NNSFlow Documentation
NNSFlow is an enterprise Anti-Money Laundering (AML) platform built for on-premise deployment in Swiss banks. It combines automated web intelligence gathering, sanctions screening, and collaborative investigation workflows into a single decision reconstruction system designed for FINMA compliance.
For Compliance Officers
| Guide | Description |
|---|---|
| Quick Start | Set up your account and run your first screening |
| Screening Investigations | Run investigations with real-time source analysis |
| Sanctions Screening | Review OpenSanctions matches and deep search results |
| Entity Management | Manage entities, relationships, and risk status |
| Reports & Audit | Generate reports and review audit trails |
| Collaboration | Work with your team using notes, chat, and presence |
| FINMA Compliance | How NNSFlow meets regulatory requirements |
For IT Administrators
| Guide | Description |
|---|---|
| Installation | Deploy NNSFlow with Docker Compose |
| Configuration | Deployment modes, profiles, and environment variables |
| Deployment Strategies | Choose between Quick Start, Enterprise, and Banking modes |
| Docker Compose Reference | Complete service and profile reference |
| Environment Variables | Full environment variable reference |
| Production Checklist | Security hardening and production readiness |
| Authentication | Keycloak, OIDC, and SAML configuration |
| Monitoring | Prometheus, Grafana, and Loki setup |
| Backup & Restore | Database backup and recovery procedures |
| Troubleshooting | Common issues and solutions |
For Developers
| Guide | Description |
|---|---|
| System Overview | High-level architecture and service components |
| Database Schema | Tables, enums, and relationships |
| Screening Pipeline | How screening streams work end-to-end |
| Entity Lifecycle | Entity and investigation state management |
| API Overview | Authentication, error handling, and conventions |
| Investigations API | Screening session endpoints |
| Entities API | Entity management endpoints |
| Sanctions API | Sanctions screening and deep search endpoints |
| Audit & Reports API | Audit trail and report generation endpoints |
Platform Administration
| Guide | Description |
|---|---|
| Platform Settings | Organization, 4-eyes approval, and retention settings |
| Team Management | Create and manage teams |
| User Management | User provisioning and Lines of Defense roles |
| Integrations | SerpAPI, OpenSanctions, and API key management |
Security & Compliance
| Guide | Description |
|---|---|
| Session Management | Redis sessions, CSRF, cookies, and security headers |
| Secrets Management | Vault, AWS, Azure, and GCP secrets providers |
| Audit Trail | Evidence snapshots, decision tracking, and audit architecture |
| Data Retention | 10-year retention, Kafka CDC, and archival |