Internet Engineering Task Force (IETF) S. Fields Internet Draft Retired Intended status: Standards Track February 2019 Expires: August 2019 Audit Un-Known Cash draft-iesg-aukc-00.txt Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on August 2019. Fields Expires August 2019 [Page 1] Internet-Draft Audit Un-Known Cash February 2019 Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract The issue concerns auditing financial records from several sources over time. To validate proper legal money usage and flow is a difficult task. Each financial institution has non-common reporting methods. Seek to create a common export record to merge transactions and easily sort by date , time , and institution. The first goal is to create a traceability file of transactions. The second goal is to create a "simple" standard record for "anyone" to sift and sort records. Table of Contents 1. Introduction...................................................3 2. Conventions used in this document..............................5 3. Explain New Record Type and Function...........................6 4. Protoype Data..................................................8 5. File Naming...................................................14 6. Formal Syntax.................................................15 7. Security Considerations.......................................19 8. IANA Considerations...........................................19 9. Conclusions...................................................19 10. References...................................................21 10.1. Normative References....................................21 10.2. Informative References..................................21 11. Acknowledgments..............................................21 Appendix A. Open Appendix........................................22 A.1. open for future..........................................22 A.2. open for future..........................................22 Fields Expires August 2019 [Page 2] Internet-Draft Audit Un-Known Cash February 2019 1. Introduction Audit Financial Records Each day numerous financial records and transactions occur. People are put in charge as guardians or trustees for the young or old , who cannot handle their own affairs. Additional people may be called upon after the fact to validate and audit prior actions. All financial instutions have unique and different reporting methods. There is no single tool or method to extract a "common" data format. Institution A may have PDF files , Institution B may have XLS files. Institution C may only have paper reports. To sow these records together is a large manual task. The man is working for the machine. Eliminate having the user reinventing the wheel each time an audit is required , or manually key stroking data. Automate the process of gathering data into a uniform method. Fields Expires August 2019 [Page 3] Internet-Draft Audit Un-Known Cash February 2019 Current Audit Process To Get Records +-------------------------------------------------------+ | | | | | /======/ /======/ /======/ /======/ | | /YEAR n/ /YEAR n/ /YEAR n/ /YEAR n/| | | / ... / / ... / / ... / / ... / | | | /YEAR 3/ /YEAR 3/ /YEAR 3/ /YEAR 3/ | | | /YEAR 2/ /YEAR 2/ /YEAR 2/ /YEAR 2/ | | | /YEAR 1/ /YEAR 1/ /YEAR 1/ /YEAR 1/ | | | |=======| |=======| |=======| |=======| / | | | INST. | | INST. | | INST. | | INST. | / | | | A | | B | | C | | D | / | | | | / | | / | | / | | / | | | BANK |/ | BANK |/ | STOCK |/ | SS |/ | | |=======| |=======| |=======| |=======| | | | | | | | | V V V V | | ========================================== | | =========== Gather Record Sets =========== | | ========================================== | | | | | V | | ############### | | # # | | # AUDIT # | | # PROCESS # | | # # | | ############### | | | | | +-----------------------------------------------------=-+ Audit Process Gather records , filter records , add records to a computer file. Analyze the data , look for patterns. Report the findings. Fields Expires August 2019 [Page 4] Internet-Draft Audit Un-Known Cash February 2019 2. Conventions used in this document In examples, "C:" and "S:" indicate lines sent by the client and server respectively. