Every entity in the system—person, company, account, transaction, counterparty, risk signal, evidence object, decision, case, and control—is a first-class object within a single financial crime data model. The key architectural property is temporal lineage: the platform knows not only what a customer looks like today, but also what was known at the time of onboarding, at the time of a transaction, at the time of alert closure, and at the time of SAR/STR decisioning.
Applicants, directors, authorised users, beneficial owners, settlors, protectors, trustees, signatories, controllers and related parties.
Companies, funds, SPVs, trusts, partnerships, foundations, public entities and other legal arrangements.
Direct ownership, indirect ownership, voting rights, control by other means, nominee relationships, trust roles, senior-managing-official fallback.
Multi-currency accounts, virtual IBANs, safeguarded references, wallets, payment instruments, ledger positions.
Payments, FX conversions, batch payments, internal transfers, capital calls, redemptions, settlements, treasury movements — including failed and attempted transactions.
Senders, recipients, correspondents, intermediaries, beneficiaries, merchants, wallet addresses and bank accounts.
Sanctions hits, PEP exposure, adverse media, fraud scores, device anomalies, behavioural drift, geographic risk, typology matches and model outputs.
ID documents, registry extracts, ownership charts, board resolutions, source-of-funds evidence, contracts, investigator notes, FIU correspondence.
Accept, reject, request information, freeze, hold, escalate, de-risk, file SAR/STR, no-file, close alert, reopen, senior-management approval.
The Evidence Vault is a first-class subsystem, not a document repository attached to case management. Every submitted document, registry response, screening result, risk score, transaction snapshot, investigator action and approval is recorded with a timestamp, user or service identity, source, hash and version. A regulator can reconstruct the exact customer profile, ownership graph, transaction sequence and evidence set as they existed at the time the decision was made.
Every artefact stored append-only with timestamp, identity, source, hash and version. No silent overwrites.
Every risk decision links to the data, rule version, model version, policy version and human approver used at that point in time.
Time-travel a customer profile, ownership graph or transaction sequence back to the exact moment a decision was made.
Retention is enforced by jurisdiction, entity type, relationship status, investigation status and active legal holds — not by manual purge cycles.
Case bundles export with role-based redaction, data minimisation and jurisdictional residency controls.
Append-only audit records support internal audit, external audit, regulator review and FIU requests as a single source of truth.
Every AI output in DigiDoe Financial Intelligence is evidence-linked. Every generated statement points to underlying data, document, transaction, screening hit, rule, model output or investigator note. This is the central safeguard against AI hallucination in regulated financial-crime operations — and the reason the platform can use AI aggressively without surrendering supervisory defensibility.
A cross-border corporate group applies for a DigiDoe account. The onboarding engine identifies entity type, jurisdictions, directors, authorised users, shareholders and expected payment behaviour.
Document AI extracts registry data, constitutional documents, ownership charts and board resolutions. Each artefact lands in the Evidence Vault with full lineage.
The KYB graph engine constructs the ownership/control tree, applies AMLR threshold logic and identifies UBOs — including indirect ownership and control-by-other-means.
The company, directors, UBOs, controllers, signatories and related entities are screened against sanctions, PEP and adverse-risk sources — with the full ownership-and-control logic applied.
The risk engine scores customer risk based on structure complexity, jurisdictions, business activity, payment corridors, ownership opacity, expected volumes and source-of-funds evidence.
If risk is elevated, the EDD workflow requests source-of-wealth/source-of-funds evidence and routes the case for MLRO or senior-management approval — with explicit decision rationale.
Once approved, the expected-behaviour profile becomes the baseline for transaction monitoring. Every payment is checked against expected corridors, counterparties, currencies, velocity, payment purpose and the known ownership graph.
If unusual activity occurs, an investigation case opens with all onboarding, KYB, screening, payment and behavioural evidence already attached — no manual reconstruction required.
If suspicion is confirmed, the SAR/STR module drafts a jurisdiction-specific report and evidence bundle for MLRO approval and FIU submission. The full chain is retained in the Evidence Vault for audit and regulatory review.
SSO, MFA, biometric approval for sensitive actions, privileged access management, least-privilege roles.
Encryption in transit and at rest, field-level encryption for sensitive PII, key management and tenant isolation.
Append-only audit logs, cryptographic hashes, immutable event history and exportable audit packages.
Business continuity, disaster recovery, incident logging, SLA monitoring and dependency mapping.
Maker-checker controls, MLRO approval, QA sampling, senior-management approval and restricted SAR access.
Data minimisation, purpose limitation, retention schedules, DSAR workflows and jurisdictional residency.
A technical deep-dive with our Financial Intelligence engineers and compliance architects — calibrated to your environment, your data and your regulator.