ECL Calculator - Technical Documentation

Business Flow Charts, Entity Relations, and Technical Architecture

Table of Contents

1. System Overview

The ECL Calculator is a comprehensive web application designed to calculate Expected Credit Loss (ECL) in compliance with RBI guidelines for Indian banks. The system provides a dual-interface approach with both traditional Flask-rendered pages and a modern React frontend.

High-Level System Overview

graph TB U[Users] --> LB[Load Balancer/Nginx] LB --> WS[Web Server - Gunicorn] WS --> FA[Flask Application] FA --> DB[(PostgreSQL Database)] FA --> FS[File Storage] U --> RF[React Frontend] RF --> API[REST API Layer] API --> FA subgraph "Application Layer" FA --> AUTH[Authentication Module] FA --> ECL[ECL Engine] FA --> ADM[Admin Module] FA --> RPT[Reports Module] FA --> TPL[Templates Module] end subgraph "Data Processing" ECL --> PD[PD Calculation] ECL --> LGD[LGD Calculation] ECL --> EAD[EAD Calculation] ECL --> ECLC[ECL Computation] end

2. Business Flow Charts

User Journey Flow

flowchart TD A[User visits application] --> B{User authenticated?} B -->|No| C[Redirect to Login Page] B -->|Yes| D[Access Dashboard] C --> E[Enter credentials] E --> F{Valid credentials?} F -->|No| G[Show error message] F -->|Yes| H[Create session] G --> C H --> D D --> I{User role?} I -->|Admin| J[Admin Dashboard] I -->|Regular User| K[User Dashboard] J --> L[Manage Users/Companies] J --> M[View Audit Logs] J --> N[System Configuration] K --> O[Create ECL Process] K --> P[View Reports] K --> Q[Manage Templates] O --> R[Upload Data Files] R --> S[Configure Parameters] S --> T[Start ECL Calculation] T --> U[Monitor Progress] U --> V[View Results] V --> W[Generate Reports] W --> X[Save as Template]

ECL Calculation Process Flow

flowchart TD A[Start ECL Process] --> B[Upload Required Files] B --> C{Files valid?} C -->|No| D[Show validation errors] C -->|Yes| E[Data Validation Step] D --> B E --> F[Asset Classification] F --> G[PD Calculation] G --> H[LGD Calculation] H --> I[EAD Calculation] I --> J[ECL Computation] J --> K[Report Generation] K --> L[Process Complete] subgraph "Data Files Required" M[Loan Data CSV] N[Collateral Data CSV] O[Market Variables CSV] P[Payment History CSV] Q[Previous Provisions CSV] end B --> M B --> N B --> O B --> P B --> Q subgraph "RBI Compliance Checks" R[Asset Classification per RBI norms] S[Standard Provision Rate validation] T[DPD-based categorization] end F --> R F --> S F --> T

Admin Workflow

flowchart TD A[Admin Login] --> B[Admin Dashboard] B --> C[User Management] B --> D[Company Management] B --> E[System Monitoring] B --> F[Audit Logs] C --> G[Create New User] C --> H[Edit User Details] C --> I[Deactivate User] C --> J[Reset Password] D --> K[Add Company] D --> L[Edit Company Info] D --> M[Toggle Company Status] E --> N[View System Health] E --> O[Monitor Performance] E --> P[Check Database Status] F --> Q[View User Activities] F --> R[Filter by Date/User] F --> S[Export Audit Data] G --> T{User creation valid?} T -->|Yes| U[Send credentials to user] T -->|No| V[Show validation errors] V --> G

