Trust & privacy

Built for regulated work.

Provenance, review gates, and privacy architecture — in business language. Written for advisor compliance, BD compliance officers, and firm InfoSec.

AudienceAdvisor compliance · BD compliance · firm InfoSec
PostureConfigurable per deployment · firm-administered
ReviewHuman-in-the-loop · advisor-approved before delivery
Audit trailChain-of-custody record on every output
CertificationSOC 2 Type I · targeted Year 1
Six capabilities

The controls a compliance officer asks about first.

Each one is default. Not a toggle, not an upgrade, not an add-on. Deployed in every posture, named in the SOW.

Capability · 01

Confidence on every finding.

Every finding carries a confidence score and a severity. Reviewers see both before approving.

Capability · 02

Citations back to source documents.

Article, section, page — inline on the finding card. No unsourced claims reach an advisor's desk.

Capability · 03

Review required before delivery.

Advisor-approval strip gates every artifact. Nothing leaves the building until a named reviewer clears it.

Capability · 04

Anonymization before cloud processing.

Client identifiers and PII are stripped before any external call. Re-hydration happens locally.

Capability · 05

Exportable audit trail.

Every upload, every finding, every approval — per case, per advisor, per month. Firm-controlled retention.

Capability · 06

Configurable privacy posture.

Local-only, hybrid with logging, or integrated. Configured once at firm level; advisors inherit.

Configurable posture

Three modes. One decision at firm level.

The analytical output is identical across all three modes. What changes is where processing happens, what leaves the environment, and how much is logged when it does.

Mode · 01

Local-only.

All processing stays on premises hardware. No external calls during a case run. The analytical engine runs inside the firm's compute boundary.

Fit · Firms with on-prem compliance architecture; highest-control deployments.
  • On-prem compute boundary
  • No external inference calls
  • Full audit export
Mode · 02

Hybrid with logging.

External escalation permitted for a defined class of tasks. Every call is logged — call metadata, scope, timestamp, and reviewer — and made available to the firm's audit pipeline.

Fit · Most firm deployments; balances depth and governance.
  • Scoped external escalation
  • Per-call log capture
  • Full audit export
Mode · 03

Integrated.

Full cloud processing with full audit trail. Fastest deployment, same disclaimer scope, same reviewer gate. Chain-of-custody record on every output.

Fit · Advisors and firms aligned with SC's default cloud posture.
  • Cloud processing
  • Chain-of-custody record
  • Full audit export
How review works

Five moves from finding to delivered artifact.

The human-in-the-loop sequence. No artifact leaves the portal without a named advisor clearing the approval strip — and if inputs change downstream, the artifact returns to this queue.

Step01 · Surface
Step02 · Review
Step03 · Decide
Step04 · Deliver
Step05 · Re-queue
01
Needs review

A finding surfaces with severity, citation, and confidence. The reviewer sees all three before they see anything else.

CriticalTrust · Fiduciary
Named successor trustee is deceased.
ConfidenceHigh · 92%
CiteArt. XI(c) · p. 24
SourceEngine
02
Needs review

Advisor reviews in the findings workbench. State chip reads "Needs review." Every finding has a clear owner and timestamp.

Findings9 · 1 critical
Successor trustee deceased
Portability window · 94 days
ILIT Crummey log gap
Trust funding complete
OwnerJ. Cole · advisor
03
Decision logged

Advisor approves, requests more information, or flags for attorney review. Every decision is logged with reviewer identity and timestamp.

Approve
Request more info
Flag for attorney review
Logged17 Apr · 14:22
04
Approved

Deliverable regenerates with approved findings. State chip flips from "Needs review" to "Approved." Artifact is clear to leave the portal.

Advisor Summary · v1.0
Rendered14:24 · 17 Apr
ApproverJ. Cole
Output4 artifacts · signed
05
Stale

If inputs change, the deliverable auto-marks "Stale" and re-enters the review queue. Stale artifacts cannot be re-sent without a fresh approval.

Advisor Summary · v1.0 — superseded
TriggerNew trust amendment
NextRe-review · step 02
HandlerQueue · auto
Every state change · audit-loggedNo artifact leaves without a named reviewer clearing the strip.
Disclaimers & audit trail

Every output wraps every required disclaimer. Automatically.

Master disclaimer, Circular 230, AI-use disclosure, chain-of-custody, human-in-the-loop certification. Applied at render time, not at the discretion of the advisor.

Master disclaimer. Circular 230. AI-use disclosure per ABA Resolution 512. Chain-of-custody record. Human-in-the-loop certification. Every output wraps every required disclaimer automatically.

  • Master disclaimer
  • Circular 230 notice
  • AI-use disclosure — ABA Resolution 512
  • Chain-of-custody record
  • Human-in-the-loop certification
  • Firm-configurable supplemental language
Language is versioned, jurisdiction-aware, and carried on every artifact the portal renders.
RoadmapCompliance posture
SOC 2 Type I targeted for Year 1. Data processing agreements available for firm deployments.
ProcurementAvailable on request
Next step

Talk to our team about your compliance posture.

Thirty minutes with SC and your InfoSec or compliance lead. Walk the review sequence, the posture modes, and the audit export together.

Talk to us See the analytical depth