Services/Compliance Systems

Compliance Systems

Software that passes the audit before the auditors arrive.

Compliance-first engineering means making the right decisions at the schema level. Which tables contain personal information? Who can access them and under what conditions? What gets logged, and how long is it retained? When does a deletion cascade, and what does it cascade to?

These are not questions for the legal team. They are engineering questions, and they need engineering answers before the first line of application code is written.

We have designed and built compliance systems for POPIA and FSCA in South Africa, and MCOB and Consumer Duty in the UK. We understand what the regulators look for — and we design to pass that audit on the first submission.

What we deliver

Data Protection Impact Assessment (DPIA) aligned to POPIA/GDPR
Record of Processing Activities (ROPA) with database mapping
Consent management system with timestamp and versioning
Data subject rights portal (access, deletion, portability)
Audit trail covering all regulated data modifications
Annual compliance review and gap analysis

Use cases

Where this applies.

POPIA-compliant SaaS platforms

Multi-tenant platforms where each organisation's data is isolated, consent is tracked per data subject, and deletion requests cascade cleanly through the entire stack.

FCA/MCOB mortgage and lending systems

Mortgage technology that meets Consumer Duty obligations. Audit trails for affordability assessments, ESIS generation, and customer communication records.

FSCA-regulated insurance platforms

TCF compliance built into the product workflow. Audit logs on every regulated decision. Policy documents versioned and timestamped.

Compliance covered

POPIAFSCAFCAMCOBConsumer DutyGDPR alignment

Pricing

Retainer from R37,500/mo. Compliance architecture from R85,000.

Other services