LARGENTIQ
AI-orchestrated lending operations
Trust & Compliance brief
June 14, 2026
June 14, 2026
Decisions you can defend.
A one-page summary of how LargentIQ processes loan applications, constrains its AI agents, and produces an auditable trail for every officer decision.
Pipeline architecture
Five sequential, observable agents run against each application. Each persists structured JSON before the next begins. A human officer is always in the loop — agents recommend, officers decide.
- Intake — parses form, flags missing fields, surfaces anomalies.
- Verification — cross-checks declared data vs. uploaded documents (pypdf text extraction).
- Risk — 0-100 score using product-specific weights (configurable per tenant).
- Compliance — KYC / AML / eligibility pass against current policy.
- Decision — synthesizes the prior four into an officer-facing recommendation.
AI model card
Model
Claude Sonnet 4.5 (anthropic/claude-sonnet-4-5)
Provider
Anthropic via Emergent integrations
Output
Structured JSON per agent; schemas pinned
Hosting
Anthropic infrastructure, no fine-tuning
Training exposure
Applicant data is NOT used for model training
Customer-facing text
Deterministic post-filter strips internal terms (KYC/AML/DTI) before reaching the applicant
Webhook signature scheme
On approval, LargentIQ POSTs JSON to your URL with an HMAC-SHA256 signature header.
X-LargentIQ-Event: loan.approved X-LargentIQ-Signature: <hex(hmac_sha256(secret, body))> Content-Type: application/json
Data & residency
Database
MongoDB (managed)
Documents
Encrypted at rest
Transport
TLS 1.3 end-to-end
Passwords
bcrypt, per-record salt
Session
JWT HS256, 72h expiry
Backups
Daily, 14-day retention
Region
EU / IN / US-East available per tenant
Audit & retention
Every officer decision logs: officer id, email, application id, action, bulk flag, timestamp, and free-text note. Bulk actions use a per-call sentinel UUID so prior decisions are never re-attributed.
Audit retention
Indefinite, append-only
App retention
Active tenancy
Right-to-erasure
GDPR Art. 17 (in progress)
Compliance roadmap
| TLS 1.3 transport on all routes | Shipped |
| JWT auth + role-based access control | Shipped |
| HMAC-SHA256 signed outbound webhooks | Shipped |
| Immutable audit log per officer decision | Shipped |
| Deterministic safety post-filter on AI text | Shipped |
| PII redaction in /explain output | Shipped |
| GDPR Article 17 (erasure) endpoint | In progress |
| SOC 2 Type I | Planned |
| SOC 2 Type II | Planned |
| ISO 27001 | Planned |
| RBI Digital Lending Guidelines alignment | Planned |