cgs-compliance-sdk 2.0.0

package/dist/compliance/index.mjs

@@ -0,0 +1,1475 @@
+// src/geolocation/client.ts
+var GeolocationClient = class {
+  constructor(config) {
+    this.config = {
+      baseURL: config.baseURL,
+      tenantId: config.tenantId,
+      apiKey: config.apiKey || "",
+      headers: config.headers || {},
+      timeout: config.timeout || 1e4,
+      debug: config.debug || false
+    };
+  }
+  // ============================================================================
+  // Private Helper Methods
+  // ============================================================================
+  async request(endpoint, options = {}) {
+    const url = `${this.config.baseURL}${endpoint}`;
+    const headers = {
+      "Content-Type": "application/json",
+      "X-Tenant-ID": this.config.tenantId,
+      ...this.config.headers,
+      ...options.headers || {}
+    };
+    if (this.config.apiKey) {
+      headers["Authorization"] = `Bearer ${this.config.apiKey}`;
+    }
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    try {
+      if (this.config.debug) {
+        console.log(`[GeolocationSDK] ${options.method || "GET"} ${url}`, {
+          headers,
+          body: options.body
+        });
+      }
+      const response = await fetch(url, {
+        ...options,
+        headers,
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const data = await response.json();
+      if (!response.ok) {
+        throw new Error(data.error || data.message || `HTTP ${response.status}`);
+      }
+      if (this.config.debug) {
+        console.log(`[GeolocationSDK] Response:`, data);
+      }
+      return data;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof Error) {
+        if (error.name === "AbortError") {
+          throw new Error(`Request timeout after ${this.config.timeout}ms`);
+        }
+        throw error;
+      }
+      throw new Error("Unknown error occurred");
+    }
+  }
+  buildQueryString(params) {
+    const query = new URLSearchParams();
+    Object.entries(params).forEach(([key, value]) => {
+      if (value !== void 0 && value !== null) {
+        query.append(key, String(value));
+      }
+    });
+    const queryString = query.toString();
+    return queryString ? `?${queryString}` : "";
+  }
+  // ============================================================================
+  // IP Verification & Compliance
+  // ============================================================================
+  /**
+   * Verify an IP address and check compliance
+   *
+   * @param request - Verification request with IP, user ID, event type, and optional device fingerprint
+   * @returns Location verification result with risk assessment
+   *
+   * @example
+   * ```typescript
+   * const result = await client.verifyIP({
+   *   ip_address: "8.8.8.8",
+   *   user_id: "user_123",
+   *   event_type: "login",
+   *   device_fingerprint: {
+   *     device_id: "device_abc",
+   *     user_agent: navigator.userAgent,
+   *     platform: "web"
+   *   }
+   * });
+   *
+   * if (result.is_blocked) {
+   *   console.log("Access blocked:", result.risk_reasons);
+   * }
+   * ```
+   */
+  async verifyIP(request) {
+    return this.request("/api/v1/geo/verify", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Check compliance for a specific country
+   *
+   * @param countryISO - ISO 3166-1 alpha-2 country code (e.g., "US", "GB")
+   * @returns Jurisdiction configuration and compliance status
+   *
+   * @example
+   * ```typescript
+   * const compliance = await client.checkCompliance("KP"); // North Korea
+   * if (!compliance.is_compliant) {
+   *   console.log("Country is not allowed:", compliance.jurisdiction?.status);
+   * }
+   * ```
+   */
+  async checkCompliance(countryISO) {
+    return this.request(
+      `/api/v1/geo/compliance?country_iso=${countryISO}`
+    );
+  }
+  /**
+   * Get location history for a user
+   *
+   * @param userId - User ID to retrieve history for
+   * @param limit - Maximum number of records to return (default: 100)
+   * @returns Array of geolocation records
+   */
+  async getUserLocationHistory(userId, limit = 100) {
+    return this.request(
+      `/api/v1/geo/history?user_id=${userId}&limit=${limit}`
+    );
+  }
+  // ============================================================================
+  // Alert Management
+  // ============================================================================
+  /**
+   * Get a specific alert by ID
+   *
+   * @param alertId - Alert ID
+   * @returns Alert details
+   */
+  async getAlert(alertId) {
+    return this.request(`/api/v1/alerts/${alertId}`);
+  }
+  /**
+   * List alerts with filters and pagination
+   *
+   * @param filters - Optional filters (status, severity, type, user, dates)
+   * @param pagination - Optional pagination (page, page_size)
+   * @returns Paginated list of alerts
+   *
+   * @example
+   * ```typescript
+   * const alerts = await client.listAlerts(
+   *   { status: "active", severity: "critical" },
+   *   { page: 1, page_size: 20 }
+   * );
+   * console.log(`Found ${alerts.total} critical alerts`);
+   * ```
+   */
+  async listAlerts(filters, pagination) {
+    const params = {
+      ...filters,
+      ...pagination
+    };
+    return this.request(`/api/v1/alerts${this.buildQueryString(params)}`);
+  }
+  /**
+   * Update alert status
+   *
+   * @param alertId - Alert ID
+   * @param status - New status
+   */
+  async updateAlertStatus(alertId, status) {
+    await this.request(`/api/v1/alerts/${alertId}/status`, {
+      method: "PUT",
+      body: JSON.stringify({ status })
+    });
+  }
+  /**
+   * Assign an alert to an analyst
+   *
+   * @param alertId - Alert ID
+   * @param assignedTo - User ID to assign to
+   */
+  async assignAlert(alertId, assignedTo) {
+    await this.request(`/api/v1/alerts/${alertId}/assign`, {
+      method: "POST",
+      body: JSON.stringify({ assigned_to: assignedTo })
+    });
+  }
+  /**
+   * Resolve an alert
+   *