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. In this document, these words will appear with that interpretation only when in ALL CAPS. Lower case uses of these words are not to be interpreted as carrying significance described in RFC 2119. In this document, the characters ">>" preceding an indented line(s) indicates a statement using the key words listed above. This convention aids reviewers in quickly identifying or finding the portions of this RFC covered by these keywords. Fields Expires August 2019 [Page 5] Internet-Draft Audit Un-Known Cash February 2019 3. Explain New Record Type and Function Create common record for any user. Target the intended audience ! Think as a non-computer expert. Think of non-computer people that do jobs ; such as accounting , law enforcement , lawyers , judges , banks , credit unions , estate management , and family relatives. Think of simple computer users that who want to manipulate data. There are numerous standards for computer data , e.g. iCal , vCard. A common record type for auditing financial transactions is needed. A record that will span time , time zones , dates and currencies. If there is a set of records from Instution A , and another set from Instution B. Each will provide data that points back to the other instution. Record set: Record Owner A has Affiliate B ( source points forward to destination ) Record Owner B has Affiliate A ( destination points back to source ) Records should net out. The left side of the handshake is always the record owner , the right side is always the affiliate. The record is a constant format , only the handshake flag flips direction to indicate source and destination. Who owns the record ? The reporting instution is the record owner of the data. The affiliate is the other half of the transaction. How did the money move in or out and by what method ? This new proposed record will show the process and direction of how the money moved. All the data should be available in today's environment. The audit question is: Where did the cash go ? Fields Expires August 2019 [Page 6] Internet-Draft Audit Un-Known Cash February 2019 +-----------------------------------------------------------------+ | | | Explain Audit Steps and Flags | | | | Handshake | | Flag | | || | | || Gain or Loss Flag | | || || | | Record || || | | Record Owner Owner || || Affiliate Affiliate | | Instution Account || || Instution Account | | Number Number VV VV Number Number | | | | ----09------ ----10----- 11 12 -----13----- ----14----- | | 12345678 acc12345678 => -1 99997777 acc99997777 | | 99997777 acc99997777 <= +1 12345678 acc12345678 | | | | Constant record format from the record owner provides: | | a) The instution numbers crisscross: | | fields (09,10) crisscross fields (13,14) | | for a given transaction (GUID). | | b) The Handshake Flags (11) nets out. | | The source always points to the destination. | | c) The Gain Loss Flags (12) net out. | | d) Since this netted out and both instutions | | are known - assume proper money flow. | | e) If there are extra unexplained transactions at | | the destination or a missing destination then | | further investigation is required. | | f) Get additional accounts and records as needed. | +-----------------------------------------------------------------+ Fields Expires August 2019 [Page 7] Internet-Draft Audit Un-Known Cash February 2019 4. Prototype Data Below are several screens (RFC ASCII figures) that display a potential solution. Each record has date and time stamp information and other data. The key is to have the creator of the record as the first instution (left). Then the affiliate instution (right) as the handshake. Each transaction has an initiator and a receiver. If both instutions create the same format record , it becomes a simple crisscross reference match. This a protype of record layout names: Counter - Field Name 01 - Record Type 02 - Date 03 - Time 04 - AM or PM indicator 05 - Zone 06 - UTC 07 - UTC Offset 08 - Day Name 09 - GUID 10 - Record Owner 11 - Record Owner Account Number 12 - Handshake Flag 13 - Gain/Loss Flag 14 - Record Affiliate 15 - Record Affiliate Account Number 16 - Transaction Type 17 - Transaction Sub Type 18 - Teller ID / Station ID 19 - Amount of Transaction 20 - Currency Code 21 - Country and Currency 22 - DUNS 23 - Name 24 - Street/PO Box 25 - City 26 - State/Province 27 - Country 28 - ZIP/Postal Code 29 - Comment 30 - End of Record Marker (FX) Fields Expires August 2019 [Page 8] Internet-Draft Audit Un-Known Cash February 2019 RFC ASCII figure A.1 Data Examples +----------------------------------------------------------------+ | Four (4) sets of examples over next five (5) pages. | | | | | | | | R T O | | e y f | | c p Z f | | o e o U s | | r AM n T e Day | | d Date Time PM e UTC C t Name | | | | -01- ----02---- --03---- 04 05- ---06--- 07- ----08--- | | AUKC 2019-01-31 14:45:59 PM CDT 20:45:59 +06 Thursday | | AUKC 2019-02-01 04:01:00 