3. Database Design

Entity Relationship Diagram

erDiagram User { int id PK string username UK string email UK string password_hash boolean is_admin int company_id FK datetime created_at datetime last_login boolean active } Company { int id PK string name UK text address string contact_email string contact_phone datetime registration_date boolean active } ECLProcess { int id PK string name string status datetime start_time datetime end_time text result_data int user_id FK int company_id FK int template_id FK } ProcessStep { int id PK int ecl_process_id FK string step_name string status datetime start_time datetime end_time text input_data text output_data text error_message } DataFile { int id PK int ecl_process_id FK string file_name string file_type string file_path datetime upload_date int file_size int row_count boolean validated text validation_errors } Template { int id PK string name text description text configuration int user_id FK int company_id FK datetime created_at datetime last_used } Report { int id PK string report_name string report_type datetime generation_date int ecl_process_id FK int user_id FK int company_id FK text report_data string file_path } AuditLog { int id PK int user_id FK int company_id FK string action datetime timestamp string ip_address string user_agent string resource_type int resource_id text details } Company ||--o{ User : employs Company ||--o{ ECLProcess : owns Company ||--o{ Template : creates Company ||--o{ Report : generates Company ||--o{ AuditLog : logs User ||--o{ ECLProcess : creates User ||--o{ Template : designs User ||--o{ Report : generates User ||--o{ AuditLog : performs ECLProcess ||--o{ ProcessStep : contains ECLProcess ||--o{ DataFile : uses ECLProcess ||--o{ Report : produces ECLProcess }o--|| Template : based_on Template ||--o{ ECLProcess : spawns

Database Schema Details

Key Database Tables and Relationships

Primary Entities:

  • User: Stores user authentication and profile information
  • Company: Organization-level data and multi-tenancy support
  • ECLProcess: Core business entity representing ECL calculation instances
  • Template: Reusable process configurations

Supporting Entities:

  • ProcessStep: Tracks individual steps in ECL calculation workflow
  • DataFile: Manages uploaded CSV files and validation status
  • Report: Generated output documents and analysis
  • AuditLog: Comprehensive activity tracking for compliance

Data Integrity and Constraints

Table Primary Key Foreign Keys Unique Constraints
User id company_id → Company(id) username, email
Company id - name
ECLProcess id user_id → User(id), company_id → Company(id), template_id → Template(id) -
ProcessStep id ecl_process_id → ECLProcess(id) -
DataFile id ecl_process_id → ECLProcess(id) -

4. System Architecture

Application Architecture

graph TB subgraph "Frontend Layer" WEB[Traditional Web Interface] REACT[React SPA] end subgraph "API Gateway" NGINX[Nginx Reverse Proxy] end subgraph "Application Layer" FLASK[Flask Application] GUNICORN[Gunicorn WSGI Server] end subgraph "Business Logic Layer" AUTH[Authentication Module] ECL[ECL Engine] ADMIN[Admin Module] REPORTS[Reports Module] TEMPLATES[Templates Module] API[API Module] end subgraph "Data Access Layer" ORM[SQLAlchemy ORM] MODELS[Data Models] end subgraph "Infrastructure Layer" DB[(PostgreSQL Database)] FILES[File Storage System] LOGS[Logging System] end WEB --> NGINX REACT --> NGINX NGINX --> GUNICORN GUNICORN --> FLASK FLASK --> AUTH FLASK --> ECL FLASK --> ADMIN FLASK --> REPORTS FLASK --> TEMPLATES FLASK --> API AUTH --> ORM ECL --> ORM ADMIN --> ORM REPORTS --> ORM TEMPLATES --> ORM API --> ORM ORM --> MODELS MODELS --> DB ECL --> FILES FLASK --> LOGS

