VeriTender is engineered for the evidence standard of audit chambers, donor agencies, and regulated enterprises. Compliance is a design property of the data model, not a retroactive bolt-on. Status is honest — what's certified, what's in audit, what's planned.
Five frameworks define VeriTender's compliance perimeter. Each one is shown with its current operational status — no aspirational claims, no future-tense badges.
VeriTender's bidder collusion scoring qualifies as a high-risk AI system under Annex III §5(b) — essential public services that can deny or limit a person's or entity's ability to benefit from a fundamental aspect of social participation (access to public procurement). We accept that classification and operate accordingly.
Article 9 — Risk Management System. A continuous, iterative RMS is documented and reviewed quarterly. Risk identification covers spec-audit accuracy, collusion-pattern false-positive rate, language-translation drift, and adversarial inputs (manipulated bid documents).
Article 12 — Logging. Every model invocation, every analyst review, every flag is hash-chained into an append-only audit log enforced at the database trigger layer. Logs are exportable as a signed evidence pack admissible in formal disputes.
Every flag carries a SHAP-style top-features list plus a human-readable rationale generated by an LLM under deterministic prompt. The rationale references the specific evidence (document ID, computed metric, comparator cohort). A regulator inspecting any flag can trace exactly why VeriTender raised it.
Annex IV technical documentation pack is included in the Cloud Annual and On-Premises tiers.
VeriTender processes public-record procurement data as the primary data type — tenders, awards, bidder corporate identities. Personal data of natural persons is minimised: only what the source authority published is retained. No enrichment from third-party people-data brokers.
When a customer is the data controller (e.g., a regulator analysing bidders), a Data Processing Agreement (DPA) is signed before any tenant-scoped data flows. EM Consulting is the processor. Subprocessors: Hetzner (Germany, EU-resident hosting), Anthropic (US, model inference under EU SCCs).
Standard DPA template available on request. Schrems II review completed Q1 2026.
We are in active audit for ISO 27001:2022 certification with target completion Q4 2026. The Statement of Applicability covers 93 of 114 Annex A controls — the remainder are excluded with documented justification (e.g., we do not run a physical data centre).
Operational controls already in effect: encryption at rest (AES-256), encryption in transit (TLS 1.3), least-privilege access via SSO + MFA, quarterly access reviews, immutable backups with 30-day retention, incident response runbook with 4h response SLA.
Pre-audit gap analysis complete. Customers under Cloud Annual tier can request the current SoA under NDA.
VeriTender's seven collusion patterns map directly to the red-flag taxonomy in the OECD Foreign Bribery Report and the OECD Guidelines for Fighting Bid Rigging in Public Procurement. Rotational bidding, complementary pricing, market division, bid suppression — each pattern is detected with at least one quantitative signal and at least one corroborating signal (UBO overlap, shared infrastructure, document-metadata leak).
Mapping document available under NDA — useful for donor agencies preparing anti-corruption diligence frameworks.
SOC 2 Type II audit is planned for 2027 following ISO 27001 certification. The control framework is drafted under the AICPA Trust Services Criteria (Security, Availability, Confidentiality). We chose ISO 27001 first because European institutional buyers prefer the ISO framework; SOC 2 will be added for US donor and enterprise customers.
Customers requiring SOC 2 Type II evidence today can rely on the in-effect ISO controls + an attestation letter from our principal.
All customer data is stored in Germany (Hetzner Frankfurt and Falkenstein). No data leaves the EU at rest. Model inference for translation and rationale generation transits to Anthropic (US) under EU Standard Contractual Clauses; the input is minimised to the tender text being processed — no tenant identifiers, no bidder PII.
On-Premises tier deploys VeriTender inside the customer's perimeter (sovereignty-sensitive deployments). Customer-managed encryption keys (CMEK) supported. Air-gapped deployment available — model inference runs locally on a smaller fine-tuned model.
Subprocessor list, SCC contracts, and infrastructure architecture diagrams provided to institutional buyers during procurement due diligence.
Procurement teams evaluating VeriTender for institutional onboarding can request the full compliance pack — Annex IV documentation, DPA template, ISO 27001 Statement of Applicability, subprocessor list, and SCC contracts — under mutual NDA.
Request the compliance pack →