NIC Trust Center
Nuvint Intelligence Core is a multi-tenant AI operating layer for lenders and risk teams that turns fragmented loan documents, servicing data, and workflow events into searchable evidence, governed automation, citation-backed answers, and examiner-ready operating controls.
This public page combines the product summary buyers need with the security, architecture, identity, and operational-control posture required for diligence.
Last updated: 2026-04-19 | Source: runtime_configuration0 Software Overview
Unifies loan files, memos, conversations, and decision artifacts into a tenant-scoped system of record for retrieval, review, and operational AI workflows.
Banks, credit unions, private lenders, servicers, and risk operators that need faster due diligence, cleaner exception management, governed automation, and defensible AI-assisted decision support.
NIC reduces manual file review, preserves evidence trails, and keeps automation bounded by role-based access, tenant isolation, enterprise auth controls, and audit visibility.
1 Security Overview
- Encryption in transit: Yes
- Encryption at rest: Yes
- Tenant isolation: Yes
- RBAC enabled: Yes
- Audit logging enabled: Yes
- Retention policy engine: Yes
- Connector KMS provider: local
2 Compliance Roadmap
in_progress.
planned.
future.
3 Architecture Overview
- Multi-tenant isolation: Yes
- Control-plane separation: Yes
- Evidence-first design: Yes
4 Operational Assurance
- LOS soak gate closed: Yes
- Enterprise OIDC supported: Yes
- SAML supported: Yes
- SCIM supported: Yes
- Access review workflows: Yes
- Auth operations alerting: Yes
- Environment drift checks: Yes
5 Data Handling
- Data residency region: us-east-1
- Data deletion SLA (days): 30
- Retention policy configurable: Yes
- Tenant-scoped storage: Yes
6 Access Control
- Role-based permissions: admin, member, viewer, auditor, platform_admin
- Mode-based UX separation: admin, business, auditor
- Least privilege guidance: Yes
7 Incident Response Summary
Operational alerts, connector failures, and audit anomaly signals.
Containment, investigation, remediation, access review, and tenant impact review.
Customer communication based on severity and contractual obligations.
8 Vendor Risk FAQ
Enterprise OIDC and SAML SSO are supported, with tenant-scoped role mapping and manual-role preservation controls.
Status: configuredTenant-scoped SCIM user and group provisioning is supported for enterprise onboarding and lifecycle management.
Status: yesTenant-scoped audit logs capture access, ingestion, governance, workflow, and auth-operations actions.
Status: yesDeployment region is configured as 'us-east-1'.
Status: yesData at rest uses platform-managed encryption controls.
Status: yes9 Evidence Links
- KMS Rotation Runbook (runbook)
10 Attestation
This profile is configuration-derived and does not itself certify external compliance.11 Vendor Questionnaire Accelerators
SIG Lite Pre-Answers
Tenant-scoped isolation is enforced across retrieval, storage, and audit boundaries.
Status: readyYes. Tenant-scoped audit trails and export packs are available for compliance workflows.
Status: readyEncryption is enabled in transit and at rest with environment-configured key management.
Status: readyCAIQ Mapping
Application & Interface Security
Status: mappedLogging & Monitoring
Status: mappedEncryption & Key Management
Status: mappedData Flow Summary
Nodes: 5 | Flows: 4documents, transcripts, metadata
parsed text, chunks, audit metadata
tenant-scoped retrieval context
answers, citations, exports
Subprocessors
Model Inference
Reasoning and summarization tasks where enabled by tenant policy.Region: Configurable by deployment | Status: active