The Loci Platform

One platform. Every decision explained.

Loci monitors the entire customer journey in one place: onboarding, login, payments, and screening. Built from the ground up so every score decomposes into named signals, and every action leaves an evidence trail.

benchmarked 21–49ms p95 decisions benchmark: 500 events/sec on 6 vCPUs 100% of decisions explained
Architecture

Every layer feeds the next.

Signals become decisions, decisions become cases, and analyst feedback flows back into better models, with governed human approval for production changes.

Cases & Investigation alerts · queues · evidence
Decision Engine + FLM Models real-time decisions · explanations
Autographer Discovery pattern mining · evidence canvas
AccessGate Intelligence device · behavior · location · AML
Real-Time Event Fabric API · streams · reference data
21–49ms
benchmark p95 decision latency
60-day
History window per decision
6+
Watchlists, updated daily
The Components

Six parts, one operating loop.

Decision Engine · MADIE

Real-time decisions with the reasoning attached.

Loci's decision engine (MADIE) evaluates every active model against each event and returns the decision, fraud score, and each signal's contribution. Policy precedence is explicit: decline actions, then critical signals, then score thresholds. Benchmarked at 21–49ms p95 over a 60-day history window.

API Reference
One decision · two views
{
    "decision": "review",
    "fraud_score": 47,
    "latency_ms": 38,
    "explanations": [
        {
            "rule": "LIFECYCLE_COMPOSITE_001",
            "contribution": 9.65,
            "reason": "Lifecycle anomaly
                detected."
        },
        {
            "rule": "High Amount Withdrawal Check",
            "contribution": 6.95,
            "reason": "Amount is
                suspiciously high."
        }
    ],
    "policy": { "thresholds":
        { "review": 35, "decline": 75 } }
}
Loci transaction decision detail showing a flagged USD transfer with risk score, review and decline thresholds, triggered signals, and a plain-language decision explanation
API response Console view

Drag the handle: the same decision as your analysts see it, and as your systems receive it.

FLM · Fraud Language Model

Describe the risk. Get a working model.

Analysts describe what risky looks like in plain language. FLM turns the description into a weighted, versioned detection model: signals that accumulate toward a decision, not brittle if-then logic. Production-bound models can be shadow-tested against live traffic before going active.

See it live
You write
FLM generates
Detect multiple outbound transfers when a
customer makes more than 10 transfers within
1 hour, because this velocity pattern is
consistent with account takeover.

Flag as HIGH risk signal.
{
    "name": "Outbound transfer velocity",
    "weight": 4,
    "operations": [
        { "type": "aggregation",
          "name": "count_1h_by_entity",
          "operator": ">", "value": 10 },
        { "type": "comparison",
          "left": "direction",
          "operator": "=", "right": "OUTBOUND" }
    ],
    "status": "shadow_test"
}
Loci Console · Visual model builder
Loci visual model builder showing a structuring fan-out detection model with aggregation and comparison nodes, weighted scoring, and a plain-language model description Hover to explore

A structuring fan-out model on the canvas: three signal groups, weighted scoring, one threshold.

Autographer · Discovery Engine

Controls mined from your own data.

Autographer mines historical data for the patterns your models miss and drafts evidence-scored candidate controls, each with estimated capture and alert load shown before shadow testing. A generation guard proofreads every draft against its evidence.

Explore Autographer
Autographer · Evidence Canvas
Autographer Evidence Canvas showing a candidate fraud control with canonical predicates, confidence score, outcome reconciliation, and governance exits including shadow test and model editor

A candidate control traced to its evidence, with governance exits and outcome reconciliation.

AccessGate · Behavioral Intelligence

Continuous trust, not one-time checks.

AccessGate fuses network, device, session, and behavioral evidence into one glass-box risk decision at sensitive steps such as signup, login, payments, and profile changes. It is designed for low-latency, edge-adjacent decisions; exact response time depends on deployment and configured integrations.

Explore Behavioral Intelligence
Session Verdict
{
    "decision": "review",
    "action": "challenge",
    "risk_score": 82,
    "signals": [
        { "name": "behavioral_biometrics",
          "detail": "typing cadence off baseline" },
        { "name": "network_reputation",
          "detail": "datacenter ASN, new to account" }
    ],
    "session_token": "sct_91ab…"
}
AccessGate AML · Screening

Screening that finds the indirect exposure.

Sanctions and PEP screening against 6+ global watchlists updated daily, including OFAC, UN, EU, and UK lists. Relationship detection flags customers connected to sanctioned entities, not just direct name matches, and every hit carries citations.

API Reference
Screening Hit
{
    "match_type": "relationship",
    "lists": ["OFAC", "EU"],
    "connection": "director of sanctioned entity",
    "citations": 3,
    "queue": "relationship_review"
}
Cases & Alerts · Investigation

Investigations that start with context.

Alert queues and case workflows link evidence across transactions, and when enabled, sessions, devices, and screening results. Analysts open a case with the decision explanation, the entity's history, and the related network already assembled.

See a live investigation
Case Record
{
    "case_id": "CASE-20481",
    "status": "OPEN",
    "linked_evidence": {
        "transactions": 7,
        "sessions": 3,
        "devices": 2,
        "screening_hits": 1
    },
    "lineage": "complete",
    "assigned": "fraud_ops_queue"
}
Benchmarked
<0ms
benchmark p95 decision latency
0
Sustained throughput on 6 vCPUs
0
History window per decision
0
Transactions per entity, in-line
Governance & Control

Built for institutions that answer to regulators.

Production changes are designed for human approval, and the material workflow history is recorded.

Shadow mode & staged rollout

Every new model runs observe-only against live traffic first. Promotion follows a staged path: observe, advise, enforce.

Versioned models & approvals

Models are versioned with a governed lifecycle. Who changed what, when, and why is always answerable.

Tunable per action

Risk weights and decision thresholds are tunable per organization and per action type. A payment is treated more strictly than a login.

Full audit lineage

Decisions, signals, evidence, and approvals are persisted. Audit requests become queries, not projects.

Multi-tenant isolation

Every request is bound to an authenticated organization. No tenant can read or influence another tenant's data or decisions.

Privacy & data rights

Per-user export and delete paths span the full data footprint, scoped to the requesting institution.

Infrastructure, Not Just SaaS

Run it in your cloud. Or ours.

Unlike hosted-only platforms, Loci ships as infrastructure your institution can deploy. Start SaaS to prove value, then move the same platform into your own cloud account, VPC, or data center when residency or policy requires. The API contract doesn't change.

SaaS
Fastest start

Loci hosts the production environment; you integrate through secured APIs. Live in days, ideal for proving value.

Your cloud / VPC
Data never leaves

The platform runs inside your own cloud account or VPC. Customer and decision data stays in your environment, under your controls, in your region.

On-premise
Full control

Dedicated deployment for institutions with strict residency or infrastructure mandates. Same platform, same API, your metal.

Get Started

See the whole platform on your own data.

A 30-minute walkthrough: live decisions, model authoring, discovery, and investigation, end to end.