Integrations · sovereign connections

The systems the networks read from.

Every network is grounded in the bank's own systems, connected over MCP and on premise APIs. Reads are brokered through existing agreements and access controls; nothing is copied out of the perimeter. 7 sources are connected today.

Connected

Core banking (read replica)

Banking systems·Read replica

Read-only replica of the account, position and transaction ledger. Used for affordability checks and incident-impact scoping — never written to.

Connected

GRC / ICT risk register

Risk & governance·MCP

The bank's third-party and ICT-risk register. Feeds vendor criticality, concentration counts and outsourcing scope into the compliance networks.

Connected

Sanctions & PEP lists

Screening·REST (on premise)

On premise mirror of EU/OFAC sanctions and PEP feeds. Screened during KYC without any query leaving the perimeter.

Connected

Credit bureau (SCHUFA)

Screening·REST (on premise)

Gated bureau connector for score and negative-marker retrieval, brokered through the bank's existing agreement.

Connected

Document & policy store

Knowledge·MCP

Internal policies, outsourcing contracts, exit plans and prior audit working papers. The evidence layer behind every citation.

Connected

Regulatory corpus

Knowledge·MCP

Versioned full text of DORA, MaRisk, BAIT, EBA guidelines, CRR and IFRS 9. Every citation resolves to an exact paragraph here.

Connected

Incident & ITSM log

Operations·MCP

Operational incident timeline from the ITSM tool. Source for severity classification and regulator-notification windows.

Available

BaFin reporting portal

Regulator·REST (on premise)

Outbound connector for filing DORA major-incident reports. Human sign-off required before anything is submitted.

Connect another system

Any internal system with an MCP server or an on premise API can be added. New sources become available to the Builder immediately — no data leaves the bank.

Read-bound, access-controlled, on premise.

Connectors are read-only by default; the one outbound path (the BaFin filing) requires human sign-off. All traffic stays inside the bank's network, and every read an agent makes is written to the audit log against the run that requested it.