v0.55.0 - Revamped inbox view page

Features

• More work is done on the new, fully integrated analytics and reporting dashboard on decisions and rules. It's available on demand with a feature flag for early access, with general availability planned in the next release !

Improvements

• Revamped cases inbox page view - better design and responsivity, as first brick of a refined case manager navigation experience
• Various dependency upgrades
• Allow to migrate down the migrations using the Marble migrator entrypoint (avoids to migrate down by connecting directly to the database)
• Minor environment variable renaming: ENABLE_GCP_TRACING renamed to ENABLE_TRACING, default tracing exporter modified to otlp.
• Technical configuration documentation - the list of environment variables and what they do - has been extended (though not 100% complete yet).

v0.54: Firebase-free OIDC SSO, Cases public API, Prometheus metrics

Features

• OIDC: Self-hosted customers may now authenticate to Marble with OpenID Connect SSO instead of Firebase. This is available from now on for all licensed customers of Marble, and compatible with the main identity providers (see details in the documentation). This was the last remaining dependency of Marble on Google Cloud infrastructure, and we're happy to finally lift if for customers with strong data-sovereignty (and other compliance) requirements !
• Public API v1beta for reading cases is now available ! It is still in beta because it may still evolve at the edges, but the general structure is there and can be integrated. More endpoints will follow over the next releases, to expose more data on the case and allow to create or edit them.
• Marble now exposes Prometheus metrics on decision creation, ingestion, screening execution, etc. The exact list of events (and their format) may still evolve. See how to configure it on the Marble configuration doc.

Improvements

• Performance improvements on the POST /decisions/all endpoint
• Expose a set of (opt-in) endpoints for cpu and memory profiling, to help debug memory leaks and similar issues.

Bug fixes

• Fuzzy string matching operators of the "bag of words" kind in the rule builder no longer return "100%" match (instead 0%) if one of the inputs is an empty string.
• Fix a bug introduced in v0.53 that broke the generation of data summary for test runs

---

Versions used

backend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-backend:v0.54.3
frontend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-frontend:v0.54.2

v0.53.0 - AI assist in rule creation, case manager batch actions

Deployment Warning

Caution

Marble v0.53 introduces a simple but important breaking change in deployment environment configuration.
Simply put:

• The Marble frontend container now expects MARBLE_API_URL instead of MARBLE_API_URL_SERVER (with the same value: this is the url at which the frontend server can reach the backend api server)
• The Marble backend container now expects a mandatory FIREBASE_API_KEY (it is no longer useful to set it on the frontend)

Warning

Another, more minor, breaking change is introduced on the format of accepted PostgreSQL connection strings. It remains possible to define the Postgres connection parameters via the PG_HOSTNAME, PG_PORT, PG_USER... variables OR alternatively through the PG_CONNECTION_STRING environment variable. However, if using PG_CONNECTION_STRING, only the URL format (postgresql://[user[:password]@][netloc][:port][/dbname][?param1=value1&...]) is now allowed: the "key:value" format ("host=... user=... password=...") is now explicitly rejected. This is because it is incompatible with a new feature (integrated analytics) that we are introducing soon.

Note

ℹ️ Firebase emulator specific change:
If you run the demo Marble app with the Firebase auth emulator, the frontend now also expects TEST_FIREBASE_AUTH_EMULATOR_HOST instead of FIREBASE_AUTH_EMULATOR_HOST.

More generally, only configuration strictly specific to the frontend has been kept in the frontend container. All configuration that is useful for both the frontend and backend, is now exposed by the backend for the frontend (via MARBLE_API_URL).

Further, all remaining endpoints that called the backend API directly from the app (browser side) have been modified to route through the frontend server, so it is now easier to restrict how the backend is exposed.

---

This week's version of Marble comes with bulk changes in the case manager and introduces AI assistance in rule building.

Features

• We are starting to bring AI to assist in rule building ! In this release a description of the rule you're building is displayed live. It helps validate you are correctly building what you intent to, and instantly understand any rules ever created. More assistance coming soon. [only available in SaaS environment now]
• The case manager now supports bulk changes. Select multiple cases and in one click: move them to another inbox, assign them to a user or close them all.

