13.8 Documentation

Epic overview

Generate every contractual document for every loan in audit-grade form, support multi-signer eSign and per-state eStamp, store immutably in a DMS, and produce an evidence package on demand for any past loan.

This module is regulator-watched (KFS is mandatory and standardised; recovery agents reference these documents; legal recovery depends on enforceability). The acceptable defect rate is essentially zero on the core flow.

User stories

As a borrower, I want to eSign all loan documents on my phone in < 5 minutes end-to-end without printing or scanning anything.
As a borrower, I want to read the KFS in my preferred Indian language before I commit.
As a co-borrower / co-director, I want to sign independently from my own phone in any order.
As a compliance officer, I want every issued document archived immutably with audit-grade integrity (hash, timestamp, who issued, who signed when).
As an analyst, I want to retrieve the evidence package for any loan within seconds, with KFS, agreement, DPN, PG, mandate, eSign audit, and eStamp certificate all bundled.
As an admin, I want to update an agreement template via the admin console (versioned) without involving engineering for content changes.
As a co-lending operator, I want every co-lent loan’s KFS and agreement to disclose both lenders with their respective shares.
As a borrower whose Aadhaar OTP fails repeatedly, I want a fallback path (DSC, alternate eSign vendor, or physical signing) so I don’t get stuck.
As a CTO, I want to swap from Leegality to Digio or add SignDesk as backup without changing application code.
As an internal auditor, I want to verify that any KFS issued was acknowledged by the borrower before disbursement, with timestamp evidence.
As an ops user, I want a dashboard of in-flight eSign and eStamp sessions, success / failure rates per vendor, and stuck cases.
As a compliance officer, I want for any state that lacks eStamp coverage to have an automated workflow falling back to physical stamping with the right paperwork.
As a borrower, I want to receive the executed loan agreement copy via WhatsApp / email immediately after signing.
As a legal officer, I want any document re-issued post-correction to be versioned, with the old version preserved and the diff visible.
As a borrower changing my bank account post-sanction, I want a new NACH mandate created seamlessly without re-doing the full agreement.

API requirements

Template management

GET /v1/admin/templates?type={t}&language={l} — list templates with versions.
POST /v1/admin/templates — create new template version. Body: { type, language, product_id?, partner_id?, body }.
POST /v1/admin/templates/{id}/preview — generate preview with sample data.
POST /v1/admin/templates/{id}/activate — set as current.

Document generation

POST /v1/documents/kfs/generate — generate KFS. Body: { sanction_id, language }. Returns { document_id, object_uri }.
POST /v1/documents/agreement/generate — generate loan agreement.
POST /v1/documents/dpn/generate — generate DPN.
POST /v1/documents/personal-guarantee/generate — generate PG.
POST /v1/documents/board-resolution/generate — generate BR (for company borrowers).
POST /v1/documents/co-lending-addendum/generate — generate co-lending disclosure addendum.
GET /v1/documents/{id} — retrieve document metadata + URI.
POST /v1/documents/{id}/re-issue — re-issue with correction; old marked void.

KFS acknowledgement

POST /v1/documents/{kfs_id}/acknowledge — borrower acknowledges. Body: { acknowledgement_evidence }. Audit: timestamp, IP, device.

eSign

POST /v1/esign/sessions — start multi-signer flow. Body: { document_id, signers: [{ promoter_id, mobile, email }], vendor? }. Returns { session_id, signing_urls[] }.
GET /v1/esign/sessions/{id} — status with per-signer detail.
POST /v1/esign/sessions/{id}/resend/{signer} — resend OTP / link.
POST /v1/esign/sessions/{id}/switch-vendor — switch to alternate vendor (admin / ops).
POST /v1/esign/sessions/{id}/cancel.
POST /v1/esign/webhook — receive vendor webhooks (sign complete, fail).

eStamp

POST /v1/estamp/sessions — issue eStamp. Body: { document_id, state, denomination }. Returns { session_id, certificate_uri }.
GET /v1/estamp/sessions/{id} — status.
POST /v1/estamp/{state}/fallback — fallback to physical stamping workflow if eStamp unavailable.

Mandate

POST /v1/mandates/create — create NACH / eNACH / UPI AutoPay. Body: { application_id, account_token, ifsc, type, max_debit_amount, valid_from, valid_to }.
GET /v1/mandates/{id}/status — activation status.
POST /v1/mandates/{id}/replace — replace (e.g., bank account change).
POST /v1/mandates/{id}/cancel — on loan closure / explicit revocation.

