HSBC
About This Page
What: HSBC's MT910 statement collection, eDDA/eDDI direct debit, corporate online banking withdrawal complete business rules and channel-side interface fields Audience: PMs and integration developers needing in-depth understanding of HSBC integration details Prerequisites: Bank Capability MatrixReading time: 15 minutes Owner: Deposit Product Manager
Key takeaway: HSBC is the only bank simultaneously supporting three deposit methods (MT910 Push, eDDA/eDDI Pull, corporate online banking withdrawal), and has the most complex fee logic — tolerance must cover HKD 65 / USD 14 fee deductions.
Capability Overview
| Capability | Supported | Protocol/Channel | Core Service |
|---|---|---|---|
| Deposit Statement Collection | ✅ | MT910 (SWIFT message) | hsbc_bank_flow_service (Python) |
| eDDA Authorization | ✅ | eDDA API (SRPC) | sba_hsbc_eddi proxy (Python) |
| eDDI Direct Debit | ✅ | eDDI API (SRPC) | sba_hsbc_eddi worker (Python) |
| Withdrawal | ✅ | Corporate online banking batch remittance | method=hsbc |
| FPS | ❌ | — | — |
| BST | ❌ | — | — |
HSBC is the only bank simultaneously supporting "three deposit methods": MT910 statement collection (user-initiated transfer) + eDDA/eDDI direct debit (system auto-debit) + corporate online banking withdrawal.
Channel Interface Overview
HSBC and moomoo have three independent interface systems, each operating independently:
| # | Interface System | Protocol | Direction | Purpose | Service |
|---|---|---|---|---|---|
| 1 | MT910 SWIFT Message | SFTP + GPG encryption | HSBC → moomoo | Deposit statement collection (bank pushes credit notification after user transfer) | hsbc_bank_flow_service |
| 2 | eDDA/eDDI API | REST API (SRPC wrapped) | moomoo ↔ HSBC | Direct debit deposit (eDDA signs authorization + eDDI executes debit) | sba_hsbc_eddi |
| 3 | Corporate Online Banking | Online banking batch file | moomoo → HSBC | Withdrawal (batch remittance) | method=hsbc |
The three systems are mutually independent: MT910 handles user-initiated transfer statements, eDDA/eDDI handles system auto-debit, and corporate online banking handles withdrawals. The only intersection is the matching engine — when the deposit method is eDDI direct debit, MT910 statement matching actively skips that application.
Channel-Side Interface Details
MT910 Message Complete Field Parsing
MT910 (Confirmation of Credit) is a SWIFT standard credit confirmation message. HSBC pushes encrypted MT910 files via SFTP, which moomoo decrypts and parses line by line.
Complete Field Mapping
| SWIFT Tag | Field Name | Description | Extraction Rule |
|---|---|---|---|
:20: | txn_ref_no | Transaction reference number (unique within file) | Full value → short_transaction_id |
:21: | related_ref | Related reference number | Optional, full value |
:25: | account_id | Bank account identifier | Full account → bank_account |
:32A: | date_ccy_amount | Date + Currency + Amount | See parsing rules below → date + ccy + credit |
:50K: | ordering_customer | Remitter name and account | Line 1 → account, Line 2+ → name (remove prefix) → customer_account + en_name |
:52A: / :52D: | ordering_institution | Remitting bank | BIC code or multi-line address → remarks (concatenated) |
:56A: / :56D: | intermediary | Intermediary bank (cross-border remittance) | Optional, BIC or multi-line |
:72: | sender_to_receiver | Transaction details/remarks | Free text, ≤512 characters → remarks (concatenated) |
:32A: Parsing Rules
:32A: is the core field for deposits, containing date, currency, and amount as a continuous string:
Format: YYMMDDCCCNNNN.NN
Example: 250827HKD50000.00| Part | Position | Rule | Example |
|---|---|---|---|
| Date | First 6 digits | "20" + YYMMDD → standard date | 250827 → 2025-08-27 |
| Currency | Digits 7-9 | ISO 4217 three-character code | HKD / USD / CNY |
| Amount | From digit 10 to end | decimal, with decimal point | 50000.00 |
Supported currencies: HKD, USD, CNY.