Component Diagram

classDiagram class FlaskApp { +app: Flask +db: SQLAlchemy +login_manager: LoginManager +initialize_app() +register_blueprints() } class AuthModule { +login() +logout() +register() +profile() +reset_password() } class ECLEngine { +create_process() +upload_files() +execute_calculation() +get_results() +retry_process() } class AdminModule { +manage_users() +manage_companies() +view_audit_logs() +system_configuration() } class ReportsModule { +generate_summary_report() +generate_detailed_report() +comparison_analysis() +export_data() } class TemplatesModule { +save_template() +load_template() +execute_template() +delete_template() } class APIModule { +authentication_endpoints() +ecl_process_endpoints() +admin_endpoints() +report_endpoints() } class DataModels { +User +Company +ECLProcess +ProcessStep +DataFile +Template +Report +AuditLog } FlaskApp --> AuthModule FlaskApp --> ECLEngine FlaskApp --> AdminModule FlaskApp --> ReportsModule FlaskApp --> TemplatesModule FlaskApp --> APIModule AuthModule --> DataModels ECLEngine --> DataModels AdminModule --> DataModels ReportsModule --> DataModels TemplatesModule --> DataModels APIModule --> DataModels

Deployment Architecture

graph TB subgraph "Load Balancer / CDN" LB[Load Balancer] CDN[Content Delivery Network] end subgraph "Web Tier" WEB1[Web Server 1 - Nginx] WEB2[Web Server 2 - Nginx] end subgraph "Application Tier" APP1[App Server 1 - Gunicorn] APP2[App Server 2 - Gunicorn] APP3[App Server 3 - Gunicorn] end subgraph "Database Tier" DB_MASTER[(PostgreSQL Master)] DB_REPLICA[(PostgreSQL Replica)] end subgraph "Storage Tier" FILES[File Storage] BACKUP[Backup Storage] end subgraph "Monitoring & Logging" MONITOR[Monitoring System] LOGS[Log Aggregation] end USERS[Users] --> LB USERS --> CDN LB --> WEB1 LB --> WEB2 WEB1 --> APP1 WEB1 --> APP2 WEB2 --> APP2 WEB2 --> APP3 APP1 --> DB_MASTER APP2 --> DB_MASTER APP3 --> DB_MASTER DB_MASTER --> DB_REPLICA APP1 --> FILES APP2 --> FILES APP3 --> FILES DB_MASTER --> BACKUP FILES --> BACKUP APP1 --> MONITOR APP2 --> MONITOR APP3 --> MONITOR WEB1 --> LOGS WEB2 --> LOGS

5. API Documentation

Authentication APIs

POST /api/auth/login

Description: Authenticate user and create session

Request Body:

{
  "email": "user@example.com",
  "password": "userpassword"
}

Response:

{
  "success": true,
  "user": {
    "id": 1,
    "username": "john_doe",
    "email": "user@example.com",
    "is_admin": false,
    "company_id": 1
  }
}
POST /api/auth/logout

Description: End user session and logout

Response:

{
  "success": true,
  "message": "Logged out successfully"
}
GET /api/auth/user

Description: Get current authenticated user information

Response:

{
  "authenticated": true,
  "user": {
    "id": 1,
    "username": "john_doe",
    "email": "user@example.com",
    "is_admin": false,
    "company_id": 1
  }
}

ECL Process APIs

GET /api/processes

Description: Get list of ECL processes for current user's company

Response:

{
  "processes": [
    {
      "id": 1,
      "name": "Q1 2024 ECL Calculation",
      "status": "completed",
      "start_time": "2024-01-15T10:00:00Z",
      "end_time": "2024-01-15T10:30:00Z",
      "user_id": 1,
      "company_id": 1
    }
  ]
}
POST /api/processes

Description: Create new ECL process

Request Body:

{
  "name": "Q2 2024 ECL Calculation",
  "template_id": null
}
POST /api/processes/{id}/upload

Description: Upload data files for ECL process

Request: Multipart form data with CSV files

POST /api/processes/{id}/start

Description: Start ECL calculation process

Response:

{
  "success": true,
  "message": "ECL calculation started",
  "process_id": 1
}
GET /api/processes/{id}/status

Description: Get current status of ECL process

Response:

