Krim

Inside your walls

Sovereign by construction.Auditable by default.

KrimOS runs inside your perimeter, on-prem by preference. Data, model weights and orchestration stay behind your wall. Nothing leaves.

Where it runs

Your walls are the boundary: three ways to honour them.

One architecture, three deployments. On-prem is how regulated institutions run it; the others exist for those who want them. The guarantees never change.

Sovereign on-prem

The full stack runs inside your data centre. Data, model weights, orchestration and telemetry stay behind your perimeter. Nothing leaves.

Default

Hybrid

Data and inference stay on-prem; orchestration and updates come from the Krim cloud. The sensitive half never crosses your wall.

Managed SaaS

Fully managed inside your preferred sovereign cloud region. The same runtime, the same guarantees, run for you in-jurisdiction.

The posture

Security, built into the runtime.

Encryption, access, isolation and a sealed audit trail: the controls a regulated buyer checks first, engineered in from the start.

Encrypted end to end

Encrypted at rest and in transit across the whole stack, with no plaintext gaps.

Granular RBAC

Role-based access on every action, recorded in the trail it governs.

Customer-held keys

You hold the keys. Krim can’t read what you haven’t chosen to share.

PII isolated by tenancy

Records isolated per tenant. No shared pool, no cross-tenant leakage.

Sealed, immutable trail

Every action streams to a sealed, append-only, court-admissible record.

The law, encoded

The rules live in the runtime, and gate every action.

Each market’s sectoral law is encoded in Krim-Fabric and enforced before an action can fire, so a lender in any jurisdiction inherits the rules already in place, updated as they change without restarting the runtime.

United States

Encoded & enforced before any action

FDCPAReg FTCPAFCRAECOA / Reg BTILA / Reg ZSCRAGLBAUDAAP

The audit experience

Every action, its rule and its verdict, on one record.

Krim-Ledger streams every action, decision, prompt, output and validation to one immutable trail. An auditor can replay any decision deterministically: what happened, the policy that applied, and the validation result behind it. The record is built as the work runs, so an inspection that once meant days of reconstruction is answered the same afternoon.

One record carries

  • The action: what the co-worker did
  • The rule: the policy that applied
  • The verdict: pass · amber · fail

Pre-execution, not post-audit. The proof is recorded as the work runs.

Security standards

Designed around the standards your security team will recognise.

Our security architecture is designed around the controls and frameworks your security and compliance teams will recognise, across information security, data protection and AI governance.

SOC 2 Type II

Information security

ISO 27001

Information security

PCI DSS

Payments security

RBI Cyber Security Framework

Banking security

CERT-In

Cybersecurity

DPDP Act 2023

Data protection

IT Act 2000

Data protection

GDPR

Data protection

NIST AI RMF

AI governance

Bring your security team. Bring your regulator.

Start with an architecture, security and integration review, then see KrimOS run inside the perimeter you already defend.