Auditable, point-in-time financial data.
Institutions adopt AI cautiously — so we make safety a feature, not an afterthought. Every figure is point-in-time correct, traceable to a SEC filing, and served without ever touching your model or your data.
Point-in-time, not point-in-hindsight
Every fact carries the EDGAR acceptance timestamp. Query any historical date and you get exactly what was public then — restatements never leak backward. PIT filtering is enforced at the data layer, not left to the caller.
How PIT worksEvery figure traces to a filing
No number is synthesized. Each fact references the exact SEC filing it came from, so an AI answer is auditable down to the source document. The cure for financial hallucinations is provenance you can check.
Read the methodologyYour model key, encrypted end to end
In the Workspace your Anthropic, OpenAI, or OpenRouter key is sealed with AES-GCM — a 24-hour httpOnly cookie for interactive chat, plus an encrypted vault (ciphertext only, decryptable solely with a secret held outside the database) so scheduled agents can run; uncheck one box for strict zero-retention. Never logged, one-click removal. Your data and your model never train ours.
Privacy policyVerify any number yourself.
Ask an agent for a figure and it can return the lineage in the same breath — the filing, the accession number, and the acceptance timestamp behind the value. No black box.
// MCP tool: verify_fact_lineage{ "fact": "Revenue", "ticker": "AAPL", "period": "FY2024", "value": 391035000000, "as_of": "2024-11-01", "source": { "form": "10-K", "accession": "0000320193-24-000123", "accepted_at": "2024-11-01T06:01:36Z" }}How the data stays honest
Sourced straight from SEC EDGAR, standardized, and served unaltered.
As-filed. We don't restate or adjust.
Every number is exactly what the company filed. No vendor normalization that quietly rewrites history.
Survivorship-free, 1993→present.
Delisted, merged, and bankrupt entities stay in the universe — 19,000+ companies, keyed on CIK so duplicates can't occur.
Deterministic, tier-gated tools.
Agents call typed MCP tools with explicit permission scopes — not an opaque model. Same data, same answer, every call.
111M+ facts, one Bearer token.
One Stripe-issued token sets your scope and rate limits across MCP, SDK, and the Workspace — validated at the edge on every request.
Agent governance, shipped
Human-on-the-loop is not a promise — it's enforced in code. These controls run in production today.
Approval ledger (HOTL)
Higher-impact agent actions never just execute. They stage in an approval ledger, a human approves or rejects, and the decision is recorded as an immutable audit entry.
Temperature-0 runs
Managed agent runs execute at temperature 0 against a model allow-list, with wall-clock and output caps — reproducible by design, not by convention.
Destructive-tool stripping
Destructive and outward-facing tools are stripped from managed runs before the model ever sees them. The risk tier is derived from each tool's own declared behavior.
fact_id lineage
Every figure carries a fact_id that resolves to its SEC filing. verify_fact_lineage round-trips any number back to the source document in one call.
Fail-closed export gates
Data exports pass validation gates that fail closed, with an atomic two-phase publish — a bad pipeline run can never ship a partial or corrupt snapshot.
HMAC-signed downloads
Generated documents and data streams are served through short-lived, HMAC-signed download URLs — no long-lived credentials or shared secrets in links.
Reliability & your data
A 99.5% uptime target with business-hours support on paid tiers, and a zero-retention option for Enterprise. We sell access to data — never your data, and never your model.