docs: refresh product docs for EFRuP

Author: Sandy-at-Tazama

Product/configuration-management.md

@@ -831,13 +831,7 @@ Given a version number **MAJOR.MINOR.PATCH (99.999.9999)**, increment the:
 
 Every rule processor, typology processor and transaction aggregation and decisioning processor (TADProc) is guided by its own configuration document. The specific version of a configuration document that is required to operate a processor is defined in the network map when the evaluation routing is specified. When a processor receives an instruction from its predecessor in the evaluation flow, the processor checks the network map to determine which configuration document and version to use to perform its tasks.
 
-When a new version of a configuration document is required, the updated version must be deployed to the appropriate configuration collection in the configuration database:
-
-| **Collection name** | **Processor Type** |
-| --- | --- |
-| `ruleConfiguration` | [Rule processor overview - rule config](/product/rule-processor-overview-rule-config.md) |
-| `typologyConfiguration` | [Typologies](/product/typology-processing.md) |
-
+When a new version of a configuration document is required, the updated version must be deployed to the appropriate configuration collection in the configuration database.
 
 Configuration documents can be posted to the appropriate collection via the ArangoDB API, either in bulk or one-by-one. When posting a new configuration for an existing processor, the database will not allow a user to submit a configuration for an "id" and "cfg" combination that already exists in the database: a new configuration must always be assigned a unique configuration version.
 

Product/event-director.md

@@ -18,7 +18,6 @@
 
 The foundation of the Tazama Transaction Monitoring service is its ability to evaluate incoming transactions for financial crime behaviors through the execution of a number of conditional statements (rules) that are then combined into typologies that describe the nature of the financial crime that the system is trying to detect. 
 
-
 The Event Director is responsible for determining which typologies a transaction must be submitted to for the transaction to be evaluated. As part of this process, the Event Director determines which rules must receive the transaction and then which typologies are to be scored. The Event Director then routes the transaction to the individual rule processors.
 
 ## Event Director Context
@@ -98,7 +97,7 @@ The pruned network sub-map will accompany the transaction message to the rule pr
 
 ### 2.4. De-duplicate Rules
 
-A single rule could be used to evaluate more than one typology. One of the primary advantages and reasons for the config-driven approach is to be able to minimize the number of times that a specific rule has to be executed. To achieve this objective, the Event Director will draft a list of all the rules in the network map and then eliminate duplicate rules from the list (the “Highlander” principle).
+A single rule could be used to evaluate more than one typology. One of the primary advantages and reasons for the config-driven approach is to be able to minimize the number of times that a specific rule has to be executed. To achieve this objective, the Event Director will draft a list of all the rules in the network map and then eliminate duplicate rules from the list (the 'Highlander' principle).
 
 Each rule in the network map can be uniquely described by the combination of the following attributes:
 

Product/event-flow-rule-processor.md

@@ -15,7 +15,7 @@
 
 The event flow rule processor (EFRuP) is a special rule processor that operates alongside all the other rule processors and enables operational control over the normal Tazama system functioning, for example, to be able to block a customer from transacting from any account or to override an interdiction and allow a transaction where it would otherwise have been blocked.
 
-The EFRup can be configured to block or allow a transaction based on the evaluation of conditions against one of the transaction attributes. There are two types of conditions that can control event flow in the Tazama system that can be created on a debtor or creditor: 
+The EFRuP can be configured to block or allow a transaction based on the evaluation of conditions against one of the transaction attributes. There are two types of conditions that can control event flow in the Tazama system, that can be created on a debtor or creditor: 
 1.	Blocking conditions
     - non-overridable-block conditions (red)
     - overridable-block conditions (amber)
@@ -206,8 +206,6 @@ sequenceDiagram
 
 If a typology score is equal to or greater than the threshold value and there is an override in place, the Typology Processor will not trigger an interdiction workflow to instruct the client system to block the transaction event.
 