{
  "process_id": 1,
  "status": "running",
  "current_step": "PD Calculation",
  "progress": 60,
  "steps": [
    {
      "name": "Data Validation",
      "status": "completed",
      "start_time": "2024-01-15T10:00:00Z",
      "end_time": "2024-01-15T10:05:00Z"
    }
  ]
}

Admin APIs

GET /api/admin/users

Description: Get list of all users (admin only)

POST /api/admin/users

Description: Create new user (admin only)

PUT /api/admin/users/{id}

Description: Update user information (admin only)

GET /api/admin/companies

Description: Get list of all companies (admin only)

GET /api/admin/audit-logs

Description: Get audit logs with filtering options (admin only)

6. Code Structure

Project Organization

File Structure
ecl-calculator/
├── main.py                 # Application entry point
├── app.py                  # Flask app configuration and initialization
├── config.py               # Configuration settings
├── models.py               # SQLAlchemy database models
├── auth.py                 # Authentication blueprint
├── admin.py                # Admin management blueprint
├── ecl_engine.py           # ECL calculation engine
├── templates.py            # Template management blueprint
├── reports.py              # Reports generation blueprint
├── api.py                  # REST API endpoints
├── utils.py                # Utility functions and helpers
├── create_demo_admin.py    # Demo user creation script
├── requirements.txt        # Python dependencies
├── package.json            # Node.js dependencies
├── static/                 # Static files (CSS, JS, images)
│   ├── css/
│   ├── js/
│   └── images/
├── templates/              # Jinja2 HTML templates
├── uploads/                # File upload directory
├── react-ecl-calculator/   # React frontend application
│   ├── src/
│   │   ├── components/
│   │   ├── contexts/
│   │   ├── services/
│   │   └── config/
│   ├── public/
│   └── build/
└── kubernetes/             # Kubernetes deployment manifests

Key Modules

1. ECL Engine (ecl_engine.py)

Core ECL Calculation Functions
  • execute_data_validation(): Validates uploaded CSV files
  • execute_asset_classification(): Classifies assets per RBI guidelines
  • execute_pd_calculation(): Calculates Probability of Default
  • execute_lgd_calculation(): Calculates Loss Given Default
  • execute_ead_calculation(): Calculates Exposure at Default
  • execute_ecl_computation(): Final ECL calculation
  • execute_report_generation(): Generates comprehensive reports

2. Authentication Module (auth.py)

User Management Functions
  • login(): User authentication and session creation
  • logout(): Session termination with security cleanup
  • register(): New user registration (admin only)
  • profile(): User profile management
  • reset_password(): Password reset functionality

3. API Module (api.py)

REST API Endpoints
  • Authentication endpoints: Login, logout, user info
  • Process endpoints: Create, start, monitor ECL processes
  • File upload endpoints: Handle CSV file uploads
  • Admin endpoints: User and company management
  • Report endpoints: Generate and download reports

Class Diagrams

classDiagram class User { +id: int +username: str +email: str +password_hash: str +is_admin: bool +company_id: int +created_at: datetime +last_login: datetime +active: bool +set_password(password) +check_password(password) +get_id() } class Company { +id: int +name: str +address: str +contact_email: str +contact_phone: str +registration_date: datetime +active: bool } class ECLProcess { +id: int +name: str +status: str +start_time: datetime +end_time: datetime +result_data: str +user_id: int +company_id: int +template_id: int +get_results() +set_results(results) } class ProcessStep { +id: int +ecl_process_id: int +step_name: str +status: str +start_time: datetime +end_time: datetime +input_data: str +output_data: str +error_message: str +get_input_data() +set_input_data(data) +get_output_data() +set_output_data(data) } class DataFile { +id: int +ecl_process_id: int +file_name: str +file_type: str +file_path: str +upload_date: datetime +file_size: int +row_count: int +validated: bool +validation_errors: str +get_validation_errors() +set_validation_errors(errors) } class Template { +id: int +name: str +description: str +configuration: str +user_id: int +company_id: int +created_at: datetime +last_used: datetime +get_config() +set_config(config) } User }|--|| Company : belongs_to ECLProcess }|--|| User : created_by ECLProcess }|--|| Company : owned_by ECLProcess ||--o{ ProcessStep : has_many ECLProcess ||--o{ DataFile : uses_many ECLProcess }o--|| Template : based_on Template }|--|| User : created_by Template }|--|| Company : owned_by

