UX compliance dashboards

1) Purpose and principles

• signals and prioritizes risks;
• provides explainability ("why it worked");
• Accelerates response (action buttons, escalation routes)
• retains audit traces (who did what and when).

• Signals over raw: First statuses/anomalies, then details.
• Time-to-decision <60 sec: filter presets, short case summaries, quick actions.
• Explain & Next: next to the signal - "what is it" and "what is next."
• Single criticality scale: Info/Low/Medium/High/Critical with color consistency.
• Fixed time zone and analysis window, explicit report generation date.
• Zero leakage of personal data: minimum PII; the default is aliases/hashes.

2) Roles and key scenarios

Head of Compliance: review of risks, loads, SLA investigations, remediation progress.
Compliance Analyst (L1/L2): alert triage, case management, preparation of evidence base.
AML Officer: suspicious transactions, SAR/STR preparation, sanctions lists/PEP.
RG (Responsible Gaming): behavioral patterns of risk, limits/self-exclusion, interventions.
Data Protection Officer (DPO): DSAR, leaks, anonymization, accesses.
Tech/QA: stability of integrations of screening providers, errors/retrays, latency.
Legal: deadlines for regulatory reports, audit file statuses.

1. "Critical alerts for today" → be distributed among performers.

2. Expired cases → escalate.

3. "RTP went beyond the corridor" → block the game/operator, start an investigation.

4. "Coincidence with the sanctions list" → KYC hold, request for documents.

5. "High risk RG" → soft/hard intervention, freezing deposits.

3) Information architecture

1. Global panel: period, geo/jurisdiction, brand/operator, product, criticality, case status, performer.

2. Home ("Today"): KRI/KCI summary, alerts, burn-down SLA, "top movers."

3. Risk Hub: category matrix (KYC/AML/RG/Privacy/Certification/Payments).
4. Cases: queue, Kanban/table, decision templates, action history.
5. Reporting: regulatory reports, deadlines, file and validation status.
6. Integrations: health of providers (sanctions, PEP, verification document, behavioral scoring).
7. Policies and controls: rule versions, changelog, experiments/sandboxes.

4) Metrics: KRI, KCI and SLA

4. 1 KRI (Key Risk Indicators)

Sanctions/PEP Hit Rate = hits/checks.
False Positive Rate = false matches/all matches.
Unverified Users% = incomplete KYC/all new.
SAR/STR per 1k Users = number of SAR/STR/1000 users.
RG High-Risk% = Behavioral Flagged/Active Players.

4. 2 KCI (Key Control Indicators)

KYC Turnaround (p50/p95) is the median/quantile of the verification time.
Alert → Case Conversion% - the proportion of signals that have become a case.
Case Resolution Time (p50/p95).
Investigation Reopen% - share of reopened cases.
Data Access Violations - unauthorized attempts to view personal data.

4. 3 SLA/SLO (operating)

Triage SLA: critical alert taken into operation ≤ 15 min.
Resolution SLA: by type (KYC - 24h, AML - 72h, RG - 24h, privacy incident - 72h).
Provider Uptime/Latency: p95 screening endpoints.
ETL Freshness: data marts lag ≤ X minutes.

5) Widgets and patterns

Home ("Today")

Heatmap of risks: categories × criticality; clickable to the list of cases.
SLA Burn-down: How many cases are in the green/yellow/red zone by deadline.
Top Movers: metrics that have changed> thresholds (FPR, RG High-Risk%, RTP Dev).
Provider Health: uptime, delays, integration errors.

Risk Hub

Category × jurisdiction matrix with policy and local requirements hints.
Anomaly Explainers: Contribution of Markets/Games/Providers to Metric Deviation.
Drill-through: from the → aggregate to the event list → to the user card (no PII, only pseudo-ID).

Cases

Case card: status, criticality, checklist, last activity, owner, SLA timer, "Why the rule worked."

Action bar: "Request a document," "Set a limit," "Hold/Unhold," "Escalate," "Close with a result."

Audit Trail: unchangeable log, attachments, links to rules/events.
Playbooks: pre-filled steps and notification texts.

Reporting

Deadline calendar: regulatory reports, signatures, confirmations.
Validator: file/schema check statuses, errors and corrections.
Export: versions of files with hashes, time signatures and owners.

6) Rules, explainability and versions

Rule Catalog: list of rules (ID, version, owner, jurisdictions, logic description).
Explainability: next to the trigger - "what facts led to the triggering" (for example, "coincidence on the sanctions alias, source: EU-list").
Versioning: the rule specifies the exact version of the model/list; the case stores a snapshot of logic.
Scenario Testing: A "history run" for the fresh version before inclusion.
Change Log: who changed what changed why (link to ticket).