:50K: Name Cleaning Rules
The :50K: field usually contains multi-line information; parsing requires name cleaning:
| Line | Content | Processing |
|---|---|---|
| Line 1 | Usually an account number | Extract as customer_account |
| Line 2 and after | Remitter name | Concatenate as en_name |
Name cleaning — remove the following prefixes before matching:
| Prefix | Description |
|---|---|
MR | Mister |
MRS | Madam |
MISS | Miss |
MS | Ms |
Example: :50K: content is 123456789\nMR CHAN TAI MAN, parsed result: customer_account=123456789, en_name=CHAN TAI MAN.
SFTP Configuration
| Parameter | Description |
|---|---|
| Protocol | SFTP (SSH File Transfer Protocol) |
| SSH Key | RSA key pair |
| Public Key Location | src/conf/HSBC_SSP_PREPROD_SFTP_KEY.pub |
| Private Key Location | src/conf/id_rsa |
| GPG Encryption | Required (all downloaded files are GPG-decrypted) |
| Supported Currencies | HKD, USD, CNY |
| Configuration Files | sftp_config.ini + parse_flow.ini |
Deduplication Mechanism
Deduplication by TransactionReferenceNumber (:20: tag value) — this value is unique within a file. When writing to raw_hsbc_bank_flow table, if the reference number already exists, it's skipped to avoid duplicate deposits.
eDDA API Complete Fields
eDDA (Electronic Direct Debit Authorization) is the authorization interface for users to allow moomoo to automatically debit from their HSBC account. Below are complete field definitions for each request/response.
BankAccountInfo (Nested Structure)
Bank account information structure used in multiple places across eDDA/eDDI interfaces:
| Field | Type | Required | Description |
|---|---|---|---|
bank_code | string(3) | ✅ | Bank code. Values "004" = HSBC, "024" = Hang Seng |
account_identification | string(12-35) | ✅ | Bank account number. HSBC personal account |
currency | string(3) | ✅ | Currency. Value "HKD" |
account_scheme_name | string(4) | ✅ | Account type. Value "BBAN" (default) |
EDDAApplyReq (Apply Authorization Request)
| Field | Type | Required | Description |
|---|---|---|---|
req_id | string(1-32) | ✅ | Request ID. Globally unique |
merchant_request_identification | string(1-30) | ✅ | Merchant registration ID. Generated by moomoo |
creditor_reference | string(1-35) | ✅ | DDA identifier. Links to eDDA authorization |
ultimate_debtor_name | string(1-140) | ✅ | Ultimate payer name. User's real name |
debtor_name | string(1-140) | ✅ | Payer name. Same as above or agent name |
debtor_account | BankAccountInfo | ✅ | Payer bank account. User's HSBC account |
creditor_name | string(1-140) | ✅ | Payee name. moomoo company name |
creditor_account | BankAccountInfo | ✅ | Payee bank account. moomoo's HSBC receiving account |
debtor_private_identification | string(1-12) | ✅ | HKID or passport number. User's identity document number |
debtor_private_identification_scheme_name | string(4) | ✅ | Document type. Values "HKID" or "NIDN" |
debtor_mobile_number | string | ❌ | Mobile number. For receiving OTP |
maximum_amount_currency | string(3) | ✅ | Limit currency. Value "HKD" |
maximum_amount | string(≤18) | ✅ | Maximum debit amount. Value "99999999.00" = no limit |
frequency_type | string(≤4) | ✅ | Debit frequency type. Values "MNTH" = Monthly / "ADHO" = On demand |
duration_from_date | string | ❌ | Authorization start date. NULL = effective immediately |
duration_to_date | string(10) | ❌ | Authorization end date. NULL = permanently valid |
otp_hold_indicator | bool | ✅ | Whether OTP verification required. HSBC same-bank = true |
sms_language_code | string(≤10) | ✅ | OTP SMS language. Values "eng" / "zh-s" / "zh-t" |
otp_hold_indicator Explanation
When otp_hold_indicator=true, HSBC pauses the flow at the Apply stage, waiting for the user to enter an OTP verification code before continuing. This is HSBC's security requirement for same-bank transfers.
