Initial commit: Financial Crime domain exemplar

financial_crime/sources/sap-fraud-management/source.md

@@ -0,0 +1,36 @@
+# SAP Fraud Management
+
+SAP Fraud Management is the analytical source for fraud and suspicious activity detection signals. It contributes risk outcomes and case-oriented enrichment used by AML, KYC, and transaction monitoring controls.
+
+## Metadata
+
+```yaml
+id: sap-fraud-management
+owner: fraud.operations@bank.com
+steward: compliance.officer@bank.com
+
+change_model: event-driven
+change_events:
+  - Fraud Alert Raised
+  - Fraud Alert Closed
+  - Transaction Risk Scored
+  - Case Escalated
+
+update_frequency: real-time
+data_quality_tier: 2
+status: Production
+version: "1.0.0"
+
+tags:
+  - Fraud
+  - AML
+  - Financial Crime
+```
+
+## [Financial Crime](../../domain.md) Feeds
+
+Canonical Entity | Transform File | Attributes Contributed | Change Model
+--- | --- | --- | ---
+[Transaction](../../entities/transaction.md#transaction) | [table_alert_case](transforms/table_alert_case.md) | Financial Crime Risk Score, Monitoring Outcome, Alert Reference | event-driven
+[Party](../../entities/party.md#party) | [table_sanctions_screening](transforms/table_sanctions_screening.md) | Sanctions Screen Status, Watchlist Match Indicator | batch-intraday
+[Customer](../../entities/customer.md#customer) | [table_customer_risk_profile](transforms/table_customer_risk_profile.md) | Risk Review Flag, Enhanced Due Diligence Trigger | event-driven

financial_crime/sources/sap-fraud-management/transforms/table_alert_case.md

@@ -0,0 +1,37 @@
+# [SAP Fraud Management](../source.md)
+
+## AlertCase
+
+Pos | Column Name | Data Type | Max Len | Precision | Scale | Nulls | Comment | Destination
+--- | --- | --- | --- | --- | --- | --- | --- | ---
+1 | TxRiskScore | Decimal | | 18 | 6 | yes | Computed transaction ML/TF risk score | Transaction.Financial Crime Risk Score
+2 | DecisionStatus | Text | 30 | | | yes | Alert workflow decision status | [Map Monitoring Outcome](#map-monitoring-outcome)
+3 | CaseId | Text | 64 | | | no | Unique SAP alert case identifier | Transaction.Alert Reference
+
+### Map Monitoring Outcome
+
+Maps alert decision outcome into canonical monitoring outcome.
+
+```yaml
+type: conditional
+target: Transaction · Monitoring Outcome
+source:
+  field: AlertCase.DecisionStatus
+cases:
+  Escalated: "DecisionStatus == 'ESCALATED'"
+  Cleared: "DecisionStatus == 'CLEARED'"
+  Under Review: "DecisionStatus == 'OPEN'"
+fallback: Under Review
+```
+
+### Map Alert Reference
+
+Maps SAP alert case identifier for downstream investigations.
+
+```yaml
+type: direct
+target: Transaction · Alert Reference
+source:
+  field: AlertCase.CaseId
+  cast: string
+```

financial_crime/sources/sap-fraud-management/transforms/table_customer_risk_profile.md

@@ -0,0 +1,24 @@
+# [SAP Fraud Management](../source.md)
+
+## CustomerRiskProfile
+
+Pos | Column Name | Data Type | Max Len | Precision | Scale | Nulls | Comment | Destination
+--- | --- | --- | --- | --- | --- | --- | --- | ---
+1 | ReviewRequiredFlag | Boolean | | | | yes | Indicates whether formal review is required | Customer.Risk Review Flag
+2 | EddTriggerCode | Text | 20 | | | yes | Enhanced due diligence trigger status code | [Map Enhanced Due Diligence Trigger](#map-enhanced-due-diligence-trigger)
+
+### Map Enhanced Due Diligence Trigger
+
+Derives EDD trigger based on high-risk profile and unresolved alerts.
+
+```yaml
+type: conditional
+target: Customer · Enhanced Due Diligence Trigger
+source:
+  field: CustomerRiskProfile.EddTriggerCode
+cases:
+  Triggered: "EddTriggerCode == 'TRIGGERED'"
+  Not Triggered: "EddTriggerCode == 'NOT_TRIGGERED'"
+  Pending: "EddTriggerCode == 'PENDING'"
+fallback: Pending
+```

financial_crime/sources/sap-fraud-management/transforms/table_sanctions_screening.md

@@ -0,0 +1,24 @@
+# [SAP Fraud Management](../source.md)
+
+## SanctionsScreening
+
+Pos | Column Name | Data Type | Max Len | Precision | Scale | Nulls | Comment | Destination
+--- | --- | --- | --- | --- | --- | --- | --- | ---
+1 | ResultCode | Text | 32 | | | yes | Screening engine outcome code | [Map Sanctions Screen Status](#map-sanctions-screen-status)
+2 | MatchFlag | Boolean | | | | yes | Whether a watchlist match was detected | Party.Watchlist Match Indicator
+
+### Map Sanctions Screen Status
+
+Maps sanctions screening outcome from SAP sanctions service.
+
+```yaml
+type: conditional
+target: Party · Sanctions Screen Status
+source:
+  field: SanctionsScreening.ResultCode
+cases:
+  Clear: "ResultCode == 'CLEAR'"
+  Potential Match: "ResultCode == 'POTENTIAL_MATCH'"
+  Confirmed Match: "ResultCode == 'CONFIRMED_MATCH'"
+fallback: Clear
+```