+   * @param alertId - Alert ID
+   * @param resolution - Resolution type
+   * @param notes - Optional notes
+   */
+  async resolveAlert(alertId, resolution, notes) {
+    await this.request(`/api/v1/alerts/${alertId}/resolve`, {
+      method: "POST",
+      body: JSON.stringify({ resolution, notes })
+    });
+  }
+  /**
+   * Dismiss an alert as false positive
+   *
+   * @param alertId - Alert ID
+   * @param notes - Optional notes explaining why it's a false positive
+   */
+  async dismissAlert(alertId, notes) {
+    await this.request(`/api/v1/alerts/${alertId}/dismiss`, {
+      method: "POST",
+      body: JSON.stringify({ notes })
+    });
+  }
+  /**
+   * Escalate an alert to higher severity or different assignee
+   *
+   * @param alertId - Alert ID
+   * @param assignedTo - New assignee user ID
+   * @param severity - New severity level
+   * @param notes - Escalation notes
+   */
+  async escalateAlert(alertId, assignedTo, severity, notes) {
+    await this.request(`/api/v1/alerts/${alertId}/escalate`, {
+      method: "POST",
+      body: JSON.stringify({ assigned_to: assignedTo, severity, notes })
+    });
+  }
+  /**
+   * Block an alert (mark as blocked)
+   *
+   * @param alertId - Alert ID
+   * @param notes - Optional notes
+   */
+  async blockAlert(alertId, notes) {
+    await this.request(`/api/v1/alerts/${alertId}/block`, {
+      method: "POST",
+      body: JSON.stringify({ notes })
+    });
+  }
+  /**
+   * Get dashboard metrics
+   *
+   * @param timeRangeHours - Time range in hours (default: 24)
+   * @returns Dashboard metrics and statistics
+   *
+   * @example
+   * ```typescript
+   * const metrics = await client.getDashboardMetrics(168); // Last 7 days
+   * console.log(`${metrics.critical_alerts} critical alerts in last week`);
+   * ```
+   */
+  async getDashboardMetrics(timeRangeHours = 24) {
+    return this.request(
+      `/api/v1/alerts/metrics?time_range_hours=${timeRangeHours}`
+    );
+  }
+  // ============================================================================
+  // Jurisdiction Configuration
+  // ============================================================================
+  /**
+   * List all jurisdiction configurations
+   *
+   * @returns Array of jurisdiction configurations
+   */
+  async listJurisdictions() {
+    return this.request("/api/v1/jurisdictions");
+  }
+  /**
+   * Get a jurisdiction configuration by ID
+   *
+   * @param jurisdictionId - Jurisdiction ID
+   * @returns Jurisdiction configuration
+   */
+  async getJurisdiction(jurisdictionId) {
+    return this.request(`/api/v1/jurisdictions/${jurisdictionId}`);
+  }
+  /**
+   * Create a new jurisdiction configuration
+   *
+   * @param request - Jurisdiction configuration data
+   * @returns Created jurisdiction
+   *
+   * @example
+   * ```typescript
+   * const jurisdiction = await client.createJurisdiction({
+   *   country_iso: "US",
+   *   country_name: "United States",
+   *   status: "allowed",
+   *   risk_level: "low",
+   *   allow_login: true,
+   *   allow_registration: true,
+   *   allow_transactions: true,
+   *   require_kyc: false,
+   *   require_enhanced_verification: false
+   * });
+   * ```
+   */
+  async createJurisdiction(request) {
+    return this.request("/api/v1/jurisdictions", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Update a jurisdiction configuration
+   *
+   * @param jurisdictionId - Jurisdiction ID
+   * @param request - Updated fields
+   * @returns Updated jurisdiction
+   */
+  async updateJurisdiction(jurisdictionId, request) {
+    return this.request(`/api/v1/jurisdictions/${jurisdictionId}`, {
+      method: "PUT",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Delete a jurisdiction configuration
+   *
+   * @param jurisdictionId - Jurisdiction ID
+   */
+  async deleteJurisdiction(jurisdictionId) {
+    await this.request(`/api/v1/jurisdictions/${jurisdictionId}`, {
+      method: "DELETE"
+    });
+  }
+  // ============================================================================
+  // Geofence Rules
+  // ============================================================================
+  /**
+   * List all geofence rules
+   *
+   * @returns Array of geofence rules
+   */
+  async listGeofenceRules() {
+    return this.request("/api/v1/geofence-rules");
+  }
+  /**
+   * Get a geofence rule by ID
+   *
+   * @param ruleId - Geofence rule ID
+   * @returns Geofence rule
+   */
+  async getGeofenceRule(ruleId) {
+    return this.request(`/api/v1/geofence-rules/${ruleId}`);
+  }
+  /**
+   * Create a new geofence rule
+   *
+   * @param request - Geofence rule data
+   * @returns Created geofence rule
+   *
+   * @example
+   * ```typescript
+   * const rule = await client.createGeofenceRule({
+   *   name: "Block High Risk Countries",
+   *   rule_type: "block_list",
+   *   action: "block",
+   *   countries: ["KP", "IR", "SY"],
+   *   event_types: ["login", "transaction"],
+   *   priority: 100
+   * });
+   * ```
+   */
+  async createGeofenceRule(request) {
+    return this.request("/api/v1/geofence-rules", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Update a geofence rule
+   *
+   * @param ruleId - Geofence rule ID
+   * @param request - Updated fields
+   * @returns Updated geofence rule
+   */
+  async updateGeofenceRule(ruleId, request) {
+    return this.request(`/api/v1/geofence-rules/${ruleId}`, {
+      method: "PUT",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Delete a geofence rule
+   *
+   * @param ruleId - Geofence rule ID
+   */
+  async deleteGeofenceRule(ruleId) {
+    await this.request(`/api/v1/geofence-rules/${ruleId}`, {
+      method: "DELETE"
+    });
+  }
+  // ============================================================================
+  // Device Fingerprinting
+  // ============================================================================
+  /**
+   * Get all devices for a user
+   *
+   * @param userId - User ID
+   * @returns Array of device fingerprints
+   */
