For IndividualsFor InstitutionsHow Aaim WorksRequest Access
Contact Us
Badge
Compliance and Standards at Aaim

Aaim's Compliance, Privacy and Security Standards

A Responsible, Explainable, and Compliant Approach to the Future of Finance in an AI-forward World

At Aaim, we understand that trust and security are paramount in the financial industry. We are committed to upholding the highest standards of regulatory compliance and data protection to ensure the safety and integrity of our platform and the information it processes.  We adhere to a variety of industry-leading standards and protocols, and are actively establishing patent and trademark protection around our unique intellectual property, to ensure the security, reliability, and efficiency of our operations.

Core Innovations

Aaim's commitment to security and compliance is underscored by our core technology innovations, for which we are establishing patent and trademark protection rights:

  • Quantum Verify™ and QVToken™ System: This system provides secure digital identity and compliance verification, enables multi-party succession planning, automates regulatory validation, and ensures privacy-preserving verification.
  • ReferenceModel™ Protocol: This protocol standardizes asset classification, ensures consistent valuation methodology, automates compliance checks, and provides cross-border compatibility.
  • SocketCloud™ Orchestration Framework: This framework ensures secure and scalable infrastructure for distributed state synchronization, a peer-to-peer service mesh, and a Byzantine fault-tolerant consensus mechanism far exceeding typical platform uptime and reliability standards in banking and finance.

Our Compliance Framework

Aaim's regulatory assurance framework combines established banking compliance practices with innovative technology to create a secure and compliant platform for asset-based lending. Our architecture is designed to integrate seamlessly with existing financial institution (FI) compliance frameworks, while adding additional layers of security and privacy protection.

Key Components for Financial Institutions

  • Financial Institution Integration:
    • KYC/CIP Delegation: We leverage the existing relationships of primary FIs with their customers for identity verification.
    • BSA/AML Compliance: Our systems integrate with the existing Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) compliance frameworks of financial institutions. This includes adherence to FinCEN regulations and guidance.
    • Authentication: We utilize FI-based authentication to ensure secure and verified access to the Aaim platform.
    • Regulatory Alignment: Aaim maintains compliance through established banking channels.
  • Privacy & Data Protection:
    • Minimal Data Storage: We minimize the exposure of Personally Identifiable Information (PII) by using the FI UUID as the primary identifier.
    • Quantum-Resistant Security: Aaim implements future-proof encryption through QuantumVerify to protect data against evolving threats.
    • Zero-Knowledge Proofs: Our technology enables verification without exposing sensitive data.
    • Regulatory Coverage: Aaim complies with relevant data protection regulations, including the Gramm-Leach-Bliley Act (GLBA) and the California Consumer Privacy Act (CCPA).
  • Risk Management & Monitoring:
    • Real-Time Validation: We continuously monitor asset values and exposures to ensure accuracy and mitigate risk.
    • Automated Controls: Our platform enforces institution-wide and regulatory-bound limits and risk thresholds through automated controls backstopping institutional administration-set preferences.
    • Custodial Verification: We integrate with qualified custodians for independent asset validation.
    • Policy Automation: Rule-based enforcement of compliance requirements.
  • Audit & Documentation:
    • Immutable Audit Trail: Aaim maintains a complete log of all system actions and changes for auditing purposes.
    • Forensic Capabilities: We provide comprehensive tools for investigation and analysis.
    • Regulatory Reporting: Our platform automates the generation of required regulatory reports.
    • Evidence Preservation: We maintain a chain of custody for all transactions to ensure their integrity.

Compliance with Industry Standards

Aaim is committed to adhering to industry-leading standards and protocols to ensure the security, reliability, and efficiency of our operations. These include but are not limited to:

  • SOC 2: We leverage DRATA to continuously monitor and attest to our SOC 2 compliance, ensuring adherence to stringent controls related to security, availability, processing integrity, confidentiality, and privacy.
  • ISO 20022: Our platform incorporates ISO 20022 standards to facilitate seamless and standardized communication in the financial industry.  Aaim's ReferenceModel protocol is designed to align its data definitions (e.g., party identifiers, account info, transaction details) with ISO 20022’s dictionary and extends it by adding new message components for emerging assets while staying compatible with the core standard.
  • FIX Protocol: We utilize the FIX Protocol for efficient and reliable electronic communication of trade-related information. We extend FIX with ReferenceModel to provide mappings between its internal data structures and FIX message formats (e.g., orders, quotes, trade confirmations). By adopting FIX field conventions and message types, ReferenceModel can plug into existing trading systems and regulatory reporting pipelines without custom interfaces.
  • FpML (Financial Products Markup Language): ReferenceModel incorporates FpML schemas for any complex derivatives instruments in its ontology. Adapters translate ReferenceModel data to FpML XML for communication with clearing houses or between institutions.
  • XBRL (eXtensible Business Reporting Language): ReferenceModel embeds XBRL taxonomy references for financial statement data and regulatory reports. By aligning with XBRL’s semantics, ReferenceModel’s data is more interoperable and machine-readable for analytics.
  • Open Banking APIs: ReferenceModel offers an Open Banking-compatible API layer so that retail banking data can flow in and out easily. By adopting the resource structure of Open Banking and aligning with its security (OAuth, encryption), ReferenceModel maintains compliance with data privacy regulations and enables integration.
  • ISO 27001: We adhere to ISO 27001 standards for information security management.
  • NIST Guidelines: We follow NIST guidelines for encryption and other security best practices.
  • BCBS 239: We align with BCBS 239 for risk data aggregation, which requires accuracy, timeliness, and auditability of risk data.
  • SR 11-7: We adhere to model risk management guidelines, including SR 11-7 in the US, for any AI-driven risk outputs.

Regulatory Compliance and Adherence

Aaim adheres to a wide range of regulations, including:

  • Bank Secrecy Act (BSA), including compliance with FinCEN regulations and guidance
  • Anti-Money Laundering (AML), including adherence to sanctions lists and blacklists as mandated by FinCEN
  • Regulation U (Federal Reserve Board) - governing loans by banks for the purpose of purchasing or carrying margin stock
  • Regulation Y (Federal Reserve Board) - governing bank holding companies and their nonbanking activities
  • SEC regulations related to disclosures and risk management in securities-based lending and custody
  • OCC regulations and guidance on custody services
  • Relevant sections of the Uniform Commercial Code (UCC) governing secured transactions and custody arrangements
  • Truth in Lending Act (TILA) and other consumer protection laws
  • Gramm-Leach-Bliley Act (GLBA)
  • Consumer privacy regulations

Consumer Protection and Privacy Scope

Our compliance and privacy standards encompass several key areas:

  • Customer identification
  • Transaction monitoring
  • Sanctions screening
  • Privacy protection
  • Risk management
  • Regulatory reporting
  • Please refer to our Privacy Policy and Terms of Use pages for more details

Contact Us

For more detailed information about our compliance mechanisms or regulatory coverage, please contact our compliance team at finops@aaim.com

Aaim enables regulated financial institutions to supercharge lending.

engage@aaim.app
99 Wall Street, Suite 1610
New York, NY 10005
(212) 931-6500
Aaim Horizon, Aaim Frontier, Aaim Transport are ©2023-2025 Aaim, Inc.
Aaim is not a lender; we are an asset intelligence, monitoring and analytics company. Always do your own research and know your counterparty risk.
Compliance
Privacy Policy
Terms of Use