PUQ Mautic

Admin area

Using the admin interface and managing screening results, settings, and logs.

Dashboard

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Home — the operational overview of the module.

Dashboard — statistics, sanctions sources, mass check, and database tools

Statistics cards

Card Meaning
Clients total All clients in WHMCS.
Clients checked Clients that have at least one screening result.
Matches Clients currently matching sanctions lists — the red alert on top links straight to the filtered list.
Clean Clients checked with no findings.
Entries: Canada / EU Number of sanctions list entries in the local database.

Sanctions sources panel

Shows the time of the last list synchronization. Sync sanctions lists now downloads the enabled OpenSanctions mirrors immediately (the daily cron does the same automatically).

Last mass check panel

Shows the last mass check time and the number of checks pending in the queue. Check all clients now starts a mass check:

Database panel

Check database tables verifies all module tables and creates any missing tables or columns (useful after a module update). It is non-destructive — nothing is ever dropped — and displays a per-table report (created / altered / unchanged).

Screening results

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Clients — every client that has been screened, with the full match details.

Screening results — filters, match details with OpenSanctions links, tickets, verification

Filters

All / Matches / Clean / Verified — one click switches the view. Matches is where the daily review happens; Verified lists clients an admin has marked as reviewed false-positives.

Columns

Column Meaning
Client Name and company, linked to the client profile.
Status MATCH (red) / CLEAN (green); a green VERIFIED badge appears next to it for verified clients (hover it to see who verified and when).
Score The highest match percent (see How the matching engine works).
Matches Every matched list entry: source (ca_dfatd, eu_fsf, csl:…, blocked_country), matched name, score. The external-link icon opens the OpenSanctions entity profile so you can see exactly who the client was compared with.
Ticket The support ticket opened for this match.
Checked At Time of the last check.

Row actions

Client profile panel & verification

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

On every admin client page (Summary, Profile, Services, Invoices, …) the module injects a compact panel with the current screening state. Everything on it works via AJAX — no page reloads.

When the client matches

Client profile — MATCH badge with the best match, Check Now, Mark as Verified, View All Data

The panel shows the MATCH badge with the number of matches, the best-scoring matched name with its percent, a link to the opened ticket, and the check time.

View All Data

View All Data — status, score, and every match with an OpenSanctions link

Each local-list match links to its OpenSanctions entity profile (aliases, birth dates, sanction programs) — open it to visually confirm whether your client is really the listed person. When Fraud Check is enabled, the same modal also shows the raw FraudRecord / IPQualityScore data.

Verification (false positives)

A clean client can share a surname with a listed person and would be flagged on every re-check. After reviewing the details, click Mark as Verified:

Client profile — VERIFIED badge next to the match state

A verified client:

The module records who verified the client — first name, last name, login, and email of the admin are stored as a snapshot (not a reference), so the information survives even if the admin account is later deleted:

View All Data on a verified client — who verified, when, and what it means

Remove Verification puts the client back under automatic screening. Every verify/unverify action is written to the module log and the WHMCS activity log.

Fraud Check on the panel

With Fraud Check enabled the same panel shows the FraudRecord score, IP fraud score, and email leak status with their own Fraud Check Now and Send Report buttons — see Configuration → Fraud Check.

List entries browser

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → List Entries — everything the module downloaded from the OpenSanctions mirrors, so you can verify what exactly your clients are compared against.

List Entries — live search, source filter, pagination

The data refreshes automatically with the daily cron; Sync sanctions lists now on the Home page forces an immediate refresh.

Log

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Log — the audit trail of everything the module does (last 500 entries).

Log — checks, tickets, verification, synchronization, queue

Event Meaning
sanctions_check A client was screened: context (manual / register / edit / order / mass / cron), result, number of matches, max score.
ticket_opened A support ticket was created for a match.
ticket_skipped No ticket was created — the reason is spelled out (an earlier ticket is still open, or no department is configured).
ticket_error The ticket API call failed — the full response is logged.
whitelisted / whitelist_removed / whitelist_reset Verification set by an admin / removed by an admin / dropped automatically because the client changed profile data.
client_updated Status change / group move applied on a match.
list_sync Sanctions lists downloaded (per-source entry counts and errors).
mass_check A mass check ran or was queued.
queue_processed A cron tick processed a portion of the check queue.
check_error A queued or batched check failed for one client.
configuration_saved / schema_check Settings saved / database schema verified.

Configuration — Sanctions sources

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Configuration → Sanctions sources. All settings are saved with the green Save Changes button; only the license key lives in Setup → Addon Modules.

Sanctions sources tab — local lists, matching engine, CSL API, blocked countries

Local lists (OpenSanctions mirrors)

Local lists — Canada DFATD-SEMA and EU FSF toggles

Official government sanctions lists mirrored by the OpenSanctions project as clean machine-readable files (~2 MB each). No registration or API key required. The files are imported into your database and matching runs locally — no client data leaves your server. Synchronized daily by cron.

