JIL Sovereign Technologies, Inc.
Cryptographic Verdict Authority - Pillar 2
Report Identifier
JIL-VR-RV-2026-04-19-B9E4D3C2
Issued: 2026-04-19 09:14:02 UTC
Completed: 2026-04-19 09:31:47.552 UTC
Pillar 2 of 5 - Retroactive Settlement Verification
Cryptographic Verdict Record
Court-Admissible - Independently Verifiable - Tamper-Evident
SAMPLE - FICTITIOUS SUBJECT DATA
0Identifiers, Retrieval, and Retention
- Report ID (this document)
- JIL-VR-RV-2026-04-19-B9E4D3C2
- Attestation ID
- ATT-892440-0000002910
- Vendor ID (requester)
- VND-HHS-OIG-0012 (HHS Office of Inspector General, onboarded 2025-07-22)
- Profile ID
- PRF-RETRO-FEDERAL-MEDICARE-v3.2
- Date Completed
- 2026-04-19 09:31:47.552 UTC (epoch 1776633107.552)
- Storage Location (vendor-controlled)
- Vendor SDV endpoint sdv://VND-HHS-OIG-0012.us-east.gov.jil-sdv/, object key verdicts/retroactive/2026/04/19/JIL-VR-RV-2026-04-19-B9E4D3C2.pdf.sealed. AES-256-GCM encrypted, vendor-held key.
- Content Hash (SHA-256)
- a1b2c3d4e5f67890abcdef0123456789fedcba9876543210abcdef0123456789
- Retention Period
- 15 years minimum. Exceeds BSA / FATF / NYDFS / HIPAA requirements. Permanent retention may be elected by vendor.
- Retrieval Index (JIL-side)
- Indexed in trust.verdict_records + replicated to verdict_index.clickhouse. Queryable by report_id, attestation_id, vendor_id, profile_id, date_completed, subject_hash, L1 anchor tx.
- Retrieval API
- Authenticated vendors: GET /api/v1/verdicts/{report_id}. Courts/regulators: GET /verify/{report_id} returns verification metadata without PII; blob retrieval requires vendor consent or court order served on vendor.
1Subject of Verdict
- Request Type
- Retroactive Settlement Verification (Pillar 2) - Forensic Payment Integrity Audit
- Requesting Party
- HHS Office of Inspector General, Case-ID HHS-OIG-2026-MCA-0447
- Audit Scope
- Medicare Part B provider payments, Region 04 (FL/GA/AL), 2020-01-01 through 2024-12-31
- Record Count
- 49,872,308 payment records processed
- Aggregate Volume
- $18.4 billion USD
- Identity Dimensions Applied
- 28 (SSA DMF, state vital records, OIG LEIE, SAM, PECOS, NPPES, state licensing, SOS dissolution, DEA registration, etc.)
- Lookback Period
- 4 years + 4 months
- Analyst Reviewer
- Redacted Senior Forensic Accountant (CFE, CPA), Analyst-ID an:4f2a:7c3d:9e0b
2Test Profile Applied
- Profile Name
- RETRO-FEDERAL-MEDICARE-v3.2
- Profile Description
- Retroactive Medicare payment integrity audit. Historical identity + rail integrity + overpayment recovery.
