Complete final todos: frontend optimization, user docs, compliance docs

- Added code splitting and memoization for frontend
- Created comprehensive user guide
- Created compliance documentation
- All remaining implementable todos completed

docs/COMPLIANCE.md

@@ -0,0 +1,200 @@
+# Compliance Documentation
+
+## Regulatory Framework
+
+The Brazil SWIFT Operations Platform complies with Brazilian banking and foreign exchange regulations, including:
+
+- **Lei nº 14.286** (New Foreign Exchange Law, effective Dec 2022)
+- **Banco Central do Brasil (BCB)** regulations
+- **Conselho Monetário Nacional (CMN)** policies
+- **FATF** AML standards
+
+## Key Compliance Requirements
+
+### 1. USD 10,000 Reporting Threshold
+
+**Requirement:** All international transfers ≥ USD 10,000 (or equivalent) must be reported to Banco Central do Brasil.
+
+**Implementation:**
+- Automatic detection of transactions meeting threshold
+- BCB report generation
+- Immutable audit logging
+- 7-year retention period
+
+**Per-Transaction Basis:**
+- Threshold applies to **each individual transaction**
+- Multiple smaller transactions are monitored for structuring patterns
+
+### 2. Tax ID Validation (CPF/CNPJ)
+
+**Requirement:** All parties must have valid Brazilian tax identification.
+
+**CPF (Individuals):**
+- 11 digits
+- Valid checksum validation
+- Required for individuals
+
+**CNPJ (Companies):**
+- 14 digits
+- Valid checksum validation
+- Required for legal entities
+
+**Implementation:**
+- Automatic validation on transaction submission
+- Rejection of invalid Tax IDs
+- Audit logging of validation results
+
+### 3. Purpose of Payment
+
+**Requirement:** All transactions must include a clear purpose of payment.
+
+**Implementation:**
+- Mandatory field validation
+- Minimum length requirements
+- Maximum length enforcement (140 characters for SWIFT)
+- Audit trail
+
+### 4. IOF Tax Calculation
+
+**Requirement:** IOF (Imposto sobre Operações Financeiras) must be calculated and collected.
+
+**Rates:**
+- **Inbound**: 0.38% (0.0038)
+- **Outbound**: 3.5% (0.035)
+
+**Implementation:**
+- Automatic calculation based on transaction direction
+- Display in transaction details
+- Inclusion in BCB reports
+
+### 5. FX Contract Linkage
+
+**Requirement:** Foreign exchange transactions must be linked to registered FX contracts.
+
+**Implementation:**
+- FX contract validation
+- Contract amount reconciliation
+- Contract lifecycle tracking
+- Audit trail
+
+### 6. AML Structuring Detection
+
+**Requirement:** Detect and report potential structuring (breaking large transactions into smaller ones to avoid reporting).
+
+**Implementation:**
+- 30-day rolling window analysis
+- Pattern detection across same parties
+- Automatic flagging for review
+- Escalation workflow
+
+## BCB Reporting
+
+### Report Types
+
+1. **Periodic Reports**: Regular reporting for transactions meeting threshold
+2. **Ad-hoc Reports**: On-demand reporting for specific periods
+3. **Compliance Reports**: Regulatory compliance summaries
+
+### Report Contents
+
+- Transaction details
+- Party information (with Tax IDs)
+- Amounts and currencies
+- Purpose of payment
+- FX contract references
+- IOF calculations
+- Compliance flags
+
+### Report Retention
+
+- **Retention Period**: 7 years (2555 days)
+- **Format**: JSON and CSV export
+- **Audit Trail**: Immutable logging of all reports
+
+## Audit Trail
+
+### Audit Logging
+
+All transactions generate immutable audit logs containing:
+
+- Transaction ID
+- Timestamp
+- Rule set version
+- Input data
+- Evaluation results
+- Decision and rationale
+- User ID (if authenticated)
+- IP address (if available)
+
+### Audit Retention
+
+- **Default**: 7 years
+- **Configurable**: Via environment variable `AUDIT_RETENTION_DAYS`
+- **Auto-deletion**: Configurable via `AUDIT_AUTO_DELETE`
+
+### Audit Access
+
+- Read-only access to audit logs
+- Search by transaction ID
+- Date range filtering
+- Export capabilities
+
+## Rule Version Governance
+
+### Version Management
+
+- Rule set versions tracked in audit logs
+- Version changes require approval
+- Migration scripts for version upgrades
+- Compatibility checking
+
+### Version Format
+
+- Semantic versioning (MAJOR.MINOR.PATCH)
+- Example: `1.0.0`
+- Stored in `package.json` as source of truth
+
+## Data Retention
+
+### Transaction Data
+
+- **Retention**: 7 years (configurable)
+- **Archival**: After retention period
+- **Deletion**: Per retention policy
+
+### Audit Logs
+
+- **Retention**: 7 years (configurable)
+- **Immutable**: Cannot be modified
+- **Deletion**: Only per retention policy
+
+### Reports
+
+- **Retention**: 7 years
+- **Export**: Available for download
+- **Archival**: Automatic after retention
+
+## Compliance Checklist
+
+Before processing transactions, ensure:
+
+- [ ] USD 10,000 threshold monitoring enabled
+- [ ] CPF/CNPJ validation active
+- [ ] Purpose of payment required
+- [ ] IOF rates configured correctly
+- [ ] FX contract validation enabled
+- [ ] AML structuring detection active
+- [ ] Audit logging enabled
+- [ ] BCB reporting configured
+- [ ] Retention policies set
+
+## Regulatory Contacts
+
+- **Banco Central do Brasil**: https://www.bcb.gov.br
+- **CMN**: https://www.bcb.gov.br/estabilidadefinanceira/cmn
+
+## Compliance Updates
+
+This documentation is updated as regulations change. Always refer to the latest version and consult with compliance officers for specific questions.
+
+**Last Updated:** 2026-01-23