Clean-room posture
- Local-first ingestion: broker / custody exports parse in the user’s browser.
- Stateless inference: AI requests are processed without per-user server persistence.
- Partner/customer PII is not warehoused by Pocket Portfolio services.
Tier 1 Design Partnership Program
The Sovereign Design Partnership Program (Tier 1).
A clean-room design partnership for Finance, Defense, and Healthcare — reduce audit perimeter by keeping customer data local, and prove value via stateless metering.
Primary outcome
Audit perimeter reduction — by architecture, not policy
This surface is intentionally dense. It is written for CTO, Security, and Compliance leaders who need to reduce critical third-party scope under EU DORA / GDPR by limiting data custody.
Regulated vertical focus
Finance · Defense · Healthcare. The program is designed for environments where institutional trust and audit scope are the gating constraints.
Canonical claim
Limited-Scope Processor
A limited-scope processor architecture: broker data parses in-browser, never warehouses server-side, and AI inference runs stateless — minimising the per-user data footprint by design.
PPI-METER/1
Stateless metering (usage without data custody)
A Tier 1 partner needs billing, quotas, and governance without expanding audit scope. We meter capability usage without ingesting partner/customer PII.
PPI-METER/1 Inputs: capability_id, event_type, timestamp, tenant_id, sku_id Constraints: - no raw portfolio payloads - no customer identifiers - no PII fields (name/email/address/account numbers) Output: counters for billing + governance (aggregate only)
Regulatory posture
EU DORA narrative: shrink the oversight surface
Target posture: reduce partner oversight + exit-plan complexity by keeping customer data local and limiting third-party processing scope. DORA classification (critical vs non-critical ICT third party) remains a partner risk decision — our architecture is built to keep you on the non-critical side where feasible.
Escalation path
Start at the public challenge hub, then escalate to the seed governance board. Tier 1 engagement is verified without collecting portfolio/trade payloads.