User Management — Roles, Permissions, and Audit Controls in Corporate Connect

The Corporate Connect user management module gives company administrators granular control over every operator's access to the commercial banking platform. Assign role-based entitlements that define which modules each operator can access, what transaction types they can initiate or approve, and the dollar thresholds that trigger escalated authorization. Configure IP address whitelisting to restrict logins to authorized office networks and VPN exit points. Set session timeout durations that force re-authentication after periods of inactivity. Every operator action — from login to payment approval to report generation — creates an immutable audit trail entry retained for seven years.

The dual authorization framework separates payment creation from payment approval, implementing the maker-checker principle required by corporate governance policies and federal banking regulators. Multi-level authorization escalates high-value transactions through additional approval layers. US Bank — FDIC insured and regulated by the OCC — enforces these controls at the platform level, ensuring compliance with BSA/AML and SOX requirements.

Security Account Summary

Corporate Connect user management interface showing operator profiles, role assignments, and entitlement configuration

User Management Controls — April 2026

Four operator roles: Viewer (read-only), Initiator (create transactions), Approver (authorize transactions), Administrator (full platform control)
Granular per-module entitlements with configurable dollar limits per operator per transaction type
Three-level dual authorization: standard, enhanced (two approvers), executive (three approvers)
IP address whitelisting with CIDR range support and temporary exceptions for travel
Configurable session timeouts from 5 to 60 minutes of inactivity
Comprehensive audit trail: every action logged with operator ID, timestamp, IP, and details — retained 7 years
FDIC insured, OCC regulated, SOC 2 Type II certified, PCI DSS compliant

Permission	Viewer	Initiator	Approver	Administrator
View account balances	Yes	Yes	Yes	Yes
View transaction history	Yes	Yes	Yes	Yes
Create wire transfers	No	Yes (within limit)	No (approve only)	Yes
Approve wire transfers	No	No	Yes (within limit)	Yes
Create ACH batches	No	Yes (within limit)	No (approve only)	Yes
Approve ACH batches	No	No	Yes (within limit)	Yes
Manage corporate cards	No	View only	Approve changes	Full control
Generate reports	Assigned reports only	Yes	Yes	Yes
Export data (SFTP/email)	No	On-demand only	On-demand only	Full (schedule + configure)
Create/modify operators	No	No	No	Yes (dual admin auth)
Configure IP whitelist	No	No	No	Yes (dual admin auth)
View audit trail	No	Own actions only	Own + approved actions	All actions

Dollar limits are configurable per operator per module. FDIC insured. OCC regulated. NMLS #401249.

Three Authorization Levels

Level 1 — Standard Dual Authorization: One initiator creates the transaction, one approver authorizes it. Applies to transactions below the Level 2 threshold (e.g., wires under $500,000). The approver must be a different operator than the initiator — the system prevents self-approval. Level 2 — Enhanced Dual Authorization: One initiator and two approvers for transactions above the Level 1 threshold but below Level 3 (e.g., wires between $500,000 and $5,000,000). Both approvers must be different operators. Level 3 — Executive Authorization: One initiator and two approvers plus a third-level supervisor sign-off for the highest-value transactions (e.g., wires above $5,000,000). Thresholds are fully configurable per transaction type.

Authorization Timeout and Escalation

Pending transactions that are not authorized within a configurable timeout period (default 24 hours for wires, 48 hours for ACH batches) automatically expire and return to draft status. The initiator receives a notification and can resubmit. For time-sensitive transactions, the system sends reminder notifications to designated approvers at configurable intervals — 1 hour, 4 hours, and 8 hours after initiation. If the primary approver is unavailable, backup approvers (defined in the operator profile) receive escalation notifications. The authorization workflow integrates with the transaction reporting module — operators track the authorization status of every pending payment in real time.

