For a system of record, trust is the product.
Evidiam holds the evidence a regulator or sponsor bank will examine. The architecture is built around four promises: your data is isolated, the record can't be quietly altered, every judgment is attributable to a person, and every accepted artifact stays under your control.
Your tenant is walled off in the database itself.
Every program runs under Postgres row-level security, enforced by a non-superuser application role. Tenant scope is set per transaction; one tenant can never read another's records, even through application bugs.
An append-only record you can verify.
Every material event is written once into a per-tenant hash chain, where each entry seals the one before it. Alter a past record and the chain breaks. Verification is a function you can run, not a promise you have to take.
Every judgment carries a name.
Dispositions, decisions, and sign-offs record who acted, in what role, and when. AI-assisted items are labeled. The sign-off chain is enforced in order, by the roles your template requires.
The evidence is yours to keep.
Evidiam is neutral by design. Your accepted record is structured the same way for every sponsor bank, exportable on demand, and not locked inside the party that examines you.
Stated plainly.
No vague assurances. Here is how the system actually behaves.
- Tenant isolation
- Postgres row-level security, non-superuser app role
- Evidence integrity
- Append-only, per-tenant SHA-256 hash chain
- Integrity check
- Chain verification you can run on demand
- Data access
- Read-only warehouse role, SELECT-only
- Write-back
- None. Evidiam never writes to source systems
- Payment rails
- None. Evidiam never moves money
- AI authority
- Drafts only. No final action without human sign-off
- Review links
- Token-scoped, expiring, revocable, and scoped to one period
- Token storage
- Bearer tokens are hashed at rest and shown once at creation
- External views
- Frozen signed packets only. Reopened drafts are not exposed
- Accepted artifacts
- Snapshot version, state hash, and PDF SHA-256 are pinned
- Access logs
- External profile and packet downloads are recorded per tenant
- Auditability
- Full event history per tenant, exportable
The model never holds the pen.
AI drafts rationale and narrative from your data, and it is constrained to your real records, with source quotes that guard against invention. But a draft is not a decision. Every regulatory judgment is reviewed and signed by a named officer before it becomes part of the record, and that gate is enforced by the system, not left to discipline.
Shared evidence stays controlled.
Evidiam exposes accepted proof without exposing live work. Public surfaces are scoped, logged, revocable, and tied to frozen artifacts.
Reviewer portal
A bank reviewer can open a scoped link, download the examination binder, accept the packet, or request changes.
Trust profile
A prospective sponsor bank can inspect accepted packets without an Evidiam account and match each PDF to its pinned hash.
Access trace
Views and downloads are written to an external access log so the fintech can see who opened shared proof.
Formal attestations, in progress.
SOC 2 and the supporting control program are underway. We'd rather tell you exactly where we are than imply a badge we haven't earned yet. Ask us for the current status.