§00 · Compliance Matrix

Institutional Transparency & Compliance Matrix

This page is maintained by Obzidian Elevations to describe the operating framework of the Institutional Gateway. It is not an independent certification. All downstream fulfillment, diverse-spend tracking, and regulatory reporting are executed by our verified ecosystem partners under their own audited corporate umbrella.

§01 · Data Routing

Encrypted Transmission

All intake submissions are dispatched over TLS to the destination ecosystem node, signed with a gateway routing token and a per-submission tracking identifier. No payload is persisted on the gateway beyond the duration of dispatch.

§02 · MSA Framework

Standard Master Service Agreement

Engagements proceed under a standard MSA aligned to commercially reasonable enterprise terms, with statements of work executed by the receiving ecosystem partner. The gateway itself contracts only for routing and verification.

§03 · Statutory Posture

Regulatory Perimeter

Engagements that touch regulated workloads are designed to be defensible under IRS §6001 recordkeeping, HIPAA 45 CFR §164 safeguards, SEC 17a-4 retention, and 2 CFR 200 federal uniform guidance. Confirm specific obligations with counsel.

§04 · Independent Audit

Audit Standards Placeholder

Independent audit attestations (SOC 2 Type II, ISO 27001) are held by individual ecosystem partners where applicable. Letters of attestation are available upon executed NDA via the secure intake.

Shared Responsibility

Obzidian Elevations is responsible for the integrity of the intake and routing layer. The receiving ecosystem partner is responsible for fulfillment, certifications, and regulated reporting. Customers remain responsible for the accuracy of the entity, mandate, and allocation data submitted through the intake.