Now generally available

Connect your AI assistant to TIN Comply. One URL. Zero JSON.

TIN Comply's MCP server lets Claude, ChatGPT, Cursor, and any other AI assistant run real-time IRS TIN matching, OFAC screening, EIN lookup, and address validation on your behalf — secured with OAuth, controlled from your TIN Comply account. No keys to paste, no config files. Just authorize and go.

 Connect in 30 seconds  How it's secured
OAuth 2.1 with PKCE
Revoke anytime
Same audit trail as the API
claude.ai · Add connector
Add custom connector BETA
Connect Claude to your data and tools.
TIN Comply
https://www.tincomply.com/mcp
Try asking Claude

The kinds of things you'll actually ask once it's connected.

Examples of what AI can do once it's connected — multi-step compliance work compressed into a single prompt. The assistant figures out which tools to call and stitches the results together for you.

Vendor onboarding · multi-tool
You
Here's a W-9 a new vendor sent over. Run a TIN match, screen them against sanctions, validate the address, and tell me if this looks good to onboard.
W-9_AcmeSupplyCo.pdf
tin_matchtin=87-4419023, name=Acme Supply Co
screen_sanctionsname=Acme Supply Co
validate_address14 Industrial Way, Newark, NJ 07105
Assistant

I ran three checks on this W-9. Here's what came back:

  • TIN match: Code 7 — matches IRS EIN records. The TIN and legal name line up.
  • Sanctions: No matches against OFAC SDN, US Trade CSL, UN, or EU lists.
  • Address: Validated and standardized — USPS added the ZIP+4 (07105-3284).

Bottom line: this W-9 looks good to onboard. The only suggested correction is the ZIP+4.

Bulk validation · AP cleanup
You
Here's our vendor list. Run TIN matching on every row, screen each name against sanctions, and highlight any rows with issues.
Q4_Vendors.xlsx · 184 rows
tin_match× 184 rows
screen_sanctions× 184 names
Assistant

184 vendors checked. 171 clean, 13 need attention:

  • 7 TIN/name mismatches (IRS code 3) — likely W-9 typos or DBA-vs-legal-name issues.
  • 2 unissued TINs (IRS code 2) — fake or expired numbers.
  • 4 possible sanctions hits — fuzzy matches above 65% confidence; each needs human review.

I've added a "Status" column with the details. Want me to draft B-Notice outreach for the mismatches?

Healthcare staffing · OIG exclusion check
You
Are any of the doctors on this list on a medical sanctions or exclusion list? Need this before we credential them.
ContractMDs_Nov.csv · 42 names
screen_sanctions× 42 names · includes SAM exclusions
Assistant

Screened all 42 against OFAC, UN, EU, US Trade CSL, and the SAM Procurement Exclusions list (which includes HHS-OIG medical exclusions).

  • 40 clean — no matches above the 65% confidence threshold.
  • 2 possible matches — on the SAM exclusions list at 78% and 91% confidence.

Before credentialing either, confirm against the OIG LEIE database — name collisions are common. I can pull the full match records if that helps.

Quick lookup · one-shot discovery
You
What's Google's EIN? Verify it via TIN matching while you're at it.
lookup_ein_by_company_name"Google LLC"
tin_matchtin=77-0493581, name=Google LLC
Assistant

Top candidate from the lookup was 77-0493581(100% confidence). I ran it through IRS TIN matching against "Google LLC" and got code 7 — matches EIN records.

So the EIN on file checks out. If account is approved for EIN access, the EIN number is returned directly with the result.

Get connected

Three clicks. No keys. No JSON.

Connecting is the same whether you're using Claude Desktop, Claude.ai on the web, or any other MCP-compatible client. Most customers go from "I want to try this" to running their first prompt in under a minute.

STEP 01 Add custom connector dialog showing the TIN Comply URL

Paste the URL

In Claude → Settings → Connectors → Add custom connector, enter the TIN Comply URL. That's the entire technical setup — no API keys, no JSON files, no local CLI.

STEP 02 TIN Comply OAuth consent screen with explicit scope list

Sign in & authorize

You're redirected to a TIN Comply consent page that lists exactly what the assistant can and cannot do. Sign in with your existing credentials and click Authorize.

STEP 03 Connected to TIN Comply confirmation with tools listed

You're connected

All the TIN Comply tools are now available inside the assistant. Try it: "Validate the TIN format for 12-3456789." Claude picks the right tool and runs it.

Why this matters

Compliance moves into the conversation.

Your AP team can ask the assistant to validate a vendor list. Your engineering team can give their coding agent access to TIN Comply tools. The work stops being a separate tab and starts being part of the prompt.

Talk, not click

Natural-language compliance

"Run TIN matching on these 50 vendors and flag any sanctions hits." The assistant picks the right tools, interprets the IRS result codes, and returns a clean answer — no portal navigation, no copy-paste.