- Total Catalog Size
- 111 checks (69 FWEA + 42 WIE)
- Approved for this Profile
- 104 of 111 checks enabled
- Out of Scope (not approved)
- 7 of 111 checks disabled for this profile
3Approved Checks - Full Test Matrix (Section 4A)
| Check ID | Test Name | Method | Source | Result | Evidence Hash |
|---|---|---|---|---|---|
| FWEA-01 | OFAC person match (origin) | Exact + fuzzy (Levenshtein <=2, phonetic Soundex) | OFAC SDN + CSL | CLEAR | sha256:01of...f1i |
| FWEA-02 | OFAC person match (counterparty) | Exact + fuzzy + transliteration | OFAC SDN + CSL + EU + UK | CLEAR | sha256:02of...f2i |
| FWEA-03 | PEP screening - beneficial owners | UBO graph traversal to depth 3 | OpenSanctions PEP list | CLEAR | sha256:03pe...f3i |
| FWEA-04 | Synthetic identity detection | Document cross-reference + velocity modeling | GLEIF + OpenCorporates + telco records | CLEAR | sha256:04sy...f4i |
| FWEA-07 | Destination wallet SDN match | O(1) hash-table lookup (<1ms) | OFAC SDN + CSL + UK OFSI | CLEAR | sha256:07de...f7i |
| FWEA-08 | Business Email Compromise (BEC) pattern | Domain similarity + content ML classifier | JIL BEC detector + OpenAI moderation | CLEAR | sha256:08bu...f8p |
| FWEA-09 | Invoice fraud detection | Invoice fingerprinting + duplicate detection | JIL invoice graph | CLEAR | sha256:09in...f9p |
| FWEA-11 | Authorized Push Payment (APP) scam | Behavioral deviation + destination risk | JIL APP detector | CLEAR | sha256:11au...f1p |
| FWEA-12 | Wire anomaly detection | Z-score vs entity baseline (90d window) | Custodian feed + JIL baseline | CLEAR | sha256:12wi...f2p |
| FWEA-13 | SEPA APP fraud pattern (EU) | SEPA rail-specific heuristics | EBA SEPA registry + JIL detector | CLEAR | sha256:13se...f3p |
| FWEA-14 | UK FPS Payment System Regulator (PSR) profile | FPS reimbursement-risk scoring | UK FPS + PSR guidance | CLEAR | sha256:14uk...f4p |
| FWEA-15 | PIX fraud typology (Brazil) | PIX chain-of-claim verification | BCB PIX registry | CLEAR | sha256:15pi...f5p |
| FWEA-16 | UPI fraud typology (India) | UPI VPA collision + spoof detection | NPCI UPI registry | CLEAR | sha256:16up...f6p |
| FWEA-17 | SWIFT gpi chain substitution | MT103 hop-by-hop integrity check | SWIFT gpi tracker | CLEAR | sha256:17sw...f7p |
| FWEA-18 | CIPS sanctioned-entity routing | CIPS routing graph + sanctions overlay | PBoC CIPS + OFAC overlay | CLEAR | sha256:18ci...f8p |
| FWEA-19 | NPP PayID integrity (Australia) | PayID binding verification | AusPayNet NPP | CLEAR | sha256:19np...f9p |
| FWEA-22 | Cryptocurrency off-ramp anomaly | Off-ramp velocity vs historical | Chainalysis + JIL off-ramp registry | CLEAR | sha256:22cr...f2p |
| FWEA-23 | Check kite / float fraud | Inter-account timing graph | JIL check clearance timing | CLEAR | sha256:23ch...f3p |
| FWEA-24 | Settlement instruction integrity | IBAN MOD-97 + BIC ISO 9362 + endpoint attestation | JIL L1 settlement path | PASS | sha256:24se...f4p |
| FWEA-25 | OFAC country-level sanctions | Jurisdiction routing check (IR, KP, SY, CU, RU-partial) | OFAC country list | CLEAR | sha256:25of...f5r |
| FWEA-26 | EU MiCA stablecoin classification | Token symbol + issuer + whitelist | EBA regulated tokens list | PASS | sha256:26eu...f6r |
| FWEA-27 | EU DORA operational resilience | ICT risk attestation presence | EBA DORA registry | PASS | sha256:27eu...f7r |
| FWEA-28 | UK FCA authorization status | FCA register lookup + passport check | FCA Register | PASS | sha256:28uk...f8r |
| FWEA-29 | FATF International Travel Rule (>$3K) | Originator / beneficiary data completeness | FATF Travel Rule Protocol + IVMS 101 | PASS | sha256:29fa...f9r |
| FWEA-30 | CBDC attestation (eCNY / DEUR / mBridge) | CBDC issuer + compliance-envelope check | BIS mBridge + PBoC eCNY + ECB DEUR | N/A | sha256:30cb...f0r |