Improvements

• New iteration on the Investigation AI review : improved analysis guidelines, output structure, and improved handling of cases with lots of decisions.
• Workflows modifications now have an audit trail
• Massive improvements on French and Arabic translations
• Additional fields are available to refine a Screening search.
• The screening API documentation has been fixed.
• Improvements on the critical path of decision creation, avoiding a write-read bottleneck with degraded performance on the POST /decisions/all path
• Simplification of Marble configuration steps - duplicated environment variables have been centralized on the backend API, some required variables that were not useful for end users have been made optional

---

Versions used

• backend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-backend:v0.53.3
• frontend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-frontend:v0.53.1

v0.52.0 - decision data offloading

Features

• [infrastructure] Decision rule offloading: automatically offload voluminous decision execution details to a bucket, to keep the database instance size smaller. See more about this in installation/data_offloading.md or here.

Improvements

• Allow to pass a single IP address (not a range) for IP whitelisting
• Allow to open cases (and all other table rows as links) in a new tab with cmd/ctrl+click
• Search case by case_id, filter them by assignee, and make full text search much more relevant in the inbox page
• Set default pagination size to 50 elements, allow to increase it up to 100 and increase case results box size in inbox page
• Faster AI case review generation time

Bug fixes

• Fix a situation where the case manager page would fail to load on cases that contain many decisions - also, improve loading speed for the case manager main mage in all situations
• Correct a situation where several decisions related to the same customer, created at the same time, could open several cases even if the workflow is configured to group them into one case
• Add fields nationality (for Person) or country (for Organization) to the POST /screening/:screeningId/search and POST /screening/:screeningId/refine endpoints (was already handled by the endpoint but not documented)

---

Container versions
This release uses :

• Marble backend v0.52.1
• Marble frontend v0.52.0

v0.51.0 - AI KYC enrichment, IP whitelisting, bug fixes

Features

• Let the AI Agent to gather additional data for an analysis, by scouring the web for more infos : negative news, infos on PEP links, job or company informations and integrate those info into the case analysis
• AI agent settings page : allow for custom instructions for analysis and KYC enrichment prompts
• IP whitelisting : limit the access to Marble API and front end to a range of IP

Improvements

• Performance improvements on ingestion, decision creation #1148
• Clarifications on text in login page
• Improve docker image, reducing size
• In data model, allow field "required" update and fix bug on opening field edition with long description

Bugfixes

• Fix syntax error in downloadable openAPI for for v1 API
• Fix error on license server that prevented case auto-assignment to work for self-hosted users
• Sanitization : the app running in "test" mode with the Firebase emulator no longer gives access to the premium features in demo mode
• All inboxes are visible for org admins in case manager & settings
• Fix: "prepare" button is disabled in scenario page while indexes are being created
• Hide "Remind me later" button on closed cases

v0.50.0 - Case manager UI redesign

Release v0.50 is heavy on design improvements. Other than that, it comes with the usual dependency version upgrades and some bug fixes.

Improvements

• Major design harmonization - case manager and scenario homepage #1028
• Allow to configure output format, language in case manager AI auto-review #1132
• Fix an error on creating and viewing rule snoozes in the case manager #1055

Bugfixes

• Fix behavior of "unsnooze" button on cases #1027

v0.49.0 : Improved AI case review, workflows and screening

Features

• (beta) : AI analyst now shows proofs of its reasoning and recommendations : transactions, accounts, user mentionned, all within the case manager. Design is also greatly improved.
• Improvements on screening checks : it's now possible to allow no hits or to whitelist even on partial results. Super useful for high volume processors.
• Custom lists are now supported for screening (bring your own lists)
• Workflows now allow decisions orientation and filters linked to a specific rule hit. Eg : A decision generated because Rule A or B hit can be sent to a specific inbox. The UI has also been improved.
• IP whitelisting will soon be supported. As a preliminary step, the x-real-ip has been added to the API header.
  ⚠️ In order for it to work, it is is imperative that Marble be deployed behind a load balancer that sanitizes the x-real-ip header to avoid spoofing.

