Security & residency

Built for bank vendor review.

Compl.AI processes some of the most sensitive data a bank holds — client identities, screening results, investigation notes. This page states plainly how that data is protected. It is written for compliance officers, CISOs and vendor-risk teams.

Swiss data residency, enforced in code

Production AI inference runs on AWS infrastructure in the Zurich region (eu-central-2). This is not only a contractual commitment: the production configuration refuses to start if the AI provider or region is anything other than Swiss-resident infrastructure. A deployment that would move inference outside Switzerland fails before it serves a single request.

production guard — if llm.region != "CH": raise ResidencyViolation()

Audit trail — append-only by construction

Every screening decision writes to an append-only audit trail with hash-linked integrity, designed around FINMA AMLA Art. 7 documentation duties. Audit records cannot be deleted or rewritten — database-level triggers block it. Evidence snapshots (source data as it existed at decision time) and full AI prompt/response logs are preserved, so every verdict can be replayed and defended years later.

Access control

  • Role-based access control (admin / privileged / officer) on every endpoint.
  • Row-level security at the database layer.
  • Maker-checker approval workflow on screening actions and match annotations.
  • API access via scoped keys or short-lived signed tokens with key rotation.

Platform hardening

  • Encryption in transit (TLS) and at rest (256-bit).
  • Outbound-request allow-listing (SSRF guard) — the platform cannot be induced to call internal infrastructure.
  • Prompt-injection sanitisation on every field that reaches an AI model.
  • Rate limiting, security headers, containers running as non-root users.
  • A failed data source is surfaced as incomplete coverage — never silently reported as a clean result.

Honest coverage

A screening verdict is only as good as the sources behind it. If a sanctions list or registry could not be reached, Compl.AI marks the result incomplete and says which source failed. Absence of matches is never presented as clearance over a coverage gap.

Vendor documentation

Security documentation, subprocessor lists and completed vendor-risk questionnaires are available on request under NDA. Write to contact@complai.ch.