One Compliance Manifest defines the program. The engine generates
SQL, dashboards, MRM dossiers, and the examiner pack from it. An immutable hash-chained
audit ledger lets any historical run replay byte-for-byte. Apache 2.0, runs in your
perimeter, no per-seat licence.
10example specs8curated typologies32dashboard pages38CLI commands2,000+tests · all green5jurisdictionsApache 2.0licence
The data layer underneath
Connect once. Validate forever.
AML's binding constraint isn't detection — it's getting one clean view across
core banking, payment rails, KYC, sanctions, and fraud. The framework ships
9 connectors (CSV / Parquet / DuckDB / Snowflake / BigQuery /
S3 / GCS / synthetic / ISO 20022 native), data-contract
enforcement with per-attribute freshness pinning, and a DATA-N →
artifact map linking each of the 11 whitepaper data pains to the page
/ CLI / module that closes it.
9connectors out of the boxISO 20022pacs.008 · pacs.009 · pacs.004 · pain.00111data pains, one surfaceFail-closedcontract validation
When an examiner asks "show me why this alert fired", the answer is one paste
box away. The framework stamps the source file path, schema hash, rendered SQL,
rule version, and the exact matched source rowids on every
alert. walk_lineage(case_id) returns the chain; the new Lineage
Explorer page renders it: source → DuckDB table → query → matched rows →
alert → case → STR. Every link is hash-chained so a re-run with the same spec
and data produces an identical chain.
7-linkchain, source row → STRHash-chainedtamper-evidentReproduciblesame spec + data → same hashesJSON exportfor SAR attachment
Same framework, two faithful narrations — a McKinsey-style board pack for executives,
and a dual-pane architecture deck for engineering and 2LoD. Each side has a live HTML
deck, a narrated video, and a printable PDF. Click any artifact — it opens in the
viewer with the top nav still available, so switching sides is one click.
For executives
Board briefing
CCO · MLRO · Audit Committee · CRO · CFO
McKinsey-style board pack. Action titles, exhibit numbers, primary-source
citations on every page. White-paper aesthetic — print-ready, email-able.
Head of Eng · CTO · 2LoD validation · Internal Audit
Dual-pane architecture deck. CCO question on the left, real CLI output on the
right. 7-act narrative covering audit chain, backtester, multi-jurisdiction.
Across recent enforcement orders, regulators rarely allege the bank missed a typology. They allege the bank cannot evidence what it did. Process and governance gaps outnumber data and model gaps roughly 2:1 in the consent orders surveyed.
FCA Dear-CEO Letter · Mar 2024
"Decisions made in relation to financial crime were not supported by evidence or an audit trail of debate and challenge."
UK retail banks + Annex 1 firms · still operative in 2026 · PAIN-1 in research
FinCEN TD Bank consent order · Oct 2024 · $3.09B
"Trillions of dollars in transactions annually [went] unmonitored." The detection queue was in "red status" in board reporting for years.
Largest BSA enforcement of 2024 · framing case for 2025-26 · case study
LexisNexis True Cost · Feb 2024
"Annual cost of financial crime compliance totals $61 billion in the United States and Canada." 57% labour, 40% tech, 3% other.
FinCEN Sep 2025 RFI framed it: "is the juice worth the squeeze?" · PAIN-8 in research
What we built — one Manifest, four layers.
Policy, data contracts, detection rules, case workflow and regulator mapping live in one versioned document — the Compliance Manifest (an aml.yaml file, for engineers). Every runtime artifact is generated from it; an immutable hash-chained audit ledger records every decision so any historical run can replay byte-for-byte. This is what kills the drift that causes AML enforcement actions.
Authored by
CCO / MLRO — writes the Manifest; signs the decision log.
Operated by
Engineer / 1LoD — runs the generators + the engine.
Operated by
Engineer / 1LoD — manages the alert + case stream.
Verified by
Audit / Regulator — replays history byte-for-byte.
