[ ] RACF group and access control design - [ ] Encryption architecture (at rest, in transit, key management) - [ ] PCI-DSS controls mapping - [ ] OFAC/AML screening design - [ ] Threat model