporate registries, sanctions lists, and FX history — a process that takes analysts days and is prone to missed signals. This actor runs all 14 data sources in parallel and applies Benford-Grubbs invoice analysis, Tarjan SCC circular trade detection, phantom entity logistic regression, Kolmogorov-Smirnov FX arbitrage testing, and absorbing Markov chain jurisdictional risk modeling in one automated pipeline. The result is a composite TBML risk score from 0–100 with five severity tiers and a full audit trail suitable for FinCEN SAR submissions.

What data can you extract?

Why use TBML Investigation Report?

Manual TBML screening is expensive, slow, and inconsistent. A single trade corridor investigation — pulling UN COMTRADE data, cross-checking corporate registries across four jurisdictions, screening OFAC and international sanctions lists, and overlaying FX history — takes an experienced analyst two to five business days. At typical AML consulting rates, that is $2,000–$5,000 per entity before analysis even begins.

This actor automates the entire data collection and algorithmic analysis pipeline. Fourteen data sources run in parallel. Five forensic algorithms execute in sequence. The output is a structured report with a composite risk score, per-algorithm sub-scores, and a SAR-ready evidence narrative — all delivered in under five minutes.

• Scheduling — run TBML screens on a daily, weekly, or monthly cadence to catch risk profile changes across your trade portfolio
• API access — trigger investigations programmatically from your GRC platform, Python workflows, or any HTTP client
• Proxy rotation — all sub-actor calls use Apify's infrastructure; no IP-based throttling from data providers
• Monitoring — configure Slack or email alerts when a run produces a HIGH or CRITICAL risk result
• Integrations — push results directly to Zapier, Make, Google Sheets, or your internal case management system via webhook

Features

• Benford-Grubbs invoice anomaly detection — applies chi-squared goodness-of-fit against Benford's Law expected first-digit distribution (9 degrees of freedom), then runs Grubbs' test per HS6 commodity code with Bonferroni-corrected alpha to identify unit price outliers; Fisher's method combines p-values across all commodity groups into a single meta p-value
• Tarjan SCC circular trade detection — builds a directed trade flow graph from UN COMTRADE records and applies Tarjan's strongly connected components algorithm, then enumerates elementary circuits using Johnson's algorithm (capped at 100 cycles to prevent combinatorial explosion); computes a Circularity Suspicion Index (CSI) measuring the fraction of total trade volume that flows in circles
• Phantom entity logistic regression — constructs a bipartite graph of corporate registration records against verification sources (LEI, WHOIS, sanctions databases); scores each entity using logistic regression on features including registration gaps, missing LEI identifiers, domain age, and sanctions overlap
• Kolmogorov-Smirnov FX arbitrage layering — compares current FX rate distributions for corridor-relevant currencies against 30-day historical baselines using the two-sample KS test; flags currency pairs where the KS statistic exceeds the critical value, indicating deliberate rate timing exploitation
• Absorbing Markov chain jurisdictional risk — models money flows through jurisdictions as a discrete Markov chain where FATF-blacklisted and shell-haven jurisdictions are absorbing states (IR, KP, MM, SY, YE, plus 8 FATF greylist and 8 shell haven jurisdictions); computes absorption probabilities to quantify the likelihood that funds reach high-risk endpoints
• 14 data sources in parallel — UN COMTRADE, OpenCorporates, GLEIF LEI, UK Companies House, Canada Corporations, Australia ABN, OFAC SDN, OpenSanctions, Exchange Rate Tracker, Exchange Rate History, OECD Statistics, IMF Economic Data, WHOIS Domain Lookup, and IP Geolocation
• SAR evidence package generation — assembles algorithmic findings, source citations, and structured red flag narratives in a format suitable for FinCEN SAR filings or equivalent financial intelligence unit submissions
• Currency-aware trade corridor analysis — automatically maps ISO country codes to relevant currency pairs (16 country-to-currency mappings including AED, CNY, HKD, RUB, and 12 others) for FX arbitrage analysis specific to the investigated corridor
• Five-tier risk classification — LOW (0–15), MODERATE (16–35), ELEVATED (36–55), HIGH (56–75), CRITICAL (76–100) with weighted sub-scores across all five algorithms (maximum 20 points per algorithm)
• HS code commodity focus — accepts any 4- or 6-digit HS code or commodity description to constrain trade data analysis to a specific commodity category
• Graceful data degradation — individual sub-actor failures return empty arrays rather than aborting the run; the composite score reflects available data with appropriate confidence weighting