Fixes

• Inbox user creation is now possible, without having to set an admin role first
• Within workflow creation, a new inbox is instanly displayed after being created
• Correct validation of string / number in AST constants within workflows
• Help center is no longer hidden behind main menu
• Data model modifications are no longer blocked by a design flaw

Improvements

• Anonymous metrics on AI reviews

Use versions
Frontend : v0.49.1
Backend : v0.49.0

v0.48.0 Automatic case assignment

Better balance your analysts work with automatic case assignment

Investigations can pile up unevenly across teams. With Marble’s automatic case assignment, cases are distributed sequentially and fairly across active users — customizable by inboxes, permissions, and workloads.

This feature is available now, accessible in Marble Licensed plans.

See our updated documentation here

Improvements

• Backend no longer needs to be accessible from outside the customer infrastructure, except for the API (legacy and public v1.0)
• Added anonymous telemetry for screening rules
• Max file size for data upload set at 50MB

Use versions

Frontend : v0.48.1
Backend : v0.48.0

v0.47.0 Workflows & displays improvements

Going further towards complete automation, we're adding advanced workflows to Marble

Features

• Workflows : allow decisions to be oriented in series of easy to configure conditions that can use any field of the object scored, as well as the decision output to send the case to the proper inbox in the case manager.
  Super useful splitting the workload between different country teams, dedicated teams for specific alerts...
  It'll also become the ground we'll build upon to more custom actions when a decision is created.

Uses versions:

• Marble backend v0.47.4
• Marbel frontend v0.47.4

Improvements

• Display enum value options for filters in the aggregate builder #972
• Much better display of columns in the case manager data explorer. This saves space and allows to visualize more data at the same time #975
• Redesigned sign-up page #980
• Automated deletion of unused indexes on ingested data: Still in dry run mode, pending QA #919
• Our official public API v1 has been officially released ! You can find an introduction to it here, and a migration guide here. Existing customers have 6 months to make the (relatively small) changes to consume the new API version.
• Improved audit trail : more events logged
• Creating a new Marble user in your organization now also creates a Firebase user, and sends the email to set up your password automatically. #1085
• New "low" matching threshold for fuzzy text matching in rules and aggregates. #997. Please note that this low threshold is very permissive, use it with caution.
• [self-hosted] We published a better email template for the user creation and password reset email sent by Firebase. Look it up at contrib/firebase_email_reset_mail.html.

Bugfixes

• Fuzzy string matching no longer errors out the decision when given a "null" input #1077
• Restore proper version display for the backend in the help center section of the app #1081

Breaking changes

• [self-hosted] If you launch the marble backend API from the docker-compose file in the https://github.com/checkmarble/marble-backend repository (not https://github.com/checkmarble/marble), then the name of the volume used for the database has been updated and the doc along with it. There is probably no impact for customers because the https://github.com/checkmarble/marble-backend repository is mainly for internal developers, but just be careful if you are using it #1082
• [⚠️⚠️⚠️ self-hosted] Creating a new Marble user in your organization now also creates a Firebase user, and sends the email to set up your password automatically. This requires the permission to create and read users in your Firebase project for the service account used by the Marble backend. Until recently, the Marble doc recommended you use the default Firebase service account on the backend instance, in which case no further changes should be needed.

Disclaimer

From this version on, Marble will gather limited anonymous telemetry data on product usage, to help us improve the key features.

v0.46.0 - Last batch of changes to screening

Improvements

• add Content Security Policy on the frontend app #879
• simplify case investigation box event type filter by grouping types #962
• full details on relatives, positions held for PEP matches in screening review interface #932
• header row is sticky at the top for data exploration in case manager #929

Bug fixes

• do not set an error code on screening that were not run because input pre-formatting left too short an input to search #1066
• store and display the initial query (before ignore numbers/ignore terms preprocessing is applied) for screening #1068 and #958
• fix dataset display when scoping down to import only a subset of lists into yente for sanctions/PEP screening #1073
• restore display of comments left when reviewing a "block and review" decision #960
• fix broken display of decision panel in case manager when displaying contextual values, if long values are present #970

---

Screenshots

Visualize family members, positions held and associates for PEP and sanction hits