Risk profiles
Your organization’s risk profile defines which categories and flags are evaluated and how results are returned in the riskAssessment section.
Overview
Custom risk flags appear under company.riskAssessment. They come from your organization’s active risk profile — the categories and flags you configure in Relativity6 (industry rules, operational concerns, premises, and any other underwriting topics you define).
To run risk flags at all, include riskAssessment in categories (or omit categories and ensure that section is entitled). Profile filters below only apply to that section.
Risk flags vs evidence review
Each organization uses one active profile type. Both types use the same profile structure — you define your own categories and flags. The type only changes how flags are researched and what appears in the response.
| Profile style | Best for | Flag behavior |
|---|---|---|
| Risk flags (default) | Triage — quickly see which concerns may apply and how urgently to review them | Flags include reasoning and a risk level (high, medium, low) |
| Evidence review | Documentation — when a raised flag should include something you can open in the file | Same fields, plus evidenceLink with a supporting URL when a flag is raised |
Risk flags screens your full flag list in one pass. Evidence review reviews categories separately and attaches a supporting link when available.
If no custom profile is assigned, the API uses the risk flags style with a standard Relativity6 flag set.
You can create and edit profiles in Settings → Risk profiles, or ask your Relativity6 contact for help with your initial setup.
Building your profile
Profiles are organized into categories (groupings such as industry risks or operational concerns) and flags within each category.
| Profile style | What to configure |
|---|---|
| Risk flags | Add a description to each flag explaining what it means (for example, what counts as cannabis exposure) |
| Evidence review | Add a guiding question to each category describing what to investigate (for example, whether the business operates in high-security environments) |
Flag names and category structure are the same in both modes. Switching profile type keeps your categories and flags; only guiding questions (evidence review only) and how results are returned change.
What each flag includes
Each flag in company.riskAssessment.customFlags typically includes:
| Field | Meaning |
|---|---|
flag | Flag name (for example Cannabis/CBD, Schools) |
category | Group within your profile (for example Industry & Product Risks) |
reasoning | Short explanation of why the flag applies |
riskLevel | high, medium, or low |
evidenceLink | Supporting URL when your profile uses evidence review; otherwise null |
The parent customFlags field also carries confidence and sources like other assessment data.
category_filter
category_filter limits evaluation to specific groups from your risk profile — the names in the category field on each flag.
Use it when you only care about one part of the profile (for example property-related groups) and want a faster, smaller response.
"categories": ["riskAssessment"],
"category_filter": ["Industry & Product Risks"]
Names must match your profile exactly. Category and flag names are visible in your Relativity6 risk profile settings.
flag_filter
flag_filter limits evaluation to specific flag names from your profile — the strings in the flag field.
Use it when you only need answers for a handful of known flags (for example cannabis or liquor-related rules):
"categories": ["riskAssessment"],
"flag_filter": ["Cannabis/CBD", "Alcohol Service"]
Again, names must match your profile exactly.
Combining filters
You can send both filters together. Only flags that match both lists are evaluated and returned.
Scoped risk assessment
Not the same as categories
The top-level categories array chooses response sections (firmographic, summary, and so on). category_filter only narrows flag groups inside riskAssessment. Do not put profile group names in categories.