Architecture · Compliance · Risk

FinTech Platform Architecture

End-to-end funds flow design, transaction risk assessment model, and KYC/AML onboarding process for a P2P digital wallet platform: nine distinct funds flow pathways, four-phase onboarding, and a real-time risk scoring layer.

Overview

This documentation covers the operational and compliance architecture for a P2P payments and digital wallet platform — drawn from compliance architecture work across three FinTech engagements. Platform-agnostic in presentation; the architecture reflects real design decisions made under live regulatory constraints.

Three interlocking components:

  1. Funds flow architecture — nine pathways from wallet funding through cross-border settlement
  2. Transaction risk assessment model — three-layer analysis producing a dynamic risk score
  3. KYC/AML onboarding process — four-phase sequential funnel with defined pass/fail decision points

Funds flow: nine pathways

All nine funds flow pathways route through a central wallet ledger maintained by the platform’s Banking-as-a-Service (BaaS) partner.

Wallet FundingACH, card, mobile check, wire → BaaS Settlement → Platform Wallet
P2P TransfersInternal ledger operations — no funds leave BaaS infrastructure; real-time debit/credit
Merchant PaymentsUser Wallet → BaaS card/ACH processing → Merchant Bank
Wallet WithdrawalsPush-to-card, ACH, or wire → BaaS → External Account
Cross-Border TransfersUSD wallet → BaaS/FX Partner → Recipient international bank or cash pickup
Crypto On-RampUSD wallet → crypto exchange integration → user crypto wallet
Crypto Off-RampUser crypto wallet → exchange → USD → Platform Wallet
Peer LendingLender Wallet → Escrow → Borrower Wallet; repayment reverse flow
Fee CollectionDeducted at transaction time; routed to platform fee wallet

Transaction risk assessment

The risk model operates in three layers running in parallel on every transaction.

Data collection layer. Banking data stream: account age, average balance, transaction sizes and frequency patterns, counterparty history, chargeback history, failed transaction patterns. Crypto wallet inputs (where applicable): wallet age, transaction volume, chain analysis results, interaction with high-risk services (mixers, sanctioned addresses).

Risk analysis layer. Three parallel analytical processes: transaction frequency analysis (velocity against defined thresholds and user baseline); transaction pattern analysis (comparison to user history and peer group behavior); behavioral analysis (anomaly detection for pattern breaks, unusual timing, unexpected geography).

Risk evaluation layer. Four parallel checks — fraud risk, ML model output, terrorist financing pattern matching, illegal activity indicators — combined into a dynamic risk score mapped to Low/Medium/High.

Post-transaction processing updates the user’s risk profile, feeds results back into the model as training data, and triggers manual review for flagged transactions.

Diagram: user risk profile — three-layer model

ProcessRisk checkDecisionData touch point
Begin Transactional Risk Assessment
Data Collection Layer — parallel
Banking Data Analysis
  • Account metrics: age, average balance, status
  • Transaction history: sizes, frequency, counterparty
  • Risk indicators: chargebacks, failed txns, suspicious activity
Crypto Data Analysis
  • Wallet analysis: age, volume, chain analysis
  • Patterns: cross-chain activity, service interaction, peak times
  • Risk signals: high-risk service usage, mixers, suspicious patterns
Risk Analysis Layer
Transaction Frequency Analysis
Transaction Pattern Analysis
Behavioral Analysis
Risk Models Application
Risk Evaluation Layer
Fraud Risk
ML Risk
TF Risk
Illegal Activity Risk
Risk Profile Generation
Dynamic Risk Score Assignment
Apply Risk Thresholds
High risk
Block / Restrict Transactions
Medium risk
Enhanced Monitoring
Low risk
Allow Standard Transactions