📜PolicyThe Compliance Manifest · aml.yaml for engineers · reviewed via PR
One Compliance Manifest defines policy. Generation, runtime and audit all flow from it — deterministically, every time.
📜
Stage 01
Compliance Manifest
Compliance writes one spec. Rules cite the regulation that justifies them.
⚙️
Stage 02
Generators
SQL, DAGs, tests, MRM dossiers, control matrix — all built from the Manifest.
⚡
Stage 03
Engine
Rules execute on the warehouse. Alerts produced with full evidence chain.
⚖
Stage 04
Cases & STRs
SLA-timed queues, auto-drafted narratives, regulator-ready ZIP exports.
🔒
Stage 05
Audit ledger
Every decision SHA-256-chained. Re-run any history byte-for-byte.
same Manifest + same data + same seed = identical output hashes
FCA Mar 2024 · FinCEN Apr 2026 NPRM · SR 26-2 effective Apr 2026
Same Manifest, four sizes.
Lean fintech to Tier-1 bank — different scope, same single-source-of-truth pattern. The framework fits where you are.
Mid-tier bank
Tier-1 bank
FinTech ◆
Scaling fintech
Pilot + 2LoD challenger10–20 compliance · single juris
MRM challenger model100+ FTE · global · SR 26-2
★ Primary platform1 MLRO · pilot in weeks
Cross-border platformsmall team · multi-juris · ISO 20022
FinTech / EMI applicant★ Primary
One lean team holds the whole program. Demo on synthetic data in minutes; pilot on your data in weeks; defensible program (tuned + 2LoD-reviewed) in months — not the 9-24-month commercial deploy window. Once running, the cure-notice evidence pack is one CLI command and the investor-DD answer is a query, not a consultant engagement.
Scaling fintech / VASP / cross-borderPlatform
Multi-jurisdiction templates (US/CA/EU/UK), ISO 20022 native, BOI workflow, FATF Travel Rule. Lean team gets enterprise reach without enterprise headcount.
Mid-tier bankPilot
Runs alongside vendor TM as proof-of-concept. Becomes the 2LoD independent challenger model SR 26-2 expects — without buying a second commercial licence.
Tier-1 bank2LoD challenger
MRM independent re-implementation under SR 26-2 / OCC 2026-13. Deterministic re-run + hash-chained audit ledger as published guarantee — what no commercial vendor offers.
Examiner-defensible, without the vendor.
Four categories a CCO actually picks between, plotted on what 2026 enforcement scores you on — can you prove it (Y axis) and do you control it (X axis).
Vendor-locked · audit-mature
★ Defensible & independent
Cloud SaaS · SR 26-2 ML tax
Cheap · undefendable
Commercial enterpriseActimize · Oracle · SAS · ~$50M TCO
★ AML Open FrameworkApache 2.0 · deterministic re-run · audit ledger
AI-native SaaSHawk:AI · ComplyAdvantage · Feedzai
Spreadsheets + DIYmanual evidence · no replay
"Examiner-defensible" (Y axis)Y
Can you replay any historical run byte-for-byte and prove what fired, when, and against which regulation? Hash-chained audit ledger + deterministic re-run is a published guarantee — no other platform offers it as a contract.
"You control the program" (X axis)X
Who owns the rule library, the thresholds, and the audit trail? Vendor-controlled means a 9-24 month deploy + per-jurisdiction module fees + extraction friction. You-controlled means the Manifest is yours; the engine runs in your perimeter; the spec is plain text under version control.
Why we land top-right★
Apache 2.0 + deterministic re-run + hash-chained audit ledger + 5 jurisdictions with 10 bundled specs. Commercial vendors are audit-mature but vendor-locked; AI-native SaaS carries the SR 26-2 model-validation tax; spreadsheets are cheap but won't survive a regulator. This is the only point on the chart that's both.
Built on.
Honest tech stack. Pip-installable, runs in your perimeter, no cloud dependencies. The
dashboard, the REST API and the engine all share one codebase — same Manifest in,
same answers out.