Caribbean-built · For banks, payment processors & regulated businesses

Audit-ready KYC document collection.

Send a request, get clean files back, ship the audit trail. Built for compliance teams that need everything traceable, encrypted, and ready when the regulator asks.

Request a demo See how it works
End-to-end audit log Encrypted at rest MFA for staff Tenant-isolated

Capabilities

A focused stack for KYC operators.

Not a generic file-share with compliance bolted on. Every feature is shaped by what regulated reviewers actually need.

Templates

Compliance-grade document collection

Pre-built workflow templates per use case — corporate KYC, individual KYC, bank-account opening. Send once, track every file, never lose the audit trail.

Didit

Identity verification, bundled

Hosted passport + liveness + face match + AML powered by Didit. Approved in ~60 seconds, with the full compliance PDF stored alongside the rest of the file.

Audit

End-to-end audit trail

Every action — viewed, uploaded, scanned, approved, overridden — logged with the actor and timestamp. Hash-chained, append-only, exportable when the regulator asks.

How it works

Four steps. No surprises.

The product takes a request from "we need their files" to "we have the audit trail" without the email chase, the lost attachments, or the spreadsheet of who-uploaded-what.

  1. 01

    Send a request

    Pick a client, apply a workflow template, and send. The client gets an email link with everything they need.

  2. 02

    Client uploads

    Single sign-in, drag-and-drop. Every file is virus-scanned and quarantined before a reviewer can read it.

  3. 03

    Reviewer approves

    One inbox per reviewer. Approve, request a replacement, or reject with a reason. Decisions push the request forward.

  4. 04

    Audit-ready file

    Bundle of files, decisions, identity verifications, and the full audit log. Export when the regulator asks. Done.

Security & compliance

Built like the audit will happen.

Because eventually one will. Specifics, not platitudes.

Tenant-isolated by design
Every database query is scoped to the operator org. No cross-tenant leakage, even on misconfigured queries — enforced as a hard architectural rule.
Append-only audit log
Audit entries are immutable, enforced by database triggers — not application code that can be bypassed. Every action carries actor + IP + timestamp.
Anti-virus on every upload
ClamAV scans every file before reviewers can open it. Infected uploads are quarantined; clean files move to live storage with a checksum on record.
MFA for staff
Required for super_admin, org_admin, org_reviewer, external_reviewer. Optional for client users so the upload flow stays low-friction.
Encrypted at rest
Documents encrypted in object storage; daily off-site backups encrypted with a separately-vaulted key. 90-day retention with proven round-trip restore.
Caribbean-built, EU-hosted
Designed by a team that works with Caribbean financial institutions every day — CFATF and ECCB expectations baked in, not bolted on. Hosted in Germany for predictable jurisdiction, TLS 1.3, and a proven backup-restore chain.

Ready when you are

Bring bank-grade KYC to your team.

Walk through the live product with us. We’ll show you the reviewer flow, the verification flow, and the audit log — on real, redacted batches.

Email us for a demo Sign in to your account