Sayari Analytics

Sayari Graph

Sayari Graph can identify network connections and risks. It focuses on corporate relationships for investigative, intelligence, and due diligence activities.
Sayari Graph is a commercial risk intelligence platform that combines:
• Global corporate and supply chain data
• Complex entity networks
• Intuitive risk identification

Features

• Global search of pre-computed corporate networks
• Company ownership hierarchies, beneficial ownership, subsidiary structures, and related parties
• Built-in translation, transliteration tools
• Network visualisations and automated financial crime analytics
• Full source provenance and evidentiary documentation
• Remote access anywhere using Internet

Benefits

• Federated search across 200 countries accelerates information discovery
• Understand and identify business relationships and transactions
• Identify and mitigate risk across business transactions
• Data reviewed regularly ensuring it remains accurate
• International documents translated for visibility

£18,963 a licence a year

• Free trial available

Service documents

• Pricing document

  ODS

• Skills Framework for the Information Age rate card

  ODS

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bpower@sayari.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

979830906460919

Contact

Benjamin Power
1.202.286.2113
bpower@sayari.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Sayari Graph is available as a multi-tenant cloud application as well as private cloud or on-prem deployment.
• System requirements: Standard internet browser (2014 or later) for SaaS application

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response tickets received within business hours are responded to within the hour, tickets received outside of these hours are responded to within 3 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Our web chat testing has been completed in line with Section 508.
• Onsite support: Onsite support
• Support levels: Sayari provides user onboarding, training, and regular end-user workshops as a standard training program with all licenses. ; ; Additional training and support packages are available for enterprise-tier customers at an additional cost. This is quoted on a case-by-case basis. ; ; Further to this, to provide tailored support, each client is assigned a Customer Success Manager (CSM). The CSM acts as the point of contact, offering additional training and ensuring our clients get the most of out the software.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Sayari provides a full array of training materials as well as runs standard and customised onboarding programs for all new users. Standard training is provided online. Enterprise customers are provided with onsite training as well as regularly scheduled workshops focused on advanced product functionality, emerging typologies, and live case support integrating Sayari data and analytics.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: As an annual subscription model, at the end of the project or contract term, all users can download all saved work and any customisations. ; ; To provide support to our clients, this data export function can be completed in a range of formats to ensure alignment to client need. This includes CSV, XLS, PDF, JSON, and Parquet.
• End-of-contract process: Sayari is an annual subscription service so product access is terminated at the end of the contract and the users are able to download their work.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Graph REST API enables Customer to run customised data enrichment services to process Client and Counterparty information, validate and match against Sayari reference data, enrich with additional identifiers, owners/directors/officers, and upstream ownership information. Product access is provided via API Credits that are consumed with each API call; currently there are 10 API endpoints that offer a variety of flexible search parameters as well as automation, new endpoints are expected throughout the year.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: Sayari has a standard SLA with uptime and performance guarantees of 99%. In the last 5 years, we have not breached this SLA, despite an increase in the number of users who have access to our systems. ; ; To ensure that this remains the case and there is no impact to service, we regularly review our systems, servers and personnel to ensure we continue to have capacity for all users.

Analytics

• Service usage metrics: Yes
• Metrics types: Sayari provides standard service metrics including number of daily logins, data consumption, and utilisation of product features. This is provided quarterly to our clients and their Customer Success Manager to allow them to understand whether they are fully utilising the product. It also provides the opportunity for us to provide additional training where required.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data export is a standard feature with multiple output formats available.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLS, CSV, PDF
  • JSON, Parquet
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Sayari's products will be operational and fully functional in all material respects 99% of the time during any 30 day period. There is no downtime required for maintenance of the platform, except in exceptional circumstances (e.g. core server- or database migrations).
• Approach to resilience: Available upon request.
• Outage reporting: Scheduled maintenance windows and service outages are communicated via email alerts. Planned maintenance is also displayed on the dashboard ahead of time. ; ; We endeavour to communicate these outages to our clients with 6 hours notice.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Restricting access in Management interfaces ; In the event access needs restricting, for example, due to completion of contract, this is facilitated by our internal team. ; ; Restricting access in support channels; Our clients benefit from one to one communications with their designated Sayari Customer Success Manager (CSM). In the event access is restricted, this will be managed by the designated CSM can organise restrictions be applied to specific users or accounts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: A-LIGN Compliance and Security, Inc.
• ISO/IEC 27001 accreditation date: 19/03/2024
• What the ISO/IEC 27001 doesn’t cover: N/A - The scope of the accreditation encompasses the underlying information environment of Sayari Labs supporting the SaaS application, including all information assets, systems, processes, and personnel that contribute to or impact the security of information contained therein.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We operate a suite of security and governance policies that detail the processes we follow. These policies are reviewed annually to ensure they remain aligned with industry requirements and our ISO27001 accreditation. ; ; Upon induction all staff complete training on these policies to ensure their working practices remain in alignment to them.; ; Sayari's Security Engineering division is responsible for the delivery of this training and auditing performance across the business.; ; We can provide copies of these policies to clients upon request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Sayari uses Github Enterprise to manage the development of all services and the infrastructure they run on. All services run on Kubernetes which is managed as-code. Access to source code is limited to Sayari staff with a job description that requires access.; Sayari conducts regular vulnerability scans following an established schedule and when new vulnerabilities are reported. These scans are performed using industry-standard tools and are designed to evaluate known security weaknesses within our infrastructure. ; Sayari's dedicated internal security team is responsible for identifying vulnerabilities and works with the Application and Infrastructure Engineering teams to address them.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Sayari utilises open source threat intelligence feeds and performs internal risk assessments which includes determining threats and potentially vulnerable systems and processes. The priority of applying patches to systems is based on the content and security implications of a patch. ; ; Patches for security vulnerabilities with a medium or high impact are prioritised appropriately and applied as soon as possible.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Sayari has implemented centralised logging to identify malicious activity occurring on systems. This is overseen by the Sayari Security Engineering team who are responsible for security of our systems.; ; Security incidents are actively worked until resolved. A standardised incident response process is used to manage security incidents which include details on detection, analysis, containment, eradication, recovery, and post-incident activity. ; ; In the event an incident is raised, this would be reviewed within 6 hours, and resolved within 6 hours.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In line with our Incident Management process, we have defined processes that are followed in the unlikely event an incident occurs. This can be provided upon request from a client. In the last 5 years, we have not had to activate these processes. ; ; In addition to an internal reporting process, all users are able to report incidents via their Customer Success Manager (CSM). The CSM will then escalate internally and manage the case until resolution is achieved. ; ; Incident reports are created after resolution has been achieved. To promote transparency, these are sent to all relevant internal and external stakeholders.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Sayari is a small business with a digital-first operating framework that allows us to maintain a very small environmental footprint. We do not have any industrial sites, or manufacturing activities, and maintain only a small physical office with the majority of our workers operating remotely enabling us to have a minimal carbon footprint.

