Model Update Firewall
EVE is ON
Enforcement active — model updates gated before deployment
Family 5 Patent · Serial No. 64/039,660 · Safe Self-Modification

The pre-deployment compliance gate that stops your AI from committing a federal violation in real time.

Your underwriting model proposes its own updates. The regulator won’t be the one who catches the illegal one. We will — before it deploys.

Built for Chief Risk Officers, Chief Compliance Officers, and General Counsel at Tier 1 banks

Live Demo

Proposed Model Update → EVE Decision

Select a self-modification that your AI underwriting model has proposed. EVE evaluates it against ECOA / Reg B / Fair Housing Act / SR 11-7 deterministically, then returns a signed verdict before the update can deploy.

Incoming self-modification request:
Proposed Model Update SELF-MODIFICATION REQUEST 
(select a preset above)
EVE Decision AWAITING INPUT 
(awaiting evaluation)
Regulatory Impact — Citations in Play FEDERAL LAW, REGULATION, AND GUIDANCE
ECOA § 701(a)
Equal Credit Opportunity Act — 15 U.S.C. §1691
Prohibits credit discrimination on the basis of race, color, religion, national origin, sex, marital status, or age.
Reg B § 1002
Regulation B — 12 CFR Part 1002
Implements ECOA. §1002.6(b)(2) bars marital-status criteria; §1002.4 prohibits discouragement; §1002.9 mandates adverse-action notice.
FHA § 805
Fair Housing Act — 42 U.S.C. §3605
Makes it unlawful to discriminate in residential real-estate-related transactions, including home-loan underwriting and appraisal.
CFPB UDAAP
Consumer Financial Protection Act § 1031
Prohibits unfair, deceptive, or abusive acts and practices. Opaque or proxy-based underwriting decisions are enforcement targets.
OCC SR 11-7
Supervisory Guidance on Model Risk Management
Requires effective challenge, ongoing monitoring, and validation of every material change to a bank model — including self-modifications.
CFPB 2023-02
Bulletin on AI/ML Adverse Action Notices
Requires specific and accurate principal-reason disclosures even when decisions are driven by complex AI/ML models.
Disparate Impact Liability
Texas Dept. of Housing v. ICP, 576 U.S. 519 (2015)
Facially neutral inputs (zip code, census tract, surname) that correlate with protected classes create strict-scrutiny liability even without intent.
The Kill Shot

Run the same update with EVE OFF vs ON

Traditional governance is retrospective — the violation deploys, then gets caught in the next audit cycle. The Model Update Firewall is pre-deployment. Same input. Two paths.

EVE OFF — Traditional Governance Retrospective
Update applied.
Logged to audit trail.
Will be reviewed in next quarterly compliance scan.

(90 days later, CFPB Matter Requiring Attention letter arrives.)
Silent Disaster — Already In Production
EVE ON — Model Update Firewall Pre-Deployment
BLOCKED in <1ms.
Regulatory violation detected pre-deployment.
Update rejected — model unchanged.

audit_hash: 0x———
Caught Before Deployment — Zero Regulatory Exposure
The Numbers

What does a fair-lending violation actually cost?

Estimates drawn from recent CFPB consent orders, DOJ redlining settlements, and published model-risk enforcement actions. Individual bank exposure varies by portfolio size and violation scope.

Without the Firewall
$10M – $100M regulatory exposure per violating model (CFPB civil money penalties + DOJ settlements)
30 – 90 day audit window — violations accrue during the entire detection lag
Consent orders, MRAs, and matters requiring immediate attention that constrain business for years
Reputational damage — redlining headlines, class-action liability, loss of community-lender relationships
Board-level exposure under SR 11-7 — named officers on the record for model-risk failure
With the Firewall
Blocked in <1ms — deterministic pre-deployment gate, no model execution permitted
Cryptographic proof — every decision produces a signed attestation (SHA-256 + HMAC) verifiable by your auditor
Full audit trail — hash-chained lineage from proposed update to verdict, tamper-evident
Regulatory citations included in every block — direct evidence your controls are working
SR 11-7 effective challenge — demonstrable, independent, prior-to-deployment
Pricing

Three tiers. Quote-based procurement.

The Model Update Firewall is priced as insurance against a single regulatory action — not as compliance software. One prevented incident pays for a decade of service.

Pilot
$150K / yr
  • 1–2 models, single vertical
  • 1-year audit retention
  • ECOA / Reg B / FHA baseline
  • Business-hours SLA
  • 2-week integration, 1 engineer
Reserve Pilot — $5K Deposit
Core Deployment
$500K / yr
  • Unlimited models, all verticals
  • 5-year audit retention
  • + SR 11-7, CFPB Bulletin 2023-02
  • 4-hour P1 SLA
  • SaaS / on-prem / VPC
Request Quote
Enterprise
$1.5M+ / yr
  • Unlimited, multi-region
  • 7+ year retention + export API
  • + EU AI Act, custom frameworks
  • 1-hour P1, 24/7 named engineer
  • On-prem or air-gapped
Request Enterprise Quote
See Full Pricing Comparison →
You don’t have a model problem. You have a decision liability problem. We don’t monitor it — we stop it.
Schedule Governance Assessment View Patent Portfolio

Frequently Asked Questions

What is the Model Update Firewall?

A pre-deployment compliance gate that evaluates a self-modifying underwriting model's proposed update against fair-lending rules before it goes live, blocking prohibited changes in real time.

Which fair-lending regulations does it enforce?

Deterministic checks for ECOA / Regulation B, the Fair Housing Act, and FCRA, with signed evidence generated for each decision.

How is this different from post-hoc fair-lending audits?

Traditional audits find disparate impact after loans are issued. The firewall blocks a non-compliant model update before it ever scores an applicant.

Does it produce evidence for examiners?

Yes. Every gate decision is an HMAC-SHA256 signed, replayable certificate showing exactly what was blocked and why.