Matching engine

Matching engine — thresholds for the three matching methods

Setting Default Description
Full name match threshold 85% Similarity of the whole name required to report a match.
Enable trigram matching + threshold on / 65% 3-letter-chunk comparison, catches typos and letter swaps.
Trigram minimum name length 6 Trigrams run only when both names have at least this many letters — short names would match randomly.
Enable per-word matching + minimum words on / 1 Only the surname or a company word can trigger a match; a first-name-only hit never flags. Minimum 1 flags surname-only matches (with a lower score); 2 requires first + last name.
Word similarity threshold 85% How similar two words must be to count as a pair (catches Ivanov / Ivanoff).

The methods are explained in detail in How the matching engine works.

US Consolidated Screening List API

CSL API — key, endpoint, minimum score

Real-time fuzzy search against 11 US lists (OFAC SDN, BIS Entity List, State Department). Get a free API key at the ITA API portal; results below CSL minimum match score (default 90) are ignored. Client names are sent to trade.gov over HTTPS.

Blocked countries

Blocked countries — comma-separated ISO-2 codes

Comma-separated ISO-2 country codes (e.g. RU,BY,IR,KP,SY,CU). The country from the client profile is compared against this list; a match is reported with score 100.

Configuration — Check triggers & queue

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Configuration → Check triggers — when checks run automatically.

Check triggers tab — triggers, queue, periodic mass check

Check triggers

Triggers — registration, profile update, checkout, and the queue toggle

Setting Description
Check on client registration Screen every new client (ClientAdd).
Check on client profile update Re-screen when the client changes profile data (ClientEdit). This also drops the Verified flag — see verification.
Check on order checkout Screen on every order checkout.
Run trigger checks on the next cron (queue) Applies to the three triggers above ONLY. Instead of checking during the client's request — which can be slow and cause timeouts when external APIs are enabled — the client is added to the queue and checked by the cron within a few minutes. Manual checks always run in real time.

Periodic mass check

Periodic mass check — frequency, scope, queue, batch size

Setting Default Description
Periodic mass check (cron) Disabled Disabled / Daily / Weekly / Monthly re-check of the client base. Sanctions lists change constantly — a weekly or monthly re-check is recommended.
Clients to check in mass check Active only Active clients only, or all clients.
Queue the mass check on The mass check (Home-page button and the schedule) adds clients to the queue; the cron drains it in portions. Recommended for large client bases.
Queue items processed per cron run 50 Portion size per cron tick (~5 minutes). Lower it when the CSL API is enabled.

Verified clients are excluded from the mass check automatically. How the queue works internally is described in Cron automation & check queue.

Configuration — Actions on match

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Configuration → Actions on match — what happens when a check finds a match.

Actions on match tab — ticket settings and client actions

Support ticket

Ticket settings — department, subject, message with merge fields

Setting Description
Open a support ticket Master toggle. One ticket per client: while a sanctions ticket is open, repeated checks do not create duplicates. If the ticket was closed and the client still matches later, a new ticket is opened.
Support department Where the ticket is created.
Ticket subject / message Your own templates with merge fields: {client_id}, {client_name}, {client_company}, {client_email}, {client_country}, {matches}, {date}.

A real ticket produced by the module — {matches} expands into the full list with sources, scores, and the method that matched:

Sanctions ticket example

Client actions

Client actions — status change and group move

Setting Description
Set client status Optionally set the client to Active / Inactive / Closed on a match. Leave empty to keep the status unchanged.
Move client to group Optionally move the client into a chosen client group (handy for a "Sanctions review" group). Leave empty to keep the group.

Both actions are applied on every check that finds a match — but never for verified clients. Every action is written to the log (client_updated, ticket_opened, ticket_skipped with the reason).

Configuration — Fraud Check

PUQ Sanctions Checker module WHMCS

Order now | Download | Community

Addons → Sanctions Checker → Configuration → Fraud Check — the built-in fraud screening via FraudRecord and IPQualityScore.

Fraud Check tab — services, master toggle, triggers

Services

FraudRecord and IPQualityScore — registration links and API keys

Master toggle and triggers

Fraud check master toggle and its own triggers

Setting Description
Fraud check enabled Master toggle; at least one service with an API key must be enabled.
Fraud check on registration / profile update / order checkout The same trigger events as the sanctions checks, controlled separately. With the check queue enabled for triggers, fraud checks are queued too.

Where you see the results

The client profile panel shows Fraudrecord: 0-0-0 | Fraud IP: 0% | Fraud Email: NO badges (red = findings), a Fraud Check Now button, and Send Report — a form (fraud type, level 1–10, free text) that submits an abuse report to FraudRecord and/or IPQualityScore. Raw API responses are available in the View All Data modal.