Your policy. Applied automatically
Risk scored against your policy and updated as information changes.
Sound familiar?
Policy changes, new jurisdictions, updated thresholds, all requiring manual edits to a shared file that may or may not reflect what your analysts are actually applying.
Risk scores calculated at onboarding and never updated. Material events, director changes, ownership shifts, sanctions hits, sit undetected until the next scheduled review.
Without a configured policy applied consistently, risk classification reflects who reviewed the case as much as what the case actually contains. That's an audit problem.
Manual risk scoring does not scale. As the portfolio grows, so does the review backlog, and the margin for inconsistency grows with it.
Your risk policy lists the events that should trigger recalculation. Your system can't read the policy, so recalculation happens when someone remembers to run it, not when the data says it should.
Risk scores without factor breakdowns, source citations, or change history are not defensible. The judgment was sound. Proving it after the fact is where things fall apart.
The difference Strise makes
What customers say
Policy applied automatically
Policy set. Engine ready
Set risk weights for every factor in plain language. No developers needed.
Entity assessed. Scored
Risk calculated at onboarding, then recalculated automatically as new data arrives.
Data changes. Score updates
A director change, sanctions hit, or jurisdiction shift triggers automatic recalculation.
Decision made. All recorded
Full score timeline per entity, what changed, when, and why. Every factor cited.
How risk scoring runs itself
Policy configuration, no developers
Assign risk weight to any factor, jurisdiction, industry code, PEP status, ownership structure, in plain language, without writing a line of code.
Event-driven reviews, not calendar ones
Reviews triggered by actual risk changes, not by the date. High-risk entities reviewed when it matters, not just when the annual cycle says so.
Portfolio risk visible at a glance
Segment your portfolio by risk tier, industry, jurisdiction, or any custom attribute, to see exactly where your exposure sits without building a report.
Scores recalculate when data changes
Risk scores updated automatically when new information arrives, director changes, ownership changes, adverse media, sanctions updates. No scheduled recalculation needed.
Every score explained and documented
Every risk score broken down by factor, every factor cited to source. Your analysts can explain and justify any decision with confidence, in any context.
Feed the risk engine from your stack
Connect signals from your existing systems via API. Internal risk signals sit alongside Strise data in the engine, so scores reflect everything your operation knows, not just external sources.
Things we get asked. Answered
Each entity is scored across multiple risk categories, jurisdiction, PEP status, adverse media, sanctions exposure, ownership structure, industry, each weighted according to your policy. The score is the sum of those weighted factors, not a black box. Every point comes from somewhere your team can see and explain.
Yes. You set the weight for each risk factor, how many points a PEP hit adds, how much a high-risk jurisdiction contributes, which adverse media categories matter. Configuration is done in plain language, no code required. Your policy, not a generic one applied to everyone.
Up to seven risk levels, though most customers use three or four. Tier names and thresholds are yours to define. The system shows both the calculated score and any user-assessed override side by side, so there is always a clear record of what the engine produced and what your team decided.
Any material data change: a director added, a sanctions list updated, a PEP designation made, adverse media flagged, an ownership structure changed, or a jurisdiction reclassified. The score updates automatically when the data changes, not when the next review cycle comes around.
Yes. An analyst can move a score up or down, with a rationale attached. The calculated score is preserved in the audit trail alongside the override, so there is always a record of what the system produced and what your team decided, and why. Both are visible, neither is lost.
Every score change is logged automatically, what changed, when, who made the decision, and why. If a risk rating was overridden, the original calculated score sits in the record alongside it. When your regulator asks how a risk decision was reached, you show them the complete trail. Nothing to reconstruct.