LARGENTIQTrust & compliance
One-page PDFLive status →
Trust & compliance

Decisions you can defend.

How LargentIQ handles your applicants' data, how the AI is constrained, and what we'll show your auditor when they ask.

trust@largentiq.com

Architecture overview

Every loan application flows through a deterministic, observable pipeline of five specialized agents. Each agent runs sequentially against the same application context; outputs are persisted as structured JSON before the next agent starts.

  • Intake — parses the form, surfaces missing fields, calls out anomalies.
  • Verification — cross-checks declared data against uploaded documents (PDF text extracted via pypdf).
  • Risk — computes a 0-100 score using product-specific weights configured per tenant.
  • Compliance — KYC / AML / eligibility pass against current policy.
  • Decision — synthesizes the prior four into an officer-facing recommendation.

A human officer is always in the loop: agents recommend, officers decide. Every approval and rejection is logged with the officer's identity, timestamp, and optional note.

AI model card

Model
Claude Sonnet 4.5 (anthropic/claude-sonnet-4-5)
Provider
Anthropic via Emergent integrations
Output format
Structured JSON per agent; schemas pinned
Temperature
Default (no manual override)
Hosting
Anthropic infrastructure, no model fine-tuning
Training data exposure
Applicant data is NOT used for model training

Each agent receives a strict system prompt with an output schema. A deterministic post-filter scrubs the customer-facing "Draft applicant message" output before it ever reaches the applicant — internal terms (KYC, AML, DTI, risk_score, etc.) are replaced with plain-language synonyms.

Data & residency

Application database
MongoDB (managed)
Document storage
Encrypted at rest; base64 in document collection
Transport
TLS 1.3 end-to-end
Password storage
bcrypt with per-record salt
Session
JWT (HS256, 72h expiry)
Backups
Daily snapshots, 14-day retention
Region
Per-tenant: contact us for EU / IN / US-East deployments
PII categories
Name, DOB, phone, address, income, identity docs

Audit & retention

Every officer decision is recorded in audit_logs: officer id, officer email, application id, action (approved / rejected), bulk flag, timestamp, and the officer's free-text note. Bulk actions use a per-call sentinel UUID so only the apps actually modified by that call are logged — protecting prior decisions from being re-attributed.

Audit log retention
Indefinite (immutable append-only)
Application retention
As long as your tenancy is active
Right-to-erasure
GDPR Article 17 endpoint (in progress)
Officer activity view
/audit page with per-officer performance

Webhook signature scheme

On every approval, LargentIQ posts JSON to your configured webhook URL with an HMAC-SHA256 signature. Verify in any language:

# Headers sent X-LargentIQ-Event: loan.approved X-LargentIQ-Signature: <hex(hmac_sha256(secret, body))> Content-Type: application/json # Verify in Python import hmac, hashlib expected = hmac.new(SECRET.encode(), raw_body, hashlib.sha256).hexdigest() assert hmac.compare_digest(expected, request.headers["X-LargentIQ-Signature"]) # Verify in Node.js const expected = crypto.createHmac("sha256", SECRET) .update(rawBody).digest("hex");

Shared secret and webhook URL are configured per-tenant in the officer Settings page. Rotate either at any time without downtime.

Compliance roadmap

What we have today, what we're building, and what we've committed to.

Encrypted transport (TLS 1.3) on all routes
shipped
JWT auth + role-based access control
shipped
HMAC-SHA256 signed outbound webhooks
shipped
Audit log for every officer decision
shipped
Deterministic safety post-filter on AI text
shipped
PII redaction in /explain output
shipped
GDPR data-export endpoint
in progress
SOC 2 Type I
planned
SOC 2 Type II
planned
ISO 27001
planned
RBI Digital Lending Guidelines alignment
planned

Custom domain setup

You can run your own status page at a domain your prospects recognize, e.g. status.yourbank.com — same page, same numbers, your branding.

  1. 1 · Pick a subdomain
    Typical choices: status.yourbank.com, trust.yourbank.com, or sla.yourbank.com.
  2. 2 · Add a CNAME record
    In your DNS console: CNAME status.yourbank.com → lending-decision-ai.emergent.host (TTL 300).
  3. 3 · Email us to attach the domain
    Send the CNAME confirmation to trust@largentiq.com — we provision the SSL cert and verify your /status-page renders on the new domain. Typical turnaround: 1 business day.
  4. 4 · Share with prospects
    Compliance teams take a partner-domain status page far more seriously than a vendor URL.
Questions for procurement, audit, or legal?
trust@largentiq.com

Made with Emergent