Skip to main content

Permissions Catalogue

Permissions are pre-defined within the Fenergo SaaS application and represent a series of functional capabilities across the various features within the application.

Permissions determine what a user can do within the system. They cover administrative, operational and configuration based user activities.

From an Operational user's POV, permissions control what the user can access, create, cancel, etc. For example, a user may have permission to initiate journey, access client entity data, and trigger screening. Permissions also govern what the Configuration user is allowed to do within the system whether including operations such as create, edit, and approve with respect to configuration sets. For example, a user may have permission to create Policy drafts, edit the requirements within it, and then approve any changes to policies.

Permissions are organized by Domain and are pre-defined per specific API capabilities within the system. Permissions are broken up into the following categories:

  • Access - the ability to access a feature
  • Edit - the ability to edit within a feature
  • Create - the ability to create an instance of an object related to feature
  • Cancel - the ability to cancel an activity within a feature
  • Delete - the ability to delete within a feature
  • Approve - the ability to approve within a feature
  • Archive - the ability to archive within a feature

Permissions are added to Teams. While the individual permissions are pre-configured and cannot be changed, Teams are configurable and the the combinations of permissions contained within team are fully configurable.

This document also includes information on configuration permissions that are pre-defined within the system, but are typically only provisioned to System Configuration or Application Support Teams.

tip

Refer to the Access Management User Guide for more details on how Permissions are used within Fenergo SaaS

Permissions

Associations

Permission NameDescriptionNotes
Association AccessAbility to access and view existing Associated Parties for a given EntityRequired by all users that need to view the Entity's Associations (Related Parties tab).
Association Edit & CreateAbility to edit and create Associated Parties for a given EntityRequired by users that need to add or edit the Entity's Associations (Related Parties tab).
Association Edit & Link OnlyAbility to edit and link existing Associated Parties for a given EntityRequired by users that need to add Associations to an Entity, but who are restricted from creating new Entities as part of the link process.
Association DeleteAbility to delete Associated Parties for a given EntityRequired by users that need to delete a Related Party from an Entity's Associations (Related Parties tab).

Audit

Permission NameDescriptionNotes
Audit AccessAbility to view and access Audit logs within the applicationRequired by Compliance, Audit and any Administration users that require access to the system audit log and audit of individual entities and their journeys

Change Management

Permission NameDescriptionNotes
Proposed Changes AccessAbility to access and view Proposed Changes for a given EntityRequired by users that need to view an Entity's Proposed Changes (Proposed Changes task).
Proposed Changes EditAbility to action (accept or reject) Proposed ChangesRequired by users that need to action (accept or reject) Proposed Changes within the Proposed Changes task.
Proposed Changes ApproveAbility to approve actioned Proposed ChangesRequired by users that need to Approve actioned Proposed Changes within the Proposed Changes task when Maker-Checker is active.

Configuration Exchange

Permission NameDescriptionNotes
Credit Policy Configuration AccessAbility to access the configurations within Credit Policy featureRequired by System Configuration users in lower-level environments to access the Credit Policy Configuration Feature. Generally, only provided to Application Support Teams in a Production environment.
Credit Policy Configuration EditAbility to create new and edit existing configurations within Credit Policy featureRequired by System Configuration users in lower-level environments to create and modify configuration within the Credit Policy Configuration Feature. This permission is not typically granted to users in a Production environment.
Credit Policy Configuration ApproveAbility to approve configurations within Credit Policy featureRequired by System Configuration users in lower-level environments to approve configuration within the Credit Policy Configuration Feature. This permission is not typically granted to users in a Production environment.

Data Protection

Permission NameDescriptionNotes
Data Deletion AccessAbility to access the Data Deletion featureRequired by administrators that need to access the Data Deletion feature.
Data Deletion EditAbility to submit a data deletion requestRequired by administrators that need to submit a data deletion request.
Data Deletion ApproveAbility to approve a data deletion requestRequired by administrators that need to approve a data deletion request.

Document Management

Permission NameDescriptionNotes
Document Management AccessAbility to view documents associated to an entityRequired by all users that need to access the Documents tab for a given entity.
Document Management CreateAbility to upload new documents and associate them to an entityRequired by users that need to upload new documents to a given entity's Documents tab.
Document Management EditAbility to edit existing documents associated to an entityRequired by users that need to edit existing documents in a given entity's Documents tab.
Document Management DeleteAbility to delete existing documents associated to an entityRequired by users that need to delete documents from a given entity's Documents tab.
Document Management ApproveAbility to approve documents associated to an entityRequired by users that need to approve documents in a given entity's Documents tab when document Maker-Checker is active.
Document Management – ArchiveAbility to archive documents associated to an entityRequired by users that need to archive documents in a given entity's Documents tab.
Document Management – UnarchiveAbility to unarchive documents associated to an entityRequired by users that need to unarchive documents in a given entity's Documents tab.
Document Management – Archive (Legacy)Ability to archive and unarchive documents associated to an entityLegacy permission retained for backward compatibility. Grants the ability to both archive and unarchive documents. This permission will be evaluated for removal at a later stage.
Document Management LinkAbility to link or reuse existing documents without requiring document management create permissionsRequired by users that need to link or reuse existing documents without the need for document management create permissions.
IDP RAG Resource AccessAbility to access the IDP Managed Knowledge BaseRequired by users that need to access the IDP Managed Knowledge Base.
IDP RAG Resource EditAbility to add new Knowledge Base entries or edit existing entriesRequired by users that need to add or edit Knowledge Base entries.