-If the normal typology processing results in an alert, then review will be true. If EFRuP results in a different outcome to normal typology processing, then `review` will be `true` and this will enable a fraud analyst to review the result of the evaluation.
-
 **Note** The event flow rule processor result does not have a weight `wght` and will not be added to the typology score. 
 
 **Sample output**

Product/rule-processor-overview-rule-config.md

@@ -25,6 +25,9 @@ The Event Director is responsible for determining which typologies are applicabl
 
 The rules receive the transaction, as well as the portion of the Network Map that was used to identify the rules as recipients (and by association also identifies which typologies are beneficiaries of the rule results).
 
+The event flow rule processor (EFRuP) is a special rule processor that operates differently from all the other rule processors that are described on this page.  Further information on EFRUP is available on the [Event Flow Processor Overview](/Product/event-flow-rule-processor.md) page.
+
+
 Each rule executes as a discrete and bespoke function in the evaluation process. It is a Tazama design principle that any given rule in the system has as small a purpose as possible and seeks to answer a single and very specific behavioral question about the transaction it is evaluation, for example:
 
  - How many transactions were made by the debtor?
@@ -39,7 +42,7 @@ Our reference rule is [Rule 901 - Number of transactions performed by the debtor
 
 ## The rule executer
 
-Individual rule processors are wrapped in a rule executer shell that handles common functions for all rule processors in a common way. While this makes rule processors easier to maintain by abstracting common code into the rule executer and leaving unique code in the rule processor, it does make the deployment process a little more complicated and onerous. In a production setting we would automate the deployment of the rule processors via Helm charts, but for our Docker Compose deployment, the process is a little more manual.
+Individual rule processors are wrapped in a rule executer shell that handles common functions for all rule processors in a common way. While this makes rule processors easier to maintain by abstracting common code into the rule executer and leaving unique code in the rule processor.
 
 ![rule-executer-design](../images/tazama-rule-executer.png)
 

Product/rule-processor-overview.md

@@ -34,57 +34,30 @@ Where interdiction is required, either option 1 and 2 above is the most suitable
 
 The TADProc must retrieve the typology triggers from the Tazama configuration so that the TADProc can determine if any of the typologies results warrant an investigation.
 
-The typology triggers must define a specific threshold value linked to each of the typologies that defines the following workflow outcomes:
+##### 7.2 The typology configuration
 
-1. **Review**: If a typology score is equal to or greater than this value, the TADProc will trigger an alert to an adjacent Case Management System via egress API to initiate an investigation into the transaction.
-
-2. **None**: If a typology score is less than the Review threshold, no triggered action is taken by the TADProc.
-
-Additionally, if a transaction configuration for a transaction cannot be found, or is empty, no investigation will be triggered out of the transaction.
-
-##### 7.2 The transaction configuration
-
-The transaction configuration defines the typology alert thresholds for each of the typologies in the platform. The structure of the transaction configuration models that of the network map.
+The typology configuration defines the typology alert and interdiction thresholds for each of the typologies in the platform. 
 
 **Example**:
 
 ```json
-{
-    "messages": [
-        {
-            "id": "[email protected]",
-            "cfg": "1.0.0",
-            "txTp": "pacs.002.001.12",
-            {
-                "id": "[email protected]",
-                "cfg": "1.0.0",
-                "typologies": [
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "threshold": 500
-                    },
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "threshold": 400
-                    }
-                ]
-            }
-        }
-    ]
-}
+  "typology_name": "Rule-901-Typology-999",
+  "id": "[email protected]",
+  "cfg": "[email protected]",
+  "workflow": {
+    "alertThreshold": 200,
+    "interdictionThreshold": 400,
+    "flowProcessor": "[email protected]"
+  }
 ```
 
 #### 7.3 Check typology triggers
 
-If all typology results had been received, evaluate each typology against the transaction configuration to determine if an investigation is required. The outcomes of the evaluation depends on the typology score against the defined thresholds and may be to create (or update) an investigation case, or to do nothing.
-
-The evaluation outcome of a typology against its thresholds must be logged for each typology, i.e. that the typology was evaluated, what the threshold was, and what the determination was (Review, or None).
+If all typology results had been received, the typology processor evaluate each typology against the typology configuration to determine if an investigation is required. The outcomes of the evaluation depends on the typology score against the defined alertThreshold. If the typology score is equal to or greater than the alertThreshold, the typology processor sets the typology review flag to `true`.
 
