Skip to content

Architecture

How deeplinq is built

A four-layer architecture designed for sovereignty, auditability, and integration.

Section 1

The four layers

Each layer is independently replaceable. The whole stack runs inside the perimeter the institution already controls, with RBAC and audit trail as cross-cutting concerns.

Connector Hub
Reads and writes to your existing systems : SAP, Oracle, Salesforce, Microsoft Dynamics, Temenos, Finastra, Murex, Avaloq, document stores, MES, SCADA, custom APIs. The platform meets your stack where it is — no data migration required.
RAG Engine + Index
Semantic indexing of documents, structured data, and conversational state. Hybrid retrieval combines keyword and semantic search, with source citations on every answer the agent returns.
LLM Router + Orchestration
Routes requests to the appropriate model. Cloud APIs (OpenAI, Anthropic, Mistral, Google) where the workload allows, or self-hosted open weights (Llama, Qwen, Mistral, Gemma, Falcon) where sovereignty requires it. Model versions are pinned ; multi-LLM is the default.
Agent Orchestrator
Where business teams interact via deployed agents — scoped per team, per use case, per role. Multiple agent types coexist : relationship-manager briefing, compliance research, operations triage, executive summary.

Section 2

Cross-cutting concerns

Three concerns wrap every layer.

  • Sovereignty

    Four deployment modes : on-premise, air-gapped, your own cloud (AWS / Azure / GCP), or a deeplinq-managed multi-tenant cloud. The same platform binary runs in all four — sovereignty becomes a deployment choice, not a separate product.

  • Evidence

    Append-only audit trail. Every prompt, retrieval, model call, routing decision, and agent action is hash-chained and signed. Tampering is detectable. Exports are formatted for the regulator, the DPO, and the internal auditor.

  • RBAC

    Scoped access control by user, team, and agent. Document-level, record-level, and field-level controls. Retention, redaction, and residency travel with the access policy — one model, applied across the stack.

Section 3

Deployment modes

The same platform binary, four envelopes. Choose by data class, regulatory regime, and CISO posture.

  • On-premise

    Inside the institution's data centre. Models, vector stores, orchestration, and logs live on infrastructure the CISO already controls. For private banking, healthcare with strict residency, and public-sector workloads.

  • Air-gapped

    No external network path. Inference, retrieval, and orchestration entirely on local infrastructure. Model updates and audit exports via controlled physical transfer. For classified workloads and offline industrial environments.

  • Your own cloud

    Deploy into AWS, Azure, Google Cloud, or a sovereign-cloud region you choose. You own infrastructure, we provide platform — residency and data paths defined by your contract, not deeplinq's.

  • deeplinq-managed cloud

    For workloads where the institution's compliance posture allows a managed-platform service. Tenant isolation, encryption, and evidence-trail discipline preserved at the platform layer.

Section 4

Model agnosticism

The platform runs against the model that fits the institution's sovereignty and compliance posture. Cloud APIs for non-sensitive workloads — OpenAI, Anthropic, Mistral, Google. Open-weights models for on-premise or air-gapped deployments — Llama, Qwen, Mistral open, Gemma, Falcon. Switch per use case, per team, or per policy. Model-version pinning means the output produced today reconstructs the same reasoning twelve months later. The choice belongs to the institution, not the platform.

Section 5

Integration with existing systems

Connector categories supported out of the box. Custom connectors built per engagement when the institution's stack requires it.

  • Core banking & wealth

    Temenos, Finastra, Murex, Avaloq, Mambu, custom-built cores.

  • ERP & finance

    SAP, Oracle, Microsoft Dynamics, Workday, NetSuite.

  • CRM & customer engagement

    Salesforce, Microsoft Dynamics 365, HubSpot, custom CRMs.

  • Document & content

    SharePoint, Box, document-management systems, internal archives.

  • Operational & industrial

    MES, SCADA, AMOS, ARMS, FRMS, EFB, NMS, ticketing, change-control.

  • Custom

    Any system reachable by REST, GraphQL, ODBC, or message queue. Per-engagement scoping.

For full architecture review

We share the deeplinq architecture document, deployment-mode mapping, and integration catalogue under NDA with prospective institutional customers.

Request a technical briefing