Deterministic compliance. Zero PII to the LLM. Audit-ready from day one. ARC generates high-stakes customer documents the way your MRM, legal, and compliance teams would — if they could scale.
ARC is built around the answers.
LLMs invent citations, misstate terms, and fabricate regulatory language under pressure.
A json-logic rules engine selects every clause. The LLM only phrases pre-approved content — it never decides what goes in.
Sending customer names, balances, or SSNs to any third-party AI provider violates data-residency and privacy mandates.
The model receives logic flags and jurisdiction context only. Customer data is injected locally after generation via {{PLACEHOLDER}} tokens.
Regulators need to verify who approved what, when — and prove nothing was altered between draft and delivery.
Every audit entry is SHA-256 chained to the previous. R2 WORM archives per batch. End-to-end verifiable.
ECOA, FCRA, and provincial rules change. Templates referencing old citations ship silently for months.
Effective-dated clauses with scheduled activation. Impact analysis shows every template affected before the change goes live.
ARC splits every document into two streams. The AI sees the logic plan — regulation IDs, jurisdiction, product flags. The local injector sees the PII — name, balance, account number. They meet only at render time, inside your own runtime.
Seven stages: Trigger → Logic Engine → Content Plan → AI → Auditor → PII Injection → Delivery. The symbolic layer owns compliance. The neural layer owns voice. The seams are auditable.
Every audit entry is SHA-256 chained to the previous entry. A chain-walk endpoint verifies the full history in one call. Per-batch snapshots are archived in WORM mode. Two-person approval is enforced in code, not policy.
Built-in disparity index across intent × jurisdiction × demographic proxy. Golden Template equality proofs show identical regulatory content reached every proxy group. Every document is gated on Flesch-Kincaid readability and WCAG 2.1 AA.
A wrapper asks the LLM to pick clauses. ARC uses a deterministic Logic Engine — json-logic rules — that selects every clause before the LLM runs. The LLM phrases; it never decides compliance-critical content. Retrieval-augmented generation still lets the model hallucinate citations; ARC's hallucination guard rejects any unregistered token before delivery.
No. The model receives the logic plan only — regulation IDs, jurisdiction, product flags, relational flags. PII (names, balances, emails, household members) is injected locally after generation, inside your own runtime. The two streams meet at render time, not in the model's context window. ARC is model-agnostic; you choose the AI provider that fits your risk posture.
ARC supports per-region deployment on either Cloudflare or AWS. A data-residency binding routes AI calls and storage to the required jurisdiction. EU tenants can pin to EU-resident AI endpoints and EU-resident storage. No customer data crosses regional boundaries.
ARC ships with SR 11-7 documentation out of the box: model inventory, conceptual soundness, monitoring plan. A live diagnostics endpoint exposes audit pass rate, readability distribution, retry rate, and citation warning rate — exactly the KPIs your MRM team will ask for.
We deploy into your Cloudflare or AWS account, not ours — so your existing SOC 2 and penetration testing scope extends naturally. For managed deployments, we pair with your security team to scope attestation. Reach out for the current posture.
Clauses carry effective_from and effective_until dates. A daily cron activates scheduled changes and supersedes older ones. Before a change goes live, impact analysis shows every template and every intent affected — forcing re-approval on anything downstream.
Bring your MRM, compliance, or platform lead. We'll walk the pipeline end-to-end against your highest-risk document type — no slides, no sales deck.