INEX MM | ACH Withdrawal & Deposit | CAD 2026.04

Candidate Architecture Design — NLZ Migration

Platform Details

PlatformInvestor Experience (INEX) — Money Movement
Broker DealerLPLE / LPLF
Product CodeINEX
InitiativeNLZ Migration — Topic 3: ACH Withdrawal & Deposit
StatusPOC / Draft

1. Business Overview

Business Statement

Migrate ACH money movement capabilities from the OLZ OnPrem stack (investor-ach-api) to the NLZ cloud-native stack (cam-movemoney-process-api), adding one-time withdrawals and recurring/periodic ACH transactions that were never fully implemented in OLZ.

Business Problems Solved

DriverProblemImpact
No AV withdrawals in NLZAvAchService only handles ACHC (deposits); ACHD routing missing for AccountView channelInvestors cannot withdraw via NLZ path
No recurring ACHCmPeriodicInstruction schema exists in OLZ but was never wired to any handler or schedulerInvestors must manually submit each deposit/withdrawal
OLZ FutureDate bugProcessRequestsHandler cancels FutureDate requests (lines 161-170) instead of executing themFuture-dated deposits silently fail in OLZ
FICO dependencyOLZ makes 3 external HTTP calls to FICO for eligibility/complianceLatency + single point of failure (no circuit breaker in OLZ)

Business Objectives

  1. Feature parity: Enable one-time ACH withdrawals (ACHD) through the NLZ AV channel
  2. New capability: Implement recurring/periodic ACH deposits and withdrawals
  3. Fix: Resolve future-dated deposit handling (NLZ has CheckBetaOffHours, verify explicit future-date)
  4. Improve: Leverage NLZ advantages (inline rules, Kafka events, parallel processing)

2. Candidate Architecture Diagram

NLZ System Context

graph LR INV(["Investor Experience
NLZ SPA"]) BFF["investor-cash-mgmt-process-api
BFF Bridge"] CAM["cam-movemoney-process-api
NLZ Orchestrator"] BG["cam-mm-backgroundservice-api
Queue + Periodic Processor"] SYS["cam-movemoney-system-api
DB · BETA · Audit"] INST["cam-mm-instruction-system-api
Bank Instructions"] ACCT(["Account Details"]) RTT(["RTT"]) NOTIF(["Notification"]) KAFKA(["Kafka"]) BETA(["BETA"]) INV --> BFF --> CAM BG --> CAM CAM --> SYS CAM --> INST CAM --> ACCT CAM --> RTT CAM --> NOTIF CAM --> KAFKA SYS --> BETA style INV fill:#e8ecff,stroke:#4f6bed style BFF fill:#fff8ec,stroke:#f39c12 style CAM fill:#e6faf5,stroke:#00b894 style BG fill:#e6faf5,stroke:#00b894 style SYS fill:#e3f0ff,stroke:#1e88e5 style BETA fill:#f0eeff,stroke:#6c5ce7 style KAFKA fill:#fff8ec,stroke:#f39c12

3. Patterns Alignment

Security

  • ForgeRock JWT auth (JWKS key rotation, 240-min cache)
  • Refit clients with Bearer token injection
  • TLS 1.2+ in transit, SQL TDE at rest
  • PII masked in logs (DataMaskUtility)

Integration / API

  • Refit-based service mesh (typed HTTP clients)
  • cam-system-api as single data/BETA layer
  • FluentValidation on all request payloads
  • Polly circuit breaker on all downstream calls

Messaging / Events

  • Kafka producer for transaction status events
  • Fire-and-forget notification via BackgroundWorkQueue
  • MediatR for internal query dispatching (backgroundservice)

Cloud / Rollback

  • EKS deployment (.NET 8 containers)
  • Feature flag rollback: NEW_MOVE_MONEY_API_ENABLE = 0 reverts to OLZ
  • Zero-downtime rolling deployments

4. AI & Machine Learning

N/A — This initiative does not use AI or ML capabilities. Eligibility and compliance checks use deterministic business rules (inline EligibilityService and ComplianceService).

5. Data & Record Classification

Data ElementClassificationProtection
LPL Account NumberConfidential / PIIMasked in logs, encrypted at rest
Bank Account NumberConfidential / PIIMasked in logs, encrypted at rest, TLS in transit
SSN (tax withholding)Restricted / PIINot stored in MM system — passed through to tax service
Transaction RecordsBooks & RecordsRetained per SEC Rule 17a-4, audit trail at every step
Kafka EventsInternalNo PII in event payload (uses masked account references)

6. Issues & Risks

RiskSeverityCategoryMitigation
EligibilityService has no ACHD-specific rules (IRA limits, margin)HighTechnologyPort OLZ FICO ACHD rules into NLZ inline EligibilityService
Periodic scheduler double-execution across podsHighTechnologyDistributed lock (Redis or DB advisory) in ProcessPeriodicTransactionRequestsService
cam-system-api BETA payload may not support distribution PECO codesMediumTechnologyVerify BETA request builder handles ACHD. Reference OLZ BetaRequestFactory.GetIrasPecoCode()
Tax withholding logic not in any NLZ serviceMediumTechnologyBuild TaxWithholdingService. OLZ CmRequest has fields but never populated.
No periodic instruction DB schema in cam-system-apiMediumTechnologyDesign new table based on OLZ CmPeriodicInstruction

7. Architecture Design References

RepositoryRoleStack
cam-movemoney-process-apiNLZ orchestrator (target for new features).NET 8, EKS, Kafka, Refit, Polly
cam-mm-backgroundservice-apiNLZ queue processor (target for periodic scheduler).NET 8, BackgroundService, MediatR, Dapper
cam-movemoney-system-apiNLZ data/BETA layer.NET 8, EF Core, SQL Server
cam-mm-instruction-system-apiBank instruction management.NET 8, Refit
investor-ach-apiOLZ reference (current production).NET 7, MediatR, FICO
investor-movemoney-commonsOLZ schema reference (CmPeriodicInstruction).NET, NuGet package