How to Build a KYC verification Agent Using AutoGen in TypeScript for healthcare

By Cyprian AaronsUpdated 2026-04-21
kyc-verificationautogentypescripthealthcare

A healthcare KYC verification agent checks whether a patient, caregiver, provider, or payer contact is who they claim to be before any sensitive workflow starts. In practice, that means validating identity documents, matching demographics against internal records, flagging mismatches for human review, and producing an audit trail that satisfies compliance and data residency requirements.

Architecture

  • Input intake layer

    • Accepts identity data from a portal, call center, or back-office system.
    • Normalizes fields like name, DOB, address, phone, and government ID number.

  • Policy and compliance layer

    • Encodes healthcare-specific rules for HIPAA-adjacent handling, retention windows, and regional storage.
    • Decides what can be automated versus what must be escalated.

  • AutoGen agent layer

    • Uses AssistantAgent to reason over the verification task.
    • Uses UserProxyAgent or a tool-executing agent to call deterministic validators and external services.

  • Verification tools

    • Document parsing, address normalization, DOB matching, watchlist checks, and residency validation.
    • These should be plain TypeScript functions exposed as tools, not LLM guesses.

  • Audit and evidence store

    • Persists every decision input/output pair with timestamps.
    • Stores only the minimum necessary PII and keeps raw documents in a controlled vault.

Implementation

1) Install AutoGen and define your verification schema

For TypeScript projects, use the AutoGen packages that expose the agent classes directly. Keep the KYC payload strict so the model cannot drift into free-form inputs.

npm install @autogenai/autogen

import { z } from "zod";

export const KycRequestSchema = z.object({
  fullName: z.string().min(2),
  dateOfBirth: z.string().regex(/^\d{4}-\d{2}-\d{2}$/),
  address: z.string().min(5),
  phone: z.string().optional(),
  governmentIdLast4: z.string().length(4).optional(),
  country: z.string().length(2), // ISO-3166-1 alpha-2
});

export type KycRequest = z.infer<typeof KycRequestSchema>;

export type KycResult = {
  status: "approved" | "manual_review" | "rejected";
  reasons: string[];
  auditId: string;
};

2) Implement deterministic healthcare checks as tools

Do not let the model decide compliance logic. Put policy in code so it is testable and auditable.

type VerificationContext = {
  allowedCountries: string[];
};

export function verifyHealthcareKyc(input: KycRequest, ctx: VerificationContext) {
  const reasons: string[] = [];

  if (!ctx.allowedCountries.includes(input.country)) {
    reasons.push(`Country ${input.country} is not allowed for this workflow`);
  }

  // Example deterministic checks
  if (input.fullName.trim().split(" ").length < 2) {
    reasons.push("Full name must include at least two tokens");
  }

  const ageInYears =
    new Date().getFullYear() - new Date(input.dateOfBirth).getFullYear();

  if (ageInYears < 18) {
    reasons.push("Patient/contact appears to be under age threshold");
  }

  return {
    status:
      reasons.length === 0 ? ("approved" as const) : ("manual_review" as const),
    reasons,
    evidence: {
      normalizedCountry: input.country.toUpperCase(),
      ageInYears,
    },
  };
}

3) Wire the verifier into an AutoGen conversation

Use AssistantAgent for reasoning and UserProxyAgent for tool execution. The pattern is simple: the assistant proposes a verification decision; the tool performs the real check; your app persists the result.

import { AssistantAgent, UserProxyAgent } from "@autogenai/autogen";
import { verifyHealthcareKyc } from "./kyc-tools";
import { KycRequestSchema } from "./schema";

const assistant = new AssistantAgent({
  name: "kyc_verifier",
  systemMessage:
    "You verify healthcare identity intake. Use only provided data. " +
    "If policy fails or data is incomplete, request manual review. " +
    "Do not invent missing identity facts.",
});

const userProxy = new UserProxyAgent({
  name: "kyc_executor",
});

async function runKyc(rawInput: unknown) {
  const parsed = KycRequestSchema.parse(rawInput);

  const result = verifyHealthcareKyc(parsed, {
    allowedCountries: ["US", "CA", "GB"],
  });

  const prompt = `
Review this healthcare KYC outcome:
${JSON.stringify(result, null, 2)}

Return one of:
- approved
- manual_review
- rejected

Include a short compliance note.
`;

  const response = await assistant.generateReply([{ role: "user", content: prompt }]);

ല; // remove? 
}

The snippet above shows the pattern but needs a final application wrapper. In production you should keep orchestration outside the model and use AutoGen only for reasoning over ambiguous cases.

import { AssistantAgent } from "@autogenai/autogen";
import { randomUUID } from "crypto";

const assistant = new AssistantAgent({
  name: "kyc_verifier",
});

export async function processKyc(rawInput: unknown): Promise<KycResult> {
  const auditId = randomUUID();
  const parsed = KycRequestSchema.parse(rawInput);

  const deterministic = verifyHealthcareKyc(parsed, {
    allowedCountries: ["US", "CA", "GB"],
  });

Keep learning

By Cyprian Aarons, AI Consultant at Topiax.

ShareX / TwitterLinkedIn

Want the complete 8-step roadmap?

Grab the free AI Agent Starter Kit — architecture templates, compliance checklists, and a 7-email deep-dive course.

Get the Starter Kit

Related Guides

Related
build claims processing agent langchain python insurance
Related
build fraud detection agent llamaindex typescript healthcare
Related
build kyc verification agent llamaindex typescript healthcare
Related
build document extraction agent llamaindex typescript pension funds
Related
build underwriting agent llamaindex typescript investment banking