Evidence package

GET /v1/loans/{id}/evidence-package — assemble full bundle PDF.
GET /v1/loans/{id}/evidence-package/manifest — list of artefacts in bundle.

Vendor routing

GET /v1/admin/vendor-routing/esign — current routing config.
POST /v1/admin/vendor-routing/esign — update.

Data model

template, issued_document, esign_session, estamp_session, mandate, evidence_package, vendor_routing_rule.

UI screens

Borrower-facing

KFS preview screen (vernacular) with explicit acknowledgement checkbox + eSign on KFS where applicable.
eSign session for agreement / DPN / PG with Aadhaar OTP entry, status visibility.
Mandate authorisation screen.
Post-sign confirmation with downloadable PDF copy.

Admin / ops

Template management (CRUD + preview).
In-flight document dashboard (status of every loan’s docs).
eSign / eStamp success-rate dashboards.
Stuck-session queue with manual remediation actions (resend, switch vendor, cancel).
Vendor routing config.

Analyst / compliance

Evidence retrieval (search by loan / borrower).
Audit-evidence bundle viewer with hash verification.

Backend services

Document orchestration service — receives sanction; generates docs; manages signing.
Template service — versioned templates per type / product / partner / language.
eSign adapter with vendor routing.
eStamp adapter with per-state coverage.
Mandate service — NACH / eNACH / UPI AutoPay orchestration.
DMS — immutable storage in S3 with Object Lock; metadata in PostgreSQL.
Evidence assembler — on-demand bundling.

External integrations

eSign: Leegality, Digio, SignDesk, NSDL e-Gov.
eStamp: SHCIL via vendor partner.
NACH / eNACH: Digio DigiCollect, Razorpay, Cashfree, NPCI direct.
UPI AutoPay: NPCI rails via PSP partner.
PDF generation: server-side (Puppeteer, wkhtmltopdf) or vendor-rendered.
Object storage: S3 with versioning + Object Lock.

Test cases

Happy path

KFS generated in English + Kannada within seconds.
Multi-signer eSign succeeds with 2 directors signing within 30 minutes.
eStamp issued in Karnataka within 5 minutes of agreement generation.
eNACH mandate active within 4 hours of borrower authorisation.
Evidence package assembled in < 30 seconds for any loan.

Failure / edge

Aadhaar OTP fail twice → switch eSign vendor; succeeds on retry.
eStamp paper unavailable in state X → vendor failover.
Multi-signer dropout (1 of 2 didn’t sign in 24h) → automated nudge.
Borrower’s name on PAN differs slightly from agreement → re-issue with corrected version.
Template version updated post-issuance → old version preserved with audit-trail; new issues use new.
Co-borrower out of country → physical signing fallback workflow.
NACH bank acknowledgment delayed beyond SLA → escalate to bank ops.
KFS not acknowledged before sanction validity expires → re-sanction or extension.

Edge cases

Borrower changes bank account between agreement signing and mandate activation → re-do NACH on new account.
Co-lending agreement requires both lenders’ branding — composite KFS with both names, share %, and contact details.
Multi-tranche loan with separate agreement per tranche.
Borrower’s Aadhaar deactivated post-sign — agreement is still valid; deactivation is a forward issue.
DSC-based signing for entity borrowers where Aadhaar isn’t applicable.
State stamp duty rate changes mid-flow → re-issue eStamp at new rate; recover from borrower if disclosed.
Document re-issue invalidates eSign — needs re-sign on the corrected version.

Acceptance criteria

KFS issued + acknowledged for every loan; disbursement blocked otherwise.
eSign success rate > 90% first-attempt with vendor failover.
eStamp issued for every loan agreement in supported states; physical fallback workflow in others.
Mandate active before drawdown enforced as hard gate.
Evidence package retrievable for any loan in < 30 seconds.
All KFS / agreement template changes traced to a template version.
Document immutability verifiable via hash check.

Compliance touchpoints

RBI KFS standard (RBI/2023-24/61 DOR.STR.REC.40/13.03.00/2023-24, 15 Apr 2024).
Digital Lending Guidelines — KFS prerequisite to disbursement.
IT Act 2000 — eSign validity.
State Stamp Acts — eStamp acceptance.
NACH procedural guidelines — NPCI.
DPDP — retention; access control.