Use cases for TBML investigation

AML compliance officer screening

AML officers at trade finance banks and payment institutions face periodic review obligations for corporate clients active in high-risk corridors. This actor replaces the manual analyst workflow: enter the entity name and the trade corridor (e.g., AE-IR or HK-US) and receive a scored risk assessment with sanctions cross-checks and corporate registry verification in one run. The SAR evidence package provides the evidentiary basis required for FinCEN filings when thresholds are met.

Trade finance due diligence

Banks processing letters of credit, documentary collections, and import/export financing need rapid TBML screening before approving transactions. Run this actor against the applicant entity and the trade corridor at origination. The invoice anomaly analysis flags over- and under-pricing relative to commodity benchmarks; the jurisdictional cascade model quantifies exposure to sanctioned endpoints even when the immediate counterparty appears clean.

Financial investigation and evidence building

Financial investigators building TBML cases need more than a single sanctions hit — they need corroborating signals from multiple independent methods. This actor delivers five independent algorithmic findings alongside raw data from 14 sources, giving investigators an audit trail that supports regulatory filings and legal proceedings without requiring manual data assembly.

Customs and border agency risk targeting

Customs agencies can use this actor to prioritize inspection resources. The Benford-Grubbs analysis detects statistically anomalous invoice values in specific HS commodity codes — exactly the pattern associated with over-invoicing and under-invoicing schemes. The circular trade network analysis surfaces entities appearing in closed-loop trade flows across multiple countries.

Risk consultancy client delivery

Consultancies providing TBML risk assessments to clients can automate the data collection and scoring phases, focusing analyst time on interpretation and recommendation rather than database lookups. The structured JSON output includes data source provenance, sub-score breakdowns, and algorithm descriptions that support transparent methodology disclosure in client deliverables.

Correspondent banking de-risking

Correspondent banks evaluating foreign financial institution relationships can run periodic TBML screens across their portfolio of respondent banks and their known trade corridors. The absorbing Markov chain jurisdictional cascade model is particularly relevant here — it quantifies indirect exposure to sanctioned jurisdictions through multi-hop trade relationships that would not be visible in a direct sanctions screen.

How to run a TBML investigation

1. Enter the entity name — Type the full legal name of the company, individual, or organization you want to investigate. For example: "Apex Maritime Trading FZE" or "Golden Dragon Import Export Ltd". Use the registered legal name for best corporate registry match rates.
2. Add a trade corridor (recommended) — Enter two ISO country codes separated by a dash in the Trade Pair field, such as US-CN for United States–China or AE-IR for UAE–Iran. This focuses the UN COMTRADE query and activates currency-specific FX arbitrage analysis for that corridor.
3. Specify a commodity (optional) — Enter a 4- or 6-digit HS code such as 7108 (gold) or 2709 (crude oil), or a text description like electronics. This constrains the Grubbs outlier analysis to the relevant commodity group.
4. Click Start and download results — The actor runs for approximately 3–8 minutes depending on data availability. When the run completes, download the full report from the Dataset tab as JSON, CSV, or Excel.

Input parameters

Input examples

Standard trade corridor investigation:

{
    "entityName": "Apex Maritime Trading FZE",
    "tradePair": "AE-IR",
    "commodity": "7108"
}

Corporate registry and sanctions screen only (no commodity focus):

{
    "entityName": "Golden Dragon Import Export Ltd",
    "tradePair": "HK-CN"
}

Minimal entity check (no trade corridor):