+  async getUserDevices(userId) {
+    return this.request(`/api/v1/devices/user/?user_id=${userId}`);
+  }
+  /**
+   * Get a specific device by device ID
+   *
+   * @param deviceId - Device ID
+   * @returns Device fingerprint
+   */
+  async getDevice(deviceId) {
+    return this.request(`/api/v1/devices/?device_id=${deviceId}`);
+  }
+  /**
+   * Update device trust status
+   *
+   * @param deviceId - Device ID
+   * @param action - "trust" or "untrust"
+   *
+   * @example
+   * ```typescript
+   * // Mark a device as trusted
+   * await client.updateDeviceTrust("device_abc", "trust");
+   *
+   * // Mark a device as untrusted
+   * await client.updateDeviceTrust("device_xyz", "untrust");
+   * ```
+   */
+  async updateDeviceTrust(deviceId, action) {
+    await this.request(`/api/v1/devices/?device_id=${deviceId}&action=${action}`, {
+      method: "POST"
+    });
+  }
+  // ============================================================================
+  // Utility Methods
+  // ============================================================================
+  /**
+   * Check service health
+   *
+   * @returns Health status object
+   */
+  async healthCheck() {
+    return this.request("/api/v1/health");
+  }
+  /**
+   * Update client configuration
+   *
+   * @param config - Partial configuration to update
+   */
+  updateConfig(config) {
+    this.config = {
+      ...this.config,
+      ...config,
+      headers: {
+        ...this.config.headers,
+        ...config.headers || {}
+      }
+    };
+  }
+  /**
+   * Get current configuration (readonly)
+   */
+  getConfig() {
+    return { ...this.config };
+  }
+};
+
+// src/core/errors.ts
+var CGSError = class _CGSError extends Error {
+  constructor(message, code, statusCode, details) {
+    super(message);
+    this.code = code;
+    this.statusCode = statusCode;
+    this.details = details;
+    this.name = "CGSError";
+    Object.setPrototypeOf(this, _CGSError.prototype);
+  }
+};
+var NetworkError = class _NetworkError extends CGSError {
+  constructor(message, originalError) {
+    super(message, "NETWORK_ERROR", void 0, { originalError });
+    this.originalError = originalError;
+    this.name = "NetworkError";
+    Object.setPrototypeOf(this, _NetworkError.prototype);
+  }
+};
+var ServiceUnavailableError = class _ServiceUnavailableError extends CGSError {
+  constructor(service) {
+    super(`${service} is unavailable`, "SERVICE_UNAVAILABLE", 503, { service });
+    this.name = "ServiceUnavailableError";
+    Object.setPrototypeOf(this, _ServiceUnavailableError.prototype);
+  }
+};
+var AuthenticationError = class _AuthenticationError extends CGSError {
+  constructor(message = "Authentication failed") {
+    super(message, "AUTHENTICATION_ERROR", 401);
+    this.name = "AuthenticationError";
+    Object.setPrototypeOf(this, _AuthenticationError.prototype);
+  }
+};
+var RateLimitError = class _RateLimitError extends CGSError {
+  constructor(retryAfter) {
+    super("Rate limit exceeded", "RATE_LIMIT_EXCEEDED", 429, { retryAfter });
+    this.retryAfter = retryAfter;
+    this.name = "RateLimitError";
+    Object.setPrototypeOf(this, _RateLimitError.prototype);
+  }
+};
+var TimeoutError = class _TimeoutError extends CGSError {
+  constructor(timeout) {
+    super(`Request timeout after ${timeout}ms`, "TIMEOUT", 408, { timeout });
+    this.timeout = timeout;
+    this.name = "TimeoutError";
+    Object.setPrototypeOf(this, _TimeoutError.prototype);
+  }
+};
+var ComplianceError = class _ComplianceError extends CGSError {
+  constructor(message, originalError, code = "COMPLIANCE_ERROR") {
+    super(message, code, void 0, { originalError });
+    this.originalError = originalError;
+    this.name = "ComplianceError";
+    Object.setPrototypeOf(this, _ComplianceError.prototype);
+  }
+};
+
+// src/core/client.ts
+var BaseClient = class {
+  constructor(config) {
+    this.config = {
+      baseURL: config.baseURL,
+      tenantId: config.tenantId,
+      apiKey: config.apiKey || "",
+      headers: config.headers || {},
+      timeout: config.timeout || 1e4,
+      retries: config.retries || 3,
+      debug: config.debug || false
+    };
+  }
+  /**
+   * Make an HTTP request with timeout and error handling
+   */
+  async request(endpoint, options = {}, serviceURL) {
+    const url = `${serviceURL || this.config.baseURL}${endpoint}`;
+    const headers = {
+      "Content-Type": "application/json",
+      "X-Tenant-ID": this.config.tenantId,
+      ...this.config.headers,
+      ...options.headers || {}
+    };
+    if (this.config.apiKey) {
+      headers["Authorization"] = `Bearer ${this.config.apiKey}`;
+    }
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+    try {
+      if (this.config.debug) {
+        console.log(`[CGS SDK] ${options.method || "GET"} ${url}`, {
+          headers,
+          body: options.body
+        });
+      }
+      const response = await fetch(url, {
+        ...options,
+        headers,
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const data = await response.json();
+      if (!response.ok) {
+        this.handleErrorResponse(response.status, data);
+      }
+      if (this.config.debug) {
+        console.log(`[CGS SDK] Response:`, data);
+      }
+      return data;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof Error) {
+        if (error.name === "AbortError") {
+          throw new TimeoutError(this.config.timeout);
+        }
+        if (error instanceof CGSError) {
+          throw error;
+        }
+      }
+      throw new NetworkError("Network request failed", error);
+    }
+  }
+  /**
+   * Make an HTTP request with retry logic
+   */
+  async requestWithRetry(endpoint, options = {}, serviceURL, retries = this.config.retries) {
+    let lastError;
+    for (let attempt = 0; attempt <= retries; attempt++) {
+      try {
+        return await this.request(endpoint, options, serviceURL);
+      } catch (error) {
+        lastError = error instanceof Error ? error : new Error("Unknown error");