Diagram: per-transaction risk evaluation

ProcessRisk checkDecisionData touch point
New Transaction Initiated
Historical Data Analysis — parallel streams
Internal Transaction History
  • Velocity
  • Size distribution
  • Time patterns
External Crypto Data Stream
  • Wallet activities
  • Chain analysis
  • Service usage
External Bank Data Stream
  • Account age
  • Transaction sizes
  • Counterparty history
Risk Indicators
  • Recent alerts
  • Behavior changes
  • Rule triggers
Real-Time Transaction Analysis
Basic Transaction Checks
  • Amount limits
  • Frequency rules
  • Party verification
Pattern Matching
Risk Evaluation Process
Risk Evaluation — compare to models
  • Counterparty analysis
  • Product usage patterns
  • Transaction history
  • Peer group
  • Network analysis
  • Behavioral patterns
Anomaly Detection
  • Pattern breaks
  • Unusual timing
  • Unexpected location
Deep Analysis
  • Illegal activity signals
  • Fraud indicators
  • ML / TF patterns
Final Risk Assessment
High risk
Block Transaction
Update Risk Profile
Adapt Risk Models
Medium risk
Manual Review
Update Risk Profile
Adapt Risk Models
Low risk
Process Transaction
Update Risk Profile
Store Transaction Data

KYC/AML onboarding: four phases

Phase 1 — Identity Verification. Customer creates digital identity; data transmits to BaaS partner via API for KYC/AML verification without touching the P2P platform. Includes: identity document verification, liveness check (biometric match), AML screening (sanctions lists, PEP lists, adverse media). Pass/fail gates before proceeding.

Phase 2 — Account Creation. Upon KYC/AML approval: platform wallet created, BaaS services provisioned, primary external bank account linked via Plaid or equivalent open banking integration.

Phase 3 — Pre-Transaction Risk Assessment. Before transaction capability is enabled: transactional fraud screening, terrorist financing screening, money laundering screening, illegal activity screening. All four must pass before the account goes live.

Phase 4 — Continuous Monitoring. Every transaction is monitored in real time against the full risk model for the life of the account. No defined end point.

Note: The platform can alternatively route KYC/AML through a dedicated third-party KYC/AML provider rather than the BaaS partner — same process, different PII storage architecture. If using a third-party provider, compliant data governance architecture for PII storage is required or the provider must handle that layer.

Diagram: high-level onboarding & risk flow

ProcessRisk checkDecisionUser touch point
Customer Starts Onboarding
Create Digital Identity
KYC/AML Process via BaaS
Send to BaaS via API
Identity Verification
Liveness Check
KYC/AML Passed?
No
Reject Application
Yes
Proceed to Account Creation
Account Creation Process
Create Digital Wallet
Create BaaS Service
Account Connection Process
Connect Primary Account via Plaid
Connect 3rd-Party Wallets / Exchanges
Pre-Transaction Risk Assessment
Run Initial Checks
  • Transactional fraud
  • Terrorist financing
  • Money laundering
  • Illegal activities
Checks Passed?
No
Block Transaction Capability
Yes
Enable Transaction Capability
Continuous Monitoring
Monitor Each Transaction via Model
  • Transactional fraud
  • Credit fraud
  • Terrorist financing
  • Money laundering
  • Illegal activities

The KYC/AML layer can route through the BaaS partner or a dedicated third-party KYC/AML provider — the same API flow applies either way.

Diagram: detailed KYC/AML process

ProcessRisk checkDecisionUser touch point
Start KYC/AML Process
Identity Verification Process
Collect Customer Data
Collect Identity Documents
  • Government ID
  • Proof of address
  • SSN
Validate Documents
Invalid
Document Validation Failed → Reject
Valid
Proceed to Liveness Detection
Liveness Detection
Initiate Liveness Check
Face Detection & Matching
Liveness Check
Fail
Reject & Request New Liveness Check
Pass
Parse Biometric Data
Parallel Screening Processes
OFAC Check
Global Sanctions / SDN List Check
PEP Screening
Risk Score Assessment
Low risk
Pass Initial Screening
Medium risk
Additional Checks Required
High risk
Enhanced Due Diligence
Fraud & Risk Assessment
Manual Review — Fraud Prevention Checks
Money Laundering Risk
Terrorist Financing Risk
Geographic Risk
Business Type Risk
Final Risk Evaluation
Fail
Reject Application
Pass
Approve & Proceed to Account Creation

Design rationale

The four-phase sequential structure ensures that no transaction capability exists until identity, compliance, and risk checks have all passed independently. The BaaS-partner-routed KYC/AML design means the P2P platform never touches raw identity document data — it receives only a pass/fail signal. This is a deliberate architectural choice that reduces the platform’s data liability while maintaining full compliance coverage.