Built for builders

Drop-in for agentic workflows

Engineering teams get a typed, schema-described tool surface for free. Skip writing wrappers around our REST API — the MCP server is the wrapper, with results shaped for LLMs and structured error handling.

One source of truth

Audit trail you already know

MCP calls hit the same backend as the REST API and the portal. Same billing, same logs, same exportable history. Your compliance team sees one record of truth — regardless of who initiated the call.

Security & control

Your account. Your credits. Your rules.

Granting an AI assistant access to compliance tools is a real security decision. We built the connector so you stay in control at every step — with the controls where you'd expect to find them.

OAuth 2.1 with PKCE

Industry-standard authorization. No API keys live on your machine, in chat logs, or in screenshots. Every session uses a short-lived, revocable token bound to your account and device.

See exactly what's allowed

Before you click Authorize, the consent screen lists every capability the assistant will and won't have. No surprises, no hidden permissions, no over-broad scopes.

One-click revoke

Every active connection is listed on the AI Connections page in your account. Revoke any of them instantly — the connection dies the moment you click.

Per-tool permissions

Inside Claude, each TIN Comply tool can be set to "Always allow," "Needs approval," or "Blocked." Want every TIN match to require your explicit OK? You can — without touching TIN Comply.

Secure by default

All requests to TIN Comply travel over encrypted HTTPS and are authenticated to your account. You control what data you submit, results are scoped to your queries, and we never repurpose your payee data, TINs, or screening results for anything beyond fulfilling your request.

TIN Comply AI Connections page showing active connections with revoke control
The AI Connections page in your account — every active connection, last-active timestamp, and one-click revoke.
Per-tool permission toggles: Always allow, Needs approval, Blocked
Per-tool permission controls inside the assistant. Leave address validation on auto-approve, require a click for anything that touches PII.
Always allow Needs approval Blocked
The tool surface

Every compliance capability. One connection.

Each TIN Comply endpoint becomes a typed, schema-described tool the assistant can call. Descriptions, result codes, and credit-consumption rules are all baked in — Claude knows what to call and how to interpret what comes back.

IRS TIN Matching

Verify TIN + legal name against IRS records. Returns the result code (2/3/6/7/8) with plain-English interpretation.

EIN Lookup

Search business registries for candidate EINs by company name. Returns confidence-scored, masked matches.

Reverse Lookup

Recover the registered business name for an EIN. Useful when verifying or correcting vendor records.

Sanctions Screening

Match names against OFAC SDN, US Trade CSL, UN, EU, and other watchlists with confidence scoring.

Address Validation

USPS standardization with ZIP+4, county, congressional district, and lat/long coordinates.

FATCA & LEI

Validate GIINs against the FATCA registry and Legal Entity Identifiers against GLEIF.

Format Pre-Check

Free, instant TIN format validation. Use it before paid matches to avoid wasting credits on malformed input.

Company Details

Enrich a vendor record with full address, phone, website, and coordinates from global business registries.

Audit Replay

Pull any prior validation by ID for compliance reports, dispute defense, or re-fetching without spending credits.

Works with every MCP-compatible client

One server. One sign-in. All the tools your team already uses.

Claude.ai Claude Desktop ChatGPT Claude Code Cursor VS Code
Frequently asked

Answers your CTO and your CFO will both want.

The Model Context Protocol is an open standard for connecting AI assistants to external tools. As an end user, you don't need to know anything beyond pasting our connector URL and signing into TIN Comply when prompted — the same way you'd connect any "Sign in with TIN Comply" application.

Yes. Calls made through the connector run against the same TIN Comply backend as the REST API and the portal, and consume credits from the same plan. Format validation and audit-replay tools are free. There is no separate MCP subscription.

Authentication is OAuth 2.1 with PKCE — the same modern standard banks and major SaaS platforms use. You sign in once on a TIN Comply hosted page (the AI provider never sees your password) and the assistant receives a short-lived access token bound to your account. The token can be revoked at any time from the AI Connections page.

Sign in to TIN Comply, go to Admin → AI Connections, find the connection you want to remove, and click Revoke. The connection terminates immediately and the assistant must re-authorize before making another call. This is independent of disconnecting on the client side — either action ends the connection.

The MCP server returns a structured "insufficient credits" response that the assistant recognizes and surfaces to you in plain English. It will not retry the call repeatedly or burn through additional credits trying to recover. For granular control, use per-tool permission settings to require explicit approval before any credit-consuming tool runs.

Any client that speaks MCP — including Claude.ai (web and desktop), Claude Code, Cursor, ChatGPT (via MCP-compatible plugins), VS Code with Copilot's MCP support, and custom agents built on provider APIs or open-source agent frameworks. The connection steps are the same across all of them: paste our URL, sign in, authorize.

Bring TIN Comply into the conversation.

Your AI assistant should already know how to validate a vendor. Now it does — through the compliance infrastructure you already trust, with the security controls you'd expect.

 Start your free trial  Talk to our team