AE Compliance

Platform

One pipeline, from your JSON to their ASP.

Every submission runs through the same six stages, in order, with no silent drops and no bypass path.

01

Ingest

Any JSON your system already produces

02

Normalize

Alias-mapped to the PINT-AE canonical shape

03

Validate

Every check group, no short-circuit

04

Ledger

Tenant-isolated, RLS-enforced persistence

05

Route

To your ASP, with circuit breakers and retry

06

Webhook

Status back to you at every terminal state

Validation sandbox

Every check runs. Nothing short-circuits.

POST /api/v1/compliance/validate runs the exact same normalize-and-check pipeline as /submit, with zero persistence. Every failed check returns a ValidationIssue — field, code, message, severity — never a generic failure.

MISSING_MANDATORYerror

A field PINT-AE requires unconditionally could not be mapped from your payload.

LINE_MATHerror

net_amount + vat_amount != gross_amount on a line item (2dp, ROUND_HALF_UP).

VAT_RATE_MISMATCHerror

The vat_rate on a line isn't one of the rates allowed for that VAT category.

TIN_TRN_MISMATCHerror

The Peppol TIN doesn't match the corresponding TRN field.

MISSING_CONDITIONALwarning

A conditionally-mandatory field is missing given the rest of the document.

Ledger & audit

Every invoice reaches a terminal state.

Every transition flows through a single choke point that also writes an append-only audit event. There is no code path that updates status without recording why.

RECEIVEDVALIDATEDPENDING_TRANSMISSIONTRANSMITTEDCLEARED_BY_FTA
NEEDS_REVIEWFAILEDREJECTED

The three non-happy-path states are reachable from any stage — each is a persisted status, a failure_detail, an audit row, and a webhook back to your system.

Security layer

Isolation enforced by the database.

  • Postgres Row-Level Security, FORCE-enabled — even the table owner is policy-bound.
  • AES-256-GCM envelope encryption for BYOK ASP credentials — the key-encryption key lives outside the database.
  • HMAC-SHA256-signed webhooks in both directions, with freshness windows and replay protection.
  • TLS-only ingress; UAE-region deployment (AWS me-central-1) in progress.
postgresql
ALTER TABLE ae_compliance.invoice_ledger
FORCE ROW LEVEL SECURITY;
 
CREATE POLICY tenant_isolation_ledger
ON ae_compliance.invoice_ledger
USING (tenant_id = current_setting('app.current_tenant_id')::uuid);

ASP routing

Retries, circuit breakers, and honest failure.

Transient errors (timeouts, 5xx, 429) retry with exponential backoff and jitter, up to 8 attempts, gated by a circuit breaker per (tenant, ASP) pair. A permanent error moves straight to FAILED with a failure webhook — never a silent stall.

See it against your own payload.