NEW · REPLAY LIVE: A CISO's Guide to Proving Agentic AI Governance
Watch
For Model Risk · SR 11-7
For twelve years, SR 11-7 has been a drawer full of PDFs no examiner can verify, no auditor can replay, and no model owner can quietly fix. Then AI doubled the paperwork overnight.
We turn that drawer into a living record the platform enforces — and any examiner can check for themselves.
The Conversation Every Cycle
Examiner
Show me effective challenge for the transaction-monitoring model.
You
Here’s the validation report — 142 pages.
Examiner
Show me the independent evidence across all three pillars. Is it signed? Can you reproduce the outcomes analysis exactly?
You
…we have screenshots.
Effective Challenge, Enforced
The rule has always required three independent checks. Most banks treat that as “put three sections in the report.” We treat it as a hard gate: miss one, and the model simply cannot reach approved status. There is no override.
AML Monitoring Model — Approval Gate
SR 11-7 §V.B
1
Conceptual soundness
No evidence yet
2
Ongoing monitoring
No evidence yet
3
Outcomes analysis
No evidence yet
🔒 Cannot approve — 0 of 3 pillars proven
Is it sound?
Conceptual soundness
Is the model built right for the job? Are its assumptions written down? Are its limits known?
Is it watched?
Ongoing monitoring
Is performance tracked over time? Is drift caught? Is the model re-checked as the world changes?
Does it work?
Outcomes analysis
Do the model’s answers match reality? Has it been back-tested against what actually happened?
The Examiner's First Question
Your team declares a risk level. Independently, the platform calculates its own from how much money is at stake, how complex the model is, and how much you rely on it.
When the two disagree, we don't quietly pick one. We flag it, force the reason into the record, and sign it in place. Examiners look for that disagreement first — it isn't a bug, it's the single most useful signal in the file.
Team declared
Tier 3 · Low
Platform calculated
Tier 1 · High
Recorded as
Mismatch — signed
3 of 3
Pillars Required
No
Override
Signed
Tamper-Evident
Self-Verify
By The Examiner
Why Nobody Else Can Say This
Verify bundle
Your auditor checks the proof — in a browser
1
Recompute Merkle root
Hash all per-item attestations together
2
Verify KMS signature
Public key check — anyone can run it
3
Resolve external anchor
RFC 3161 + Sigstore Rekor proof
4
Verified offline
No Trinitite account needed
Everyone else
Trinitite
Three pillars listed in a section header
Approval is refused until each pillar has real evidence behind it
The submitter picks whatever risk tier they like
The platform computes its own tier and flags every disagreement
"We promise we don’t change approved records"
A signed seal that breaks the instant a record is edited
A 142-page PDF the examiner cannot verify
A record the examiner can re-check independently in minutes
Validation evidence lives in screenshots
Evidence is bit-for-bit reproducible by an outside party
Aligned to Federal Reserve SR 11-7, OCC 2011-12, and OSFI E-23 — and it maps cleanly to EU AI Act Article 9 and the NIST AI risk framework.
Bring one model through the gate with us. See the three-pillar check, the tier disagreement flag, and the signed record an examiner can verify on their own.
Trinitite
AI governance that catches mistakes, proves compliance, and shows the board what it saved—in dollars.
Product
Solutions
© 2026 Fiscus Flows, Inc. · All rights reserved
Accessibility
The Guardian Standard™