EDDAApplyRsp (Apply Authorization Response)
| Field | Type | Description |
|---|---|---|
resp_code | string | Bank response code (success/failure) |
mandate_identification | string | DDA reference ID (used in subsequent OTP confirmation and debits) |
otp_identification_number | string | OTP identifier (used for OTPConfirm request) |
otp_mobile_number | string | Masked mobile number (e.g. ****1234, for frontend display) |
mandate_status | string | Authorization status (usually pending confirmation at Apply stage) |
reject_reason_list | RejectReasonList | Rejection reason list (returned when Apply fails) |
OTPConfirmReq (OTP Confirmation Request)
| Field | Type | Required | Description |
|---|---|---|---|
req_id | string(1-32) | ✅ | Request ID |
mandate_identification | string | ✅ | DDA reference (from EDDAApplyRsp) |
creditor_account | BankAccountInfo | ✅ | Payee account (moomoo account) |
otp_identification_number | string | ✅ | OTP ID (from EDDAApplyRsp) |
otp_password | string | ✅ | SMS verification code entered by user |
After OTP confirmation succeeds, the eDDA authorization enters bank review stage, with EDDAEnquiry polling for final status.
eDDI API Complete Fields
eDDI (Electronic Direct Debit Instruction) is the actual debit request sent from moomoo to HSBC after eDDA authorization is complete.
EDDILaunchReq (Initiate Debit Request)
| Field | Type | Required | Description |
|---|---|---|---|
req_id | string(1-32) | ✅ | Request ID. Globally unique |
merchant_instruction_identification | string(≤35) | ✅ | DDI request ID. Debit instruction ID generated by moomoo |
mandate_identification | string(≤35) | ❌ | DDA reference. Either this or creditor_reference |
debtor_name | string(≤140) | ✅ | Payer name. User's name |
debtor_account | BankAccountInfo | ✅ | Payer account. User's HSBC account |
creditor_account | BankAccountInfo | ✅ | Payee account. moomoo's HSBC receiving account |
creditor_reference | string(≤35) | ❌ | Payee reference. Either this or mandate_identification |
instructed_amount_currency | string(3) | ✅ | Debit currency. Value "HKD" |
instructed_amount | string(≤18) | ✅ | Debit amount. e.g. "10000.00" |
remittance_information | string(≤140) | ❌ | Remittance information. Recommended to leave empty |
sms_language_code | string(≤10) | ❌ | SMS language. Debit notification language |
mandate_identification vs creditor_reference
These two fields are either/or to locate an eDDA authorization. mandate_identification is the bank-returned DDA reference ID, creditor_reference is moomoo's DDA identifier. In practice, mandate_identification is used preferentially.
EDDIRsp (Debit Response)
| Field | Type | Description |
|---|---|---|
payment_status | string | Transaction status: ACSC/RJCT/ACCP/ACSP |
resp_code | string | Bank response code |
reject_reason_list | RejectReasonList | Rejection reason list |
transaction_id | string | Bank transaction ID |
status | string | "return_ok" = bank has responded / "empty" = bank has not yet responded |
When status="empty", the bank hasn't finished processing yet; continue polling via the EDDIEnquiry interface.