{
    "entityName": "Pinnacle Resources International"
}

Input tips

• Use the registered legal name — Abbreviated trade names produce fewer corporate registry matches. Search "Apex Maritime Trading FZE" rather than "Apex Maritime" for higher precision in the OpenCorporates and LEI lookups.
• Always include a trade pair for FX analysis — Without a trade pair, the FX arbitrage algorithm defaults to AED/CNY/HKD as generic high-risk currency pairs. Specifying the actual corridor (e.g., US-RU) activates the relevant currency mapping automatically.
• Use HS codes rather than descriptions where possible — The Grubbs outlier test groups invoices by HS commodity code (cmdCode in UN COMTRADE). A 4-digit HS code like 7108 returns more trade records than a text description, producing a more statistically reliable Benford-Grubbs result.
• Cross-reference HIGH and CRITICAL results manually — The algorithmic score is a screening tool. HIGH (56–75) and CRITICAL (76–100) results should be reviewed by a qualified AML analyst before any regulatory filing.

Output example

{
    "reportId": "TBML-1741872930485",
    "generatedAt": "2026-03-13T14:15:30.485Z",
    "entity": "Apex Maritime Trading FZE",
    "tradePair": "AE-IR",
    "commodity": "7108",
    "riskLevel": "HIGH",
    "tbmlRiskScore": {
        "totalScore": 64,
        "invoiceAnomalyWeight": 16,
        "circularTradeWeight": 14,
        "phantomEntityWeight": 17,
        "fxArbitrageWeight": 9,
        "jurisdictionalCascadeWeight": 8
    },
    "invoiceAnalysis": {
        "benfordConforms": false,
        "benfordPValue": 0.0028,
        "benfordChiSquared": 24.71,
        "fisherCombinedPValue": 0.0004,
        "overallAnomalyScore": 0.77,
        "outlierCount": 11,
        "topAnomalies": [
            {
                "hsCode": "7108",
                "reportedPrice": 84200.0,
                "benchmarkMean": 52400.0,
                "zScore": 3.84,
                "deviationPct": 60.7
            }
        ],
        "grubbsByHS6": [
            {
                "hsCode": "7108",
                "grubbs": {
                    "mean": 52400.0,
                    "stdDev": 8270.0,
                    "n": 34,
                    "outliers": [{ "value": 84200.0, "zScore": 3.84, "isOutlier": true }]
                }
            }
        ]
    },
    "circularTradeAnalysis": {
        "networkDensity": 0.38,
        "totalSCCs": 2,
        "totalCycles": 7,
        "maxCSI": 0.79,
        "stronglyConnectedComponents": [["UAE", "Hong Kong", "Iran"], ["UAE", "Singapore"]],
        "cycles": [["UAE", "Hong Kong", "Iran", "UAE"], ["UAE", "Singapore", "UAE"]]
    },
    "phantomEntityAnalysis": {
        "entityCount": 23,
        "phantomScore": 0.81,
        "flaggedEntities": [
            {
                "name": "Apex Maritime Trading FZE",
                "leiFound": false,
                "whoisAge": 14,
                "sanctionsOverlap": true,
                "logisticScore": 0.87
            }
        ]
    },
    "fxArbitrageAnalysis": {
        "ksStatistic": 0.39,
        "ksCriticalValue": 0.27,
        "ksSignificant": true,
        "flaggedPairs": ["AED/USD", "AED/IRR"],
        "convenienceScores": [{ "pair": "AED/IRR", "score": 0.82, "rationale": "Rate timing aligns with 9 of 11 detected transactions" }]
    },
    "jurisdictionalRiskCascade": {
        "overallCascadeRisk": 0.68,
        "absorbingStates": ["IR", "KP"],
        "absorptionProbabilities": [{ "jurisdiction": "AE", "toIR": 0.61, "toKP": 0.04 }]
    },
    "dataSources": {
        "tradeRecords": 87,
        "corporateRecords": 23,
        "leiRecords": 1,
        "ofacHits": 2,
        "sanctionsHits": 4,
        "fxRates": 48,
        "historicalFxRates": 90,
        "oecdRecords": 8,
        "imfRecords": 6,
        "ipRecords": 3,
        "whoisRecords": 1,
        "totalActorsCalled": 16
    },
    "sarEvidencePackage": {
        "summaryNarrative": "Apex Maritime Trading FZE exhibits HIGH TBML risk (score 64/100) based on five independent forensic indicators. Invoice values for HS 7108 (gold) deviate significantly from Benford's Law (chi-squared 24.71, p=0.0028) with 11 outlier unit prices including one 60.7% above benchmark. Circular trade analysis identifies 2 strongly connected components involving UAE-Hong Kong-Iran with a Circularity Suspicion Index of 0.79. Entity verification flags a phantom entity score of 0.81 due to missing LEI, 14-day WHOIS age, and OFAC/OpenSanctions overlap. AED/IRR FX timing shows KS statistic 0.39 exceeding the 0.27 critical value. Jurisdictional cascade modeling assigns 61% absorption probability to an Iranian endpoint.",
        "redFlags": [
            "Gold invoices (HS 7108) deviate from Benford's Law at p=0.0028",
            "Unit price 60.7% above benchmark for HS 7108 (Grubbs z=3.84)",
            "Circular trade network: UAE > Hong Kong > Iran > UAE (CSI 0.79)",
            "2 OFAC hits and 4 OpenSanctions matches",
            "Missing LEI registration; WHOIS domain age 14 days",
            "AED/IRR FX convenience score 0.82 indicating deliberate rate timing",
            "61% Markov chain absorption probability to Iranian jurisdiction"
        ],
        "evidenceItems": [
            "UN COMTRADE: 87 trade records for US-AE-IR corridor, HS 7108",
            "OpenCorporates: 23 corporate records across 4 jurisdictions",
            "OFAC SDN: 2 entity matches (score >0.85)",
            "OpenSanctions: 4 matches across EU, UN, US databases",
            "GLEIF LEI: No active LEI found for entity",
            "WHOIS: Domain registered 14 days prior to first trade record",
            "Exchange Rate History: AED/IRR distribution shift confirmed by KS test"
        ]
    },
    "entityVerification": {
        "corporateRecords": [],
        "leiRecords": [],
        "ofacResults": [],
        "sanctionsResults": [],
        "whoisResults": [],
        "ipResults": []
    },
    "macroContext": {
        "oecdData": [],
        "imfData": []
    }
}