| FWEA-31 | NYDFS Part 500 applicability | Counterparty NYDFS-regulated flag | NYDFS covered entity list | PASS | sha256:31ny...f1r |
| FWEA-32 | SEC Reg S / Reg D (if applicable) | Investor accreditation + jurisdiction | SEC filings + investor attestation | N/A | sha256:32se...f2r |
| FWEA-33 | MAS Singapore DPT Act applicability | Singapore counterparty check | MAS DPT licensee list | PASS | sha256:33ma...f3r |
| FWEA-34 | VARA UAE crypto licensing | UAE counterparty license lookup | VARA licensee registry | PASS | sha256:34va...f4r |
| FWEA-35 | State MTL jurisdiction check | US state-by-state money transmitter overlay | NMLS MT licensing database | PASS | sha256:35st...f5r |
| FWEA-36 | Velocity anomaly (origin 48h) | Rolling z-score vs 90d baseline | JIL L1 + custodian feed | PASS (z=0.84) | sha256:36ve...f6t |
| FWEA-37 | Mule account scoring | Inbound-outbound timing + network centrality | JIL mule detector | CLEAR | sha256:37mu...f7t |
| FWEA-38 | Smurfing / structuring pattern | Sub-threshold frequency + 24h rollup | JIL structuring detector | CLEAR | sha256:38sm...f8t |
| FWEA-39 | Geographic anomaly | Origin-destination distance vs entity norm | JIL geo baseline | CLEAR | sha256:39ge...f9t |
| FWEA-40 | Bust-out credit fraud pattern | Credit utilization curve analysis | FICO + experian bust-out model | N/A | sha256:40bu...f0t |
| FWEA-41 | Round-amount / psychological pricing flag | Statistical distribution vs entity norm | JIL amount analyzer | CLEAR | sha256:41ro...f1t |
| FWEA-42 | Night / off-hours activity | Time-of-day distribution outlier | JIL temporal baseline | CLEAR | sha256:42ni...f2t |
| FWEA-44 | Account-number change alert | Counterparty account history vs current | Custodian counterparty ledger | CLEAR | sha256:44ac...f4s |
| FWEA-45 | Instruction provenance attestation | Signed chain from originator | JIL instruction attestation | PASS | sha256:45in...f5s |
| FWEA-46 | IBAN integrity (MOD-97) | Checksum + country length validation | ISO 13616 IBAN registry | PASS | sha256:46ib...f6s |
| FWEA-47 | Correspondent chain hop anomaly | Hop-count + jurisdiction diversity | SWIFT gpi trace | CLEAR | sha256:47co...f7s |
| FWEA-48 | Real estate closing wire protection | Closing agent attestation required | ALTA closing protection | N/A | sha256:48re...f8s |
| FWEA-49 | Endpoint binding attestation | Destination wallet bound to counterparty identity | JIL endpoint-binding registry | PASS | sha256:49en...f9s |
| FWEA-50 | Duplicate claim detection | Claim-ID + subject-service fingerprint | CMS NCCI + JIL dedupe | N/A | sha256:50du...f0h |
| FWEA-51 | NPI provider enrollment status | NPI active + no-deactivation check | CMS PECOS + NPPES | N/A | sha256:51np...f1h |
| FWEA-52 | Upcoding detection | Code frequency distribution vs peer | CMS MIPS + peer benchmarks | N/A | sha256:52up...f2h |
| FWEA-53 | Remittance mismatch | 837P vs 835 reconciliation | Clearinghouse remittance | N/A | sha256:53re...f3h |
| FWEA-54 | Overpayment recovery flag | Historical overpayment pattern match | CMS overpayment database | N/A | sha256:54ov...f4h |
| FWEA-55 | Fraud ring graph analysis | Community detection on entity graph | JIL fraud-ring detector | CLEAR | sha256:55fr...f5m |
| FWEA-56 | Typology library pattern match | Published typology overlay (pig-butchering, APP, etc) | JIL typology library v3 | CLEAR | sha256:56ty...f6m |
| FWEA-57 | Cross-rail correlation | Same entity on multiple rails | JIL entity resolution | CLEAR | sha256:57cr...f7m |
| FWEA-58 | FaaS (Fraud-as-a-Service) infrastructure | Known FaaS C2 + tooling signature | JIL FaaS intel | CLEAR | sha256:58fa...f8m |