EDDIEnquiry (Query Debit Result)
| Field | Type | Required | Description |
|---|---|---|---|
req_id | string(1-32) | ✅ | Request ID |
merchant_instruction_identification | string(≤35) | ✅ | DDI request ID (same as in Launch) |
creditor_account | BankAccountInfo | ✅ | Payee account |
The payment_status field in the query response determines the final debit outcome; see the "eDDI State Machine" section below for specific status code meanings.
eDDI Error Codes
When an eDDI debit is rejected by the bank (payment_status=RJCT), reject_reason_list returns specific error codes:
| Error Code | Meaning | Handling Suggestion |
|---|---|---|
| MPP02020 | eDDA cancelled or doesn't exist | Guide user to re-sign eDDA authorization |
| MPP02021 | Payer account closed | Notify user bank account is invalid |
| MPP02022 | Exceeded eDDA limit | Guide user to increase eDDA limit in HSBC App |
| MPP02038 | eDDA authorization dormant | Need to contact HSBC to reactivate |
| MPP02039 | eDDA expired | Guide user to re-sign eDDA authorization |
| MPP05000 | Exceeded account withdrawal limit | Suggest user reduce deposit amount or contact bank |
| MFD10007 | Duplicate transaction | Already processed on system side, no retry needed |
More Error Codes
For the complete eDDA/eDDI error code list, see Unified Error Code Center.
Deposit: MT910 Statement Collection
What is MT910
MT910 is a SWIFT standard bank message format used by banks to notify enterprises "a payment has arrived." HSBC pushes transaction information to moomoo via MT910 messages.
From July 2024, HSBC upgraded to real-time push (previously daily batch files), significantly improving deposit response speed.
Data Flow
File Processing Flow
| Step | Operation | Description |
|---|---|---|
| 1 | SFTP pull | Pull files from HSBC SFTP server by date |
| 2 | Download locally | Store in mt910_files/YYYYMM/ directory |
| 3 | GPG decrypt | Decrypt with private key, generate plain_ prefixed plaintext file |
| 4 | Parse messages | Regex match SWIFT tags, extract fields |
| 5 | Write to database | Store in raw_hsbc_bank_flow, deduplicate by transaction reference |
| 6 | Convert to flow | Call resolve_bank_flows() to write to flow system |
Processing frequency: Executed daily, processing yesterday's and today's files.
File Naming Convention
MT910.<Futu account>.<HSBC merchant code>.<timestamp>.TXT Example: MT910.741071039201.PC000001581.20210301120000.TXT
Monitoring Metrics
| Metric ID | Meaning |
|---|---|
| 1002976 | Script startup |
| 936360 | Exception error |
| 936363-365 | ListFiles operation stats |
| 936366-368 | GetFiles operation stats |
| 604339 | Duplicate transaction |
| 604340 | Database write failure |
eDDA/eDDI Direct Debit
What are eDDA and eDDI
| Concept | Full Name | Purpose |
|---|---|---|
| eDDA | Electronic Direct Debit Authorization | User authorizes moomoo to auto-debit from HSBC account |
| eDDI | Electronic Direct Debit Instruction | moomoo sends debit instruction to HSBC, debiting from user's account |
Simply put: eDDA is "signing authorization," eDDI is "executing debit." The user first signs eDDA authorization, then each time a deposit is made, the system automatically sends an eDDI debit.
eDDA Authorization Flow
eDDA Authorization Three Steps:
| Step | RPC Method | User Action | Bank Action |
|---|---|---|---|
| 1. Apply Authorization | EDDAApply | Fill in bank account info | Send OTP SMS to user's phone |
| 2. OTP Confirmation | OTPConfirm | Enter received SMS code | Verify OTP |
| 3. Query Status | EDDAEnquiry | Wait | Return authorization status |
eDDI Debit Execution
eDDI is the debit automatically executed by the system when users deposit. There are three deposit types:
| Type | Enum Value | Description |
|---|---|---|
FUND_HOLD | 11 | Fund regular investment, simultaneously freezes deposit |
STOCK_HOLD | 21 | Stock regular investment, simultaneously freezes deposit |
FUND_PURCHASE_HOLD | 31 | Fund purchase, simultaneously freezes deposit |
There are also three non-freezing base types: FOUNDING_AIP(1)=Fund regular investment, STOCK_MP(2)=Stock regular investment, FUND_PURCHASE(3)=Fund purchase.