AM CDT 10:01:00 +06 Friday | | This shows the transactions netted out. | | | | AUKC 2019-01-22 15:53:11 PM CST 21:53:11 +06 Tuesday | | AUKC 2019-01-23 05:03:11 AM CST 11:03:11 +06 Wednesday | | AUKC 2019-01-25 11:03:11 AM CST 17:03:11 +06 Friday | | This shows a large cash withdrawal. | | | | AUKC 2019-01-22 15:53:11 PM CST 21:53:11 +06 Tuesday | | AUKC 2019-01-23 05:03:11 AM CST 11:03:11 +06 Wednesday | | AUKC 2019-01-25 11:03:11 AM CST 17:03:11 +06 Friday | | This show final transfer to an unknown bank "2222222222 | | | | AUKC 2019-01-22 15:53:11 PM CST 21:53:11 +06 Tuesday | | AUKC 2019-01-23 05:03:11 AM CST 11:03:11 +06 Wednesday | | AUKC 2019-01-25 11:03:11 AM CST 17:03:11 +06 Friday | | AUKC 2019-01-25 11:53:11 AM CST 17:53:11 +06 Friday | | AUKC 2019-01-25 14:03:11 PM CST 20:03:11 +06 Friday | | This record shows interest , cash withdrawal and fees. | | | | | +----------------------------------------------------------------+ Fields Expires August 2019 [Page 9] Internet-Draft Audit Un-Known Cash February 2019 RFC ASCII figure A.2 +----------------------------------------------------------------+ | | | Handshake Flag | | || | | || | | || Gain / Loss Flag | | || || | | Record || || | | Record Owner Owner || || Affiliate | | Instution Account || || Instution | | GUID Number Number VV VV Number | | | | ------09---- ----10------ ----11----- 12 13 -----14----- | | AAAAAZZZZZ 12345678 acc12345678 => -1 99997777 | | AAAAAZZZZZ 99997777 acc99997777 <= +1 12345678 | | | | | | FX1234-AAFGH 88888888 acc8888888 => -1 444444444444 | | FX1234-AAFGH 444444444444 acc4444444 <= +1 88888888 | | ZZZZZ99998 444444444444 acc4444444 => -1 | | | | | | FX1234-AAFGH 88888888 acc8888888 => -1 444444444444 | | FX1234-AAFGH 444444444444 acc4444444 <= +1 88888888 | | MMM55555 444444444444 acc4444444 => -1 2222222222 | | | | | | GUIDAAAA 12345678 accAAAAA => -1 88888888 | | GUIDAAAA 88888888 accBBBBBB <= +1 12345678 | | GUIDINTREST 88888888 accBBBBBB == +0 | | GUIDCASH 88888888 accBBBBBB => -1 | | GUIDPENETLY 88888888 accBBBBBB == -0 | | | | | | | +----------------------------------------------------------------+ Fields Expires August 2019 [Page 10] Internet-Draft Audit Un-Known Cash February 2019 RFC ASCII figure A.3 +----------------------------------------------------------------+ | | | | | Transaction Type | | || C | | || u | | || Sub Type r | | || || r | | || || e C | | Affiliate || || n o | | Account || || Teller ID / Amount of c d | | Number VV VV Station ID Transaction y e | | | | ----15----- 16 17 -------18------- -----19---- 20- | | acc99997777 R -123,456.78 USD | | acc12345678 B +123,456.78 USD | | | | | | acc4444444 R Home Phone XMIT -123,456.99 USD | | acc8888888 B +123,456.99 USD | | CW T41 Terminal AAD -23,456.00 USD | | | | | | acc4444444 R Home Phone XMIT -123,456.99 USD | | acc8888888 B +123,456.99 USD | | acc222222 R -23,456.00 USD | | | | | | accBBBBBB R Home Phone XMIT -88777.66 USD | | accAAAAA B +88777.66 USD | | I +10.00 USD | | CW -70,000.00 USD | | F -20.00 USD | | | | | | | +----------------------------------------------------------------+ Fields Expires August 2019 [Page 11] Internet-Draft Audit Un-Known Cash February 2019 RFC ASCII figure A.4 +----------------------------------------------------------------+ | | | | | | | | | Mailing | | Country and Currency DUNS Name Street/PO Box | | | | ---------21---------- ----22--- ------23--- -------24------ | | United States, Dollar Big Bank 123 Long St | | United States, Dollar Little Bank 123 Short St | | | | | | United States, Dollar Big Bank 123 Some Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | | | | | United States, Dollar Big Bank 123 Some Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | | | | | United States, Dollar Big Bank 123 Some Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | United States, Dollar Little Bank 888 Lonesome Rd | | | | | | | +----------------------------------------------------------------+ Fields Expires August 2019 [Page 12] Internet-Draft Audit Un-Known Cash February 2019 RFC ASCII figure A.5 +----------------------------------------------------------------+ | | | | | C | | o M | | S u a | | tP n r | | ar t ZIP Ek | | to r Postal ne | | City ev y Code Comment dr | | | | ----25----- 26 27- --28------ ---29----------------------- 30 | | Big City WI USA 555555 None today FX | | Little Town WI USA 777777 FX | | | | | | InTown WI USA 99999-8889 None Today FX | | OutTown WI USA 77777-8889 Lots of Money I'm Flush ! FX | | OutTown WI USA 77777-8889 Stole This for Friday Night FX | | | | | | InTown WI USA 99999-8889 