| FWEA-59 | FATF typology pattern match | Graph-motif match across 30d window | JIL L1 + Chainalysis clusters | CLEAR | sha256:59fa...f9c |
| FWEA-60 | Egmont FIU intelligence overlay | FIU-flagged entity check | Egmont Group secure channel | CLEAR | sha256:60eg...f0c |
| FWEA-61 | BIS CPMI payment system risk | Payment corridor risk score | BIS CPMI annual report data | LOW | sha256:61bi...f1c |
| FWEA-62 | Cross-border velocity multi-jurisdiction | Velocity across 3+ jurisdictions 7d | JIL cross-border detector | CLEAR | sha256:62cr...f2c |
| FWEA-63 | Sanctioned-jurisdiction hub routing | Proximity to sanctioned corridor | OFAC country list + corridor graph | CLEAR | sha256:63sa...f3c |
| FWEA-64 | TBML with World Bank commodity prices | Invoice-price variance vs market | World Bank commodity index + WCO | CLEAR | sha256:64tb...f4c |
| FWEA-65 | Pig butchering / romance-investment scam | Behavior + destination + dialog ML | JIL pig-butcher registry + NIST | CLEAR | sha256:65pi...f5e |
| FWEA-66 | FaaS C2 infrastructure attribution | Infrastructure overlap with known FaaS | JIL FaaS infra graph | CLEAR | sha256:66fa...f6e |
| FWEA-67 | ZKP post-settlement attestation | Zero-knowledge proof of compliant state | JIL ZKP prover | PASS | sha256:67zk...f7c |
| FWEA-68 | Adversarial ML drift detection | Model drift vs golden baseline | JIL ML governance | CLEAR | sha256:68ad...f8c |
| FWEA-69 | HNDL quantum-safe TLS verification | Dilithium + X25519 handshake verified | JIL TLS attestation | PASS | sha256:69hn...f9c |
| WIE-01 | Destination wallet age | Genesis-tx trace + funding attribution | JIL L1 on-chain history | 847 days (LOW RISK) | sha256:01de...w1w |
| WIE-02 | Funding source attribution | Recursive source-of-funds trace | JIL attribution-evm + Chainalysis | CLEAR | sha256:02fu...w2w |
| WIE-03 | First-block recency flag | Age vs transaction volume ratio | JIL L1 + chain-specific | CLEAR | sha256:03fi...w3w |
| WIE-04 | Dormancy awakening signal | Long-dormant -> sudden activity | JIL dormancy tracker | CLEAR | sha256:04do...w4w |
| WIE-05 | Dust attack detection | Micro-tx flood pattern | JIL dust detector | CLEAR | sha256:05du...w5w |
| WIE-06 | Fresh-wallet-with-instant-activity | Activity within 1h of creation | JIL creation telemetry | CLEAR | sha256:06fr...w6w |
| WIE-07 | Bulk wallet creation signal | Sequential wallet creation cluster | JIL creation graph | CLEAR | sha256:07bu...w7w |
| WIE-08 | Contamination 2-hop weighted | Graph traversal, decay-weighted exposure scoring | JIL L1 + Chainalysis | 0.02% (CLEAR) | sha256:08co...w8c |
| WIE-09 | Direct darknet exposure | 0-hop match to known darknet wallets | JIL known-bad registry | CLEAR | sha256:09di...w9c |
| WIE-10 | Direct ransomware operator exposure | 0-hop match to ransomware wallets | JIL ransomware intel (Conti/LockBit/BlackCat/Cl0p) | CLEAR | sha256:10di...w0c |
| WIE-11 | Mixer/tumbler exposure | Exposure to Tornado Cash, Blender.io, ChipMixer, Sinbad | JIL mixer registry | CLEAR | sha256:11mi...w1c |
| WIE-12 | Exchange-hack cluster exposure | Mt. Gox, Bitfinex, FTX, KuCoin hack wallets | JIL hack attribution | CLEAR | sha256:12ex...w2c |
| WIE-13 | Known-bad cluster exposure (full) | 0/1/2/3-hop lookup against all known-bad | JIL known-bad registry | CLEAR | sha256:13kn...w3c |
| WIE-14 | State-actor cluster exposure | Lazarus Group, APT38, Russian ransomware | JIL state-actor attribution | CLEAR | sha256:14st...w4c |
| WIE-15 | Transaction cadence anomaly | Inter-arrival time distribution | JIL L1 cadence analyzer | CLEAR | sha256:15tr...w5v |
| WIE-16 | Amount distribution outlier | Distribution vs 90d self-baseline | JIL amount analyzer | CLEAR | sha256:16am...w6v |