eDDI State Machine
eDDI Procedure Complete Status Definition:
| Status | Meaning | Source | Subsequent Transitions |
|---|---|---|---|
| new | Debit instruction created | System initialization | → wait_process |
| wait_process | Initialization complete, ready to send | System processing | → pending / end_ok / end_reject |
| pending | Sent to bank, awaiting confirmation | Launch returns status="empty" or ACCP/ACSP | → end_ok / end_reject / repairing |
| end_ok | Debit successful | Bank returns ACSC | Terminal state, create deposit flow |
| end_reject | Bank rejected | Bank returns RJCT | Terminal state, record rejection reason |
| repairing | Exception needs manual intervention | System determines exception | → pending (retry after manual repair) |
Bank-Returned Debit Status Codes:
| Status Code | Full Name | Meaning | System Action |
|---|---|---|---|
| ACSC | Accepted Settlement Completed | Debit successful | → end_ok, create deposit flow |
| RJCT | Rejected | Bank rejected | → end_reject, record rejection reason |
| ACCP | Accepted Clearing in Progress | Clearing in progress | → pending, continue polling |
| ACSP | Accepted Settlement in Progress | Settlement in progress | → pending, continue polling |
| empty | — | Bank has not yet responded | Continue polling |
Polling & Retry Mechanism
After eDDI execution, results aren't immediate; bank polling is needed:
| Parameter | Value | Description |
|---|---|---|
| Normal polling interval | 1-4 seconds random | Avoid fixed frequency impacting bank |
| Peak period polling interval | 1-19 seconds random | Extended interval during peak |
| Peak period | 07:00-07:10 | Configurable |
| Retry threshold 1 | 3 times | Triggers alert when exceeded |
| Retry threshold 2 | 10 times | Escalates alert when exceeded |
| HTTP 429 handling | Auto retry | Queue and retry when bank rate-limits |
Rate Limiting (Token Bucket)
HSBC has call frequency limits on eDDA/eDDI interfaces. The system uses a token bucket mechanism to control request rate:
| Parameter | Value |
|---|---|
| Production rate | 4 requests/second |
| Default rate | 1 request/second |
| Lock strategy | Optimistic lock (timestamp field version check) |
| Normal polling interval | 1-4 seconds random |
| Peak polling interval | 1-19 seconds random (07:00-07:10) |
| Retry threshold 1 | 3 times → trigger alert |
| Retry threshold 2 | 10 times → escalate alert |
Why optimistic lock? Early implementation used pessimistic lock (exclusive lock), which caused lock timeouts in production (default 50 seconds), leading to request thread pile-up. After switching to optimistic lock with timestamp field version checks, lock waiting issues were avoided.
Token Bucket Working Principle
- Daemon process adds tokens to
token_buckettable at configured rate (4/sec) - Each request attempts to consume one token:
UPDATE ... SET token=token-1 WHERE token>0 AND timestamp=@version - If timestamp doesn't match (optimistic lock conflict), retry
- If token=0 (tokens depleted), request is rate-limited
eDDI Monitoring Metrics
| Metric ID | Meaning |
|---|---|
| 561904 | eDDI initialization |
| 561910 | Debit successful |
| 561911 | Debit failed |
| 561912 | Debit pending confirmation |
| 561913 | Timeout retry |
| 561925 | Retry exceeded 3 times |
| 561926 | Retry exceeded 10 times |
| 573198 | Duplicate transaction (MFD10007) |
| 589305 | HTTP error |
moomoo-Side Adaptation
MT910 → BankFlow Complete Mapping
After MT910 message parsing, conversion to moomoo's unified BankFlow structure via resolve_bank_flows():
| MT910 Field | SWIFT Tag | BankFlow Field | Conversion Rule |
|---|---|---|---|
| txn_ref_no | :20: | short_transaction_id | Direct mapping, used as dedup key |
| account_id | :25: | bank_account | Direct mapping |
| date (from :32A:) | :32A: first 6 digits | date | "20" + YYMMDD → YYYY-MM-DD |