Output fields

How much does it cost to run a TBML investigation?

TBML Investigation Report uses consumption-based pricing — you pay for the Apify platform compute time across the orchestrator and all 14–16 sub-actor calls. Typical run cost is $0.50–$1.50 depending on how many data sources return records.

You can set a maximum spending limit per run in the Apify console to cap costs. The actor stops if the budget is reached. Apify's free tier includes $5 of monthly credits — enough for 5–10 full TBML investigations at no cost.

Compare this to manual TBML screening at $2,000–$5,000 per entity using AML consulting firms, or specialist TBML software subscriptions at $500–$2,000/month. Most users spend $5–$25/month on this actor with no subscription commitment.

TBML investigation using the API

Python

from apify_client import ApifyClient

client = ApifyClient("YOUR_API_TOKEN")

run = client.actor("ryanclinton/tbml-investigation-report").call(run_input={
    "entityName": "Apex Maritime Trading FZE",
    "tradePair": "AE-IR",
    "commodity": "7108"
})

for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    score = item.get("tbmlRiskScore", {}).get("totalScore", 0)
    risk = item.get("riskLevel", "UNKNOWN")
    flags = item.get("sarEvidencePackage", {}).get("redFlags", [])
    print(f"Entity: {item['entity']} | Risk: {risk} | Score: {score}/100")
    for flag in flags:
        print(f"  - {flag}")

JavaScript

import { ApifyClient } from "apify-client";

const client = new ApifyClient({ token: "YOUR_API_TOKEN" });

const run = await client.actor("ryanclinton/tbml-investigation-report").call({
    entityName: "Apex Maritime Trading FZE",
    tradePair: "AE-IR",
    commodity: "7108"
});

const { items } = await client.dataset(run.defaultDatasetId).listItems();
for (const item of items) {
    const score = item.tbmlRiskScore?.totalScore ?? 0;
    const risk = item.riskLevel;
    console.log(`Entity: ${item.entity} | Risk: ${risk} | Score: ${score}/100`);
    for (const flag of item.sarEvidencePackage?.redFlags ?? []) {
        console.log(`  - ${flag}`);
    }
}

cURL

# Start the TBML investigation run
curl -X POST "https://api.apify.com/v2/acts/ryanclinton~tbml-investigation-report/runs?token=YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "entityName": "Apex Maritime Trading FZE",
    "tradePair": "AE-IR",
    "commodity": "7108"
  }'

