Treaty is the document layer of the IPS infrastructure platform. The module manages the formal regulatory documentation, partner arrangements, compliance attestations, and the binding instruments that govern how IPS operates within its regulatory framework. Treaty maintains the documentary state of the company's compliance posture and provides the source of truth that the broader compliance architecture works against.
The documentary source of truth.
Operating in a regulated payments space generates substantial documentation. Partner-bank agreements, correspondente cambial arrangements, identity provider integrations, sanctions data licensing, AML programme documentation, regulatory submissions, compliance attestations, audit reports, internal policies and procedures — each of these is a document or set of documents that must be maintained, versioned, attested to, and produced on demand for regulatory review. Treaty is the layer that manages this documentary state across the platform.
The module operates as a controlled document repository with structured metadata. Each document has a known type, owner, effective date, expiry or renewal date where applicable, supersession history, and the audit trail of access and revision. Documents are not simply stored — they are managed as living regulatory artefacts whose state is tracked over time and made visible to the operational functions that depend on them.
What Treaty manages.
Treaty manages several classes of documents, organised by their function in the compliance architecture:
• Partner-bank arrangements — correspondente cambial agreements, service agreements, information-sharing arrangements, and the operational documents that govern the partner relationships.
• Regulatory documentation — the company's Compliance Memorandum, regulatory analyses, parecer documents from legal counsel, and the records of regulatory engagement.
• Compliance attestations — PCI DSS attestations, LGPD compliance documentation, AML programme certifications, and the supporting evidence that underpins each.
• Provider agreements — KYC providers, sanctions data sources, identity verification services, and the contractual frameworks that govern third-party integrations.
• Internal policies — AML and CFT policies, data protection procedures, security policies, operational runbooks, and the governing documents that direct internal practice.
• Audit and regulatory submissions — copies of reports filed with COAF, evidence packages prepared for partner-bank audit, regulatory correspondence, and the historical record of submissions.
Each class of document follows a defined lifecycle within the module: creation, review, approval, publication for internal access, periodic renewal where applicable, and archival when superseded.
How Treaty fits in the platform.
Treaty integrates with two adjacent modules to form the documentary and audit-evidence layer of the platform. Looking Glass — the compliance plane — monitors the current compliance posture against the obligations that the documents in Treaty define; the two modules share the documentary state so that compliance monitoring operates against current documented requirements. Wolf Proof — the audit anchoring infrastructure — anchors document state to the tamper-evident audit log; when a document is created, revised, or superseded, the state change is captured in the audit trail.
Together, the three modules form a complete documentary integrity system. Treaty manages the documents themselves. Looking Glass measures compliance against the obligations the documents establish. Wolf Proof provides cryptographic proof that the documents and their state have not been altered. This separation is deliberate — each module has a single clear function, and the boundaries between them are clean.
Documents accessed under appropriate controls.
Treaty enforces access controls appropriate to the sensitivity of the documents it manages. Many of the documents — partner-bank arrangements, regulatory submissions, internal policies — are not publicly accessible and are restricted to the operational functions that require them. Access is logged in the audit trail managed by Wolf Proof, supporting the audit and regulatory review obligations that apply to financial services operations.
Documents that need to be provided to partner banks, regulators, or other verified institutional parties are produced through the institutional access process. Treaty supports the production of document packages tailored to specific institutional requests — a partner bank performing due diligence, a regulator conducting an inspection, an auditor reviewing the compliance programme — with the document set scoped appropriately to the request.
Tamper-evident across the lifecycle.
The integrity of regulatory documentation matters. A compliance programme is only as credible as the documents that evidence it; if those documents could be silently altered after the fact, the compliance posture cannot be relied upon. Treaty addresses this by anchoring every document state change to the Wolf Proof audit infrastructure. Each version of each document, each access event, each disposition action is captured in the audit log and anchored cryptographically. Verifying that a document has not been altered since its original creation, or that the version produced in response to a regulatory request is the version that was approved internally, is a matter of comparing the document hash against the anchored value.
This integrity layer is not customer-facing. It operates as internal infrastructure supporting the compliance and audit functions, the partner-bank relationships, and the regulatory review processes that the company is subject to. The integrity guarantees are available to partner banks and regulators with legitimate need to verify them, through the institutional access process.
Institutional access
Technical specifications, integration guides, and architectural detail
Available to qualified counterparties — partner banks, payment infrastructure providers, and accredited compliance teams — through the institutional access process.
