Meridian AI is an autonomous deal-execution platform built for cross-border transactions between the Gulf Cooperation Council and the United States. The platform replaces the traditional deal team of analysts, compliance officers, and relationship managers with four specialized AI agents that operate continuously on real, jurisdiction-specific data.
The product is designed around a single operating thesis: cross-border deals fail on data, not on talent. A deal in the Gulf-US corridor requires fluency in CFIUS, ITAR, MISA licensing, OFAC sanctions, Tadawul listing rules, ADGM regulations, and dozens of similar frameworks — data sets that are split across English and Arabic, scattered across government registries, and rarely available through any single commercial provider. Meridian centralizes that work behind a unified deal-room interface.
Rather than serving every market with shallow coverage, Meridian commits to deep specialization in the Gulf-US corridor before expanding elsewhere. The 90-day execution plan focuses on Saudi Arabia and the United Arab Emirates as the primary deal-flow generators, with Bahrain, Qatar, Kuwait, and Oman supported through aggregator sources (OpenSanctions, GDELT) rather than dedicated infrastructure.
This overview describes the production capability set as of June 2026. It is intended for prospective pilot customers, security reviewers, and integration partners evaluating the platform. Each capability described in the document is live, tested with real data, and currently deployed on staging or production infrastructure.
Public touchpoints for prospective customers include the platform itself at meridianai.fyi, the security and compliance posture at meridianai.fyi/trust, the sub-processor list at meridianai.fyi/sub-processors, the help center at meridianai.fyi/help, and the public legal pages (/privacy and /terms). All public surfaces are reachable without an account.
| Capability | Description |
|---|---|
| Pipeline Discovery | The Pipeline Scout agent ingests SPA royal-court announcements, Etimad tender awards, MISA opportunity listings, and PIF subsidiary deal pipelines. It surfaces matching opportunities the user qualifies for based on their corridor access and stated mandate. |
| Automated Due Diligence | The DD Analyst runs a five-stage workflow: financial analysis, sanctions screening, beneficial-ownership tracing, competitive landscape, litigation history. Output is a single citable briefing with every claim linked to its underlying source document. |
| Regulatory Navigation | The Regulatory Navigator maintains a 35+ framework knowledge base and identifies which apply to each deal. It tracks filing deadlines, drafts initial filings, and surfaces risk-scored issue lists for legal review. A standalone CFIUS pre-screen card on the deal page surfaces the deterministic rules-engine output (mandatory triggers, filing type, ~timeline, top risk factors) with the standard advisory disclaimer. A workspace-wide CFIUS exposure widget on the dashboard rolls every assessed deal up into a single counts-per-status view with deep links to the highest-severity deals. |
| Relationship Intelligence | The Relationship Manager imports contacts from Gmail or Outlook (via OAuth), enriches them through ProxyCurl LinkedIn and Newscatcher news, and surfaces “who do I know at this counterparty” introductions across the user's network. |
| Documents & E-Signature | Term sheets, NDAs, and DDQs draft from templates with deal context auto-filled. Native e-signature flow with SEC-02 hash-chain audit trail and optional Polygon blockchain anchor — no DocuSign or third-party signer required, and no per-envelope licensing cost. Signers sign via token-protected public URL; the chain meets ESIGN Act and eIDAS-equivalent audit requirements. |
| Treasury & Escrow | