Regulatory Filing

Generate, validate, and file suspicious activity reports and large transaction reports across 9 jurisdictions. The report type, format, and validation strategy adapt to the filing institution's jurisdiction.

Overview

When a case investigation determines that a filing is warranted, the Overvoid API provides a complete workflow: pre-filled report data from case evidence, output generation (XML or JSON depending on jurisdiction), validation where available, and filing status tracking.

The report type changes based on the filing institution's (tenant's) regulatory jurisdiction:

JurisdictionSuspicious ReportLarge Txn ReportFIUDeadline
USSARCTRFinCEN30 days
CanadaSTRLCTRFINTRACASAP
UKSARN/ANCA UKFIUASAP
AustraliaSMRTTRAUSTRAC3 days / 24h
JapanSTRN/AJAFICImmediately
GermanyVerdachtsmeldungN/AFIU DeutschlandWithout delay
FranceDéclaration de soupçonN/ATracfinWithout delay
NetherlandsMOTN/AFIU-NL14 days
SingaporeSTRCTRSTRO5 biz days

Filing Jurisdictions

Query the full jurisdiction registry to get report names, FIU details, filing deadlines, and portal URLs for all supported jurisdictions.

curl https://api.overvoid.io/v1/issuers/filing-jurisdictions \
  -H "Authorization: Bearer cusd_test_YOUR_KEY"
{
  "US": {
    "code": "US",
    "country_name": "United States",
    "fiu_name": "FinCEN",
    "suspicious_report_name": "SAR",
    "large_txn_report_name": "CTR",
    "filing_deadline_text": "30 days",
    "form_type": "fincen",
    "portal_url": "https://bsaefiling.fincen.gov"
  },
  "CA": {
    "code": "CA",
    "fiu_name": "FINTRAC",
    "suspicious_report_name": "STR",
    "large_txn_report_name": "LCTR",
    "filing_deadline_text": "As soon as practicable",
    "portal_url": "https://www.fintrac-canafe.gc.ca/reporting-declaration/Info/f2r-eng"
  }
  // ... 7 more jurisdictions
}

Suspicious Activity Reports

The report name varies by jurisdiction (SAR, STR, SMR, Verdachtsmeldung, MOT, Déclaration de soupçon) but the API workflow is the same: draft → generate output → validate → file.

Get Draft

Returns pre-filled report data derived from the case evidence, linked alerts, transaction history, and entity information. The response includes a jurisdiction field and jurisdiction_config with the full filing metadata.

For US (FinCEN), the response contains FinCEN-specific fields (filing_institution, transmitter, activity_types). For other jurisdictions, the response contains structured sections (reporting_entity, subject, suspicious_activity, transactions) suitable for manual portal filing. For goAML jurisdictions (DE, NL), the response contains goAML-specific fields (report_code, location, etc.).

curl https://api.overvoid.io/v1/onboarding/entities/{entity_id}/cases/{case_id}/sar-draft \
  -H "Authorization: Bearer cusd_test_YOUR_KEY"
{
  "jurisdiction": "US",
  "jurisdiction_config": {
    "code": "US",
    "fiu_name": "FinCEN",
    "suspicious_report_name": "SAR",
    "form_type": "fincen",
    "filing_deadline_text": "30 days"
  },
  "case_id": "case_01HXZ8B4P7Q...",
  "filing_institution": { "name": "...", "ein": "...", ... },
  "subject": { "name": "Acme Corp", "entity_type": "corporation", ... },
  "suspicious_activity": {
    "from_date": "2026-03-01",
    "to_date": "2026-03-20",
    "total_amount": "87500",
    "activity_types": [
      { "type_id": 1, "subtype_id": 112, "description": "Structuring" }
    ]
  },
  "narrative": "Subject conducted 9 transactions totaling $87,500...",
  "transfer_count": 9,
  "alert_count": 3
}

Generate Output

Generates the filing output from form data. For US, this produces FinCEN BSA E-Filing XML. For goAML jurisdictions (DE, NL), this produces goAML XML. For other jurisdictions, this produces structured JSON for manual portal filing. Include jurisdiction in the request body to route to the correct generator.

curl -X POST https://api.overvoid.io/v1/onboarding/entities/{entity_id}/cases/{case_id}/sar-xml \
  -H "Authorization: Bearer cusd_test_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "jurisdiction": "US", ... }'

Validate

Validates the generated output against the appropriate schema for the jurisdiction. Returns validation errors if any fields are missing, malformed, or non-compliant. For jurisdictions without automated validation, returns a reminder to review before filing.

curl -X POST https://api.overvoid.io/v1/onboarding/entities/{entity_id}/cases/{case_id}/sar-validate \
  -H "Authorization: Bearer cusd_test_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "jurisdiction": "US", ... }'
{
  "valid": true,
  "message": "XML passed moov-io/fincen schema validation",
  "details": null
}

File

Mark the report as filed. This transitions the case status, creates a FilingRecord with the jurisdiction and report type, and logs an audit event.

curl -X POST https://api.overvoid.io/v1/onboarding/entities/{entity_id}/cases/{case_id}/file-sar \
  -H "Authorization: Bearer cusd_test_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "actor": "compliance-officer",
    "fiu_reference_id": "31000012345678",
    "notes": "SAR filed via BSA E-Filing"
  }'

Filing History (Unified)

List all filing records for an entity across all jurisdictions and report types (SAR, STR, SMR, CTR, LCTR, TTR, etc.).

curl https://api.overvoid.io/v1/onboarding/entities/{entity_id}/filing-history \
  -H "Authorization: Bearer cusd_test_YOUR_KEY"
[
  {
    "id": "fil_01HXZ...",
    "jurisdiction": "US",
    "report_type": "sar",
    "report_name": "SAR",
    "status": "filed",
    "fiu_reference_id": "31000012345678",
    "filed_by": "compliance-officer",
    "filed_at": "2026-03-24T12:00:00Z"
  },
  {
    "id": "fil_01HYA...",
    "jurisdiction": "US",
    "report_type": "ctr",
    "report_name": "CTR",
    "status": "filed",
    "filed_at": "2026-03-22T14:00:00Z"
  }
]

Large Transaction Reports

Not all jurisdictions require large transaction reports. The UK, Japan, Germany, France, and the Netherlands have no equivalent. The API returns 404 for CTR endpoints when the tenant's jurisdiction does not require them. For jurisdictions that do require them: US (CTR, $10K), Canada (LCTR, $10K CAD), Australia (TTR, $10K AUD), Singapore (CTR, $20K SGD).

Get CTR Draft

Returns pre-filled large transaction report data for an alert that triggered the threshold rule.

curl https://api.overvoid.io/v1/onboarding/entities/{entity_id}/ctr-draft/{alert_id} \
  -H "Authorization: Bearer cusd_test_YOUR_KEY"

Generate / Validate / File CTR

Same workflow as suspicious reports: generate output, validate, file. Include jurisdiction in the request body.

# Generate
curl -X POST .../ctr-xml -d '{ "jurisdiction": "US", ... }'


# Validate
curl -X POST .../ctr-validate -d '{ "jurisdiction": "US", ... }'


# File
curl -X POST .../file-ctr -d '{ "alert_id": "...", "actor": "..." }'


# History
curl .../ctr-history

Filing deadlines vary by jurisdiction: US (30 days), Australia (3 business days for ML, 24 hours for terrorism), Japan (immediately), Netherlands (14 days), Singapore (5 business days). The Overvoid monitoring engine tracks these deadlines per jurisdiction and surfaces overdue filings in the compliance dashboard.