None Today FX | | OutTown WI USA 77777-8889 Lots of Money I'm Flush ! FX | | OutTown WI USA 77777-8889 Stole This for Vacation FX | | | | | | InTown WI USA 99999-8889 None FX | | OutTown WI USA 77777-8889 FX | | OutTown WI USA 77777-8889 Interest FX | | OutTown WI USA 77777-8889 Cash FX | | OutTown WI USA 77777-8889 Fee Bad Check FX | | | | | | | | | +----------------------------------------------------------------+ Fields Expires August 2019 [Page 13] Internet-Draft Audit Un-Known Cash February 2019 5. File Naming Since there might be several years of records requested , there is a need for a specific naming convention of the downloaded files and the amount of data. Each file will contain data for only one full year: from - January 01 , or start date of account. to - December 31 , or the current date of the current year , - or closing date of account. Each file will contain data for only one account. The file name will have an extension of ".aukc". The file name will be as follows: YYYY - four-digit year Underscore - "_" Institution number - alpha/numeric Underscore - "_" Last five digits of account - alpha/numeric Underscore - "_" Last name of records requestor - alpha Examples: YYYY_Instution_Last5Acc_Name.aukc 2017_1234567_88888_fields.aukc 2018_1234567_88888_fields.aukc 2019_1234567_88888_fields.aukc 2017_9876543aaa_20x20_fields.aukc 2018_9876543aaa_20x20_fields.aukc 2019_9876543aaa_20x20_fields.aukc The data will be in a .csv format in a flat file. Fields Expires August 2019 [Page 14] Internet-Draft Audit Un-Known Cash February 2019 6. Formal Syntax Field ## -Desc -Rule - all data is CSV format. - double quotes and comma. - empty fields one space character - required. - no double quotes (") or - single quotes (') or - comma's (,) allowed in the data , - strip off before file creation. Record Type ## -Key to identify the data type - 4 position constant value of - capitol "AUKC" ; - first four characters - first field - "Audit Un-Known Cash" ############## Date and Time Stamps and Day of Week - Creation of the transaction. - - 2019-01-22 02:47:59 AM CST - 08:47:59 +06 Tuesday - - each value is a separate field. - needed if transaction - crosses time zones or days. - keys to sort / search records. Date ## - "YYYY-MM-DD" Time ## - "HH:MM:SS" - local time military format AM/PM ## - "AM" or "PM" indicator Zone ## - "CST" or "CDT" - local time zone code UTC ## - "HH:MM:SS" - UTC time stamp UTC Offset ## - "+nn" or "-nn" - UTC zone offset Day Name ## - "Wednesday" - Day of Week Name - Full name of local day Fields Expires August 2019 [Page 15] Internet-Draft Audit Un-Known Cash February 2019 GUID ## -A unique ID - Probably the ACH number - (ACH) Automated Clearing House - Institution name , date , - account , ??? - this GUID is kept with the sending - instutions , and is received by the - receiving instutions. - It is the traceable element - to track the flow of money. Record Owner ## -What entity created the record - 32 position alpha/numeric - Financial Instution Number - Routing Number / DUNS - Unique business number ??? Record Owner Account Number ## -Financial Instutions Account Number - 32 position alpha/numeric Handshake Flag ## -Overall Direction of the trans action - 3 position text symbols. - a leading single quote {'} - "'=>" outbound or - "'==" neutral - internal or - "'<=" inbound. - When tracing a pair of transactions - the arrows should net out. Gain/Loss Flag ## -A global money gain/loss flag - in or out or neutral - 3 position signed field. - a leading single quote (') - plus (+) or minus (-) and - zero (0) or one (1). - internal record: - "'+0" is interest or correction - gain. - "'-0" is fee , penalty - loss. - external record: - "'-1" is transferred out - loss. - "'+1" is transferred in - gain. Fields Expires August 2019 [Page 16] Internet-Draft Audit Un-Known Cash February 2019 Record Affiliate ## -What entity received/sent the record and money. - 32 position alpha/numeric - Financial Instution Number - Routing Number / DUNS - Unique business number ??? Record Affiliate Account Number ## -Financial Instutions Account Number - 32 position alpha/numeric ############## All the following data fields come from the ############## record owner's data. Transaction Type ## -What type of transaction ? - 2 position field A-Z and 0-9 - and space. - "R " = real time - "B " = overnight batch - "CD" = cash deposit - "CW" = cash withdrawal - "KD" = check deposit - "KW" = check withdrawal - "PI" = phone transfer in - "PO" = phone transfer out - "I " = interest - "F " = penalty fee - more needed ???? Transaction Sub Type ## -Additional Flags - 2 position wide open - reserved for future growth - A-Z & 0-9 and space Teller ID / Station ID ## - 20 position Identifier of - instutions employee / - station / terminal Fields Expires August 2019 [Page 17] Internet-Draft Audit Un-Known Cash February 2019 Amount of Transaction ## -Numeric Currency - floating point number. - signed value required - plus (+) or minus (-). - plus +123456.78 or - minus -123456.78. - with a 2 position decimal value. Currency Code ## - 3 position currency code. - USD / BBD / etc. Country and Currency ## - 30 position country and - domination codes: - United States , Dollar - Barbados , Dollar. DUNS ## -DUNS Number - 9 position -Mailing address Name ## - 60 position field Street/PO Box ## - 60 position field City ## - 40 position field State/Province ## - 12 position field Country ## - 3 position field ZIP/Postal Code ## - 14 position field Comment ## - 40 position field End Of Record Marker - Text Constant "FX" Fields Expires August 2019 [Page 18] Internet-Draft Audit Un-Known Cash February 2019 Security Considerations There are numerous security concerns. We are dealing with people's accounts and records. Preferred method to transfer the data is have the instutions send an email to the requester. Requester opens the email , then clicks a link and an automatic download of all files is started. The link should be valid for a maximum of four (4) days. The files (data) on the host should be available for thirty (30) days ; then destroyed. IANA Considerations IANA should create a new code "AUKC" to identify the record type. Conclusions If this standard is adopted numerous manhours (time) and expense (money) could be saved. There would be a single universal tool to preform consistent audits of the flow of cash (money). People doing the auditing could expedite the findings. This would assist law enforcement and the courts to find and resolve issues rapidly. "Punish the guilty". This would stop the creation of different methods and reports ; one common solution could fit all future data inquires. History Lesson: I spent the last year auditing two (2) niece-like girl 's information: for six (6) years of data - of two (2) bank accounts each of one (1) stock account each of Federal and State Income Taxes each of Social Security Accounts each of Fillings with the State Court for Minors each There were: ( 2 girls x 6 years ) x ( 2 bank + stock + 2 tax + SS + minors ) for a total of: ( 12 girl-years x 7 accounts ) = 84 girl-year-account record sets. Fields Expires August 2019 [Page 19] Internet-Draft Audit Un-Known Cash February 2019 It's all been a manual process to create data records and manufacture keys and sub-keys. A many months long process could have been finished in weeks. Now , I respectively submit this RFC to create a standard record. And , ask the expert computer people to assist in its creation and implementation. Need help to take a complex process and make into a simple user-friendly gathering , merging ; and sorting and filtering operation. Fields Expires August 2019 [Page 20] Internet-Draft Audit Un-Known Cash February 2019 7. References None currently. 7.1. Normative References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Crocker, D. and Overell, P.(Editors), "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, Internet Mail Consortium and Demon Internet Ltd., November 1997. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2234] Crocker, D. and Overell, P.(Editors), "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, Internet Mail Consortium and Demon Internet Ltd., November 1997. 7.2. Informative References [3] Faber, T., Touch, J. and W. Yue, "The TIME-WAIT state in TCP and Its Effect on Busy Servers", Proc. Infocom 1999 pp. 1573- 1583. [Fab1999] Faber, T., Touch, J. and W. Yue, "The TIME-WAIT state in TCP and Its Effect on Busy Servers", Proc. Infocom 1999 pp. 1573-1583. 8. Acknowledgments None currently. This document was prepared using 2-Word-v2.0.template.dot. Fields Expires August 2019 [Page 21] Internet-Draft Audit Un-Known Cash February 2019 Appendix A. First Appendix A.1. Header level - open for future None currently. A.2. Second Header - open for future None currently. Copyright (c) 2019 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). Fields Expires August 2019 [Page 22] Internet-Draft Audit Un-Known Cash February 2019 Authors' Addresses SCOTT FIELDS RETIRED 4315 E MILWAUKEE ST JANESVILLE, WI 53546 USA Phone: 608-201-0473 Email: cash_fields@yahoo.com Fields Expires August 2019 [Page 23]