Case & complaint management module¶
| ID | MOD-053 |
| System | SD08 |
| Repo | bank-app |
| Build status | Deployed |
| Deployed | Yes |
| Last commit | c98d4214fd3e613d6a3c873f68551d129ff1a485 |
Full IDR case lifecycle — creation, assignment, SLA tracking, escalation, FSCL/AFCA referral. SLA breaches trigger automatic escalation.
Case classes¶
MOD-053 manages two distinct case classes, each with its own queue, SLA, and routing rules.
IDR — Internal dispute resolution¶
Customer complaints and disputes following the IDR process required under NZ FMA and AU ASIC RG 271. Covers billing disputes, service complaints, and product complaints. FSCL (NZ) / AFCA (AU) referral when IDR does not resolve within the statutory timeframe.
AML-REFER — Acceptance engine referral¶
Triggered when MOD-153 (customer acceptance engine) produces a REFER or HOLD_FOR_EDD outcome on a product application. A compliance officer must review the application against the full party risk profile and make a manual ACCEPT, DECLINE, or escalate-to-EDD decision.
Event trigger: MOD-053 subscribes to bank.kyc.acceptance_decided on the bank-kyc EventBridge bus, filtered to detail.decision IN ['REFER', 'HOLD_FOR_EDD'].
SLA: Case must be created within 60 seconds of decision_at (FR-713). If creation exceeds 60 seconds, a CloudWatch alarm fires to the compliance team.
Case payload: party_id, product_id, reason_codes, triggered_rules, decision_at, and the full rule trace from MOD-153's event detail.
Adverse-action notice: When the compliance officer's decision is DECLINE, MOD-053 publishes a decision event consumed by MOD-063 (notification orchestration), which generates the adverse-action notice within 24 hours per CCCFA s.9B (NZ) and NCCP s.130 (AU).
Note: The v1 SNS stub that MOD-153 shipped to the MOD-076 alarm-intake topic is the interim path while this consumer rule is in flight. Once the MOD-053 consumer rule is live, MOD-153's stub is removed (follow-up to bank-kyc).
Module dependencies¶
Depends on¶
| Module | Title | Required? | Contract | Reason |
|---|---|---|---|---|
| MOD-047 | Agent action logger | Required | — | Every staff action on a complaint case publishes a staff.action_taken event to the bank-platform EventBridge bus via the MOD-047 agent action logger — the established cross-SD audit pattern (same as MOD-018, MOD-133, MOD-140). |
| MOD-052 | Role-scoped data access | Required | — | V004 Flyway migration bootstraps RBAC roles and permissions from the MOD-052 seed; MOD-052 must be deployed before MOD-053's migration runs. |
| MOD-063 | Notification orchestration | Required | — | MOD-053 publishes case_opened, case_status_changed, and case_resolved events that MOD-063 consumes to send FR-329-mandated customer notifications. |
| MOD-068 | Authentication & session management | Required | — | Customer-initiated complaint submissions require an authenticated session for identity attribution. |
| MOD-104 | AWS shared infrastructure bootstrap | Required | — | AWS shared infrastructure provisioned by MOD-104 (EventBridge buses, S3, KMS, Kinesis, Cognito) is required before this module can be deployed. |
| MOD-103 | Neon database platform bootstrap | Required | — | Neon database and schema provisioned by MOD-103 must exist before this module can read or write Postgres. |
Required by¶
| Module | Title | As | Contract |
|---|---|---|---|
| MOD-054 | Call recording & transcript attachment | Hard dependency | — |
| MOD-114 | Direct debit mandate management | Hard dependency | — |
| MOD-126 | Power of attorney and third-party authority | Optional enhancement | — |
| MOD-132 | Loan restructure and variation workflow | Optional enhancement | — |
| MOD-139 | Financial hardship formal variation workflow | Hard dependency | — |
| MOD-148 | Privacy access request (DSAR) workflow | Hard dependency | — |
| MOD-149 | Scam intelligence reporting & reimbursement | Hard dependency | — |
| MOD-151 | Risk case console | Hard dependency | — |
| MOD-155 | Target Market Determination (AU DDO) | Hard dependency | — |
Policies satisfied¶
| Policy | Title | Mode | How |
|---|---|---|---|
| CON-002 | Complaints & Internal Dispute Resolution Policy | ALERT |
IDR SLAs enforced automatically — agent cannot ignore a case past SLA without triggering escalation |
| CON-003 | Vulnerable Customer Policy | AUTO |
Vulnerable customer flags visible in every agent view — special handling applied automatically |
| REP-001 | Regulatory Reporting Policy | LOG |
Complaint register maintained automatically — feeds regulatory complaints report |
Capabilities satisfied¶
| Capability | Title | Mode | How |
|---|---|---|---|
| CAP-039 | Customer dispute & chargeback portal | AUTO |
Creates, tracks, and resolves dispute and chargeback cases through a workflow that escalates to the payments team when required. |
| CAP-050 | In-app customer support (chat + voice) | AUTO |
Provides the in-app customer support interface — live chat, FAQ, and case submission — routing enquiries and complaints to the case management workflow with IDR SLA tracking. |
Part of SD08 — Customer App & Back Office Platform
Compiled 2026-05-22 from source/entities/modules/MOD-053.yaml