For RIAs and broker-dealers

Built for the
SEC and FINRA exam

Books and records, supervisory review, marketing rule controls, and cost attribution — mapped to the rules your compliance program already operates under.

Books and Records · SEC + FINRA

Every AI interaction. Tamper-proof. Auditor-ready.

Full prompt, response, user, team, model, and timestamp on every request. Filterable by team, content category, and status. Exportable in the format your compliance team needs.

Audit Trail — Request Log
Team: All teams ▾
Content: All categories ▾
Status: All ▾
Date: Last 7 days ▾
🔍 Search prompts…
14:32:07 Investment Research j.martinez 10-K summary GPT-4 2,847 Clean
14:31:44 Client Service a.chen Email draft GPT-4o Blocked
14:31:12 Client Service s.patel Quarterly letter Claude 3,420 Review
14:30:38 Operations m.kumar Policy lookup GPT-4o 1,203 Clean
14:29:51 Compliance r.johnson WSP review Claude 4,180 Clean
Showing 5 of 14,200 interactions
← Prev Export CSV ↓ Next →
Request Inspector

Prompt

Draft a status note for client
Account: ████-████-4829
SSN: ███-██-████
Sensitive data detected — request blocked
Account number SSN
client service · gpt-4o 3 seconds ago · logged to audit trail

Supervisory Review · SEC + FINRA

Supervisory controls and marketing-rule checks at the API layer

Sensitive data caught and blocked

SSNs, account numbers, client PII, and material non-public information caught before they reach the model. Every incident logged with full context.

Supervisory queue for compliance

Flagged interactions surface in a review queue. Your CCO sees what needs eyes — not 14,200 rows of noise. Reviews tied back to user, team, and rule.

Marketing rule content checks

AI-assisted client communications scanned for performance claims, testimonials, and other marketing-rule triggers (SEC Rule 206(4)-1 for RIAs, FINRA Rule 2210 for broker-dealers). Caught before they ship.

Model and team policies

Investment Research gets GPT-4. Client Service gets Claude Haiku. Compliance gets read-only. Your WSPs, enforced.

Cost & Usage Attribution

Every dollar of AI spend, traced back to a team and a use case

Spend by team and content category

Investment Research, Client Service, Operations, Compliance — broken down by what the AI was actually used for.

Provider attribution

OpenAI, Anthropic, and more. One dashboard, one audit trail, no vendor sprawl on your invoice.

Anomaly alerts

Spend spikes, unusual usage patterns, and budget breaches surfaced in real time — no month-end surprises.

Spend by team

Feb 2026

Investment Research $1,200
Client Service $640
Operations $380
Compliance (read-only) $180
4 teams · Feb 2026 $2,400

Regulatory mapping

Mapped to the rules your firm already operates under

Each TinyFox capability ties back to a specific obligation in your compliance program. So when an examiner asks how you supervise AI, you have a real answer.

Tamper-proof audit trail Rule 204-2 (RIA) · Rule 17a-4 (BD) Rule 4511 — Books and Records
Supervisory queue Rule 206(4)-7 — Compliance Program Rule 3110 — Supervision
Marketing rule content checks Rule 206(4)-1 — Marketing Rule Rule 2210 — Communications with the Public
Sensitive data blocking (PII / MNPI) 1934 Act §10(b) / Rule 10b-5 — Insider trading Rule 2010 — Standards of Commercial Honor

Map TinyFox to your firm's compliance program

Book a 15-minute call. We'll walk through how each capability ties to the SEC and FINRA rules your CCO already operates under.

Book a Demo