Certification
SOC 2 Type II
Independent reporting against the AICPA trust services criteria.
Security You Can
Stake Decisions On
Six pillars
Enterprise-grade,
sovereign by default.
Security is not a feature we added. It is the architectural premise ogram was built on, because the firms we serve cannot ship AI that leaks deal data, training signal, or model weights.
01
Swiss jurisdiction
Data resides in Swiss datacenters, governed by Swiss data protection law. No transatlantic transfer, no extraterritorial subpoena exposure.
02
Tenant-level isolation
Every client firm runs in a sandboxed compute environment. No shared state, no cross-tenant context, no shared model memory.
03
End-to-end encryption
AES-256 at rest, TLS 1.3 in transit. Customer-managed keys supported for clients with sovereign key management requirements.
04
Full audit trail
Every agent action, every tool call, every document read, every inference — logged, timestamped, and cryptographically signed.
05
Least-privilege access
Role-based access control, short-lived credentials, scoped tokens per workstream. No standing admin privileges.
06
Model portability
No provider lock-in. Ship sensitive workloads to sovereign, on-premise, or frontier models depending on data sensitivity tier.
Swiss sovereign
The eight properties investment-grade work requires.
For European financial institutions, sovereign wealth funds, family offices, and regulated entities, these are not features. They are the minimum viable product. ogram is the only reliability-oriented agentic infrastructure built for this constraint from the ground up.
Fiabilité
Output you can stake decisions on.
Vérifiabilité
Every claim traceable to its source.
Traçabilité
Full audit trail of the analytical process.
Qualité
Investment-grade, not good-enough-for-a-first-draft.
Souveraineté
Data stays in Swiss jurisdiction, under Swiss law.
Portabilité
Not locked to a single model or provider.
Sécurité
Enterprise-grade for sensitive deal data.
Confidentialité
Appropriate for pre-announcement M&A work.
Compliant With
Industry Standards
Certification
ISO/IEC 27001
Information security management system controls reviewed against the standard.
European Union
GDPR
Operational handling aligned with Union-wide personal data protection requirements.
European Union
EU AI Act
Governance mapped to the Union's emerging AI risk and accountability framework.
Access
Reliability isn’t a feature.
It’s the product.
ogram is deployed in bespoke engagements with a small number of financial institutions. Request access for a briefing with the founding team.