IP Address Whitelisting

Administrators define authorized IP addresses and CIDR ranges for each operator or globally. Login attempts from non-whitelisted IPs are blocked, logged, and reported as security events. Temporary IP exceptions accommodate business travel or remote work with automatic expiration dates. Changes to whitelist rules require dual administrator authorization. Corporate Connect publishes recommended firewall configurations for organizations that restrict outbound connections to US Bank infrastructure.

Session Timeout Controls

Session timeouts force re-authentication after configurable periods of inactivity ranging from 5 to 60 minutes. Administrators set different timeout durations by role — shorter timeouts for high-privilege administrators, standard timeouts for daily operators. Active sessions display in the administrator dashboard showing operator ID, login time, last activity, IP address, and module currently accessed. Administrators can terminate any active session immediately — useful when an operator reports a compromised credential or leaves the organization.

Multi-Factor Authentication

Every Corporate Connect login requires multi-factor authentication. Operators authenticate with company ID + operator ID + password (something they know) and RSA SecurID token or push notification (something they have). Failed MFA attempts lock the operator account after three consecutive failures. Account unlocking requires administrator intervention or US Bank support at +1-800-344-8758. MFA configuration and token management are handled in the user management module by company administrators.

What the Audit Trail Captures

Every audit entry includes: operator ID, timestamp (UTC), source IP address, action performed (login, logout, view, create, approve, reject, modify, delete, export, download), affected resource (account number, transaction ID, report name, operator profile), result (success, failure, timeout), and session ID. For financial transactions, the audit trail links the initiation entry to each subsequent authorization entry, creating a complete chain from creation through final approval. Failed login attempts, blocked IP addresses, and MFA failures generate security-flagged entries that surface in the administrator's security dashboard.

Audit Reports for Examiners

The audit reporting function generates formatted reports for internal compliance teams and external examiners from the OCC and FDIC. Standard audit reports include: operator access history, payment authorization chains, failed access attempts, IP whitelist changes, entitlement modifications, and data export activity. Each report filters by date range, operator, module, action type, and result. Export in CSV or PDF format for distribution. Scheduled audit reports deliver automatically to compliance officers via the custom reports module.

Control Access to Every Corporate Connect Module

User management ensures that every operator has exactly the access they need — no more, no less. Role-based entitlements, dual authorization, IP whitelisting, and comprehensive audit trails protect your organization and satisfy regulatory requirements. Call +1-800-344-8758 for user management configuration assistance.

How do I create a new operator in Corporate Connect?

In User Management, click Create Operator, enter name, email, and phone, assign a role (Viewer, Initiator, Approver, Administrator), select module entitlements and dollar limits, and optionally configure IP restrictions. The new operator receives an activation email to set their password and register MFA. See login guide for first-time access steps.

What are the dual authorization levels in Corporate Connect?

Three levels: Level 1 (one initiator + one approver) for standard transactions, Level 2 (one initiator + two approvers) for high-value transactions, Level 3 (one initiator + two approvers + supervisor) for the highest-value transactions. Dollar thresholds are configurable per transaction type.

How does IP whitelisting work in Corporate Connect?

Administrators enter authorized IP addresses or CIDR ranges. Logins from non-whitelisted IPs are blocked and logged. Temporary exceptions accommodate travel with automatic expiration. Whitelist changes require dual administrator authorization. See security for additional protection details.

How long are audit trail records retained?

Seven years per federal banking regulations. Every action logs operator ID, timestamp, IP address, action, affected resource, and result. Audit reports export in CSV and PDF for compliance teams and OCC/FDIC examiners.

Can I set different permissions for different modules?

Yes. Entitlements are granular per module with configurable dollar limits. An operator can initiate wire transfers, view ACH payments, and have no access to corporate cards. Each module also supports per-operator amount thresholds for authorization escalation.

User Management — Roles, Permissions, and Audit Controls in Corporate Connect

User Management Controls — April 2026

Role Permissions Matrix

Dual Authorization and Multi-Level Approval Workflows