# Fetch results (replace DATASET_ID from the run response above)
curl "https://api.apify.com/v2/datasets/DATASET_ID/items?token=YOUR_API_TOKEN&format=json"

How TBML Investigation Report works

Phase 1: Parallel data collection (14 sources)

The actor launches 14–16 sub-actor calls simultaneously using Promise.all. Each sub-actor has a 120-second individual timeout; failures return empty arrays and do not abort the run. Data is collected from: UN COMTRADE (trade records), OpenCorporates, GLEIF LEI, UK Companies House, Canada Corporation Search, and Australia ABN Lookup (corporate registries), OFAC Sanctions Search and OpenSanctions (watchlists), Exchange Rate Tracker and Exchange Rate History (FX data for up to 3 corridor currencies), OECD Statistics and IMF Economic Data (macro indicators), WHOIS Domain Lookup (digital footprint), and IP Geolocation.

The trade corridor input is parsed to extract country codes, which are mapped to currency codes via a 15-country lookup table (e.g., AE → AED, CN → CNY, HK → HKD, RU → RUB). The top 3 matched currencies then drive separate historical FX rate queries, enabling the KS arbitrage test to use corridor-specific baselines rather than generic defaults.

Phase 2: Five forensic algorithms

Benford-Grubbs invoice analysis — Trade values from UN COMTRADE are extracted and tested against Benford's Law expected first-digit probabilities using chi-squared goodness-of-fit (8 degrees of freedom). A p-value below 0.05 indicates statistically significant deviation consistent with manual invoice manipulation. Trade records are then grouped by HS6 commodity code; Grubbs' test with Bonferroni-corrected alpha detects unit price outliers within each commodity group. Fisher's method (X² = -2 × Σln(pᵢ), df = 2k) combines all p-values into a single meta statistic. The overall anomaly score weights Fisher p-value (40%), outlier density (30%), and Benford conformance flag (30%).

Tarjan SCC + Johnson cycles — UN COMTRADE reporter and partner countries are assembled into a directed trade flow graph. Tarjan's algorithm (O(V + E)) identifies all strongly connected components with 2+ nodes, indicating multi-country circular trade. Johnson's algorithm (capped at 100 cycles) enumerates elementary circuits within each SCC. The Circularity Suspicion Index divides circulating trade volume by total trade volume to produce a 0–1 score.

Phantom entity logistic regression — Corporate records from all five registry sources are merged with LEI, WHOIS, and sanctions data. Each entity is scored on: missing LEI (high weight), WHOIS domain age under 30 days (high weight), sanctions hit overlap (very high weight), registration-only-in-one-jurisdiction flag, and incorporation date recency. Logistic sigmoid applied to a weighted feature sum produces a phantom probability score per entity.

KS FX arbitrage test — The two-sample Kolmogorov-Smirnov test compares the empirical CDF of current FX rates against the empirical CDF of 30-day historical rates for each corridor currency pair. A KS statistic exceeding the critical value at the 5% significance level indicates a distributional shift consistent with deliberate rate timing. An FX convenience score per pair is computed from the fraction of detected trade transactions that cluster near rate extremes.

Absorbing Markov chain — Jurisdictions appearing in corporate records, LEI data, and trade flows are treated as Markov chain states. Transition probabilities are estimated from co-occurrence frequencies in corporate filings. FATF-blacklisted jurisdictions (Iran, North Korea, Myanmar, Syria, Yemen) and major shell haven jurisdictions (BVI, Cayman, Belize, Seychelles, etc.) are set as absorbing states with probability 1 of remaining. The fundamental matrix N = (I - Q)⁻¹ is computed for the transient submatrix Q, and absorption probabilities B = N × R are derived for each transient state to each absorbing endpoint.

