HeliosGroup/vendor-onboarding-l4
MCP Server
Active
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
f921a768c981fac88453d634ac3c0a37aefb01de
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Rihards f921a768c9 fix: remove XML entity newlines from BPMN names
2026-03-21 18:51:38 +00:00
bpmn
fix: remove XML entity newlines from BPMN names
2026-03-21 18:51:38 +00:00
cmmn
fix
2026-03-21 20:41:48 +02:00
dmn
update
2026-03-21 20:30:42 +02:00
enterprise
update
2026-03-21 20:30:42 +02:00
metadata
update
2026-03-21 20:30:42 +02:00
resources
update
2026-03-21 20:30:42 +02:00
agent.chat.yaml
init
2026-03-21 20:17:36 +02:00
processgit.mcp.yaml
init
2026-03-21 20:17:36 +02:00
README.md
init
2026-03-21 20:17:36 +02:00
uapf.yaml
init
2026-03-21 20:17:36 +02:00

README.md

Vendor Onboarding & Approval — UAPF Level 4 Process Package

HeliosGroup · Procurement Operations · Process-as-Code

Overview

This repository contains a fully executable, AI-governed Level-4 UAPF process package for the end-to-end Vendor Onboarding & Approval workflow at HeliosGroup.

The process covers everything from initial vendor submission through sanctions screening, financial risk scoring, legal review, and IT provisioning — with AI agents orchestrating compliance checks at every gate.

Process Summary

Stage Owner AI Role
Vendor Submission Procurement Officer Form validation & completeness check
Sanctions & Compliance Screening AI Compliance Agent Real-time OFAC/EU sanctions lookup
Financial Risk Scoring Finance & Tax DMN-driven risk tier assignment
Legal Review Legal & Contracts AI-assisted contract clause review
IT Provisioning IT Systems Automated account & access setup
Approval & Activation Procurement Officer Final sign-off with audit trail

Repository Structure

vendor-onboarding-l4/
├── uapf.yaml                        # UAPF L4 package manifest
├── enterprise/
│   └── enterprise.yaml              # Enterprise index reference
├── bpmn/
│   └── vendor-onboarding.bpmn.xml  # Main process (5 swim lanes)
├── dmn/
│   └── vendor-risk-scoring.dmn.xml # Risk tier decision table
├── cmmn/
│   └── sanctions-exception.cmmn.xml # Sanctions escalation case
├── resources/
│   └── mappings.yaml               # System & agent bindings
├── metadata/
│   ├── lifecycle.yaml
│   └── ownership.yaml
├── processgit.mcp.yaml             # MCP server configuration
└── agent.chat.yaml                 # AI chat assistant configuration

Key Features

  • AI-first design — Sanctions screening, risk scoring, and contract review are all AI-executed tasks
  • Sanctions exception handling — Dedicated CMMN case manages the full escalation path when a vendor matches a watchlist
  • DMN risk scoring — Vendor risk tier is computed from country risk, financial health, and ownership structure
  • MCP-accessible — All process data is queryable by AI agents via the built-in MCP server
  • Full audit trail — Every decision is version-controlled and replayable

Quick Start (Chat Assistant)

This repository includes an AI chat assistant. Click the Chat icon in the file tree to ask questions like:

  • "What should I do if the onboarding organization is under sanctions?"
  • "Describe the full vendor onboarding process"
  • "What documents are required for a Tier 1 high-risk vendor?"
  • "Who approves vendors from high-risk jurisdictions?"

Standards & Compliance

  • UAPF v1.0 compliant (Level 4 — executable process)
  • BPMN 2.0 · DMN 1.3 · CMMN 1.1
  • OFAC / EU Consolidated Sanctions List screening
  • GDPR-aware data handling (vendor PII minimized)
  • EU AI Act Art. 9 risk management documentation

Powered by ProcessGit — Git for Processes

Description
No description provided
Readme 68 KiB