+        if (lastError instanceof CGSError && lastError.statusCode && lastError.statusCode >= 400 && lastError.statusCode < 500) {
+          throw lastError;
+        }
+        if (attempt === retries) {
+          break;
+        }
+        const delay = Math.min(1e3 * Math.pow(2, attempt) + Math.random() * 1e3, 1e4);
+        await new Promise((resolve) => setTimeout(resolve, delay));
+        if (this.config.debug) {
+          console.log(`[CGS SDK] Retry attempt ${attempt + 1}/${retries} after ${delay.toFixed(0)}ms`);
+        }
+      }
+    }
+    throw new NetworkError(`Request failed after ${retries} retries`, lastError);
+  }
+  /**
+   * Handle error responses from API
+   */
+  handleErrorResponse(status, data) {
+    const message = data.error || data.message || `HTTP ${status}`;
+    switch (status) {
+      case 400:
+        throw new CGSError(message, "BAD_REQUEST", 400, data);
+      case 401:
+        throw new AuthenticationError(message);
+      case 403:
+        throw new CGSError(message, "FORBIDDEN", 403, data);
+      case 404:
+        throw new CGSError(message, "NOT_FOUND", 404, data);
+      case 429:
+        const retryAfter = data.retry_after || data.retryAfter;
+        throw new RateLimitError(retryAfter);
+      case 500:
+      case 502:
+      case 503:
+      case 504:
+        throw new ServiceUnavailableError(message);
+      default:
+        throw new CGSError(message, "UNKNOWN_ERROR", status, data);
+    }
+  }
+  /**
+   * Build query string from parameters
+   */
+  buildQueryString(params) {
+    const query = new URLSearchParams();
+    Object.entries(params).forEach(([key, value]) => {
+      if (value !== void 0 && value !== null) {
+        if (Array.isArray(value)) {
+          value.forEach((item) => query.append(key, String(item)));
+        } else {
+          query.append(key, String(value));
+        }
+      }
+    });
+    const queryString = query.toString();
+    return queryString ? `?${queryString}` : "";
+  }
+  /**
+   * Update client configuration
+   */
+  updateConfig(config) {
+    this.config = {
+      ...this.config,
+      ...config,
+      headers: {
+        ...this.config.headers,
+        ...config.headers || {}
+      }
+    };
+  }
+  /**
+   * Get current configuration (readonly)
+   */
+  getConfig() {
+    return { ...this.config };
+  }
+  /**
+   * Health check endpoint
+   */
+  async healthCheck() {
+    return this.request("/api/v1/health");
+  }
+};
+
+// src/risk-profile/client.ts
+var RiskProfileClient = class extends BaseClient {
+  constructor(config) {
+    super(config);
+  }
+  // ============================================================================
+  // Profile Management
+  // ============================================================================
+  /**
+   * Create a new customer risk profile
+   *
+   * @param request - Profile creation data
+   * @returns Created customer profile
+   *
+   * @example
+   * ```typescript
+   * const profile = await client.createProfile({
+   *   customer_id: 'CUST-12345',
+   *   entity_type: 'individual',
+   *   customer_status: 'active',
+   *   full_name: 'John Doe',
+   *   email_address: 'john@example.com',
+   *   date_of_birth: '1990-01-15',
+   *   country_of_residence: 'US'
+   * });
+   * ```
+   */
+  async createProfile(request) {
+    return this.request("/api/v1/profiles", {
+      method: "POST",
+      body: JSON.stringify(request)
+    });
+  }
+  /**
+   * Get customer profile by customer ID
+   *
+   * Note: This searches for the profile using the customer_id field.
+   * Returns the first matching profile for the tenant.
+   *
+   * @param customerId - Customer ID to search for
+   * @returns Customer profile
+   *
+   * @example
+   * ```typescript
+   * const profile = await client.getProfile('CUST-12345');
+   * console.log('Risk score:', profile.risk_score);
+   * ```
+   */
+  async getProfile(customerId) {
+    const response = await this.queryProfiles({
+      search: customerId,
+      page: 1,
+      page_size: 1
+    });
+    if (response.data.length === 0) {
+      throw new Error(`Profile not found for customer ID: ${customerId}`);
+    }
+    return response.data[0];
+  }
+  /**
+   * Get profile by UUID
+   *
+   * @param profileId - Profile UUID
+   * @returns Customer profile
+   */
+  async getProfileById(profileId) {
+    const details = await this.getProfileDetails(profileId);
+    return details.profile;
+  }
+  /**
+   * Get detailed profile information including risk factors and history
+   *
+   * @param profileId - Profile UUID
+   * @returns Detailed profile response with risk factors and history
+   *
+   * @example
+   * ```typescript
+   * const details = await client.getProfileDetails(profileId);
+   * console.log('Risk factors:', details.risk_factors);
+   * console.log('Risk history:', details.risk_history);
+   * console.log('Alert counts:', {
+   *   watchlist: details.watchlist_alert_count,
+   *   fraud: details.fraud_alert_count,
+   *   geo: details.geolocation_alert_count
+   * });
+   * ```
+   */
+  async getProfileDetails(profileId) {
+    return this.request(
+      `/api/v1/risk-dashboard/profiles/${profileId}`
+    );
+  }
+  /**
+   * Update customer profile
+   *
+   * @param profileId - Profile UUID
+   * @param updates - Fields to update
+   * @returns Updated customer profile
+   *
+   * @example
+   * ```typescript
+   * const updated = await client.updateProfile(profileId, {
+   *   location: 'New York, USA',
+   *   location_compliance: 'compliant',
+   *   last_recorded_activity: new Date().toISOString()
+   * });
+   * ```
+   */
+  async updateProfile(profileId, updates) {
+    return this.request(`/api/v1/profiles/${profileId}`, {
+      method: "PUT",
+      body: JSON.stringify(updates)
+    });
+  }
+  /**
+   * Manually recalculate risk score for a profile
+   *
+   * Triggers immediate risk score recalculation based on current risk factors.