Phase 3: Composite score and SAR package

Sub-scores from all five algorithms are summed (maximum 20 points each) to produce the composite 0–100 TBML risk score. Risk level thresholds: CRITICAL ≥76, HIGH ≥56, ELEVATED ≥36, MODERATE ≥16, LOW <16. The SAR evidence package is assembled from the highest-confidence signals across all five algorithms, formatted into a prose narrative suitable for direct inclusion in FinCEN SAR filings.

Tips for best results

1. Use the full registered legal name. Corporate registry searches match on exact or near-exact name strings. "Apex Maritime Trading FZE" returns more records than "Apex Maritime." Check the entity's official registration documents for the precise legal name including entity type suffix (FZE, LLC, Ltd, GmbH).

2. Always specify the trade corridor for FX arbitrage analysis. Without a tradePair, the FX module defaults to AED, CNY, and HKD — adequate for generic UAE-China-Hong Kong risk flagging but insufficient for other corridors. Specifying US-RU activates RUB-specific FX history queries.

3. For commodity-specific investigations, use HS codes not descriptions. The Grubbs outlier test groups invoices by the cmdCode field in UN COMTRADE, which is an HS code. Text descriptions such as "gold" are less precise than "7108" and may miss commodity-level groupings in the analysis.

4. Treat HIGH and CRITICAL results as triggers for human review, not final determinations. Algorithmic TBML screening produces false positives, particularly for entities operating legitimately in jurisdictions on FATF watchlists. Use results to prioritize analyst attention, not to make automatic blocking decisions.

5. Combine with Sanctions Network Analysis for deeper network mapping. The TBML report covers direct entity sanctions exposure; a network analysis actor can extend the investigation to second- and third-degree relationships, which is often where TBML schemes are structured.

6. Schedule periodic screens for ongoing portfolio monitoring. Use Apify's built-in scheduler to run monthly TBML screens across your entire counterparty list. A rise in risk score from MODERATE to HIGH across consecutive runs is often more significant than the absolute score value.

7. Use the rawTradeDataSample field for manual verification. The output includes up to 20 raw UN COMTRADE records. Cross-referencing these against the entity's self-reported trade volumes in KYC documents is a productive manual validation step.

Combine with other Apify actors

Limitations

• UN COMTRADE data reflects reported trade, not actual shipments. Countries self-report to COMTRADE, and data lags by 6–18 months. Recent trade activity will not appear in the results. This limits the actor's effectiveness for detecting newly established TBML schemes.
• Corporate registry coverage is limited to five jurisdictions. The actor queries OpenCorporates, UK Companies House, Canada, Australia, and GLEIF LEI. Entities registered exclusively in non-covered jurisdictions (UAE, Hong Kong, offshore centers) may produce sparse corporate records, which can inflate the phantom entity score for legitimate businesses.
• The Benford-Grubbs analysis requires sufficient trade volume. The Benford test requires at least 10 trade records; Grubbs' test per HS code requires at least 3 records in each commodity group. Investigations for small entities or narrow commodity categories may produce inconclusive invoice analysis results.
• Sanctions screening is not a substitute for full KYC. OFAC and OpenSanctions coverage is broad but not exhaustive. The actor does not access INTERPOL Red Notices, Europol databases, or country-specific law enforcement watchlists. Supplement with AML Entity Screening for broader watchlist coverage.
• FX arbitrage analysis is statistical, not causal. A significant KS statistic indicates a distributional shift in FX rates; it does not prove deliberate exploitation. Legitimate currency hedging programs can produce similar statistical signatures.
• The Markov chain model treats all corporate co-occurrences as potential fund flows. Entities appearing in the same jurisdiction in corporate records are linked in the transition matrix even if they have no actual financial relationship. This can produce elevated absorption probabilities for entities operating in medium-risk jurisdictions like UAE or Hong Kong for entirely legitimate reasons.
• Run time is dependent on sub-actor availability. Each of the 14 data source actors has a 120-second timeout. Simultaneous failures or platform congestion can extend total run time beyond 8 minutes.
• No browser rendering is used. All data collection is API-based. Web-scraped corporate registry data from JavaScript-rendered sites is not covered in this actor.

