Every governance capability built on the immutable ledger
Each feature below maps to a specific FCA expectation and is anchored to the immutable ledger. See the FCA Handbook mapping for the rule-by-rule view.
Consumer Duty Outcome Reporting
Annual board assessment of consumer outcomes — generated from the immutable ledger in one click.
- Approval, modification and rejection rates over any reporting period
- SLA compliance and average time-to-completion across all review jobs
- Reviewer workload and coverage analysis per individual
- Document type breakdowns and previous-period comparisons
- Active control evidence (review actions, checklist items, annotations)
- A4 board-ready PDF
AI Model Registry & Drift Detection
Tag every advice record with the AI provider, version and configuration that produced it. Detect quality drift before the regulator does.
- Provider, version and configuration tagged on every record
- Per-model dashboard with usage counts and outcome breakdown
- Statistical drift detection vs a 90-day baseline
- Severity-graded alerts when a model starts misbehaving
- Per-model weekly quality timeline with CSV export
- Historical view of which model produced which advice
Bias & Fairness Monitoring
Outcome distributions across anonymised customer segments with material-divergence flags — and zero PII.
- Optional anonymised segment metadata (age band, risk profile, product type)
- Per-segment outcome rates with side-by-side comparison
- Material-divergence flags vs the dimension baseline
- Configurable absolute rejection-rate alerts
- Monthly trend lines per segment
- Exportable bias-audit CSV
Incident Response Logging
Tamper-proof structured incident lifecycle anchored to the immutable ledger.
- Structured creation: severity, category, timeline, description
- Link incidents to affected ledger records and review jobs
- Root cause analysis field
- Remediation actions with owner, due date and status workflow
- Status lifecycle anchored to the ledger as INCIDENT_LOGGED / INCIDENT_RESOLVED
- Trend dashboard, severity breakdown and CSV export
Consumer Duty Impact Assessments
Pre-deployment Consumer Duty assessment template for new AI use cases — versioned, signed off, and anchored to the ledger.
- Versioned template covering the four PRIN 2A outcomes
- Risk rating per outcome area with structured questions
- Status workflow: draft → pending sign-off → approved / rejected / superseded
- Senior sign-off enforced (lead reviewer or firm admin)
- Approval anchored to the ledger as IMPACT_ASSESSMENT_APPROVED
- Template versioning ready as guidance evolves
Chain Integrity & Tamper Recovery
Continuous chain verification with one-click recovery from the immutable S3 copy when tampering is detected.
- Per-firm chain status with last verification time and result
- Manual "Verify now" button + scheduled daily verification
- CloudWatch metric and alarm fire when any chain becomes invalid
- Field-by-field DB vs immutable-S3 diff for any flagged record
- Single-click restore from S3 (firm admin / lead reviewer only)
- CHAIN_REPAIRED ledger event written automatically
- Verification history table with manual / scheduled provenance
Independently Verifiable Certificates
Every completed review produces a tamper-proof PDF certificate with a QR code. Anyone can verify it against the chain — no Bedrock account required.
- Auto-generated PDF certificate per completed review
- QR code linking to the public verification endpoint
- Cryptographic anchor (hash, sequence number, signature)
- Public /verify endpoint — no login, no Bedrock account
- Mobile-friendly verification for clients and regulators
- Confirms advice content, reviewer identity, and decision
Vulnerability Evidence
Vulnerability flags raised on submission are immutably recorded against the advice record. The full chain — flag, routing, sign-off, resolution — is preserved as FG21/1 evidence.
- Flags aligned to the FG21/1 four drivers (health, life event, capability, resilience)
- Every routing decision recorded against the advice record
- Senior sign-off captured to the ledger as evidence
- Recent flagged cases with categories and current status
- CSV vulnerability handling report for board / regulator
- Routing happens via Principal
SLA Audit Trail
Every SLA breach is immutably recorded as an SLA_BREACHED event with the reviewer, job and timestamp. Operational evidence the regulator can audit, not a metric you have to trust.
- SLA_BREACHED ledger events written automatically on breach
- Escalation events captured as part of the audit trail
- Full operational history per reviewer and per firm
- Webhook notifications for escalations and breaches
- Timers and escalation logic live in Principal
Explainability Report Export
One-click reasoning chain export per advice record — board-ready PDF for regulatory inquiries.
- Submission → review actions → decision → certificate
- Reviewer annotations and rationale captured verbatim
- Modification description and rejection reason
- Checklist completion: which items, by whom, when
- Cryptographic anchor (chain hash, sequence number, previous hash)
- Batch export by client reference
- Engagement metrics sourced from Principal review actions
See how each feature maps to its FCA rule
Every feature on this page is anchored to a specific regulatory expectation. Read the rule-by-rule mapping for the full picture.