7) Data and contracts

• `kyc_check` (user_pid, provider, result, reason_codes, ts).
• `sanctions_screen` (user_pid, list_name, match_score, match_fields, ts).
• `rg_signal` (user_pid, risk_level, features_snapshot, ts).
• `rtp_sample` (game_id, market, spins, rtp_observed, window, ts).
• `case_event` (case_id, action, actor, ts, payload_ref).
• `privacy_incident` (type, scope, status, ts).

• Daily_Risk (category × day × jurisdiction).
• Case_Flow (SLA/Milestones/Deliverables)
• Provider_Health (uptime/latency/integration errors).
• Rule_Versions (active/revoked).

• required fields, acceptable ranges, event idempotency, deduplication, lag monitoring.

8) Privacy, RBAC and PII minimization

Role model: Legal/Head see units and cases, L1 - impersonal cards, access to PII - only by the justify button with logging.
Default PII mode: hidden names/addresses; only pseudo-ID/masks are shown.
Just-in-Time Access: temporary access to PII by case; auto-recall.
Data Lineage: field path from source to showcase; quickly check the legality of processing.
Export Guard: marks on exports (PII/No-PII), warn about policy violation.

9) Case Ops

Этапы: Detect → Triage → Investigate → Decide → Remediate → Report → Learn.

• check lists by case types;
• SLA timer and "expected next steps";
• "similar cases/solutions";
• "justification for closure" and report templates.

• inability to close the case without completed justification fields;
• Warning when not performing playbook steps
• automatic follow-up (after N days) for measure effectiveness checks.

10) Alerts and escalations

• Critical: sanction true match; KYC mass rejection by the provider RTP Dev> δ at N backs; personal data leakage.
• High: RG High-Risk surge > Xσ; FPR of sanction screening ↑ above the threshold; SLA delinquency.
• Medium: provider delay> p95 SLO; reopen% growth; market anomaly.

• compact card (type, source, confidence, consequences), 2 buttons: "Take to work," "Reject with reason."
• mass action for batch alerts.
• "Why I see it" - policy/rule owner.

• risk type × level matrix → legal, exec, technical support;
• auto-escalation in case of SLA violation.

11) Responsible game (RG) - UX-specificity

Early markers: nocturnal activity, deposit growth, frequent withdrawal reversals, chase behavior.
Widgets: RG Risk Funnel (marker → contact → limit/pause → outcome), intervention map and their effectiveness.
Interventions: soft (notifications, reality-check), hard (limits, timeout, self-exclusion).

Validity: next to the map of measures - "why this level of impact was chosen."

12) Availability and localization

WCAG contrast and fonts, predictable focus, hotkeys;

localization of compliance terms (glossary in UI);

Uniform date/number formats, explicit currency, and time zone

"presentation mode" - screens without PII for demonstrations to the audit/board of directors.

13) Antipatterns

"Wall of tables" without signals and explanations.
Role blending: Legal data is available to L1 without justify.
Pop-ups for each click (interface fatigue).
Different formulas for the same metrics in different widgets.
Faceless alerts without what-next action.
Export from personal data without warning and logging.

14) Implementation checklist (by sprints)

Sprint 1: basic showcases (Daily_Risk, Case_Flow), home "Today," risk matrix.
Sprint 2: case card + playbooks, SLA timers, audit trail.
Sprint 3: provider integrations (sanctions, KYC, RG), Provider Health, retrays.
Sprint 4: Reporting and validator, deadline calendar, export from guardrails.
Sprint 5: explainers, "similar cases," change-log rules, scenario testing.
Sprint 6: localization, availability, presentation mode, PII JIT access.

15) Glossary

KRI/KCI - risk/control indicators.
SLA/SLO - target/contract reaction/decision times.
PEP/Sanctions - Politically Exposed Persons/Sanctions Lists.
SAR/STR - Suspicious Activity Reports.
RG is a responsible game.
FPR/TPR = false positive/true positive lobes.
PII - Personal Data.
Playbook - case activity template.

16) The bottom line

1. signals with explainability,

2. fast and safe actions,

3. strict access control and audit trails,

4. consistent metric on all screens,

5. support for investigation and reporting processes.

Start with "Today" (signals, SLA, health integrations), add Case Ops and Explainability, and then expand to reporting and versioning policy - this will make dashboard a real risk mitigation tool, not just a showcase of numbers.