compliance data layer

Live sanctions, CVE and regulatory data for compliance agents.

A compliance agent needs current facts it can cite: who is on a sanctions list today, which CVEs are being actively exploited, what rules just hit the Federal Register. Dynamic Feed serves those over one keyless endpoint, each datapoint signed and stamped with its source and observed-at time.

The call

One keyless POST returns a sanctions screen, the live exploited-CVE list and recent Federal Register entries, each in a signed, provenance-stamped envelope:

curl -s https://dynamicfeed.ai/v1/batch -H 'content-type: application/json' -d '{"calls":[{"tool":"sanctions_screen","args":{"name":"ACME Trading Ltd"}},{"tool":"exploited_vulnerabilities","args":{}},{"tool":"federal_register","args":{}}]}'

Sample response

curl -s https://dynamicfeed.ai/v1/batch -H 'content-type: application/json' -d '{"calls":[{"tool":"sanctions_screen","args":{"name":"ACME Trading Ltd"}}]}'

Why live data

A compliance workflow is only as good as the freshness and traceability of what it screens against. Dynamic Feed wraps each sanctions hit, exploited-CVE record and Federal Register entry in an envelope carrying the source, the observed-at timestamp and an Ed25519 signature. That signature is proof-of-existence and tamper-evidence: it proves we returned this exact record at this time and that it has not been altered since. It is NOT a claim that the underlying fact is true, complete, accurate or that any screening result is legally sufficient. You still apply your own controls and a human review; we give your agent citeable, time-stamped, verifiable inputs instead of guesses from stale training data.

Use it for

Screen a counterparty name against OFAC/UK sanctions lists before onboarding
Feed an AppSec agent the live actively-exploited CVE list (CISA KEV)
Surface new rules from the Federal Register for a regulatory-watch agent
Attach signed, time-stamped provenance to every check for an audit trail

Get a free API key ↗ See it live ↗ API docs ↗

FAQ

Do I need an API key?

No. The /v1/batch endpoint and the remote MCP server are keyless and free for fair use. Point your compliance agent at one URL and start screening.

Does a signed result mean the sanctions or CVE data is accurate?

No. The Ed25519 signature is proof-of-existence and tamper-evidence only: it proves we returned that exact record at that time. It is not a claim of truth, completeness, accuracy or legal sufficiency. Keep your own controls and human review in the loop.

Which regulatory sources are covered?

sanctions_screen covers OFAC and UK sanctions lists, exploited_vulnerabilities serves the CISA KEV actively-exploited set, and federal_register surfaces recent US rules. Macro and rates feeds (interest_rates, treasury_yields) are also live; there are no market price conversions.

Related live feeds

Sanctions screening API Real-time CVE feed for security agents Exploited vulnerabilities API All use cases →