+   *
+   * @param profileId - Profile UUID
+   * @param reason - Optional reason for recalculation
+   *
+   * @example
+   * ```typescript
+   * await client.recalculateRiskScore(profileId, 'Manual review completed');
+   * ```
+   */
+  async recalculateRiskScore(profileId, reason) {
+    const body = reason ? JSON.stringify({ reason }) : void 0;
+    await this.request(`/api/v1/profiles/recalculate/${profileId}`, {
+      method: "POST",
+      body
+    });
+  }
+  // ============================================================================
+  // Query & Search
+  // ============================================================================
+  /**
+   * Query profiles with advanced filters
+   *
+   * @param filters - Filter criteria and pagination
+   * @returns Paginated list of profiles
+   *
+   * @example
+   * ```typescript
+   * const results = await client.queryProfiles({
+   *   risk_category: ['high', 'critical'],
+   *   kyc_status: ['pending'],
+   *   is_pep: true,
+   *   page: 1,
+   *   page_size: 20,
+   *   sort_by: 'risk_score',
+   *   sort_order: 'desc'
+   * });
+   *
+   * console.log(`Found ${results.total} high-risk profiles`);
+   * results.data.forEach(profile => {
+   *   console.log(`${profile.full_name}: ${profile.risk_score}`);
+   * });
+   * ```
+   */
+  async queryProfiles(filters = {}) {
+    const queryString = this.buildQueryString(filters);
+    return this.request(
+      `/api/v1/risk-dashboard/profiles${queryString}`
+    );
+  }
+  /**
+   * Search profiles by text (searches name, email, customer_id, account_number)
+   *
+   * @param searchText - Text to search for
+   * @param limit - Maximum results to return (default: 10)
+   * @returns Array of matching profiles
+   */
+  async searchProfiles(searchText, limit = 10) {
+    const response = await this.queryProfiles({
+      search: searchText,
+      page: 1,
+      page_size: limit
+    });
+    return response.data;
+  }
+  /**
+   * Get all high-risk profiles (high + critical)
+   *
+   * @param limit - Maximum results to return (default: 50)
+   * @returns Array of high-risk profiles
+   */
+  async getHighRiskProfiles(limit = 50) {
+    const response = await this.queryProfiles({
+      risk_category: ["high", "critical"],
+      page: 1,
+      page_size: limit,
+      sort_by: "risk_score",
+      sort_order: "desc"
+    });
+    return response.data;
+  }
+  /**
+   * Get profiles requiring PEP review
+   *
+   * @param limit - Maximum results to return (default: 50)
+   * @returns Array of PEP profiles
+   */
+  async getPEPProfiles(limit = 50) {
+    const response = await this.queryProfiles({
+      is_pep: true,
+      page: 1,
+      page_size: limit
+    });
+    return response.data;
+  }
+  /**
+   * Get profiles with sanctions matches
+   *
+   * @param limit - Maximum results to return (default: 50)
+   * @returns Array of sanctioned profiles
+   */
+  async getSanctionedProfiles(limit = 50) {
+    const response = await this.queryProfiles({
+      has_sanctions: true,
+      page: 1,
+      page_size: limit
+    });
+    return response.data;
+  }
+  // ============================================================================
+  // Dashboard & Metrics
+  // ============================================================================
+  /**
+   * Get risk dashboard metrics and statistics
+   *
+   * @param startDate - Optional start date for metrics (ISO format)
+   * @param endDate - Optional end date for metrics (ISO format)
+   * @returns Dashboard metrics
+   *
+   * @example
+   * ```typescript
+   * const metrics = await client.getDashboardMetrics();
+   * console.log('Total risky profiles:', metrics.total_risky_profiles);
+   * console.log('Critical profiles:', metrics.total_critical_profiles);
+   * console.log('Average risk score:', metrics.average_risk_score);
+   *
+   * metrics.risk_distribution.forEach(item => {
+   *   console.log(`${item.category}: ${item.count} (${item.percentage}%)`);
+   * });
+   * ```
+   */
+  async getDashboardMetrics(startDate, endDate) {
+    const params = {};
+    if (startDate) params.start_date = startDate;
+    if (endDate) params.end_date = endDate;
+    const queryString = this.buildQueryString(params);
+    return this.request(
+      `/api/v1/risk-dashboard/metrics${queryString}`
+    );
+  }
+  // ============================================================================
+  // Bulk Operations
+  // ============================================================================
+  /**
+   * Get or create profile (idempotent operation)
+   *
+   * Attempts to get existing profile by customer_id, creates if not found.