| ccy (from :32A:) | :32A: digits 7-9 | ccy | ISO 4217 three-char → internal currency code |
| amount (from :32A:) | :32A: from digit 10 | credit | decimal string → amount |
| ordering_customer line 1 | :50K: | customer_account | Remitter's bank account |
| ordering_customer line 2+ | :50K: | en_name | Cleaned English name |
| ordering_institution | :52A: / :52D: | remarks (concatenated) | BIC code or bank name |
| sender_to_receiver_info | :72: | remarks (concatenated) | Remarks appended to remarks |
| — | — | bank_type | Fixed value: HSBC |
| — | — | flow_direction | Fixed value: CREDIT |
Matching Rules (HsbcMatch)
HSBC matching has two tolerance layers — strict tolerance for auto-deposit, relaxed tolerance for manual review:
| Scenario | HKD Tolerance | USD Tolerance | Trigger Condition |
|---|---|---|---|
| Auto-deposit | CRM - 65 ≤ Statement ≤ CRM | CRM - 14 ≤ Statement ≤ CRM | Name exact match + bank account match |
| Manual review | CRM - 420 ≤ Statement ≤ CRM | CRM - 60 ≤ Statement ≤ CRM | Name similar + amount close |
Why is tolerance in the negative direction? Bank transfers may have service fees deducted (e.g., wire transfer fees, intermediary bank fees), causing actual credited amount to be less than user-initiated amount. Tolerance only opens downward — statement amount can be less than CRM amount (fee deduction), but not more.
Bank Account Matching Special Processing:
| Processing | Description |
|---|---|
| Remove prefix | HSBC account numbers sometimes have a 3-digit bank code prefix (e.g., 004), system auto-removes prefix before comparison |
| Code list | Besides 004 (HSBC), also handles 024 (Hang Seng) and other affiliated bank codes |
| Fuzzy match | After prefix removal, align lengths then compare character by character |
eDDA Deposit Exclusion: If the deposit application method is DEPOSIT_METHOD_HSBC_EDDA (eDDI direct debit), the statement matching engine is skipped — because eDDI has its own independent crediting process and neither needs nor should match with MT910 statements.
eDDI → Deposit Flow Mapping
After eDDI debit succeeds (ACSC), the system automatically creates a deposit flow with different field sources than MT910:
| BankFlow Field | Data Source | Description |
|---|---|---|
short_transaction_id | EDDIRsp → transaction_id | Bank-returned transaction ID |
bank_account | EDDILaunchReq → debtor_account | User's HSBC account |
date | System current date | Debit execution date |
ccy | EDDILaunchReq → instructed_amount_currency | Debit currency |
credit | EDDILaunchReq → instructed_amount | Debit amount (no fee deduction) |
en_name | EDDILaunchReq → debtor_name | Payer name |
customer_account | EDDILaunchReq → debtor_account.account_identification | User's bank account |
deposit_method | — | Fixed value: DEPOSIT_METHOD_HSBC_EDDA |
eDDA Authorization Status Mapping
eDDA authorization maintains an independent state machine on the moomoo side:
| mandate_status (Bank) | moomoo Status | Description |
|---|---|---|
ACTV | Active | Can normally initiate eDDI debits |
SUSP | Suspended | Temporarily cannot debit, wait for restoration |
CANC | Cancelled | User or bank cancelled authorization, re-sign needed |
EXPR | Expired | Past duration_to_date, re-sign needed |
Withdrawal: Corporate Online Banking
HSBC withdrawal uses corporate online banking batch remittance, with method code hsbc.
| Dimension | Description |
|---|---|
| Method Code | TRANSFER_METHOD_HSBC = 'hsbc' |
| Classification | Electronic bank method (allEBankMethod) |
| Name | HSBC Online Banking Withdrawal |
| Automation Level | Semi-automated (requires corporate online banking operation) |
| Supported Currencies | HKD, USD |
| Approval Template | Tiered by amount, see Task.php → $stepTemplates |
Note: HSBC withdrawal uses the corporate online banking channel, not eDDI. eDDA/eDDI is only used for deposit direct debit; withdrawal is a completely independent channel.