Integrations

• Zapier — trigger a TBML investigation automatically when a new counterparty is added to your CRM; send HIGH/CRITICAL results to a Slack channel or email alert
• Make — build multi-step compliance workflows that run TBML screens, parse the SAR package, and route cases to your GRC platform based on risk level
• Google Sheets — export investigation results to a compliance register spreadsheet with risk level, composite score, and red flag count per entity
• Apify API — integrate TBML screening directly into your onboarding pipeline or periodic review system via REST API calls
• Webhooks — post results to your case management system or SIEM immediately upon run completion, filtered by risk level threshold
• LangChain / LlamaIndex — feed TBML report JSON into an AI pipeline for automated narrative summarization, risk memo generation, or escalation triage using LLM reasoning

Troubleshooting

• Risk score is 0 or very low despite a known high-risk entity — This typically means UN COMTRADE returned no trade records for the entity. COMTRADE data is aggregated at the country level, not the company level. The invoice and circular trade algorithms score 0 when no trade records are available. The score will still reflect sanctions hits and phantom entity signals from corporate registry data.

• Corporate records are sparse despite a large company — The actor searches against five registry sources. Entities registered exclusively in UAE free zones, Hong Kong, or offshore jurisdictions (BVI, Cayman, Seychelles) are not covered by any of the five registries. OpenCorporates coverage varies by jurisdiction; some registries have data lags of 6–12 months.

• Run fails or times out — This typically occurs when multiple sub-actors simultaneously time out (120-second individual limit). Retry the run; transient platform load is the most common cause. If failures persist, check the Apify status page for service disruptions affecting specific data sources.

• High phantom entity score for a legitimate company — The phantom entity logistic regression weights missing LEI and short WHOIS domain age heavily. Legitimate companies that registered recently, do not have a global LEI, or use a new domain will receive elevated phantom scores. Cross-reference against the raw entityVerification.corporateRecords field to validate registry presence before treating this signal as definitive.

• SAR narrative appears generic — The summaryNarrative field is generated algorithmically from available signals. When fewer than 3 data sources return records, the narrative will be less specific. A full narrative requires at least trade records from UN COMTRADE plus corporate records from at least one registry.

Responsible use

• This actor queries publicly available trade data, corporate registry records, and sanctions watchlists.
• Sanctions data from OFAC and OpenSanctions is authoritative but not infallible — always verify matches against official government sources before taking adverse action.
• Comply with GDPR, applicable data protection laws, and your jurisdiction's AML regulatory framework when using results in compliance processes.
• Do not use investigation results as the sole basis for automated adverse actions against individuals or entities without qualified human review.
• TBML risk scores are screening indicators, not legal findings. Qualified AML professionals should review HIGH and CRITICAL results before filing SARs or making business decisions.
• For guidance on web scraping and data access legality, see Apify's guide.

FAQ

What is Trade-Based Money Laundering (TBML) and how common is it? TBML is the process of disguising proceeds of crime through international trade transactions. Common techniques include invoice over- and under-pricing, phantom shipments, multiple invoicing of the same goods, and deliberate exploitation of FX rate timing. FATF has identified TBML as one of the primary methods used by criminal organizations and designated as a priority risk area for financial institutions and customs authorities globally.

How does this actor detect TBML — what are the five algorithms? The actor runs five independent forensic algorithms: (1) Benford-Grubbs invoice anomaly detection using chi-squared and outlier tests on UN COMTRADE invoice values; (2) Tarjan SCC circular trade detection using graph theory to find closed-loop trade networks; (3) phantom entity logistic regression scoring entities on registration gaps and sanctions overlap; (4) Kolmogorov-Smirnov FX arbitrage testing comparing current versus historical currency distributions; and (5) absorbing Markov chain jurisdictional risk modeling to quantify indirect exposure to sanctioned jurisdictions.

How accurate is the TBML risk score? The score is a statistical screening indicator, not a definitive determination. Each algorithm can produce false positives — for example, the phantom entity score can flag newly registered legitimate businesses, and the Markov chain can assign elevated Iran absorption probability to UAE-based entities that have no actual Iranian relationships. The score is designed to prioritize analyst attention, not to replace it. HIGH and CRITICAL results should always receive human review before any regulatory or business action.

