Define Entity HoderAccess

[francis-pouatcha]

Overview:

HolderAccess is a critical entity representing the access rights automatically granted to the account holder when a new bank account is created. This entity defines the permissions and control that the account holder has over the account. The account holder typically has the most comprehensive level of access, including the ability to manage account information, initiate transactions, and delegate or modify access rights for other users.

Key Characteristics:

1. Automatic Creation:

   • Upon the creation of a new bank account, a HolderAccess entity is automatically generated and linked to the account holder. This ensures that the account holder has immediate control and authority over their account without requiring additional configuration.

2. Primary Access Rights:

   • The account holder has full access to manage the bank account, including:
     • Viewing account balances and transaction history.
     • Initiating and authorizing payments and transfers.
     • Managing access for other entities such as managers, agents, or auditors (if allowed by the bank’s policies).
     • Setting account preferences and controls (e.g., overdraft limits, linked accounts in the range defined by the administr).

3. Implied Ownership:

   • The HolderAccess entity signifies the ownership of the account. Therefore, it is unique for each account and directly tied to the natural or legal person identified as the primary owner.

4. Modifiable Permissions:

   • The holder can adjust their access permissions, including:
     • Granting specific rights to other roles (e.g., SeniorManagerAccess, ManagerAccess).
     • Delegating partial control (via Power of Attorney or other mechanisms).

5. Suspension Conditions:

   • Transfer of Ownership: If the account holder transfers ownership of the bank account (e.g., selling the account, transferring to a legal representative, or other reasons), the HolderAccess is suspended.
     • Once suspended, the holder’s direct control over the account is revoked, but the record of their prior access is maintained.
     • Access can also be reactivated if ownership reverts to the original holder or under special conditions as defined by the bank.
     • Transfer of ownership has to be allowed by the policy associated with the account.
   • Voluntary Suspension: The holder may voluntarily suspend their access under specific circumstances (e.g., legal, administrative, or business reasons), but this requires explicit confirmation.

6. Access Status:

   • HolderAccess can have multiple statuses:
     • Active: Full access to the account is granted.
     • Restricted: The account holder may have limited access (e.g., viewing but not transacting) due to regulatory, compliance, or internal policies.
     • Suspended: The account holder no longer has access (in the case of ownership transfer or voluntary suspension).

7. Weight:

   • The weight parameter of HolderAccess is always set to 1, representing full control and ownership. This weight signifies the total authority the holder has over the account, unlike shared or delegated access roles that might have fractional weights (e.g., 0.5 for partial access).

Example Workflow for HolderAccess:

1. Account Creation:

   • A user opens a new bank account.
   • The system automatically creates a HolderAccess entity tied to the user, granting full access to the account.

2. Access Suspension due to Ownership Transfer:

   • The account holder decides to transfer the account to another entity.
   • Upon the transfer, the system automatically suspends the HolderAccess and creates a new HolderAccess for the new account owner.

3. Access Modification:

   • The account holder may add or remove other roles (e.g., Managers, Agents) and adjust their permissions.
   • The holder can assign read-only access to an auditor or grant a Power of Attorney to another individual to act on their behalf.

Possible Scenarios of Suspension:

• Legal Requirement: If a legal process or court order necessitates the transfer or revocation of account control, the HolderAccess could be suspended.
• Business/Company Accounts: In the case of a company bank account, when the ownership changes (e.g., through mergers or acquisitions), the original holder's access may be revoked.

Key Considerations:

• Compliance and Security: The system must ensure that changes to the HolderAccess are secure and compliant with relevant regulations (e.g., KYC, AML).
• Audit Trails: Every change in HolderAccess status (creation, modification, suspension) should be logged and auditable for regulatory purposes.

This detailed view of HolderAccess ensures that account holders maintain full control of their accounts while providing a mechanism for suspension when ownership changes.