Every capability your governance team needs, in one platform.
DecisionGuard spans seven disciplines — Monitor, Investigate, Configure, Governance Lab, Govern & Comply, Multi-tenancy, and Platform Ops — built around the operational realities of insurance: high-volume event streams, regulated workflows, multi-tenant isolation, and the need to defend every decision in front of an examiner.
Continuous, real-time visibility across every decision stream.
Stream-level monitoring across claims, policies, and underwriting with severity tiers (low → critical) and configurable suppression windows.
Sub-minute alert delivery with an in-app NotificationBell scoped per user, plus per-recipient digest preferences (instant / hourly / daily).
Org-level synthesis of 30 days of activity into ranked patterns, recommended focus areas, and trending anomalies.
Queue depth, time-to-resolution, leakage trends, investigator throughput, drift indicators and baselines — refreshed nightly via pg_cron.
Population baselines and live drift scoring on key features. Automated `recompute-baselines` and `recompute-drift` hooks run nightly.
Type-ahead palette across cases, alerts, entities, rules, models and reports — keyboard-first triage.
Turn signals into defensible, structured outcomes.
Promote alerts into investigations with timelines, evidence chains, comments, attachments, assignments, and SLA tracking.
Examiner-ready narratives synthesize evidence, decisions, and outcomes. Every decision exposes top contributing factors via /app/explain/$decisionId.
Dedicated lifecycle UI for claims with linked policies, exposure totals, and downstream actions.
Human-in-the-loop approvals on automated decisions. SLA breach tracking, auto-escalation, and a full Revert action that returns approved/rejected items to pending with a reason.
Approval limits by role, line of business and monetary band — enforced server-side in /app/authority.
`bulk_update_case_status` and `bulk_reassign_cases` SECURITY DEFINER functions backstop multi-select workflows with audit logging.
Persist filter combinations per user and pin them to the sidebar for one-click recall.
Operations-team owned configuration — no engineering tickets.
Build, version, and toggle detection rules. Test against historical data before activating in production.
Weight every scoring factor and pick a posture (conservative / balanced / aggressive / custom) that drives block, warn and monitor thresholds.
Codify tribal knowledge into ordered response steps that investigators attach to any case.
Stream events from upstream systems via webhooks, scheduled pulls, or the public REST API.
Submit any payload to /api/public/decisions/evaluate and see exactly how rules and AI would respond — with full reasoning trace.
Register every model with provider, version, purpose, and risk tier. Required evaluations and explicit approval before promotion.
Champion/challenger traffic, what-if simulation, and regulator-ready templates.
Route a configurable percentage of live traffic to a challenger model, or run silently in shadow mode and log per-decision agreement.
Replay historical decisions against draft weights and thresholds. Preview baseline-vs-simulated block %, warn % and agreement before promoting.
Pre-seeded SAR (FinCEN), STR (UK NCA), CTR (US) and DSAR (GDPR) templates with field schemas and narrative sections.
Per-decision champion vs challenger comparison stored for offline analysis and back-test.
Audit-grade trust built into the operational fabric.
Every status change, role grant, rule edit, override, assignment and bulk action — filterable by entity, actor, and time.
Filter-aware CSV and packaged JSON exports (with manifest) designed for examiners and reinsurers.
Draft, review, submit and archive SAR/STR/CTR/DSAR with reference numbers, jurisdictions, period windows and status workflows.
Row-level security enforced at the database layer with a `current_org_id()` helper that backs every policy. Org-scoped data never crosses tenant boundaries.
super_admin, governance_officer, investigator, analyst — granular roles enforced server-side via `has_role()` / `has_any_role()`.
Constant-time Bearer token verification on all `/api/public/hooks/*` endpoints, plus a `/api/public/healthz` watchdog returning 503 when background jobs go stale.
Run hundreds of carriers on one fabric without compromise.
Super-admin lifecycle for orgs: industry, timezone, plan, data residency, contact, suspend/resume.
Token-based invitations bind new sign-ups to the right org and role on first login via `handle_new_user()`.
Guided first-run flow plus a tenant-level checklist (invite team, connect data, tune scoring, first alert, first case) with completion tracking.
Spin up isolated child orgs for safe experimentation — visible only to the parent org.
Operate the platform with the same rigor as the workflows it governs.
Per-table windows for audit_log, decisions, alerts, shadow_predictions, intervention_queue and case_timeline — with optional archive to cold storage.
Nightly baselines, drift recompute, hourly digests, and intervention SLA sweeps. Health endpoint signals stale runs.
/api/public/decisions/evaluate for live scoring, /api/public/interventions/acknowledge for callbacks, and /api/public/hooks/* for cron and webhooks.
Categorized, searchable guides for every module — no context switching to external docs.
Edge-rendered TanStack Start on Cloudflare Workers, backed by Postgres with row-level security.
Every domain table carries `org_id`. RLS policies use a `current_org_id()` security-definer helper that resolves the caller's tenant from `profiles`. Privileged operations (bulk reassign, simulation creation, sandbox provisioning) gate on `has_any_role()`.
TanStack Start v1 on Vite 7, deployed to Cloudflare Workers. Server functions use `requireSupabaseAuth` middleware; webhook routes under `/api/public/*` verify Bearer tokens with `timingSafeEqual`.
pg_cron + pg_net call internal hooks for nightly baselines, drift recompute, hourly digest dispatch, and intervention SLA sweeps. `/api/public/healthz` returns 503 when any job hasn't run inside its window.
Lovable AI Gateway brokers Gemini and GPT models — no per-tenant key management. Every prediction is recorded against a registered model version with a risk tier and approval signature.
`audit_log`, `case_timeline`, `case_assignments_audit`, and `shadow_predictions` build a continuous trail from raw event → decision → human action → regulator submission.
Public REST: `POST /api/public/decisions/evaluate`, `POST /api/public/interventions/acknowledge`, plus signed hooks for `recompute-baselines`, `recompute-drift`, `send-digests`. Bring-your-own webhook secrets stored in `webhook_secrets`.
See it on your data.
We'll connect a sandbox tenant to your sample data and walk through detection, investigation, governance, simulation, and reporting end-to-end.