Roles and Permissions

Predefined User Roles

To ensure security and operational integrity, the Roles and Permissions system on the Zerocap platform governs what each user is allowed to see and do. This guide explains how roles are assigned and details the responsibilities of each predefined role.

How Roles Are Assigned

In this version of the platform, role assignment is an automatic process based on two simple rules:

The Genesis User is an Administrator. The user who completes the onboarding process and initializes your organization’s account is automatically assigned the Administrator role. This gives them full control from the outset.
New Invited Users are Assigned the Basic General User Role. Other users will be initialised with the most restricted general user role. They will need to have their role updated in order to perform certain functionalities (See below).

The Predefined Roles

Here are the standard roles available on the platform and their key functions:

Administrator

The highest level of authority within your organization’s portal. This role is intended for senior team members who manage operations and user access.

Has access to all permissions available to your organization.
Can perform all funding actions (deposits, withdrawals).
Can perform all trading actions.
Manages all entity and user settings.
A user must pass KYC before given this role

Finance Officer

This role is for team members responsible for accounting, reconciliation, and managing fund flows.

Can view all financial reports, transaction histories, and account balances.
Can initiate and manage funding actions (deposits, withdrawals).
Typically does not have access to trading functions.
A user must pass KYC before given this role

Compliance Officer

This role is for team members responsible for regulatory oversight and internal compliance.

Has access to compliance-specific features and reporting.
Can view and export audit logs and transaction histories.
Generally has view-only access to most other parts of the platform to prevent data alteration.
A user must pass KYC before given this role

Trader

This role is for team members who actively manage the organization’s portfolio.

Has full access to the Advanced Trading Portal.
Can place orders, manage positions, and view market data.
Can view account balances but cannot initiate withdrawals.
A user must pass KYC before given this role

General User

This is the baseline view-only role designed for maximum security.

Can view the dashboard, account balances, and transaction/trade history.
Cannot perform any actions such as trading, withdrawing funds, or changing settings.

Auditor

A specific read-only role designed for external or internal auditors.

Has restricted read-only access to specific data required for compliance checks, such as transaction histories and audit logs.
Cannot alter any data or perform any actions.

A user can have multiple roles tied to them at once.

A list of viewable roles and their permissions are available in the “Roles & Permissions” tab of the Entity Management screen (accessible via the bottom left sidebar).

Changing User Roles

A user will require admin permissions in order to change another entity member’s role. To change a user’s role, an administrator should access the “Members” Tab in the Entity Management page. After entering the tab, they will be able to view a table of entity members. In the ‘Action’ column, click on the … button for the member who’s role should be changed, followed by the “Manage Role” button. You will then be able to select the role(s) to amend for the user.

This initial Roles and Permissions system provides a secure, predefined framework. Based on client feedback, we are actively developing future enhancements.

We welcome any feedback here

Next Step: Secure Approval Workflows