  Covid-19 recovery

  In line with our COVID-19 policy, we identified the impact of the pandemic on our staff, customers, suppliers and stakeholders. ; ; To limit the immediate impact of COVID-19, we made changes to our remote working and sickness policies. As a result, we:; - Moved from completely in-person to hybrid office with no requirement/restrictions to attend the office; - Monitor and enforce CDC guidelines; - Asking employees and guests to not attend the office if they are sick ; - Stop shipments to the office; - Upload vaccination cards on our HRIS system OR provide a negative PCR/Antigen test 3 days before visiting the office; ; Following easing of the COVID-19 restrictions, we have maintained the changes to these policies as we have seen the beneficial impact on wellbeing across our staff.

  Tackling economic inequality

  Our approach to tackling economic inequality is two-fold. The first is reaching candidates from all backgrounds, and the second is our Donation policy. ; ; Reaching a diverse pool of candidates; To reach candidates who previously may feel that working in the technology sector is not accessible to them due to their background, we advertise across a range of methods. This includes on job boards, on social media including LinkedIn and through word of mouth. ; ; On each of our posted job descriptions we state 'Sayari is an equal opportunity employer and strongly encourages diverse candidates to apply. We believe diversity and inclusion mean our team members should reflect the diversity of the United States. No employee or applicant will face discrimination or harassment based on race, color, ethnicity, religion, age, gender, gender identity or expression, sexual orientation, disability status, veteran status, genetics, or political affiliation. We strongly encourage applicants of all backgrounds to apply.' ; ; Donation policy; Sayari will match individual staff donations to any nonprofit, nonpartisan organisation for up to $250.00 per employee. In the past, this has includes assisting food banks and supporting community outreach programmes.

  Equal opportunity

  Sayari is an equal opportunity employer and strongly encourages diverse candidates to apply. We believe diversity and inclusion mean our team members should reflect the diversity of the United States. No employee or applicant will face discrimination or harassment based on race, color, ethnicity, religion, age, gender, gender identity or expression, sexual orientation, disability status, veteran status, genetics, or political affiliation. We strongly encourage applicants of all backgrounds to apply.; ; As part of our standard employee induction, equal opportunities training is included which covers the protected characteristics.

  Wellbeing

  The wellbeing of our staff is vital to the success and growth of our organisation. We have always encouraged a healthy work-life balance and regularly identify areas in which we can further improve our employees' wellbeing.; ; In line with this, we offer our staff: ; - Access to EAP Program; - 100% company sponsored STD, LTD; - 100% company sponsored Life Insurance; - Optional additional Voluntary Life Insurance; - Optional FSA; - Flexible/Floating Holidays (3/year); - 14 weeks of parental leave ; ; Further to this, we conduct weekly “pulse surveys” through a workplace culture and management performance software platformcalled 15Five. This system gathers real-time information on workplace happiness and cultural stressors. This system also forms the basis of an early warning system to keep our executive team abreast of emerging issues amongst our team that could affect morale and wellbeing in the near future. This; quantitative data is analysed over time by the Sayari management team and benchmarked with our industry peers to ensure that we are leading the industry.

Pricing

• Price: £18,963 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Sayari provides free trial access to the Analyst Application (UI) with unlimited search and global data access. Users are provided with onboarding and training sessions; free trial periods are typically granted for a 1-2 month period but can be requested for longer.

Service documents

• Pricing document

  ODS

• Skills Framework for the Information Age rate card

  ODS

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bpower@sayari.com. Tell them what format you need. It will help if you say what assistive technology you use.