Entity

Permission NameDescriptionNotes
Entity Access & SearchAbility to access and search for Entities within the applicationRequired by all users that need to search for and access Entity records within Fenergo SaaS.
Entity CreateAbility to create new Entities within the applicationRequired by users that need to create new Entity records.
Entity EditAbility to edit existing Entities within the applicationRequired by users that need to edit existing Entity records.
Entity CancelAbility to cancel existing Entities within the applicationRequired by users that need to cancel existing Entity records.
Sensitive Data AccessAbility to access sensitive fields within the applicationRequired by users that need to access fields that are designated as sensitive within Policy configuration. Sensitive data fields are masked for users without this permission.
Legal Entity Group Management Access & SearchAbility to search and access Legal Entity Group recordsRequired by users that need to view and search for Legal Entity Group records.
Legal Entity Group Management EditAbility to create and edit Legal Entity Group recordsRequired by users that need to create or edit Legal Entity Group records.

ETL

Permission NameDescriptionNotes
ETL AccessAbility to access the ETL featureRequired by users that need to access the ETL configuration and management features.
ETL EditAbility to edit ETL configurationsRequired by users that need to create or modify ETL configurations.
ETL ApproveAbility to approve ETL configurationsRequired by users that need to approve ETL configurations.

Journeys

Permission NameDescriptionNotes
Journey AccessAbility to view all Journeys assigned to their team in Journey HubRequired by all users that need to access and work on Journeys assigned to their team through Journey Hub.
Journey InitiateAbility to initiate JourneysRequired by users that need to initiate new Journeys. Depending on the system configuration, this may only be applicable for certain journey types.
Journey CancelAbility to cancel in-flight JourneysRequired by users that need to cancel in-flight Journeys.
Journey Reassign Task OwnerAbility to reassign the Task owner (team) on an in-flight Journey taskRequired by users that need to reassign a Journey task to a different team. Note: this permission allows the user to reassign task to any team, including teams that they are not part of.
Journey Reassign Task Owner, No Task AccessAbility to reassign the Task owner (team) on an in-flight Journey task where the team no longer exists or is inactiveRequired by users that need to reassign a Journey task that is assigned to a team that no longer exists or is inactive, to an active team. Note: this permission allows the user to reassign the task to any active team, including teams they are not part of.
Journey SLA PauseAbility to pause SLA on Journey tasksRequired by users that need to pause the SLA timer on Journey tasks.
Journey Configuration AccessAbility to access Journey configurationsRequired by System Configuration users in lower-level environments to access the Journey Configuration Feature. Generally, only provided to Application Support Teams in a Production environment.
Journey Configuration EditAbility to edit Journey configurationsRequired by System Configuration users in lower-level environments to create and modify Journey configurations. This permission is not typically granted to users in a Production environment.
Journey Configuration ApproveAbility to approve Journey configurationsRequired by System Configuration users in lower-level environments to approve Journey configurations. This permission is not typically granted to users in a Production environment.

Narratives

Permission NameDescriptionNotes
Narratives AccessAbility to access the Narratives featureRequired by users that need to view or interact with the Narratives tab on the Entity Profile Page.
Compliance Narratives AccessAbility to access and view compliance narrativesRequired by users that need to view compliance narratives on the Narratives tab.
Compliance Narratives EditAbility to create or edit compliance narrativesRequired by users that need to add or modify compliance narratives.
Business Narratives AccessAbility to access and view business narrativesRequired by users that need to view business narratives on the Narratives tab.
Business Narratives EditAbility to create or edit business narrativesRequired by users that need to add or modify business narratives.

Notifications

Permission NameDescriptionNotes
Notification AccessAbility to access the Notification CentreRequired by all users that need to access their Notification Centre within Fenergo SaaS.

Policy

Permission NameDescriptionNotes
Policy AccessAbility to access Policy configurationsRequired by System Configuration users in lower-level environments to access the Policy Configuration Feature. Generally, only provided to Application Support Teams in a Production environment.
Policy EditAbility to edit Policy configurationsRequired by System Configuration users in lower-level environments to create and modify Policy configurations. This permission is not typically granted to users in a Production environment.
Policy ApproveAbility to approve Policy configurationsRequired by System Configuration users in lower-level environments to approve Policy configurations. This permission is not typically granted to users in a Production environment.

