Fintech — multi-currency wallet operator

Entities (4)

These are the persistent business objects. Field-level annotations (`phi`, `pci_scope`, `eu_pii`) drive the compliance overlay decisions.

Process flows (2)

Capabilities + integrations

• auth.universalproduction
• rbac.tier-2production
• audit.append_onlyproduction
• audit.tamper_evidentproduction
• audit.siem_exportproduction
• payment.orchestrationproduction
• workflow.sagaproduction
• workflow.outboxproduction
• infrastructure.multi_regionproduction
• security.policiesproduction

Architecture brief

# Fintech reference architecture — multi-currency wallet operator

## Who this is for

Cross-border payments operators, neobanks, treasury management products,
B2B remittance platforms. Anyone whose business depends on holding
balances on behalf of customers and moving value between them safely.

## What's in scope

- **KYC / AML** — document submission, ID verification via Plaid, manual
  decision step, customer notification.
- **Multi-currency wallets** — one Wallet row per (Customer, currency)
  pair; balances tracked in cents.
- **Double-entry ledger** — every transaction produces two JournalEntry
  rows (debit + credit). The ledger is the audit truth, never the wallet
  balance directly.
- **Cardholder data flow** — Transactions carry `card_number` /
  `expiry_month` flagged `pci_scope: cardholder`. The PCI-DSS overlay
  emits the scope minimisation doc + tokenisation enforcement test;
  PAN never persists raw.
- **Saga-style settlement** — `transaction_settle` flow is modelled as
  a saga with compensators (`stripe_void` / `post_reversal_journal`) so
  partial failures roll back cleanly.
- **Audit chain** — every Customer / Wallet / JournalEntry / Transaction
  write goes into the tamper-evident hash chain. SIEM exporter ships
  events to Splunk / Datadog / CloudWatch.
- **Multi-region pin** — EU customers pinned to EU regions via the
  `infrastructure.multi_region` capability + the C04 data residency
  guard.

## Compliance bundles produced

- **PCI-DSS v4.0**: cardholder_data_scope.md, control_matrix.md,
  network_segmentation.tf (default-deny CDE VPC), tokenization
  enforcement test, vulnerability scan config, incident response
  runbook with card-brand notification matrix.
- **SOC2**: Type I + Type II control matrices, 4 policies (InfoSec,
  AUP, Change Management, Incident Response), access review runbook,
  vendor management register, evidence collection calendar.

## Build-time savings

| Build path | Time |
|---|---|
| Manual senior-eng team | 8-16 weeks |
| Replit / Lovable | "TODO scope" — they don't ship double-entry ledgers |
| Archiet from this reference architecture | 5-15 minutes |

## How to use

1. Click **Clone to my workspace** on this page. The reference genome
   becomes a new blueprint in your workspace.
2. Edit it: tighten the regions list, change the auth providers, add
   your own integrations, swap out vendors.
3. Generate the codebase. The compliance overlays + saga generator +
   audit log generator all fire automatically based on the genome
   declarations.
4. Hand `compliance/pci_dss/` to your QSA + `compliance/soc2/` to your
   SOC2 auditor.

## What's NOT in this reference

- Customer-facing branded UI polish — clone + adapt. The generated
  Next.js app is functional but not branded.
- Per-region tax / regulatory specifics — local KYC requirements for
  Nigeria / India / Brazil differ from the EU Plaid path; layer those
  on per-corridor.