Internal Ops Supervisor Journey

Role: Handles disputes, authorises AI overrides, audits anomalies platform-wide
Org: Kaya Sync
Scope: Platform-wide: all organisations, all orders, all operators

Preconditions

Account created by System Admin with Internal Ops Supervisor role
Has full read access to all scans, integrity assessments, event trails, and payouts

1. Anomaly Review

Step 1.1: Receive Anomaly Alert

Supervisor is alerted when the system raises a risk flag (RiskFlagRaised event). Triggers include:

VIDEO_REPLAY_SUSPECTED, same video content reused across scans
TAMPER_SUSPECTED, physical integrity violation indicators
GPS_MISMATCH, GPS coordinate inconsistent with expected location
TIME_WINDOW_EXCEEDED, time between handover and receive scan exceeded policy
DEVICE_UNTRUSTED, device risk flag
OPERATOR_RISK_HIGH, operator behaviour anomaly
Repeated dyad patterns (same two operators repeatedly transacting)
Relabelling frequency anomaly (designee phone number changed repeatedly)

Step 1.2: Access Evidence Bundle

For each flagged container or operator, Supervisor accesses:

All scan videos linked to the container (ORIGIN, HANDOVER, RECEIVE, DELIVERY)
Integrity assessment for each scan, status, confidence score, full reason codes
Custody chain visualisation (end-to-end timeline of all custody events)
Operator identity, trust tier, and compliance history
GPS trace for all involved operators during the relevant time window

Step 1.3: Assess Risk Level

Supervisor evaluates whether the flag is a false positive or genuine risk
Annotates finding with rationale (recorded in Event Store)

2. Dispute Adjudication

Step 2.1: Dispute Opened

A dispute is opened automatically when a container reaches IntegrityHold state and a disputeOpened event is emitted.

Sources of disputes:

Receive scan integrity: HOLD or FAIL
Delivery scan: HOLD or FAIL
Manual escalation from Dispatcher or Client Manager

Step 2.2: Review Dispute Evidence

Supervisor reviews the full evidence bundle:

Origin scan → all handover/receive scans → delivery scan
Integrity assessment at each scan with reason codes
Identifies the liability window: last PASS scan → first HOLD/FAIL scan
Reviews operator trust tier history at time of custody

Step 2.3: Resolution Options

Decision	Container State	Payout State
Override approved (operator-favourable)	`IntegrityHold` → `InCustody`	`Held` → `Released` → `Triggered`
Hold confirmed (ongoing investigation)	Remains in `IntegrityHold`	Remains `Held`
Fraud confirmed	Closed	`Held` → `Reversed`

All resolutions are recorded as immutable events with the Supervisor's identity and rationale.

3. AI Override

Step 3.1: Review AI Hold Decision

Supervisor can override an AI-generated HOLD decision
Reviews video scan + reason codes + confidence score
Considers operator history and context

Step 3.2: Issue `supervisorOverridePass`

If Supervisor determines the hold is incorrect:
- Container: IntegrityHold → InCustody
- Payout: Held → Released
Override reason and Supervisor identity logged in Event Store
Fingerprint version not incremented on override (only increments on genuine AI PASS)

4. Repack / Relabel Authorisation

Step 4.1: Repack/Relabel Request

Raised when a container's contents must be repacked or the label (designee phone) must be changed in transit
Requires Supervisor authorisation. Cannot be done by operator alone

Step 4.2: Supervisor Review

Supervisor reviews the reason for repack/relabel
Validates with evidence from current scan state
If approved: a repackEvent or relabelEvent is recorded, new scan is required after relabelling

Step 4.3: New Scan Required

After repack/relabel, a fresh scan is captured to re-establish the integrity baseline
New fingerprint version issued on PASS

5. Trust Tier Management

Step 5.1: Review Trust Tier Recommendation

Fraud & Collusion engine may recommend a trust tier adjustment for an operator
Supervisor reviews the evidence (dyad patterns, replay flags, GPS anomalies)

Step 5.2: Apply Tier Change

Supervisor approves or rejects the recommendation
Trust tier adjusted: e.g. TIER_2_BYOD → TIER_3_UNVERIFIED
TrustTierUpdated event emitted
Effects on operator: reduced aggregation eligibility, slower payout velocity, stricter evidence policy

Edge Cases

Scenario	Behaviour
AI HOLD is a clear false positive (lighting issue)	Supervisor overrides with documented rationale; operator's track record preserved
Repeated GPS jumps from same operator	Supervisor escalates to fraud investigation; may suspend operator pending review
Repack requested but no valid reason provided	Supervisor rejects; container remains in current state
Supervisor overrides a case that later proves fraudulent	Override event is immutable and traceable; used in compliance audit

Internal Ops Supervisor Journey ​

Preconditions ​

1. Anomaly Review ​

Step 1.1: Receive Anomaly Alert ​

Step 1.2: Access Evidence Bundle ​

Step 1.3: Assess Risk Level ​

2. Dispute Adjudication ​

Step 2.1: Dispute Opened ​

Step 2.2: Review Dispute Evidence ​

Step 2.3: Resolution Options ​

3. AI Override ​

Step 3.1: Review AI Hold Decision ​

Step 3.2: Issue supervisorOverridePass ​

4. Repack / Relabel Authorisation ​

Step 4.1: Repack/Relabel Request ​

Step 4.2: Supervisor Review ​

Step 4.3: New Scan Required ​

5. Trust Tier Management ​

Step 5.1: Review Trust Tier Recommendation ​

Step 5.2: Apply Tier Change ​

Edge Cases ​