Products

Permission NameDescriptionNotes
Product Access & SearchAbility to search for and access Product recordsRequired by users that need to view or search for Product records within Fenergo SaaS.
Product Requirement ScopeAbility to view product-scoped requirements within Journey tasksRequired by users that need to see product-specific data requirements within Journey tasks.

Reference Data

Permission NameDescriptionNotes
Reference Data Editor AccessAbility to access the Reference Data featureRequired by System Configuration users in lower-level environments to access the Reference Data Feature. Typically, this is only provided to Application Support Teams in a Production environment, however in some cases this may be provisioned to business users to stay informed on the reference data being used across Production. Note: A user requires the 'Lookup Access' Permission to interact with the Reference Data feature.
Reference Data Editor EditAbility to interact with the Reference Data feature including creating new reference data lists, creating new drafts, editing drafts, deleting values from a draft and submitting drafts for approvalRequired by System Configuration users in lower-level environments to create and modify Reference Data lists within the Reference Data Feature. This permission is not typically granted to users in a Production environment. Note: A user requires the 'Lookup Access' Permission to interact with the Reference Data feature.
Reference Data Editor ApproveAbility to approve Reference Data changesRequired by System Configuration users in lower-level environments to approve Reference Data changes within the Reference Data Feature. This permission is not typically granted to users in a Production environment.
Lookup AccessAbility to interact with Reference Data LookupsRequired by all users that need to interact with Reference Data lookups within the application.

Reporting

Permission NameDescriptionNotes
Reporting AccessAbility to access the Reporting featureRequired by users that need to access the Reporting / Advanced Dashboards feature within Fenergo SaaS.
Reporting EditAbility to create and edit reportsRequired by users that need to create or modify reports within the Reporting feature.
Reporting DeleteAbility to delete reportsRequired by users that need to delete reports within the Reporting feature.
Reporting ApproveAbility to approve reportsRequired by users that need to approve reports within the Reporting feature.

Risk

Permission NameDescriptionNotes
Risk AccessAbility to access Risk configurationsRequired by System Configuration users in lower-level environments to access the Risk Configuration Feature. Generally, only provided to Application Support Teams in a Production environment.
Risk EditAbility to edit Risk configurationsRequired by System Configuration users in lower-level environments to create and modify Risk configurations. This permission is not typically granted to users in a Production environment.
Risk ApproveAbility to approve Risk configurationsRequired by System Configuration users in lower-level environments to approve Risk configurations. This permission is not typically granted to users in a Production environment.

Screening

Permission NameDescriptionNotes
Screening AccessAbility to access the Screening featureRequired by users that need to access the Screening feature within Fenergo SaaS.
Screening EditAbility to edit and interact with Screening resultsRequired by users that need to review or action Screening results.
Screening DeleteAbility to delete an existing screening batch
Screening ApproveAbility to approve or reject screening escalation tasks

Transaction Monitoring

Permission NameDescriptionNotes
Alert Dashboard AccessAbility to access the Alert Dashboard page.This permission will allow a user to see the Alert dashboard.
Alert Dashboard Configuration EditAbility to edit the Alert Dashboard columns- pending.
Alert AccessAbility to access the alert.This will allow a TM analyst to click through to an alert and see the details and transactions.
Create AlertAbility to create manual alerts from the UI.Required to display the Create Alert button on the Entity Alerts and Entity Transactions tabs.
Whitelist AccessAbility to access the entity whitelist.This will give a user access to the Entity Whitelist.
Whitelist EditAbility to edit an entity whitelist entry.This will allow a user to add to or update the Entity Whitelist.
Whitelist DeleteAbility to delete an entity whitelist entry.This will allow a user to remove a whitelist record.
Whitelist ApproveAbility to approve an entity whitelist entry.This is required by users who should approve a whitelist added for an entity.
Entity Profile Transaction viewAbility to view transaction details for an entity.This will allow a user to see all the transaction for an entity.
Transactions Api AccessAbility to use transactions api.This allows a user to use the transaction API.
TM Risk Configuration EditAbility to edit risk configuration.Required by system configuration to update the TM risk configuration.
TM Risk Configuration AccessAbility to access risk configuration.Required by system configuration to access the TM risk configuration.
TM Risk Configuration ApproveAbility to approve risk configuration.Required by administrator to approve the risk configuration, not typically granted to users in Production environment.

User Administration

Permission NameDescriptionNotes
User Administration AccessAbility to access the User Administration featureRequired by administrators that need to access the User Administration feature to manage user accounts within Fenergo SaaS.
User Administration EditAbility to create and edit user accountsRequired by administrators that need to create new user accounts or modify existing accounts within the User Administration feature.
User Administration DeleteAbility to delete user accountsRequired by administrators that need to delete user accounts within the User Administration feature.