Withdrawal Operation Flow
| Step | Operation | Role |
|---|---|---|
| 1 | System generates withdrawal batch file | Automatic |
| 2 | Operations imports into corporate online banking | Operations staff |
| 3 | Corporate online banking approval | Finance approver |
| 4 | Bank executes remittance | HSBC |
| 5 | System confirms withdrawal result | Automatic/Operations |
Change Guide
| Change Requirement | Modification Location | Description |
|---|---|---|
| Modify auto-deposit tolerance | HsbcMatch.php → amountSimilarForAuto() | Adjust HKD -65 / USD -14 thresholds |
| Modify manual review tolerance | HsbcMatch.php → amountSimilar() | Adjust HKD -420 / USD -60 thresholds |
| Add matching dimension | HsbcMatch.php → match() method | Add new matching conditions |
| Modify bank account prefix rules | HsbcMatch.php → bank code array | Add/modify 3-digit prefixes |
| Add new eDDI deposit type | EddiDepositType.php | Add new enum value + SBA configuration |
| Modify token bucket rate | sba_hsbc_eddi token_bucket daemon configuration | Adjust frequency parameter |
| Modify polling interval | sba_hsbc_eddi_worker.ini | Adjust rush/normal intervals |
| eDDA parameter changes | sba_hsbc_eddi proxy layer | Modify authorization parameters (frequency, amount, etc.) |
| MT910 field changes | hsbc_bank_flow_service → parse.py | Modify SWIFT tag parsing rules |
| Modify SFTP configuration | sftp_config.ini + parse_flow.ini | Modify server/account/path |
| GPG key replacement | hsbc_bank_flow_service/conf/ | Update private key and password |
| Modify withdrawal approval | Task.php → $stepTemplates | Adjust HSBC withdrawal approval template |
| Add new eDDI error code handling | sba_hsbc_eddi worker → error handling logic | Add new error code mapping |
| Modify :50K: name cleaning rules | hsbc_bank_flow_service → parse.py | Adjust prefix cleaning list |
Common Customer Complaints Top 3
| # | User Feedback | Cause | CS Script |
|---|---|---|---|
| 1 | "eDDA signing failed" | Phone number/name doesn't match HSBC records | "Please confirm your moomoo registered name and phone number match your HSBC bank registration info" |
| 2 | "Verification code expired" | OTP has a short validity period | "Please request a new verification code and enter it promptly after receiving" |
| 3 | "eDDA debit exceeded limit" | Exceeded the maximum debit amount set during authorization | "Your debit amount exceeds the authorization limit, please reduce the amount or contact HSBC to adjust the limit" |
Monitoring & Alerts
| Alert Item | Trigger Condition | Severity | Handling Steps |
|---|---|---|---|
| MT910 SFTP connection failure | SFTP file transfer interrupted | High | Check SFTP configuration and network connectivity, confirm GPG key not expired |
| eDDI Token Bucket depleted | 4 tokens/sec rate limiting triggered | Medium | Check if large number of debit tasks are queued, reduce concurrency appropriately |
| eDDI batch debit timeout | Debit tasks not returning results for extended time | Medium | Check sba_hsbc_eddi logs, confirm bank-side is normal |
| GPG decryption failure | MT910 file cannot be decrypted | High | Confirm GPG key not expired or replaced, contact HSBC to update |
After Reading
| I want to... | Go to |
|---|---|
| Compare Hang Seng's eDDA/eDDI differences | Hang Seng |
| Understand the full matching engine logic | Matching & Auto-Deposit |
| Check eDDA/eDDI error codes | Unified Error Code Center |
| See HSBC's position among all banks | Bank Capability Matrix |
| Understand eDDA/eDDI's role in the architecture | System Architecture & Data Flow |
| Understand how SBA orchestration layer schedules eDDI | SBA Fund Orchestration |
| View the general deposit statement collection process | Statement Collection Channels |