User Roles
CRYMBO Connect uses Role-Based Access Control (RBAC) to manage user permissions and operational scope.
Each user must be assigned one role when being invited or registered into the platform.
Available Roles
| Role | Capabilities |
|---|---|
| Admin | Full platform management rights; manage users, institutions, settings. |
| Institution Operator | Manage operational functions: wallets, payments, user invites. |
| Compliance Officer | Access to compliance dashboards, risk scoring, Travel Rule management. |
| Finance Controller | Manage balances, fiat/crypto payments, reconciliations. |
| End-User | Limited access to personal account and transaction activities. |
Roles can be updated by Admins at any time through the User Management console.
Permission Principles
- Least Privilege: Users only receive permissions necessary for their role.
- Auditability: All permission changes are logged and available for review.
- Inheritance: If institutions have subsidiaries, permissions can inherit downward with overrides.