feat(aml): add configurable AML screening service with velocity checks#140
Open
Faromzy wants to merge 1 commit into
Open
feat(aml): add configurable AML screening service with velocity checks#140Faromzy wants to merge 1 commit into
Faromzy wants to merge 1 commit into
Conversation
- Add migration for aml_rules and aml_screening_results tables
- aml_rules: DB-backed configurable rules (no hardcoded thresholds)
- aml_screening_results: per-transaction rule evaluation audit log
- Seeds 5 default rules: amount thresholds (1M/500K XAF),
velocity checks (3/hr, 10/24hr), phone blacklist
- Add AmlScreeningResultModel (src/models/amlScreeningResult.ts)
- createBulk(), findByTransactionId(), list() with pagination
- Add AmlScreeningService (src/services/amlScreening.ts)
- Evaluates amount_threshold, velocity_check (Redis counters),
and blacklisted_phone rules loaded from DB (1-min cache)
- Velocity uses time-bucketed Redis keys shared across instances
- Fails open on Redis unavailability (never blocks transactions)
- Persists all evaluation results fire-and-forget
- Integrate screening synchronously into processTransactionRequest
- Runs before transaction creation; flagged txns get status=review
and tags [aml-screened, aml-flagged]
- Velocity counters incremented after successful commit
- Admin notes populated with matched rule names
- Add 32 unit tests (all passing) covering all rule types, edge
cases, Redis failure isolation, caching, and DB persistence
|
@Faromzy Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
feat(aml): Configurable AML Screening Service with Velocity Checks
Summary
Implements a synchronous AML screening service that evaluates every payment transaction against
configurable rules before processing begins. Flagged transactions are automatically set to
pending_review status and cannot be processed until a compliance officer approves them.
Rules are stored in the database — no code deployment needed to tune thresholds, add
blacklisted numbers, or toggle rules on/off.
Changes
Database
of whether it triggered
New Files
counters (time-bucketed keys shared across instances), and fail-open behavior on Redis
unavailability
Modified
processTransactionRequest before transactionModel.create():
names
path)
Test Coverage
32 unit tests covering:
Notes
Pre-commit hook failures are pre-existing environment issues on main (spdy/http_parser missing
native module, sharp binary not installed for this runtime). Unrelated to this PR.
closes #11