+   *
+   * @param customerId - Customer ID
+   * @param createRequest - Profile data to use if creating new profile
+   * @returns Existing or newly created profile
+   *
+   * @example
+   * ```typescript
+   * const profile = await client.getOrCreateProfile('CUST-123', {
+   *   customer_id: 'CUST-123',
+   *   entity_type: 'individual',
+   *   full_name: 'John Doe',
+   *   email_address: 'john@example.com'
+   * });
+   * ```
+   */
+  async getOrCreateProfile(customerId, createRequest) {
+    try {
+      return await this.getProfile(customerId);
+    } catch (error) {
+      return await this.createProfile(createRequest);
+    }
+  }
+  /**
+   * Batch get profiles by customer IDs
+   *
+   * @param customerIds - Array of customer IDs
+   * @returns Array of profiles (may be less than input if some not found)
+   */
+  async batchGetProfiles(customerIds) {
+    const profiles = [];
+    for (const customerId of customerIds) {
+      try {
+        const profile = await this.getProfile(customerId);
+        profiles.push(profile);
+      } catch (error) {
+        if (this.config.debug) {
+          console.warn(`[RiskProfileClient] Profile not found for: ${customerId}`);
+        }
+      }
+    }
+    return profiles;
+  }
+  // ============================================================================
+  // Configuration
+  // ============================================================================
+  /**
+   * Get risk configuration for tenant
+   *
+   * Returns the risk scoring weights and thresholds configured for the tenant.
+   *
+   * @returns Risk configuration
+   */
+  async getRiskConfiguration() {
+    return this.request("/api/v1/risk-config");
+  }
+  /**
+   * Update risk configuration for tenant
+   *
+   * Updates risk scoring weights and/or thresholds.
+   *
+   * @param config - Configuration updates
+   * @returns Updated risk configuration
+   */
+  async updateRiskConfiguration(config) {
+    return this.request("/api/v1/risk-config", {
+      method: "PUT",
+      body: JSON.stringify(config)
+    });
+  }
+};
+
+// src/compliance/client.ts
+var ComplianceClient = class {
+  constructor(config) {
+    this.config = {
+      apiGatewayURL: config.apiGatewayURL,
+      tenantId: config.tenantId,
+      apiKey: config.apiKey || "",
+      headers: config.headers || {},
+      timeout: config.timeout || 1e4,
+      retries: config.retries || 3,
+      debug: config.debug || false,
+      autoCreateProfiles: config.autoCreateProfiles !== false,
+      // default true
+      syncMode: config.syncMode || "sync"
+    };
+    this.geoClient = new GeolocationClient({
+      baseURL: this.config.apiGatewayURL,
+      tenantId: this.config.tenantId,
+      apiKey: this.config.apiKey,
+      headers: this.config.headers,
+      timeout: this.config.timeout,
+      retries: this.config.retries,
+      debug: this.config.debug
+    });
+    this.riskClient = new RiskProfileClient({
+      baseURL: this.config.apiGatewayURL,
+      tenantId: this.config.tenantId,
+      apiKey: this.config.apiKey,
+      headers: this.config.headers,
+      timeout: this.config.timeout,
+      retries: this.config.retries,
+      debug: this.config.debug
+    });
+    this.currencyRates = DEFAULT_CURRENCY_RATES;
+  }
+  // ============================================================================
+  // Main Verification Methods
+  // ============================================================================
+  /**
+   * Verify customer registration with automatic profile creation
+   *
+   * This is the primary integration point for new customer sign-ups.
+   * Combines geolocation verification with customer risk profile creation.
+   *
+   * @param request - Registration verification request
+   * @returns Verification response with profile and compliance status
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.verifyAtRegistration({
+   *   customerId: 'CUST-12345',
+   *   fullName: 'John Doe',
+   *   emailAddress: 'john@example.com',
+   *   ipAddress: req.ip,
+   *   deviceFingerprint: getDeviceFingerprint()
+   * });
+   *
+   * if (result.allowed) {
+   *   // Create account
+   *   console.log('Profile created:', result.profile);
+   *   if (result.requiresKYC) {
+   *     // Redirect to KYC flow
+   *   }
+   * } else {
+   *   // Block registration
+   *   console.log('Blocked:', result.blockReasons);
+   * }
+   * ```
+   */
+  async verifyAtRegistration(request) {
+    const startTime = Date.now();
+    try {
+      if (this.config.debug) {
+        console.log("[ComplianceSDK] Starting registration verification for:", request.customerId);
+      }
+      const geoVerification = await this.geoClient.verifyIP({
+        ip_address: request.ipAddress,
+        user_id: request.customerId,
+        event_type: "registration",
+        device_fingerprint: request.deviceFingerprint
+      });
+      const profile = await this.riskClient.createProfile({
+        customer_id: request.customerId,
+        entity_type: request.entityType || "individual",
+        customer_status: "active",
+        full_name: request.fullName,
+        email_address: request.emailAddress,
+        primary_phone_number: request.phoneNumber,
+        date_of_birth: request.dateOfBirth,
+        residential_address: request.address,
+        country_of_residence: geoVerification.location.country_iso,
+        // Geolocation data
+        location: `${geoVerification.location.city}, ${geoVerification.location.country}`,
+        location_compliance: geoVerification.is_compliant ? "compliant" : "non-compliant",
+        // Initial KYC status
+        kyc_status: "pending"
+      });
+      const isAllowed = geoVerification.is_compliant && !geoVerification.is_blocked;
+      const requiresKYC = geoVerification.jurisdiction?.require_kyc || false;
+      const requiresEDD = geoVerification.jurisdiction?.require_enhanced_verification || false;
+      if (this.config.debug) {
+        console.log("[ComplianceSDK] Registration verification complete:", {
+          allowed: isAllowed,
+          riskScore: geoVerification.risk_score,
+          profileId: profile.id
+        });
+      }
+      return {
+        allowed: isAllowed,
+        geolocation: geoVerification,
+        profile,
+        requiresKYC,
+        requiresEDD,
+        blockReasons: !isAllowed ? geoVerification.risk_reasons : [],
+        processingTime: Date.now() - startTime
+      };
+    } catch (error) {
+      if (this.config.debug) {
+        console.error("[ComplianceSDK] Registration verification failed:", error);
+      }
+      throw new ComplianceError("Registration verification failed", error);
+    }
+  }
+  /**
+   * Verify customer login with profile activity update
+   *
+   * Verifies geolocation and updates customer profile with latest activity.
