Compliance System
OLIVE monitors transactions to detect fraud and ensure regulatory compliance.System User Roles
| Role | Description |
|---|---|
system_admin | Full access to everything |
sales_user | Subscriber management, card linking |
compliance | Monitoring, blocking, rules |
support | View only |
audit | Read-only access to all data |
Role Permissions
system_admin
Full access to all permissionssales_user
create_subscriber,view_subscriberlink_cardview_balance,view_transactionsview_reports
compliance
view_subscriber,block_subscriberblock_cardview_balance,view_transactionsmanage_rulesview_reports,export_data
support
view_subscriberview_balance,view_transactionsview_reports
audit
view_user,view_subscriber,view_agentview_balance,view_transactionsview_reports,export_data
Alert Status
| Status | Description |
|---|---|
open | New alert, needs attention |
investigating | Being looked into |
resolved | Issue addressed |
false_positive | Not actually suspicious |
Trigger Actions
| Action | Description |
|---|---|
alert | Notification sent, transaction proceeds |
review | Transaction queued for manual review |
block | Transaction rejected |
Default Monitoring Rules
| Rule | Trigger | Action | Notify |
|---|---|---|---|
| High Frequency | > 10 transactions | alert | compliance |
| Large Amount | > 500,000 SLE | review | compliance |
| Unusual Location | 5+ from new location | alert | compliance |
| Daily Limit Breach | > 20 transactions | block | admin |
Risk Scoring
| Condition | Points |
|---|---|
| > 10 transactions | +30 |
| > 500,000 SLE | +40 |
| New location | +20 |
| Score | Risk Level | Requires Review |
|---|---|---|
| 0-29 | Low | No |
| 30-49 | Medium | Yes |
| 50+ | High | Yes |
PEP Access
For PEP subscriber accounts:- Staff must have
pep_access_authorized = true - 6-digit OTP sent to staff
- OTP expires after 5 minutes
- OTP verified before access granted
Audit Logs
| Field | Description |
|---|---|
event_type | What happened |
actor_type | Who (user, system, api) |
actor_id | Actor identifier |
resource_type | What was affected |
resource_id | Resource identifier |
action | Action taken |
status | Result status |
before_state | State before (JSONB) |
after_state | State after (JSONB) |