 ##### 7.4 Create investigation case
 
-If the typology score is equal to or greater than the review threshold defined for the typology in the TADProc configuration, the TADProc will trigger a review message in JSON format to an adjacent Case Management System to flag the transaction for review.
+If any typology `review` flag is `true`, the TADProc will trigger a review message in JSON format to an adjacent Case Management System to flag the transaction for review.
 
 The outgoing alert message contains:
 
@@ -100,63 +73,57 @@ Sample output message:
 
 ```json
 {
-    "transaction": { ...
-    },
-    "networkMap": { ...
+  "transactionID": "d71103b09a4a47a987e4fa6d5f5497a7",
+  "transaction": {
+ ...
+  },
+  "networkMap": {
+...
+  },
+  "report": {
+    "evaluationID": "548ac93a-69e9-4acf-b804-85f7ff2c57db",
+    "metaData": {
+      "prcgTmDP": 12166572,
+      "prcgTmED": 236381
     },
-    "transactionResult": {
-        "resultId": "9f896062-41d4-4a66-8ecc-b16fc6146919",
-        "dateTime": "2021-12-09T11:13:06.000Z",
-        "id": "[email protected]",
-        "cfg": "1.0.0",
-        "status": "ALRT",
-        "description": "Alert triggered",
-        "typologyResults": [
+    "status": "ALRT",
+    "timestamp": "2025-01-17T08:15:10.433Z",
+    "tadpResult": {
+      "id": "[email protected]",
+      "cfg": "1.0.0",
+      "typologyResult": [
+        {
+          "id": "[email protected]",
+          "cfg": "[email protected]",
+          "result": 200,
+          "ruleResults": [
             {
-                "id": "[email protected]",
-                "cfg": "1.0.0",
-                "result": 700,
-                "threshold": 400,
-                "ruleResults": [
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "subRuleRef": ".01",
-                        "wght": 100,
-                        "reason": "Debtor received < 10 transactions within the last 72 hours"
-                    },
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "subRuleRef": ".01",
-                        "wght": 100,
-                        "reason": "Creditor received >= 10 transactions within the last 24 hours"
-                    },
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "subRuleRef": ".01",
-                        "wght": 100,
-                        "reason": "Debtor transfered an amount >= the historical maximum threshold over the last 3 months"
-                    },
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "subRuleRef": ".01",
-                        "wght": 100,
-                        "reason": "Immediate transaction mirorring detected for debtor account"
-                    },
-                    {
-                        "id": "[email protected]",
-                        "cfg": "1.0.0",
-                        "subRuleRef": ".01",
-                        "wght": 300,
-                        "reason": "First recorded successful and complete incoming transaction received by the creditor"
-                    }
-                ]
+              "id": "[email protected]",
+              "cfg": "none",
+              "subRuleRef": "none",
+              "prcgTm": 6052681,
+              "wght": 0
             },
-        ]
+            {
+              "id": "[email protected]",
+              "cfg": "1.0.0",
+              "subRuleRef": ".02",
+              "prcgTm": 17682366,
+              "wght": 200
+            }
+          ],
+          "prcgTm": 8754078,
+          "review": true,
+          "workflow": {
+            "alertThreshold": 200,
+            "interdictionThreshold": 400,
+            "flowProcessor": "[email protected]"
+          }
+        }
+      ],
+      "prcgTm": 6509701
     }
+  }
 }
 ```