7. Security Architecture

Security Layers

graph TB subgraph "Network Security" FW[Firewall] WAF[Web Application Firewall] DDoS[DDoS Protection] end subgraph "Transport Security" TLS[TLS 1.3 Encryption] CERT[SSL Certificates] HSTS[HSTS Headers] end subgraph "Application Security" AUTH[Authentication] AUTHZ[Authorization] CSRF[CSRF Protection] XSS[XSS Prevention] end subgraph "Session Security" SESS[Secure Sessions] COOK[HttpOnly Cookies] TIMEOUT[Session Timeout] end subgraph "Data Security" HASH[Password Hashing] ENC[Data Encryption] VALID[Input Validation] end subgraph "Database Security" CONN[Connection Pooling] PREP[Prepared Statements] BACKUP[Encrypted Backups] end subgraph "Audit & Monitoring" LOG[Audit Logging] MONITOR[Security Monitoring] ALERT[Security Alerts] end USER[Users] --> FW FW --> WAF WAF --> DDoS DDoS --> TLS TLS --> AUTH AUTH --> AUTHZ AUTHZ --> SESS SESS --> DATA[Application Data] DATA --> DB[(Database)] AUTH -.-> LOG AUTHZ -.-> LOG SESS -.-> LOG DATA -.-> MONITOR DB -.-> BACKUP
Security Implementation Details

Authentication & Authorization:

  • Flask-Login for session management
  • Werkzeug for secure password hashing (bcrypt)
  • Role-based access control (Admin vs Regular User)
  • Company-level data isolation

Data Protection:

  • Input validation and sanitization
  • SQL injection prevention via SQLAlchemy ORM
  • CSRF protection via Flask-WTF
  • Secure file upload handling

Session Security:

  • HttpOnly and Secure cookie flags
  • 8-hour session timeout
  • Session regeneration on login
  • Automatic logout on suspicious activity

8. Performance Considerations

Performance Optimization Strategy

graph TB subgraph "Frontend Optimization" REACT[React Code Splitting] LAZY[Lazy Loading] CACHE[Browser Caching] CDN[CDN for Static Assets] end subgraph "Application Optimization" CONN[Connection Pooling] QUERY[Query Optimization] INDEX[Database Indexing] PAGINATION[Result Pagination] end subgraph "Infrastructure Optimization" LB[Load Balancing] SCALE[Horizontal Scaling] REPLICA[Database Replicas] MONITORING[Performance Monitoring] end subgraph "Data Processing Optimization" BATCH[Batch Processing] ASYNC[Async Operations] STREAM[Data Streaming] COMPRESS[Data Compression] end USERS[Users] --> REACT REACT --> CACHE CACHE --> CDN APP[Application] --> CONN CONN --> QUERY QUERY --> INDEX INDEX --> PAGINATION LB --> APP SCALE --> LB REPLICA --> QUERY MONITORING --> SCALE ECL[ECL Processing] --> BATCH BATCH --> ASYNC ASYNC --> STREAM STREAM --> COMPRESS
Performance Metrics and Targets
Metric Target Measurement
Page Load Time < 3 seconds First Contentful Paint
API Response Time < 500ms 95th percentile
ECL Processing Time < 5 minutes per 10,000 loans End-to-end calculation
Database Query Time < 100ms Average response time
File Upload Speed > 10MB/minute Upload throughput
Concurrent Users 100+ simultaneous Load testing results

© 2025 Kainos ECL Calculator. All rights reserved.

Technical Documentation Version 1.0.0