Trust Center · Security

Security designed for regulated estate work.

RiGEL is deterministic infrastructure for estate calculations. Security is built into how data is collected, stored, processed, and audited — so advisors, enterprises, and Indigenous governance offices can trust every step.

This page is for: security, risk, compliance, and governance teams evaluating RiGEL.

Security principles that shape the platform.

RiGEL's security posture is built around deterministic logic, data minimization, and clear boundaries between roles, environments, and calculations.

Principle 1

Deterministic engine boundary

Estate math is executed inside a deterministic engine with clear input and output boundaries. No external calls change calculations at runtime, and the same inputs always generate the same outputs.

Principle 2

Data minimization

RiGEL only stores the data needed to perform estate calculations, generate audit traces, and support advisor workflows — nothing more. No data is sold or used for advertising.

Principle 3

Shared responsibility

Security is shared between RiGEL and the organizations that deploy it: we secure the platform and deterministic engine; you manage user access, internal policies, and device hygiene.

Core security controls.

From encryption to environment isolation, RiGEL's technical stack is designed to support regulated estate workflows.

Encryption in transit and at rest

All traffic is protected with modern TLS in transit. Application data is stored using encryption at rest, aligned with current industry standards.

Access control & least privilege

Role-based access patterns are designed so users only see the estates and scenarios they are permitted to see. Internal access follows least-privilege principles with audited access where applicable.

Environment separation

Development, staging, and production environments are separated. Production estate data is never used to seed development environments.

Monitoring, logging, and backups

Operational logging and monitoring are in place to detect anomalies and support incident response. Backups are taken on a regular schedule with secure storage and tested restore procedures.

Security meets deterministic compliance.

Security is not only about infrastructure — it is also about how the rules themselves are encoded, versioned, and audited.

Deterministic rules & engine

CRA/IRS rules, Section 87 logic, treaty provisions, and probate schedules are encoded into a deterministic engine. Logic changes are version-controlled and traceable, so governance teams can see exactly what rules were in effect.

Read more in Compliance Infrastructure →

Audit-ready outputs

Every scenario produces a calculation trace that can be exported, stored, and reviewed. This supports internal audits, regulator questions, and internal quality reviews.

View Legal Overview →

Need a deeper security review?

Our team can provide more detailed security documentation under NDA and work directly with your security, risk, and governance leads.

Contact Security TeamBack to Trust Center