Which sanctions databases are checked? The actor screens against OFAC (U.S. Treasury's Specially Designated Nationals list) and OpenSanctions, which aggregates over 100 national and international sanctions databases including EU Consolidated List, UN Security Council Consolidated List, UK Sanctions, and many others. Results include match scores and source attribution for each hit.

Can I investigate specific commodity flows with an HS code? Yes. Enter a 4- or 6-digit HS code in the commodity field (e.g., 7108 for gold, 2709 for crude oil, 8471 for computers, 9013 for optical instruments). The Grubbs outlier test groups trade records by HS6 commodity code, so providing the HS code produces more precise invoice anomaly analysis than a text description.

How long does a TBML investigation take to run? Typical run time is 3–8 minutes depending on how many of the 14 data sources return records. The actor uses Promise.all parallel execution, so all 14–16 sub-actors run simultaneously. The limiting factor is the slowest sub-actor to respond. Each individual sub-actor has a 120-second timeout.

Is TBML investigation using public data legal? Yes. The actor queries publicly available databases: UN COMTRADE (public UN trade statistics), public corporate registries (UK Companies House, Canada Corporations, Australia ABN), OFAC SDN (public US government list), OpenSanctions (public aggregated watchlists), exchange rate history (public financial data), and WHOIS (public domain registration records). Use of the results in compliance workflows is subject to your jurisdiction's AML regulations and data protection laws.

How is this different from manual TBML screening by an analyst? A manual analyst performing the equivalent investigation would typically spend 2–5 business days pulling UN COMTRADE data, checking multiple corporate registries, running sanctions screens, and overlaying FX history. This actor completes the same data collection in under 5 minutes and applies five statistical algorithms that no manual process would typically execute. The output is not a replacement for experienced AML judgment, but it dramatically reduces the time to produce a first-pass risk assessment with algorithmic backing.

Can I run TBML investigations in bulk for a portfolio of counterparties? Yes. Use the Apify API to trigger runs programmatically for each entity in your portfolio. The Python and JavaScript code examples above can be adapted into a loop over your counterparty list. For portfolios of 50+ entities, consider adding a short delay between runs to avoid simultaneous sub-actor queue pressure. At approximately $0.75–$1.00 per investigation, screening 100 counterparties costs roughly $75–$100.

What does the SAR evidence package contain and can I use it directly in a SAR filing? The SAR evidence package contains a prose summary narrative, a structured list of specific red flags with quantitative backing, and a list of data source citations with record counts and match details. It is designed to provide the evidentiary backbone for a SAR filing but is not a complete SAR form. AML compliance officers should incorporate the package contents into their institution's SAR template and add required jurisdictional and filing fields. The narrative and red flags are suitable for the "description of suspicious activity" section of FinCEN Form 111 or equivalent.

Why do I get a high cascade risk score for UAE-based entities even when there are no Iran connections? The absorbing Markov chain model treats Iran (IR) as an absorbing state and UAE (AE) as a medium-risk transient state with a non-zero transition probability toward sanctioned endpoints — reflecting the geopolitical reality that UAE is a known transit jurisdiction for Iran-linked trade. This is a structural feature of the model, not a finding specific to any entity. UAE-based entities operating entirely legitimately will receive a non-zero Iran absorption probability. Context this signal against the other four algorithm results before drawing conclusions.

Can I schedule this actor to run periodically for ongoing monitoring? Yes. Use Apify's built-in scheduler to run TBML screens on a weekly or monthly cadence across your counterparty list. Configure a webhook to notify your compliance team when a result exceeds a risk level threshold. This is the recommended approach for trade finance banks monitoring existing correspondent relationships and for compliance officers conducting periodic reviews of high-risk customers.

Help us improve

If you encounter issues, you can help us debug faster by enabling run sharing in your Apify account:

1. Go to Account Settings > Privacy
2. Enable Share runs with public Actor creators

This lets us see your run details when something goes wrong, so we can fix issues faster. Your data is only visible to the actor developer, not publicly.

Support

Found a bug or have a feature request? Open an issue in the Issues tab on this actor's page. For custom TBML screening workflows, enterprise volume integrations, or bespoke scoring model calibration, reach out through the Apify platform.