Security, privacy and controls
| Control area | Design approach |
|---|---|
| Identity and access | OAuth 2.0 for external clients, OIDC for interactive users, mTLS for trusted server-to-server channels, role and entitlement checks on every business action. |
| Segregation of duties | Four-eyes approval for sensitive operations such as pricing changes, mandate updates, limit overrides and product activation. |
| Data protection | Encryption in transit and at rest, field-level masking for sensitive attributes, managed key rotation and access logging. |
| Auditability | Immutable business and technical audit trails with trace identifiers, actor identity, reason codes and before/after states. |
| Resilience controls | Idempotent write APIs, retry-safe asynchronous workflows, circuit breakers, queue-based decoupling and replayable events. |
| Jurisdiction support | Configurable regulatory attributes, retention policies and reporting extracts for EU and local market obligations without hardcoding a single country-specific rule pack. |
Event model and operational evidence
Every material state change may emit a business event. Events are used for notification triggers, integration propagation, analytics and operational monitoring. Typical event families include:- customer-profile-updated
- agreement-created
- account-opened
- mandate-changed
- overdraft-limit-amended
- loan-application-status-changed
- credit-decision-completed
- facility-drawdown-booked
- hardship-request-submitted
- service-request-status-changed
- notification-delivery-updated