Skip to content
Architecture

How deeplinq is built

A four-layer architecture designed for sovereignty, auditability, and integration.

Platform architecture

One engine. Every path runs through it.

Apps, agents and partners never reach your data or models directly. Every request passes through one headless engine. That's the single point where access, spend and audit policies are enforced, not just declared.

Users

Customers & team

People
Apps · deeplinq

Chatbots

Teams · Slack · WhatsApp · Web

CRM

Salesforce · Dynamics 365 · …

AML

KYC screening

deeplinq

Agents

Autonomous reasoning

Internal

deeplinq Core

Projects · Spaces · Assistants · Academy

deeplinq

deeplinq CLI

Direct HTTP API

External

Partners

Build on the SDK or API

deeplinq Engine

headless engine
GovernanceBuilt by deeplinqMarket

Exposes a REST + gRPC API

gRPC preferredreached via the embedded SDK, or directly over HTTP
Control plane · governanceevery request is checked before it runs

Identity

Who is asking

Policies & ACLs

Who can touch what

Guardrails

In/out safety checks

Approvals

Human in the loop

Audit trails

Proof of every call

Token usage & caps

Metered, hard limits

Data plane

Connectors

MCPs · Email · SMS · …

Datasets

Organized collections

Ingestion

deeplinq Sidecar

Relational DB

Structured data

Vector DB

Embeddings

Search DB

Full-text index

Workflow Engine

Orchestration

Infrastructure

Runs on

Self-hosted

On-prem LLM

Private cloud

LLM in your VPC

Public cloud

Managed LLM

Data

Your datawhat the engine connects to

Files

Docs · PDFs · media

Internal & public websites

Crawled & synced

Governance (control plane)Built by deeplinqPartnersYour dataYour infrastructureMarket components
The governance question

What "AI governance" actually means

It's one word that hides three pretty different things. Only the last one is something you can build into a product, and it's the part deeplinq owns.

Context

01 · Societal & regulatory

The Macro Layer

The big "should AI even be allowed to do this" debate: the EU AI Act, risk tiers, safety evals, who's liable when something goes wrong. It matters a lot, but it's decided by regulators and society. It isn't something you ship in code.

Policy

02 · Organizational

The Policy Layer

Your own rules: who's allowed to use which model, on what data, for which purpose, and who's accountable for it. This part is real, but most of the time it lives in a slide deck or a policy doc that nobody can actually enforce.

Where deeplinq lives

03 · Technical & runtime

The Enforcement Layer

The mechanical part. Every single call the AI makes gets checked, allowed or blocked, attributed to someone, metered and logged, right when it happens. Not pieced back together in an audit three months later. This is the part deeplinq actually is.

The honest test: can the AI do something your policy forbids?

If it can, you've got a policy, not governance. If it can't, you've got governance. Because every request has to go through the engine, with deeplinq the answer is simply that it can't.

The four layers

Each layer is independently replaceable. The whole stack runs inside the perimeter the institution already controls, with RBAC and audit trail as cross-cutting concerns.

Connector Hub
Reads and writes to your existing systems : SAP, Oracle, Salesforce, Microsoft Dynamics, Temenos, Finastra, Murex, Avaloq, document stores, MES, SCADA, custom APIs. The platform meets your stack where it is — no data migration required.
RAG Engine + Index
Semantic indexing of documents, structured data, and conversational state. Hybrid retrieval combines keyword and semantic search, with source citations on every answer the agent returns.
LLM Router + Orchestration
Routes requests to the appropriate model. Cloud APIs (OpenAI, Anthropic, Mistral, Google) where the workload allows, or self-hosted open weights (Llama, Qwen, Mistral, Gemma, Falcon) where sovereignty requires it. Model versions are pinned ; multi-LLM is the default. Every call routes through one governed gateway — metered, audited, policy-enforced.
Agent Orchestrator
Where business teams interact via deployed agents — scoped per team, per use case, per role. Multiple agent types coexist : relationship-manager briefing, compliance research, operations triage, executive summary.
Build view

The same system, composed.

The layers above are the runtime view — how deeplinq governs. The build view is how you compose what ships: four primitives — Connectors, Agents, Apps, and Channels — built with one published SDK on the same public wire deeplinq's own teams use.

  • Connectors
  • Agents
  • Apps
  • Channels
Explore the platform →

Cross-cutting concerns

Three concerns wrap every layer.

  • Sovereignty

    Four deployment modes : on-premise, air-gapped, your own cloud (AWS / Azure / GCP), or a deeplinq-managed multi-tenant cloud. The same platform binary runs in all four — sovereignty becomes a deployment choice, not a separate product.

  • Evidence

    Append-only audit trail. Every prompt, retrieval, model call, routing decision, and agent action is hash-chained and signed. Tampering is detectable. Exports are formatted for the regulator, the DPO, and the internal auditor.

  • RBAC

    Scoped access control by user, team, and agent. Document-level, record-level, and field-level controls. Retention, redaction, and residency travel with the access policy — one model, applied across the stack.

Deployment modes

The same platform binary, four envelopes. Choose by data class, regulatory regime, and CISO posture.

  • On-premise

    Inside the institution's data centre. Models, vector stores, orchestration, and logs live on infrastructure the CISO already controls. For private banking, healthcare with strict residency, and public-sector workloads.

  • Air-gapped

    No external network path. Inference, retrieval, and orchestration entirely on local infrastructure. Model updates and audit exports via controlled physical transfer. For classified workloads and offline industrial environments.

  • Your own cloud

    Deploy into AWS, Azure, Google Cloud, or a sovereign-cloud region you choose. You own infrastructure, we provide platform — residency and data paths defined by your contract, not deeplinq's.

  • deeplinq-managed cloud

    For workloads where the institution's compliance posture allows a managed-platform service. Tenant isolation, encryption, and evidence-trail discipline preserved at the platform layer.

Model agnosticism

The platform runs against the model that fits the institution's sovereignty and compliance posture. Cloud APIs for non-sensitive workloads — OpenAI, Anthropic, Mistral, Google. Open-weights models for on-premise or air-gapped deployments — Llama, Qwen, Mistral open, Gemma, Falcon. Switch per use case, per team, or per policy. Model-version pinning means the output produced today reconstructs the same reasoning twelve months later. The choice belongs to the institution, not the platform.

Integration with existing systems

Connector categories supported out of the box. Custom connectors built per engagement when the institution's stack requires it.

  • Core banking & wealth

    Temenos, Finastra, Murex, Avaloq, Mambu, custom-built cores.

  • ERP & finance

    SAP, Oracle, Microsoft Dynamics, Workday, NetSuite.

  • CRM & customer engagement

    Salesforce, Microsoft Dynamics 365, HubSpot, custom CRMs.

  • Document & content

    SharePoint, Box, document-management systems, internal archives.

  • Operational & industrial

    MES, SCADA, AMOS, ARMS, FRMS, EFB, NMS, ticketing, change-control.

  • Messaging & channels

    WhatsApp Business API, SMS (Twilio), email (Gmail, Microsoft 365 Graph), web, CLI — bound one-to-one to an app.

  • Search, vector & transcription

    Milvus, Qdrant, Azure AI Search, OpenSearch, Typesense; two-stage rerank; transcription via Whisper.

  • Custom

    Any system reachable by REST, GraphQL, ODBC, or message queue. Per-engagement scoping.

For full architecture review

We share the deeplinq architecture document, deployment-mode mapping, and integration catalogue under NDA with prospective institutional customers.

Request a technical briefing