+   *
+   * @param request - Login verification request
+   * @returns Verification response with compliance status
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.verifyAtLogin({
+   *   customerId: 'CUST-12345',
+   *   ipAddress: req.ip,
+   *   deviceFingerprint: getDeviceFingerprint()
+   * });
+   *
+   * if (result.allowed) {
+   *   // Allow login
+   *   if (result.requiresStepUp) {
+   *     // Trigger MFA or additional verification
+   *   }
+   * } else {
+   *   // Block login
+   *   console.log('Blocked:', result.blockReasons);
+   * }
+   * ```
+   */
+  async verifyAtLogin(request) {
+    const startTime = Date.now();
+    try {
+      if (this.config.debug) {
+        console.log("[ComplianceSDK] Starting login verification for:", request.customerId);
+      }
+      const geoVerification = await this.geoClient.verifyIP({
+        ip_address: request.ipAddress,
+        user_id: request.customerId,
+        event_type: "login",
+        device_fingerprint: request.deviceFingerprint
+      });
+      let profile;
+      try {
+        profile = await this.riskClient.getProfile(request.customerId);
+        if (this.shouldUpdateProfile(profile, geoVerification.location.city)) {
+          await this.riskClient.updateProfile(profile.id, {
+            last_recorded_activity: (/* @__PURE__ */ new Date()).toISOString(),
+            location: `${geoVerification.location.city}, ${geoVerification.location.country}`,
+            location_compliance: geoVerification.is_compliant ? "compliant" : "non-compliant"
+          });
+          profile = await this.riskClient.getProfile(request.customerId);
+        }
+      } catch (error) {
+        if (this.config.autoCreateProfiles && this.config.debug) {
+          console.warn("[ComplianceSDK] Profile not found for login, creating...");
+        }
+        profile = await this.createProfileFromGeo(request.customerId, geoVerification);
+      }
+      const isAllowed = geoVerification.is_compliant && !geoVerification.is_blocked && profile.customer_status !== "suspended";
+      const requiresStepUp = geoVerification.risk_level === "high" || geoVerification.risk_level === "critical";
+      return {
+        allowed: isAllowed,
+        geolocation: geoVerification,
+        profile,
+        requiresStepUp,
+        blockReasons: this.getBlockReasons(geoVerification, profile),
+        processingTime: Date.now() - startTime
+      };
+    } catch (error) {
+      throw new ComplianceError("Login verification failed", error);
+    }
+  }
+  /**
+   * Verify transaction with amount-based risk assessment
+   *
+   * Combines geolocation verification with transaction amount analysis
+   * and customer risk profile for comprehensive transaction screening.
+   *
+   * @param request - Transaction verification request
+   * @returns Verification response with transaction risk assessment
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.verifyAtTransaction({
+   *   customerId: 'CUST-12345',
+   *   ipAddress: req.ip,
+   *   amount: 5000,
+   *   currency: 'USD',
+   *   transactionType: 'withdrawal',
+   *   deviceFingerprint: getDeviceFingerprint()
+   * });
+   *
+   * if (result.allowed) {
+   *   // Process transaction
+   * } else if (result.requiresApproval) {
+   *   // Queue for manual review
+   * } else {
+   *   // Block transaction
+   *   console.log('Blocked:', result.blockReasons);
+   * }
+   * ```
+   */
+  async verifyAtTransaction(request) {
+    const startTime = Date.now();
+    try {
+      if (this.config.debug) {
+        console.log("[ComplianceSDK] Starting transaction verification:", {
+          customerId: request.customerId,
+          amount: request.amount,
+          currency: request.currency
+        });
+      }
+      const geoVerification = await this.geoClient.verifyIP({
+        ip_address: request.ipAddress,
+        user_id: request.customerId,
+        event_type: "transaction",
+        device_fingerprint: request.deviceFingerprint
+      });
+      const profile = await this.riskClient.getProfile(request.customerId);
+      const transactionRisk = this.calculateTransactionRisk(
+        request.amount,
+        request.currency,
+        geoVerification,
+        profile
+      );
+      const jurisdictionAllowed = this.checkJurisdictionLimits(
+        request.amount,
+        request.currency,
+        geoVerification.jurisdiction
+      );
+      const isAllowed = geoVerification.is_compliant && !geoVerification.is_blocked && jurisdictionAllowed && transactionRisk.allowed;
+      return {
+        allowed: isAllowed,
+        geolocation: geoVerification,
+        profile,
+        transactionRisk,
+        requiresApproval: transactionRisk.requiresManualReview,
+        blockReasons: this.getTransactionBlockReasons(
+          geoVerification,
+          transactionRisk,
+          jurisdictionAllowed
+        ),
+        processingTime: Date.now() - startTime
+      };
+    } catch (error) {
+      throw new ComplianceError("Transaction verification failed", error);
+    }
+  }
+  /**
+   * Generic event verification (for other touchpoints)
+   *
+   * @param request - Event verification request
+   * @returns Verification response
+   */
+  async verifyEvent(request) {
+    const startTime = Date.now();
+    const geoVerification = await this.geoClient.verifyIP({
+      ip_address: request.ipAddress,
+      user_id: request.customerId,
+      event_type: request.eventType,
+      device_fingerprint: request.deviceFingerprint
