Compliance · MCOB
MCOB-Compliant Mortgage Technology
Mortgage technology for an FCA-regulated UK lender meeting Consumer Duty obligations: audit trails on affordability, ESIS generation, and logged communications.
Case Studies / Regulated SA Fintech Platform
Regulated SA Fintech Platform
A production-grade, multi-tenant platform for a South African fintech, with POPIA built in from the schema up.
2025 · Built, deployed & owned by The Fourths
Project Tags
Platform EngineeringCompliance SystemsPOPIA
Client Summary
A South African fintech operating in a licensed, supervised market, where a data-handling failure is not a bug, it is a regulatory event.
What We Built
We designed and built a multi-tenant platform with tenant isolation, role-based access, and audit logging as first-class concerns. POPIA obligations were modelled at the database layer before a line of application code was written, so the architecture could not drift out of compliance later.
How We Approached It
Compliance-first architecture on Azure: PostgreSQL Flexible Server with row-level tenant isolation, Entra B2C for identity, Key Vault for secrets, and an append-only audit trail on every regulated data modification. Infrastructure is defined in Bicep and deployed through a repeatable pipeline, so a fresh, identical environment can be stood up on demand.
Outcome
The platform runs in production with each tenant's data provably isolated, every access logged, and a deployment process the team can run without us in the room. It is owned end to end: no hand-off tax, no orphaned prototype.
Case Studies
Related work.
Platform Engineering
Insurance Claims & Risk Platform
A multi-tenant claims and risk platform for an insurance intermediary, replacing spreadsheets with an auditable system of record on the Azure stack.
Building something similar?
Discovery calls are 30 minutes. We'll tell you if we're not the right fit.