Configurable Document Automation Platform for Export Compliance

It began with a single request: to create the correct certificates for each consignment and to do so more efficiently. But there was a deeper friction behind it: export data zigzagged through spreadsheets, email chains, and tribal knowledge. Every misstep delayed customs clearance, and every patch-up increased the risk.

Devox Software responded with a configurable document automation platform designed for both speed and control. A FastAPI-based orchestrator combines scanned input, OCR, field-level confidence scoring, validation rules, and dynamic template rendering — all in a cloud-native, observable architecture.

Business users control requirements via JSON profiles that are versioned with Git. Whether it’s a new target, a changed regulation, or a new certificate format, the system adapts in minutes, not days. What used to crawl through the inbox now flows through a regulated, explainable pipeline that delivers export-ready packages in less than seven minutes, with built-in proof of testing.

• Solution Architect (intelligent automation & export compliance)
• 2 Full-Stack Engineers (React, FastAPI/Python)
• QA Automation Engineer
• DevOps Engineer (Docker, Kubernetes, CI/CD, monitoring)
• Business Analyst (export logistics & regulatory compliance)
• Project Manager

• Fragmented data inputs. Each shipment relied on three separate sources — PDF invoices, PDF packing lists, and XLSX/XML transport tables — whose inconsistent layouts and labels slowed every hand-off.
• Manual data extraction. Operators keyed up to 120 critical fields per load (sender data, SKUs, seal numbers) from raw documents, pushing accuracy below 88 % and spawning rework across finance and logistics.
• Country-specific variability. Thirty-four destinations required more than 85 certificate variants; every regulatory tweak necessitated code edits and full retests, thereby throttling the release cadence.
• No structured validation flow. With no pre-flight checks, malformed files and mismatched units surfaced only during certificate generation — or worse, at customs — when fixes were most costly.
• Rigid scaling model. Adding a new country meant cloning rules deep inside the stack, as no dynamic configuration layer existed to absorb changes without downtime.
• No feedback on OCR confidence. Early parsing returned values without certainty scores, leaving teams unsure which numbers to trust or verify.
• Broken traceability. Generated certificates lacked a link to the source documents or rule sets, thereby undermining audits and complicating dispute resolution.

• Frontend: React 18, Vite, i18next (multi-language), React Router, Material UI
• Backend: FastAPI (Python 3.11), Pydantic v2, Celery task queue
• AI & OCR: Google Gemini Pro for NER/classification, pytesseract for OCR, spaCy, pandas, openpyxl.
• Document Generation: docxtpl (DOCX), openpyxl + xlsxwriter (XLSX), pdfkit (PDF/A consolidation).
• Configuration Management: Git-versioned JSON templates per country, hot-reload via S3 event triggers.
• Database: PostgreSQL 14 on AWS RDS with partitioning for per-country datasets
• Storage: AWS S3 (versioned, server-side encryption) with pluggable adapters for Azure Blob / GCS.
• DevOps & Deployment: Docker, Terraform, GitHub Actions CI/CD, AWS ECS Fargate (prod).
• Authentication & Security: JWT (Auth0), AWS KMS–managed secrets, IAM fine-grained roles.
• Monitoring & Logging: AWS CloudWatch, Grafana Cloud dashboards, Loki centralized logs.

Devox Software embedded an Intelligent Automation layer inside the client’s CS IT-Enterprise stack, converting fragmented inputs into a governed, template-driven certificate factory.

• Unified ingest pipeline. A single upload action accepts three artifacts per shipment — PDF invoices, PDF packing lists, and XLSX/XML transport tables. FastAPI services stream files to an OCR + parser pool; image blocks feed a fine-tuned Tesseract engine, while tabular data flows through pandas / openpyxl extractors.
• Country-driven configuration engine. Every destination (34 today) is represented by a Git-versioned JSON profile that lists mandatory fields, validation masks, and output layouts. Adding a new market means committing a profile — no code edits, no downtime.
• AI-assisted field validation. The pipeline assigns a confidence score to each extracted value. Scores below the acceptance threshold surface instantly in the web console, directing users to the exact field for correction.
• Certificate rendering workflow. Validated data triggers a chain of templating workers that assemble DOCX and XLSX artefacts: conformity certificates, safety declarations, transit sheets, and multi-page annexes. All layouts align with the latest local regulations.
• Operator-first web console. A React interface lets authorised staff drag-and-drop files, edit dynamic fields, review flagged values, and download the final certificate pack — all without leaving the browser.
• Cloud-native execution. Docker-packaged services run on AWS ECS Fargate behind an API gateway. PostgreSQL stores structured data, while S3 retains originals, renders, and audit traces. CI/CD pushes versioned containers, while CloudWatch and Grafana guard performance and uptime.

BUSINESS OUTCOMES

• AI-governed by design. The platform aligns with EU AI Act guidelines for customs-focused automation, offering explainable extraction, human-in-the-loop reviews, and traceable shipment evidence.
• ~80% reduction in manual work. Key entries decreased from ~110 to ~24 FTE equivalent, thanks to AI-assisted extraction and one-click certificate generation.
• < 7‑minute certificate turnaround. The average cycle time dropped from 26 hours to ~1 hour and 45 minutes, making same-day customs filing feasible across all 34 lanes.
• ~99 % field-level accuracy. Confidence-driven OCR and pre-flight validation reduced human error by ~90%, with no customs rejections reported in production.
• Downtime-free market rollout. Four new country profiles were deployed in Q1 using JSON configurations.
• Audit-ready traceability. Each certificate includes links to its input files, applied logic, and configuration version, simplifying compliance reviews.

TECHNICAL OUTCOMES

• Fully decoupled micro-architecture. React UI, FastAPI services, OCR workers, and template renderers deploy independently, allowing for parallel feature work and hot fixes.
• Config-driven agility. Country templates, field rules, and language packs live in Git-versioned JSON; a regulatory change now ships to prod in < 1 hour instead of 5 days.
• End-to-end observability. CloudWatch metrics and Grafana dashboards track ingest latency, OCR confidence, and template health; SLO breaches trigger Slack alerts.
• Elastic performance at peak. Fargate cluster auto-scales to 12,000 docs/hour while keeping CPU below 60 %; PostgreSQL partitions and S3 object versioning maintain throughput.
• Mature CI/CD pipeline. Automated tests (92 % coverage), blue-green deploys, and secure pipelines ensure reliable rollouts across all stages.