| WIE-18 | Burst-and-drain pattern | High inbound then full drain | JIL burst detector | CLEAR | sha256:18bu...w8v |
| WIE-19 | Round-amount trading | Round-number frequency outlier | JIL amount analyzer | CLEAR | sha256:19ro...w9v |
| WIE-20 | Fragmentation pattern | Tx split into sub-threshold batches | JIL fragmentation detector | CLEAR | sha256:20fr...w0v |
| WIE-21 | Cross-chain arbitrage signature | Arbitrage-like paired tx across chains | JIL cross-chain detector | CLEAR | sha256:21cr...w1v |
| WIE-22 | Protocol whitelist match | Interacted protocols in whitelist | JIL DeFi whitelist | 94/100 (HIGH TRUST) | sha256:22pr...w2d |
| WIE-23 | LP quality score | Uniswap / Balancer pool quality | JIL DeFi attestation ledger | HIGH | sha256:23lp...w3d |
| WIE-24 | Rug-pull heuristic | Known rug-pull cluster exposure | JIL rug-pull registry | CLEAR | sha256:24ru...w4d |
| WIE-25 | Yield-farming exposure | Yield-protocol interaction + risk tier | JIL yield-farm classifier | LOW | sha256:25yi...w5d |
| WIE-26 | Flash-loan anomaly | Flash-loan pattern in history | JIL flash-loan detector | CLEAR | sha256:26fl...w6d |
| WIE-27 | Bridge-exploit exposure | Known bridge-exploit interaction | JIL bridge-exploit registry | CLEAR | sha256:27br...w7d |
| WIE-28 | Governance manipulation signal | Flash-loan governance attack pattern | JIL governance-attack detector | CLEAR | sha256:28go...w8d |
| WIE-29 | Cross-wallet clustering | JIL attribution engine (BTC/EVM/SOL/TRX) | JIL attribution engines | No discrepancy | sha256:29cr...w9h |
| WIE-30 | Change-address heuristic (BTC) | Multi-input + change detection | JIL attribution-btc | CLEAR | sha256:30ch...w0h |
| WIE-31 | Common-ownership heuristic | Co-spending patterns across wallets | JIL attribution-btc/evm | CLEAR | sha256:31co...w1h |
| WIE-32 | Bridge-correlation clustering | Cross-chain bridge traffic as identity | JIL attribution-bridges | CLEAR | sha256:32br...w2h |
| WIE-33 | CEX-withdrawal correlation | CEX-withdrawal timing + amount match | JIL CEX attribution | CLEAR | sha256:33ce...w3h |
| WIE-34 | Off-chain-linked wallet | Corporate entity + wallet linkage via OpenCorporates | OpenCorporates + JIL entity graph | CLEAR | sha256:34of...w4h |
| WIE-35 | Real-estate linked wallet | Property-purchase blockchain linkage | ATTOM Property + JIL entity graph | CLEAR | sha256:35re...w5h |
| WIE-36 | Jurisdictional fit (corridor) | Counterparty jurisdiction vs origin corridor | GLEIF + OpenCorporates | PASS (US-SG corridor compliant) | sha256:36ju...w6r |
| WIE-37 | Sanctions-list proximity | Distance to any sanctioned wallet in graph | OFAC + EU + UK SDN + JIL L1 | > 4 hops (CLEAR) | sha256:37sa...w7r |
| WIE-38 | PEP overlap (counterparty UBO) | UBO graph overlap with PEP list | OpenSanctions PEP | CLEAR | sha256:38pe...w8r |
| WIE-39 | Adverse media flag | Counterparty name in adverse-media feed | OpenSanctions media + Dow Jones | CLEAR | sha256:39ad...w9r |
| WIE-40 | Taint-free proof | Cumulative contamination score under 1% | JIL taint calculator | 0.02% (PASS) | sha256:40ta...w0r |
| WIE-41 | MiCA stablecoin eligibility | Token MiCA-registered flag | EBA MiCA registry | PASS | sha256:41mi...w1r |
| WIE-42 | Travel-rule data completeness | Originator+beneficiary data fields populated | IVMS 101 validator | PASS | sha256:42tr...w2r |
3Out-of-Scope Checks - Not Enabled (Section 4B)
| Check ID | Test Name | Status | |||
|---|---|---|---|---|---|
| FWEA-05 | Document deepfake detection | Out of scope - not enabled in this profile | |||
| FWEA-06 | AI voice deepfake at authorization | Out of scope - not enabled in this profile | |||
| FWEA-10 | Account takeover (ATO) signals | Out of scope - not enabled in this profile | |||
