How do I manage Document Compliance Policies?

Applies to: Contacts, Entities, and Relationships. Relationship records may show more compliance sections than Contacts or Entities because they can include related Contacts, related Entities, relationship-level descriptors, documents, screening, and risk review.

Page Summary

The top of the page shows key information for the selected record, such as compliance score, screening status, risk level, Lifecycle, teams, owner, contact details, or company details. These summary cards help users confirm they are reviewing the correct record and understand its current compliance position.

Review Message

If the record cannot be validated, a message appears above the review sections. This message explains that required actions must be completed before compliance can be validated.

Example: A relationship may be invalidated because its compliance score decreased, required documents are missing, descriptors are incomplete, connected contacts or entities are not compliant, monitoring is not enabled, or a risk review is overdue.

Review and History Tabs

The Review tab shows the current compliance status and any items that need attention. The History tab shows previous review activity, including validation, invalidation, and related review notes where available.

Compliance Sections by Record Type

Record Type	Common Sections	What to Review
Contact	Descriptors, Documents, Screening, Risk Review	Review the individual person’s required information, documents, screening status, and risk review.
Entity	Descriptors, Documents, Screening, Risk Review	Review the organization’s required information, documents, screening status, and risk review.
Relationship	Contacts, Descriptors, Documents, Entities, Screening, Risk Review	Review the relationship itself, plus the compliance status of connected Contacts and Entities.

Relationship Review Sections

Relationship records include additional compliance sections so users can see whether the relationship and its connected records are ready for validation.

Contacts

Shows whether the Contacts connected to the relationship satisfy their required compliance checks.

If this section is incompliant, one or more connected Contacts may need updated documents, descriptor responses, screening, or risk review.

Descriptors

Shows whether required relationship-level descriptor responses have been completed.

Descriptors are custom fields or questions created in Descriptor Management. A descriptor must be visible on the relationship before it can be required by a compliance policy.

Documents

Shows whether required relationship documents have been provided.

Missing documents are marked as incomplete. Completed documents are marked as satisfied. Document requirements may come from Global or Local policies.

Entities

Shows whether the Entities connected to the relationship satisfy their required compliance checks.

If this section is incompliant, one or more connected Entities may need updated documents, descriptor responses, screening, or risk review.

Screening

Shows whether screening requirements have been satisfied for the relationship.

This area may show the last screened date, monitoring status, or whether any matches require attention.

Risk Review

Shows whether the relationship’s risk review requirement has been satisfied.

If the risk review is overdue or incomplete, the relationship may not be eligible for validation until the risk review is completed.

Status Indicators

Each section shows whether that area is compliant or incompliant. Items inside a section may also show checks or alerts to identify which requirements are satisfied and which still need work.

Compliant means the requirement has been satisfied.
Incompliant means one or more required items still need attention.
A check mark indicates a satisfied item.
An alert or cross indicator identifies a missing, incomplete, or invalid item.

Validate and Generate Actions

The page may include Validate and Generate actions. Validation confirms whether the selected record currently satisfies compliance requirements. Generate may be used to produce or refresh compliance-related output, depending on the configured workflow.

Note: The Validate action may be unavailable until all required areas are complete, including relationship-level requirements and any required checks for connected Contacts or Entities.

How Requirements Are Determined

Compliance requirements are based on policies that match the selected Contact, Entity, or Relationship. Common matching criteria include Type, Risk, Lifecycle, Strategy, and Structure.

If policy criteria are empty, they generally mean All.
If policy criteria are populated, the selected record must match those values.
Global document policies apply when their criteria match the selected record.
Local document policies apply only to the exact Contact, Entity, or Relationship where they are attached.
Descriptor policies can only require descriptors that are visible for the selected record.

Best Practices

Confirm whether you are reviewing a Contact, Entity, or Relationship before interpreting the sections.
For Relationships, review the Contacts and Entities sections first if they are marked incompliant.
Resolve missing documents and descriptor responses before attempting to validate.
Use Lifecycle when reviewing policy criteria, rather than Status.
Check whether missing documents are required by Global policies or Local policies.
For descriptor issues, confirm that the descriptor is visible before reviewing whether it is required.
Use the History tab to understand previous review outcomes and invalidation reasons.

Contacts Entities Relationships Settings

May 24, 2026