Client · In progress
BFSI MIS platform for a regulated Indian financial institution
Multi site management information system engineered from day one for RBI alignment and DPDP readiness. Foundation phase complete; Phase 2 in active development. Client redacted under NDA.
AWS Cognito · RDS Postgres + RLS · AWS Bedrock · Lambda · client side FLE
Client · In progress · 2026-04-01
The brief
A regulated Indian financial institution was running daily field performance tracking through Excel and email. Leadership needed three things at once: real time visibility across a field network rather than monthly decks, offline capture for low connectivity zones, and cryptographic assurance that personal identifying information (PII) would not transit to external systems.
The institution operates under three binding constraints: RBI oversight on outsourcing and cloud computing, prohibition on transmitting raw PII beyond the trust boundary, and a requirement that AI generated insights operate only on aggregated, de identified views.
Architecture, in principle
Three rules shaped every decision:
Zero raw PII to external APIs. The model inference layer (AWS Bedrock, in region) consumes only aggregated, tokenised, de identified views. No IAM pathway exists between the model surface and any column that contains a customer identifier.
Tenancy enforced at the database. Postgres row level security gates every read and write by tenant. The application layer cannot bypass it. A bug in middleware does not become a data breach.
Offline first capture. The mobile layer carries an encrypted local store and conflict aware sync. Branch officers in low connectivity zones complete entries without a live connection; data settles when the link returns.
What we built in Phase 1 (six weeks)
| Week | Focus | Deliverable |
|---|---|---|
| W1 | Scope, threat model, data classification | Threat model v1 |
| W2 | Schema drafting with risk review | Schema draft |
| W3 | Isolation policy and role matrix | Policy set |
| W4 | Infrastructure and identity tier | Scaffold v1 |
| W5 | Field level encryption and RBI control mapping | Policy docs v1 |
| W6 | Review and Phase 2 handoff | Review sign off |
The foundation phase artefacts (schema pack with encryption annotations, isolation policies across the full role matrix, infrastructure as code scaffold, encryption policy document, RBI control map, role matrix negative path test suite) shipped on schedule and were accepted by the client's security review.
Compliance posture
| Concern | Approach |
|---|---|
| Data residency | All primary storage, compute, and inference pinned to India regions |
| Transport security | TLS 1.3 on every API surface |
| PII at rest | Client side field level encryption before insert |
| Tenant isolation | Row level security at the database |
| Least privilege | Scoped roles across every service; no wildcards on data plane resources |
| AI data exposure | Only aggregated, de identified views through a hardened layer |
| Auditability | Full audit trail of read and write events |
Aligned to the Reserve Bank of India's outsourcing and cloud computing guidance and the Digital Personal Data Protection Act 2023.
What we cannot say yet
Phase 2 (the officer capture app, leadership dashboards, the in boundary inference layer) is in active development. Outcome metrics arrive after production deployment and client disclosure approval. Until then, the public surface is the architecture and the foundation phase artefacts. The client identity and vendor selections remain redacted under NDA; technical artefacts are available, unredacted, to qualified buyers under mutual non disclosure.
Why this is a template
We characterise this build as a template for regulated SaaS in the Indian BFSI market. The compliance posture is designed in, not bolted on. The isolation primitives are the same ones we use on the in house timetable engine and SanadEx. The same architecture is portable across other DPDP regulated verticals (healthcare, government, education) with minor sector specific adjustments.