Skip to content

feat(compliance): add manual AML pass endpoints for BuyCrypto and BuyFiat#3705

Merged
bernd2022 merged 4 commits into
developfrom
feat/compliance-aml-and-kyc-log
May 18, 2026
Merged

feat(compliance): add manual AML pass endpoints for BuyCrypto and BuyFiat#3705
bernd2022 merged 4 commits into
developfrom
feat/compliance-aml-and-kyc-log

Conversation

@bernd2022

@bernd2022 bernd2022 commented May 13, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Summary

  • Adds PUT :id/amlCheck/pass endpoints on BuyCryptoController and BuyFiatController (role: COMPLIANCE) that allow a clerk to manually pass a Pending AML check.
  • Adds ManualPassWhitelistErrors list and canManualPass(comment) helper in aml-error.enum.ts — kept in sync with packages/core/src/definitions/compliance.ts.
  • Whitelist covers phone-verification, IP-country-mismatch, trade-approval-date, failed/rejected user-data call, and referral-no-trade-history errors.
  • New ManualPassAmlCheckDto (with responsible: string) shared shape under each subdomain.

Validation

  • Endpoint refuses unless amlCheck === Pending and every error on comment is whitelisted.
  • On success: sets amlCheck = PASS and amlResponsible = <responsible> via the existing update() path (so all downstream side-effects fire).

Test plan

  • Unit/integration tests for canManualPass (empty, single, multi, non-whitelisted)
  • E2E: PUT buy-crypto/:id/amlCheck/pass with whitelisted comment → 200, status flips to PASS
  • E2E: same call with non-whitelisted comment → 400
  • E2E: same call when amlCheck !== Pending → 400
  • E2E: non-COMPLIANCE role → 403
  • Mirror checks for PUT buy-fiat/:id/amlCheck/pass
  • Verify feat(compliance): add manual AML pass whitelist and canManualPass helper packages#176 (services/web consumer) lines up with this contract

@bernd2022
feat(compliance): add manual AML pass endpoints for BuyCrypto and Buy…
8e38387 
…Fiat

Adds PUT :id/amlCheck/pass endpoints (COMPLIANCE role) that allow a
compliance clerk to manually pass a pending AML check when all errors
on the transaction comment are on the whitelist (phone-/referral-/
country-related). The ManualPassWhitelistErrors list and canManualPass
helper are kept in sync with packages/core/src/definitions/compliance.ts.
Yannick1712
Yannick1712 reviewed May 14, 2026
View reviewed changes
Comment thread src/subdomains/core/buy-crypto/process/buy-crypto.controller.ts Outdated
Comment thread src/subdomains/core/buy-crypto/process/dto/manual-pass-aml-check.dto.ts Outdated
Comment thread src/subdomains/core/sell-crypto/process/dto/manual-pass-aml-check.dto.ts Outdated
Comment thread src/subdomains/core/sell-crypto/process/dto/manual-pass-aml-check.dto.ts Outdated
Comment thread src/subdomains/core/sell-crypto/process/dto/manual-pass-aml-check.dto.ts Outdated
Comment thread src/subdomains/core/buy-crypto/process/dto/manual-pass-aml-check.dto.ts Outdated
@bernd2022
refactor(compliance): apply review feedback on manual AML check endpoint
0c31fc3 
- merge endpoint into PUT :id/amlCheck (drop /pass suffix)
- add amlCheck field to DTO and gate canManualPass on PASS only
- centralize DTO under aml/dto and rename to ManualAmlCheckDto
@bernd2022 bernd2022 requested a review from Yannick1712 May 18, 2026 06:48
Yannick1712
Yannick1712 reviewed May 18, 2026
View reviewed changes
Comment thread src/subdomains/core/sell-crypto/process/services/buy-fiat.service.ts
Comment thread src/subdomains/core/buy-crypto/process/services/buy-crypto.service.ts
Comment thread src/subdomains/core/buy-crypto/process/services/buy-crypto.service.ts Outdated
Comment thread src/subdomains/core/sell-crypto/process/services/buy-fiat.service.ts Outdated
@bernd2022
refactor(compliance): tighten manual AML check preconditions
eedefb2 
- reject when entity is complete or chargeback initiated by user
- forbid only finalized amlCheck (PASS/FAIL) instead of allowing only PENDING
@bernd2022 bernd2022 requested a review from Yannick1712 May 18, 2026 07:54
davidleomay
davidleomay approved these changes May 18, 2026
View reviewed changes

@davidleomay davidleomay left a comment
edited by bernd2022
Loading

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yannick1712
Yannick1712 reviewed May 18, 2026
View reviewed changes
Comment thread src/subdomains/core/buy-crypto/process/services/buy-crypto.service.ts Outdated
Comment thread src/subdomains/core/sell-crypto/process/services/buy-fiat.service.ts Outdated
Comment thread src/subdomains/core/aml/dto/manual-aml-check.dto.ts
@bernd2022
refactor(compliance): set amlReason and priceDefinitionAllowedDate on…
a5242f2 
… manual PASS

- add optional amlReason field to ManualAmlCheckDto
- on PASS: force amlReason to NA and stamp priceDefinitionAllowedDate
- on non-PASS: forward optional amlReason from DTO
@bernd2022 bernd2022 requested a review from Yannick1712 May 18, 2026 08:44
@bernd2022 bernd2022 marked this pull request as ready for review May 18, 2026 09:06
@bernd2022 bernd2022 requested a review from TaprootFreak as a code owner May 18, 2026 09:06
@bernd2022 bernd2022 merged commit 533da4a into develop May 18, 2026
7 of 8 checks passed
@bernd2022 bernd2022 deleted the feat/compliance-aml-and-kyc-log branch May 18, 2026 09:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Yannick1712 Yannick1712 Yannick1712 approved these changes

@davidleomay davidleomay davidleomay approved these changes

@TaprootFreak TaprootFreak Awaiting requested review from TaprootFreak TaprootFreak is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bernd2022 @Yannick1712 @davidleomay