Documentation

Integration and product documentation for ComplianceOS.

Legal disclaimer: ComplianceOS provides guided workflows only — it is not legal or tax advice. Verify all filings with an Irish accountant or solicitor before submission.

Bank connections (Revolut Business)

ComplianceOS connects to your Revolut Business account via the Revolut Business API. This provides read-only access to accounts and transactions for automatic reconciliation.

How it works

Navigate to Banking and click Connect Revolut Business.
You'll be redirected to Revolut to authorize read-only access.
After consent, ComplianceOS stores an encrypted access token and syncs your accounts.
Transactions are imported with idempotent deduplication (no double-imports).

Sandbox vs production

By default, ComplianceOS connects to the Revolut sandbox for testing. Production mode requires approved API credentials from Revolut and REVOLUT_SANDBOX=false.

Disconnect & re-sync

You can disconnect at any time from Banking → connection card → Disconnect button. Previously imported transaction data is preserved. Reconnecting starts a fresh sync.

Webhooks

ComplianceOS receives Revolut webhooks to trigger automatic syncs when new transactions appear. Webhook signatures are verified before processing.

CRO company search & import

ComplianceOS can search and import company data from CRO Open Data (when configured) or uses a local mock dataset for development.

Data sources

Mock (default): Built-in sample companies for development/demo.
CRO Open Data: Real company records from the CRO public CKAN dataset when CRO_USE_MOCK=0 and CRO_OPENDATA_RESOURCE_ID are configured.

Name screening

Name screening checks your proposed company name against known registered companies. It is indicative only and does not represent official CRO approval. A formal application via CORE is always required.

Revenue Ireland / ROS integration

ComplianceOS implements the Revenue PAYE Modernisation REST API patterns for RPN lookup, PSR submission, and employer registration.

Integration modes

Mock: Deterministic synthetic responses for dev/testing. No Revenue traffic.
Live ready: Configuration present (OAuth, token URL) but not all prerequisites met.
Live configured: Full credentials, certificate, and OAuth in place — live Revenue communication active.
Fallback mock: If a live call fails, the system returns mock data with a clear advisory warning (configurable via ROS_FALLBACK_MOCK).

Going live

Live Revenue integration requires: (1) developer registration with Revenue, (2) a P12 certificate for mTLS/signing, (3) OAuth client credentials, and (4) setting ROS_MOCK_MODE=false. All submissions create immutable snapshots with payload hashes for audit.

Audit trail & immutable snapshots

Every significant action in ComplianceOS is recorded in the audit log: bank connections, disconnections, imports, sync operations, filing submissions, and approval/rejection decisions. Audit entries include the user, timestamp, and before/after state.

Filing submissions generate immutable snapshots — a frozen copy of the payload at the moment of submission, with a SHA-256 content hash. These cannot be modified after creation.

Understanding integration states

Label	Meaning
MOCK	No external calls. Uses built-in deterministic data.
SANDBOX	Connected to provider test/sandbox environment.
LIVE_READY	Credentials configured but not all prerequisites validated.
LIVE_CONFIGURED	Full production integration active and validated.
FALLBACK_MOCK	Live call failed; system returned mock data with advisory.

For account help, contact support@complianceos.ie

← Back to home