RiskSonnar

Pricing built for financial-crime teams

AML, sanctions screening, fraud, DSAR — one platform, one audit chain. Annual billing in EUR. Multi-currency on request. All plans include EU/UK residency, OIDC SSO, hash-chained audit, and the same canonical data model. Higher tiers unlock seats, throughput, retention, and feature surfaces.

Free

Try RiskSonnar with a real tenant in mock mode. No card, no commitment.

€0
  • Alert disposition (analyst workflow)
  • LME read (neighbourhood, paths, rings)
  • DSAR (GDPR Art. 15/16/17/20)
  • Hash-chained audit export
Seats
3
Alerts / mo
100
Screens / mo
1,000
SARs / mo
0
Retention
30 d
Integration sources
2
Start free

Starter

Single-jurisdiction TM + WLM for small fintechs and EMIs.

€5,390
per year, billed annually
or €499 / month
  • Alert disposition (analyst workflow)
  • LME read (neighbourhood, paths, rings)
  • DSAR (GDPR Art. 15/16/17/20)
  • SAR filing (MLRO signature)
  • Watchlist refresh on demand
  • Signed evidence-pack export
  • Hash-chained audit export
  • OIDC SSO (any IdP)
Seats
10
Alerts / mo
5,000
Screens / mo
50,000
SARs / mo
20
Retention
1 yr
Integration sources
8
Choose Starter

Pro

Most chosen

Multi-jurisdiction with insurance + crypto, LME write, copilot unlimited.

€21,590
per year, billed annually
or €1,999 / month
  • Alert disposition (analyst workflow)
  • LME read (neighbourhood, paths, rings)
  • LME write (annotate + audit-trail)
  • DSAR (GDPR Art. 15/16/17/20)
  • SAR filing (MLRO signature)
  • Watchlist refresh on demand
  • Signed evidence-pack export
  • Copilot (unlimited turns)
  • Hash-chained audit export
  • OIDC SSO (any IdP)
  • SCIM auto-provisioning
Seats
50
Alerts / mo
50,000
Screens / mo
1,000,000
SARs / mo
200
Retention
6 yr
Integration sources
25
Choose Pro

Enterprise

Tier-1 banks + insurers. BYO KMS, PrivateLink, dedicated support.

Contact sales
  • Alert disposition (analyst workflow)
  • LME read (neighbourhood, paths, rings)
  • LME write (annotate + audit-trail)
  • DSAR (GDPR Art. 15/16/17/20)
  • SAR filing (MLRO signature)
  • Watchlist refresh on demand
  • Signed evidence-pack export
  • Copilot (unlimited turns)
  • Hash-chained audit export
  • OIDC SSO (any IdP)
  • SCIM auto-provisioning
  • Bring-your-own KMS (CMK)
  • PrivateLink / interconnect
  • Named CSM + 24×7 incident on-call

Integrations

RiskSonnar ingests through 11 inbound channels and emits through 4 outbound surfaces. Everything maps to the canonical Customer / Account / Transaction / Policy / Claim / Loan / Wallet model.

Streaming in

  • Kafka
  • Debezium CDC
  • REST push
  • SFTP stream

Batch in

  • SFTP batch
  • S3 drop
  • Azure Blob drop
  • JDBC pull
  • GraphQL pull
  • REST pull
  • Manual upload

Wire formats

  • Avro
  • JSON
  • JSONL
  • CSV
  • Parquet
  • XML
  • ISO 20022
  • SWIFT MT
  • Fixed-width

Watchlist sources

  • OFAC SDN
  • EU CFSP
  • UN 1267
  • UK HMT
  • Refinitiv World-Check
  • OpenSanctions
  • Internal PEP
  • Internal adverse-media

Identity (SSO)

  • Auth0
  • Keycloak
  • Entra ID
  • Google
  • Okta
  • SCIM 2.0

Outbound

  • Signed webhooks (HMAC)
  • Stripe billing
  • goAML / FIU XML
  • Audit-chain export

Built for these teams

Mid-market EMI

Disposed 14,000 alerts/mo without growing the team

Two-jurisdiction EMI scaling 4× in transactions. Replaced a spreadsheet-based triage with TM scenarios + LME case build-up. Median analyst review time dropped from 18 min to 6 min; SAR filings up 3× without false-positive growth.

Starter tier · 10 seats

Insurance group

Caught a claim-padding ring spanning 12 policies

Tier-2 insurer used the policy-loan-laundering + claim-padding scenarios. LME shared-attribute clustering surfaced 4 customer IDs sharing 1 address + 1 device fingerprint. €840k in claims blocked at adjudication; one cross-line referral to the IFB.

Pro tier · 50 seats

Tier-1 bank

BYO KMS + PrivateLink for cross-jurisdiction operations

European retail bank running ~5M screens/day across EU + UK. Used the Enterprise tier with bring-your-own KMS so the bank's ISMS keeps key control. PrivateLink between the bank's VPC and RiskSonnar's orchestrator avoids public-internet hops.

Enterprise tier · custom seats

Frequently asked

How is residency handled?
Every plan keeps tenant data in your nominated region (EU West / EU Central / UK / US East / AP Southeast). Cross-region moves are refused at the orchestrator boundary. See data-residency policy.
What if we exceed quota?
Metered counts (alerts, screens, SARs, DSARs) bill at a per-unit rate on the next invoice. Hard caps (seats, integration sources) refuse new mutations until you upgrade — no surprise charges.
Can we switch plans mid-cycle?
Yes — upgrades take effect immediately and prorate. Downgrades default to next-period to honour the committed term; you can fast-track via the Stripe Customer Portal.
Do you handle our payment data?
No. All cardholder data lives at Stripe (PCI-DSS L1). RiskSonnar only stores opaque Stripe customer / subscription ids.