+    });
+    if (this.config.autoCreateProfiles) {
+      try {
+        const profile = await this.riskClient.getProfile(request.customerId);
+        await this.riskClient.updateProfile(profile.id, {
+          last_recorded_activity: (/* @__PURE__ */ new Date()).toISOString()
+        });
+      } catch (error) {
+        if (this.config.debug) {
+          console.warn("[ComplianceSDK] Profile not found for event");
+        }
+      }
+    }
+    return {
+      allowed: geoVerification.is_compliant && !geoVerification.is_blocked,
+      geolocation: geoVerification,
+      blockReasons: geoVerification.risk_reasons,
+      processingTime: Date.now() - startTime
+    };
+  }
+  // ============================================================================
+  // Helper Methods
+  // ============================================================================
+  shouldUpdateProfile(profile, newCity) {
+    return !profile.location || !profile.location.includes(newCity);
+  }
+  async createProfileFromGeo(customerId, geoVerification) {
+    return this.riskClient.createProfile({
+      customer_id: customerId,
+      entity_type: "individual",
+      customer_status: "active",
+      email_address: `${customerId}@placeholder.local`,
+      // Temporary email
+      location: `${geoVerification.location.city}, ${geoVerification.location.country}`,
+      location_compliance: geoVerification.is_compliant ? "compliant" : "non-compliant",
+      country_of_residence: geoVerification.location.country_iso,
+      kyc_status: "pending"
+    });
+  }
+  calculateTransactionRisk(amount, currency, geoVerification, profile) {
+    let riskScore = 0;
+    const factors = [];
+    const normalizedAmount = this.normalizeToUSD(amount, currency);
+    if (normalizedAmount > 1e4) {
+      riskScore += 30;
+      factors.push("high_transaction_amount");
+    } else if (normalizedAmount > 5e3) {
+      riskScore += 15;
+      factors.push("elevated_transaction_amount");
+    }
+    riskScore += geoVerification.risk_score * 0.4;
+    if (geoVerification.risk_level === "high" || geoVerification.risk_level === "critical") {
+      factors.push("high_risk_location");
+    }
+    riskScore += profile.risk_score * 0.3;
+    if (profile.risk_category === "high" || profile.risk_category === "critical") {
+      factors.push("high_risk_customer");
+    }
+    if (geoVerification.location.is_vpn || geoVerification.location.is_proxy) {
+      riskScore += 20;
+      factors.push("anonymization_detected");
+    }
+    if (profile.customer_status === "suspended") {
+      riskScore += 50;
+      factors.push("account_suspended");
+    }
+    return {
+      score: Math.min(riskScore, 100),
+      level: this.getRiskLevel(riskScore),
+      factors,
+      allowed: riskScore < 70,
+      requiresManualReview: riskScore >= 60 && riskScore < 70
+    };
+  }
+  checkJurisdictionLimits(amount, currency, jurisdiction) {
+    if (!jurisdiction || !jurisdiction.max_transaction_amount) {
+      return true;
+    }
+    const normalizedAmount = this.normalizeToUSD(amount, currency);
+    return normalizedAmount <= jurisdiction.max_transaction_amount;
+  }
+  normalizeToUSD(amount, currency) {
+    const rate = this.currencyRates[currency.toUpperCase()] || 1;
+    return amount * rate;
+  }
+  getRiskLevel(score) {
+    if (score >= 80) return "critical";
+    if (score >= 60) return "high";
+    if (score >= 40) return "medium";
+    return "low";
+  }
+  getBlockReasons(geoVerification, profile) {
+    const reasons = [];
+    if (geoVerification.is_blocked) {
+      reasons.push(...geoVerification.risk_reasons);
+    }
+    if (profile.customer_status === "suspended") {
+      reasons.push("account_suspended");
+    }
+    if (profile.has_sanctions) {
+      reasons.push("sanctions_match");
+    }
+    return reasons;
+  }
+  getTransactionBlockReasons(geoVerification, transactionRisk, jurisdictionAllowed) {
+    const reasons = [];
+    if (!geoVerification.is_compliant) {
+      reasons.push("non_compliant_jurisdiction");
+    }
+    if (!jurisdictionAllowed) {
+      reasons.push("exceeds_jurisdiction_limit");
+    }
+    if (!transactionRisk.allowed) {
+      reasons.push(...transactionRisk.factors);
+    }
+    return reasons;
+  }
+  // ============================================================================
+  // Configuration
+  // ============================================================================
+  /**
+   * Update currency exchange rates
+   *
+   * @param rates - Currency to USD exchange rates
+   */
+  updateCurrencyRates(rates) {
+    this.currencyRates = { ...this.currencyRates, ...rates };
+  }
+  /**
+   * Get underlying geolocation client
+   */
+  getGeolocationClient() {
+    return this.geoClient;
+  }
+  /**
+   * Get underlying risk profile client
+   */
+  getRiskProfileClient() {
+    return this.riskClient;
+  }
+  /**
+   * Update configuration
+   */
+  updateConfig(config) {
+    this.config = { ...this.config, ...config };
+    this.geoClient.updateConfig(config);
+    this.riskClient.updateConfig(config);
+  }
+};
+
+// src/compliance/types.ts
+var DEFAULT_CURRENCY_RATES2 = {
+  USD: 1,
+  EUR: 1.1,
+  GBP: 1.27,
+  CAD: 0.74,
+  AUD: 0.66,
+  JPY: 67e-4,
+  CHF: 1.13,
+  CNY: 0.14,
+  INR: 0.012,
+  BRL: 0.2,
+  MXN: 0.058,
+  ZAR: 0.055
+};
+
+export { ComplianceClient, DEFAULT_CURRENCY_RATES2 as DEFAULT_CURRENCY_RATES };
+//# sourceMappingURL=index.mjs.map
+//# sourceMappingURL=index.mjs.map