A production-grade regulatory supervisory platform for Central Bank capital flows management. This system automates regulatory reporting, reconciliation, compliance monitoring, and risk scoring for commercial banks.
-
π Authentication & Authorization
- JWT-based authentication with secure cookie sessions
- Role-based access control (RBAC) with 5 user roles
- Session management and audit logging
-
π¦ Bank Management
- Register and manage commercial banks
- Branch hierarchy management
- Bank contact and compliance information
-
β Capital Flow Approvals
- Multi-type approval workflows (FOREX, Transfers, Loans, etc.)
- Approval utilization tracking
- Validity period management
-
π° Transaction Management
- Record and track capital flow transactions
- Link transactions to approvals
- Support for multiple currencies and exchange rates
-
π€ Data Submission Portal
- Bulk upload via CSV/Excel
- Validation and error reporting
- Submission status tracking
-
π Reconciliation Engine
- Automated matching of transactions to approvals
- Exception detection and flagging
- Multiple exception types support
-
π Risk Scoring Engine
- Weighted multi-factor risk scoring algorithm
- Risk grade assignment (A/B/C/D)
- Historical risk trend tracking
-
π Dashboards
- Role-specific dashboard views
- Real-time compliance metrics
- Interactive charts and visualizations
-
π Reporting
- Multiple report types (Summary, Volume, Risk, etc.)
- Export to PDF, Excel, CSV
- Scheduled report generation
-
π Audit Trail
- Complete activity logging
- User action tracking
- Compliance audit support
- Frontend: Next.js 14 (App Router), React 18, TypeScript
- Styling: Tailwind CSS, shadcn/ui components
- Backend: Next.js API Routes
- Database: SQLite with Prisma ORM
- Authentication: JWT (jose library), bcryptjs
- Charts: Recharts
- Tables: TanStack Table
- File Processing: papaparse, xlsx
- Node.js 18+
- npm or yarn
git clone https://github.com/your-org/CFMS-SupTech.git
cd CFMS-SupTechnpm installCopy the example environment file and configure:
cp .env.example .envUpdate .env with your configuration:
DATABASE_URL="file:./dev.db"
JWT_SECRET="your-super-secret-jwt-key-min-32-chars"
NEXT_PUBLIC_APP_URL="http://localhost:3000"# Generate Prisma client
npx prisma generate
# Run database migrations
npx prisma migrate dev --name init
# Seed the database with sample data
npx prisma db seednpm run devOpen http://localhost:3000 in your browser.
| Role | Description | Access Level |
|---|---|---|
| SUPER_ADMIN | System administrator | Full access to all features |
| CFM_OFFICER | Capital Flow Management officer | Approve/reject requests, manage approvals |
| SUPERVISOR | Bank supervisor | View all data, risk analysis, exception management |
| BANK_USER | Commercial bank user | Submit data, view own bank's information |
| AUDITOR | Internal/external auditor | Read-only access for audit purposes |
After seeding the database:
| Role | Password | |
|---|---|---|
| Super Admin | admin@rbz.co.zw | password123 |
| CFM Officer | cfm.officer@rbz.co.zw | password123 |
| Supervisor | supervisor@rbz.co.zw | password123 |
| Auditor | auditor@rbz.co.zw | password123 |
| Bank User | compliance.cbz@cfms.local | password123 |
CFMS-SupTech/
βββ prisma/
β βββ schema.prisma # Database schema
β βββ seed.ts # Seed data script
βββ src/
β βββ app/ # Next.js App Router pages
β β βββ api/ # API routes
β β βββ dashboard/ # Dashboard pages
β β βββ banks/ # Bank management
β β βββ approvals/ # Approval management
β β βββ transactions/ # Transaction views
β β βββ submissions/ # Data submissions
β β βββ exceptions/ # Exception management
β β βββ risk/ # Risk analysis
β β βββ reports/ # Report generation
β β βββ users/ # User management
β β βββ audit/ # Audit logs
β βββ components/ # React components
β β βββ ui/ # shadcn/ui components
β β βββ layout/ # Layout components
β β βββ dashboard/ # Dashboard widgets
β βββ lib/ # Utility libraries
β β βββ prisma.ts # Prisma client
β β βββ auth.ts # Authentication utilities
β β βββ validations.ts # Zod schemas
β β βββ utils.ts # Helper functions
β βββ services/ # Business logic services
β βββ audit.service.ts
β βββ reconciliation.service.ts
β βββ risk-scoring.service.ts
β βββ upload.service.ts
β βββ report.service.ts
βββ public/ # Static assets
βββ package.json
- Password hashing with bcryptjs
- JWT tokens with HttpOnly cookies
- CSRF protection
- Input validation with Zod
- Role-based access control
- Complete audit logging
- Session timeout management
The risk scoring engine uses a weighted multi-factor approach:
| Factor | Weight | Description |
|---|---|---|
| Mismatch Rate | 25% | Transaction/approval mismatches |
| Unapproved Transactions | 30% | Transactions without approvals |
| Late Submissions | 15% | Data submitted after deadline |
| Data Quality | 15% | Completeness and accuracy |
| Repeat Violations | 15% | Historical compliance issues |
Grade Thresholds:
- Grade A: 0-25%
- Grade B: 26-50%
- Grade C: 51-75%
- Grade D: 76-100%
POST /api/auth/login- User loginPOST /api/auth/logout- User logoutGET /api/auth/me- Get current user
GET /api/banks- List all banksPOST /api/banks- Create new bankGET /api/banks/:id- Get bank detailsPATCH /api/banks/:id- Update bank
GET /api/approvals- List approvalsPOST /api/approvals- Create approvalGET /api/approvals/:id- Get approval detailsPATCH /api/approvals/:id- Update approval
GET /api/transactions- List transactionsPOST /api/transactions- Create transactionGET /api/transactions/:id- Get transaction
/api/submissions- Data submissions/api/exceptions- Exception management/api/reconciliation/run- Run reconciliation/api/risk/score- Calculate risk scores/api/reports- Generate reports/api/users- User management/api/audit- Audit logs/api/dashboard/*- Dashboard data
# Run development server
npm run dev
# Build for production
npm run build
# Start production server
npm start
# Run linting
npm run lint
# Prisma commands
npx prisma studio # Open Prisma Studio
npx prisma generate # Generate Prisma client
npx prisma migrate dev # Run migrations
npx prisma db seed # Seed databaseThis project is proprietary software for Central Bank use.
Please read our contributing guidelines before submitting pull requests.
For support inquiries, contact the IT department at support@centralbank.gov.
Built with β€οΈ for regulatory excellence