Contract Skill — A ready-to-use MOVA HITL workflow. Requires the openclaw-mova plugin.

MOVA Supply Chain Risk Analysis

Screen your supplier list against sanctions registries, PEP databases, ESG ratings, and financial stability indicators — with a per-supplier risk band, source citations, and a mandatory human procurement decision gate backed by a tamper-proof audit trail.

What it does

1. Supplier ingestion — accepts a list of supplier names, IDs, countries, and procurement category
2. Multi-source screening — OFAC / EU / UN sanctions, PEP registries, ESG ratings, adverse media, financial stability
3. Risk report — per-supplier risk band (low / medium / high / critical) with source citations and finding details
4. Human gate — procurement manager reviews findings and chooses: approve all / approve clean only / reject all / escalate
5. Audit receipt — all data sources, query timestamps, screening results, and the human decision are logged for supply chain transparency audits

Mandatory escalation rules enforced by policy:

• Sanctions hit on any supplier → immediate escalation, cannot approve batch
• Critical risk band (≥ 2 suppliers) → mandatory escalation to compliance team
• PEP flag with procurement value above threshold → escalate required

Requirements

Plugin: MOVA OpenClaw plugin must be installed in your OpenClaw workspace.

Data flows:

• Supplier data + procurement category → api.mova-lab.eu (MOVA platform, EU-hosted)
• Supplier names/countries → sanctions & PEP screening (OFAC, EU, UN — read-only)
• Supplier IDs → ESG ratings and adverse media lookup (read-only)
• Supplier name/country → company registry and financial stability check (read-only)
• Audit journal → MOVA R2 storage, signed
• No data stored locally or sent to third parties beyond the above

Demo

Step 1 — Supplier batch submitted with screening request

Step 2 — AI screening: sanctions hit on SUP-002, ESG risk on SUP-003, mandatory escalation triggered

Step 3 — Audit receipt + signed decision log

Quick start

Say "screen these suppliers for procurement" and provide:

suppliers:
  - id: SUP-001, name: Acme GmbH, country: DE
  - id: SUP-002, name: Delta LLC, country: US
category: raw_materials
requestor_id: EMP-2201

The agent submits the batch, shows the per-supplier risk report with sanctions and ESG findings, then asks for your procurement decision.

Why contract execution matters

• Sanctions rules are policy, not prompts — any sanctions hit triggers mandatory escalation that cannot be bypassed
• Multi-source traceability — every finding is tagged with its source (OFAC / EU / UN / ESG / registry)
• Immutable audit trail — when a compliance officer or regulator asks "who cleared supplier SUP-002 and why?" — the answer is in the system
• EU Supply Chain Due Diligence / OFAC ready — procurement decisions require documented screening history, source citations, and human sign-off

What the user receives

Output	Description
Suppliers screened	Total count in batch
Critical / high / medium / low	Count per risk band
Per-supplier risk band	low / medium / high / critical
Sanctions result	OFAC / EU / UN hit or clear with match details
PEP flag	PEP status and category
ESG score	Rating and adverse media flags
Financial stability	Registration status, insolvency signals
Findings	Per-supplier structured list with source and severity
Recommended action	AI-suggested decision
Decision options	approve_all / approve_clean / reject_all / escalate
Audit receipt ID	Permanent signed record of the procurement decision
Compact journal	Full event log: screening → risk report → human decision

When to trigger

Activate when the user:

• Provides a supplier list (names, IDs, or CSV)
• Says "screen these vendors", "run supply chain check", "due diligence on supplier"
• Asks to prepare a procurement risk report before signing contracts

Before starting, confirm: "Screen [COUNT] suppliers for MOVA supply chain risk analysis?"

If supplier data is missing — ask once for: supplier names/IDs, country of registration, procurement category.

Step 1 — Submit supplier list for screening

Call tool mova_hitl_start_supply_chain with:

• suppliers: array of objects with id, name, country (ISO 3166-1 alpha-2)
• category: raw_materials / logistics / technology / services
• requestor_id: employee ID of the procurement requestor

Step 2 — Show risk report and decision options

If status = "waiting_human" — show the screening summary:

Suppliers screened: COUNT
Critical:           CRITICAL_COUNT
High risk:          HIGH_COUNT
Clean:              CLEAN_COUNT

[Per-supplier table: ID | Name | Country | Risk band | Top finding]
Recommended action: ACTION ← RECOMMENDED

Option	Description
approve_all	Approve all screened suppliers
approve_clean	Approve only clean suppliers, block high-risk
reject_all	Block entire batch pending further review
escalate	Escalate to compliance team

Call tool mova_hitl_decide with:

• contract_id: from the response above — this is ctr-scr-xxxxxxxx, NOT a supplier ID
• option: chosen decision
• reason: procurement manager reasoning (required for reject_all and escalate)

Step 3 — Show audit receipt

Call tool mova_hitl_audit with contract_id. Call tool mova_hitl_audit_compact with contract_id for the full signed screening chain.

Connect your real screening systems

By default MOVA uses a sandbox mock. To route checks against your live infrastructure, call mova_list_connectors with keyword: "supply".

Relevant connectors:

Connector ID	What it covers
connector.screening.pep_sanctions_v1	PEP & sanctions screening (OFAC, EU, UN)
connector.esg.ratings_v1	ESG ratings and adverse media
connector.data.company_registry_v1	Company registration status
connector.data.company_enrichment_v1	Financial stability and enrichment data

Call mova_register_connector with connector_id, endpoint, optional auth_header and auth_value.

Rules

• NEVER make HTTP requests manually
• NEVER invent or simulate screening results — if a tool call fails, show the exact error
• Use MOVA plugin tools directly — do NOT use exec or shell
• CONTRACT_ID is ctr-scr-xxxxxxxx from the mova_hitl_start_supply_chain response — NOT a supplier ID