vendor-onboarding-l4/processgit.mcp.yaml

version: 1

server:
  name: "HeliosGroup Vendor Onboarding MCP"
  description: >
    MCP server for the HeliosGroup Vendor Onboarding and Approval process package.
    Provides AI agents with structured access to process definitions, risk scoring
    rules, sanctions handling procedures, and compliance requirements.
  instructions: >
    This server exposes the complete Vendor Onboarding and Approval process at HeliosGroup.
    Use 'search' to find process steps, compliance rules, or risk criteria by keyword.
    Use 'get_entity' to retrieve full details of specific tasks, decisions, or cases.
    Use 'list_entities' to browse by type (task, decision, case, resource).
    Use 'generate_document' to produce a formatted process summary.
    Key entities: vendor-onboarding-process (BPMN), vendor-risk-scoring (DMN),
    sanctions-exception (CMMN).

sources:
  - path: "bpmn/vendor-onboarding.bpmn.xml"
    type: "xml"
    description: >
      Main vendor onboarding BPMN process. 5 swim lanes covering Procurement,
      AI Compliance, Legal, Finance, and IT. Includes sanctions screening path,
      parallel compliance checks, risk-tiered due diligence, and IT provisioning.

  - path: "dmn/vendor-risk-scoring.dmn.xml"
    type: "xml"
    description: >
      Vendor risk scoring DMN decision tables. Computes risk tier (1/2/3),
      required due diligence level, approval authority, and review timeline
      based on country risk, financial health, and ownership structure.
      Includes country risk classification and FATF and sanctions list checks.

  - path: "cmmn/sanctions-exception.cmmn.xml"
    type: "xml"
    description: >
      Sanctions exception and escalation CMMN case. Activated when AI agent
      detects a sanctions match. Covers initial assessment, legal investigation,
      executive escalation for direct matches or contracts over 500K EUR,
      and formal resolution with audit trail.