Compliance & legal hardening¶
Related code: app/graphql/ledger_audit/, app/graphql/rbac/, app/auth/.
Items¶
- Libro Mayor / Libro Diario / Libro de Inventario PDF export with the official Panama auditor layout.
- Acceptance: each book exportable per period; pagination + header per page; opens cleanly as a sealed binder.
- Backup + "export everything as ZIP".
- Acceptance: per-tenant request → background job → signed URL to a ZIP containing CSV of each major entity + PDFs of all generated documents.
- Two-factor auth (TOTP) with backup codes.
- Acceptance: per-user enrolment; required for owner / admin roles by policy; rate-limited.
- Per-role IP allowlist for accountants / external auditors.
- Acceptance: role-level allowlist; non-matching IPs see a 403 with a friendly message.
- Audit-log UI.
- Acceptance: surface
ledger_audit_logs+ RBAC events + login events in a single searchable log per tenant; export to CSV. - Tenant data retention policy (delete after N years per Panama legal req — typically 5).
- Acceptance: per-tenant config; soft-delete with restore window; hard-delete job after legal period.
- GDPR-style data-subject export / delete for individuals (employees, clients).
- Acceptance: request workflow with admin approval; produces a per-subject ZIP or hard-deletes with audit footprint.
- Suspicious-activity detection (login from new geo, mass deletes, off-hours bulk void).
- Acceptance: configurable rules; notifications go to owner via WhatsApp + email.
- Session pinning + remote logout of all sessions.
- Acceptance: list sessions per user; one-click revoke all.
Shipped¶
None yet.