Bank-safe by design. Vendor-risk-ready by default.
CreditAxis is designed for inbound review by bank vendor-risk, IT, security, audit, and counsel teams. This page summarizes the trust posture, the limitations we publish openly, and how to request the vendor readiness packet.
Core trust boundaries
Each boundary is published with its current posture and limitations.
No live PII through the public site
Public surfaces collect only name, work email, institution, role, and message. PII fields are not requested.
No autonomous external send
CreditAxis does not send automated email, autonomous outreach, or autonomous proposals. The founder is the only sender.
No autonomous credit decisioning
AI is assistive only. AI does not approve credit, price loans, close loans, or send externally.
Append-only audit ledger
Phase 0 audit ledger records governance events on an append-only basis.
Global kill switch
A global kill switch governs external action. Deactivation requires a founder-confirmation phrase.
Vendor-risk binder under counsel review
The full vendor-risk binder is provided on request. Items requiring counsel review are explicitly flagged.
Vendor-risk alignment matrix
Public-safe summary of how CreditAxis maps to bank vendor-risk review areas.
| VENDOR RISK AREA | CREDITAXIS POSTURE | EVIDENCE STATUS | LIMITATION |
|---|---|---|---|
| Access controls | Internal access is role-gated and audit-logged. | documented_internal | Independent attestation not yet completed. |
| AI governance | AI is assistive only. Humans approve all deliverables. AI cannot send, approve credit, or bypass authority. | documented_internal | AI governance attestation pending. |
| Audit logging | Append-only audit ledger with database-level enforcement. | documented_internal | Independent audit of the ledger not yet completed. |
| Business continuity | Internal BCP documented. | documented_internal | Independent BCP test not yet completed. |
| Data access boundary | No production access required for the diagnostic. Optional read-only access only for later, governed engagements. | documented_internal | Live PII not required for the diagnostic. |
| Export/deletion boundary | Customer-supplied materials can be returned or deleted at engagement close. | documented_internal | Export tooling is internal-coordinated, not self-serve. |
| Human approval | Every external-use artifact requires founder approval. | documented_internal | Approval workflow is internal-only at this stage. |
| Incident response | Internal IR plan documented. | documented_internal | Independent IR exercise not yet completed. |
| Legal artifact counsel review | Counsel review required before external execution of legal documents. | pending_counsel | MSA, DPA, NDA pending counsel for external use. |
| No live PII diagnostic path | PII is not required. Buyer may redact or synthesize materials. | documented_internal | If PII is shared, buyer controls scope and retention. |
| No production access diagnostic path | Diagnostic uses buyer-selected redacted, synthetic, or bank-approved materials only. | documented_internal | Production access is out of scope for the diagnostic. |
| Data retention | Retention defined per engagement; diagnostic retains internal findings only. | documented_internal | Customer-data retention defined per engagement. |
| Security posture | Documented internal posture. Independent third-party security certification not yet obtained. | documented_internal | No third-party security attestation or external intrusion-testing report is available at this stage. |
| Subprocessor disclosure | Subprocessor list under counsel review. | pending_counsel | Final subprocessor disclosure pending counsel. |