BankingPitch is designed for regulated financial environments. Security and compliance are built into the architecture, not bolted on as an afterthought.
Authentication and access control
Passwords hashed with bcrypt (12 salt rounds)
JWT session tokens with configurable expiry
5-tier role-based access control (Analyst, Associate, VP, MD, Admin)
Route-level middleware protection on all authenticated pages
Four-eye principle
Deal creator cannot approve their own pitch book
Approval requires VP-level role or above
Enforced at API level — cannot be bypassed via UI
Both creator and approver identities logged permanently
Audit trail
Every action logged: creation, generation, edits, approvals, exports
Timestamped entries with user attribution and metadata
Compliance export for regulatory reporting
Admin-accessible system-wide audit log viewer
Data integrity
Figures grounded in your deal inputs, SEC EDGAR filings, or uploaded documents where available — anything else is clearly flagged as an AI estimate, never presented as verified market data
Original AI output preserved even after user edits
Edited content stored separately with 'Edited' flag
Source citations tracked per module (deal inputs, SEC EDGAR, uploaded documents, or AI-estimated)
User management
Admin-only user creation with enforced minimum password length
Cascading deletion: removing a user removes all their data
Role changes logged to audit trail
Self-deletion prevention (admins cannot delete their own account)
Infrastructure
PostgreSQL database with encrypted connections
Environment-based configuration — no secrets in code
Health check endpoint for uptime monitoring
Rate limiting on AI generation endpoints (5 requests/minute per user)