| FWEA-20 | DPAN wallet provisioning fraud | Out of scope - not enabled in this profile | |||
| FWEA-21 | Magecart / e-skimmer merchant compromise | Out of scope - not enabled in this profile | |||
| FWEA-43 | Routing change detection (<72h) | Out of scope - not enabled in this profile | |||
| WIE-17 | Bot activity signature | Out of scope - not enabled in this profile | |||
5Final Verdict
Attested Disposition
FINDINGS ISSUED
Confidence: 96.2% | 1,247 improper payment events identified, aggregate exposure $8,340,218 USD
Reasoning Summary
- 847 payments to providers whose NPI was flagged deceased in SSA DMF at time of payment
- 228 payments to providers excluded in OIG LEIE at time of service (18 distinct providers)
- 172 payments to SAM-debarred entities
- 0 findings on structured sanctions evasion (FWEA-63 CLEAR across full corpus)
- All findings individually sealed; aggregate Merkle root anchored to JIL L1 block #892,415
- Recovery-ready dossier generated for DOJ Civil Division intake
6Cryptographic Seal and Anchor
- Issuer
- JIL Sovereign Technologies, Inc. (DE)
- Signing Algorithm
- Ed25519 + Dilithium-III (classical + post-quantum hybrid)
- Issuer Signature
- a1b2c3d4e5f67890abcdef0123456789fedcba9876543210abcdef0123456789
- Validator Quorum
- 14 of 20 across 10 jurisdictions (70% threshold exceeded)
- JIL L1 Anchor
- tx-hash: 0xbc12...890f
- Merkle Root
- Rolled up from Section 4A per-check evidence hashes
Verify at
jilsovereign.com/verify/
JIL-VR-RV-2026-04-19-B9E
jilsovereign.com/verify/
JIL-VR-RV-2026-04-19-B9E
7Chain of Custody Timeline
| 09:14:02.110 UTC | HHS OIG batch intake received (49.87M records) | batch-hash: 2d3e4f5a6b7c... |
| 09:14:05.228 UTC | Test profile RETRO-FEDERAL-MEDICARE-v3.2 loaded and attested | profile-hash: 8d9e0f1a2b3c... |
| 09:14:12.004 UTC | Parallel check dispatch across 104 approved checks x 49.87M records | dispatch-hash: 4d5e6f7a8b9c... |
| 09:30:58.732 UTC | All checks returned. Findings aggregation begins. | agg-hash: 0d1e2f3a4b5c... |
| 09:31:22.881 UTC | 1,247 individual finding verdicts sealed (Ed25519 per-finding) | findings-root: 6d7e8f9a0b1c... |
| 09:31:38.102 UTC | Aggregate Merkle roll-up computed | merkle-root: 2d3e4f5a6b7c... |
| 09:31:44.991 UTC | Validator quorum (14/20) across 10 jurisdictions signed | quorum-hash: 8d9e0f1a2b3c... |
| 09:31:47.201 UTC | Aggregate dossier anchored to JIL L1 block #892,415 | tx-hash: 0xbc12...890f |
| 09:31:47.552 UTC | Court-ready dossier delivered to HHS OIG SDV | sdv-object: verdicts/retroactive/2026/04/19/... |
| 09:31:47.733 UTC | Retrieval-index commit; 15-year retention class | index-id: VR-INDEX-1776633107552 |
Total audit latency: 17 minutes 45 seconds for 49.87M records - within the 20-minute SLA for Pillar 2 batch processing.
Tamper Evidence. Any modification to this record - including whitespace, font, or formatting changes after issuance - invalidates the seal. Independent verification does not require JIL Sovereign's cooperation and can be performed by any party that can compute a SHA-256 hash, verify an Ed25519 signature, and query the JIL L1 public ledger for the anchor transaction. The verification procedure is published at jilsovereign.com/verify and is open-source.
8Authorized Evidentiary Uses
- Federal court admission under FRE 702 (expert testimony) and 901 (authentication) - cryptographic anchor authenticates without requiring JIL as fact witness.
- Regulatory submission to OFAC, FinCEN, SEC, and state attorneys general.
- Custodian compliance evidence for SOC 2 Type II, ISO 27001, NYDFS Part 500, HITRUST CSF audits.
- Internal audit trail under BSA 5-year recordkeeping (JIL retention exceeds at 15+ years).
- Due diligence evidence for correspondent banking, MSB registration, VASP Travel Rule.