KYC audit trail store¶
| ID | MOD-012 |
| System | SD02 |
| Repo | bank-kyc |
| Build status | Deployed |
| Deployed | Yes |
| Last commit | 05004b310c90fa3dd8a2050afc43612ccd13ab10 |
Immutable record of every KYC check, document upload, decision, and agent action. Stored with timestamp, operator ID, and check result.
Module dependencies¶
Depends on¶
| Module | Title | Required? | Contract | Reason |
|---|---|---|---|---|
| MOD-009 | eIDV & document verification | Required | — | Logs every eIDV check and decision outcome as the primary source of KYC audit events. |
| MOD-010 | CDD tier assignment engine | Required | — | Records CDD tier assignments and changes for regulator-accessible audit trail. |
| MOD-104 | AWS shared infrastructure bootstrap | Required | — | AWS shared infrastructure provisioned by MOD-104 (EventBridge buses, S3, KMS, Kinesis, Cognito) is required before this module can be deployed. |
| MOD-103 | Neon database platform bootstrap | Required | — | Neon database and schema provisioned by MOD-103 must exist before this module can read or write Postgres. |
Required by¶
(No modules in this wiki currently declare a dependency on this module.)
Policies satisfied¶
| Policy | Title | Mode | How |
|---|---|---|---|
| AML-001 | AML/CFT Programme Policy | LOG |
AML programme can be evidenced to regulator — every check and decision is logged |
| AML-002 | Customer Due Diligence (CDD) Policy | LOG |
CDD decisions are auditable — regulator can reconstruct any customer's onboarding decision |
| GOV-006 | Internal Audit Policy | LOG |
Internal audit can independently verify KYC decisions without relying on agent memory |
| PRI-005 | Privacy Impact Assessment Policy | LOG |
PIA evidence trail maintained — data collected for KYC is documented and bounded |
Capabilities satisfied¶
(No capabilities mapped)
Part of SD02 — Customer Identity & KYC Platform
Compiled 2026-05-22 from source/entities/modules/MOD-012.yaml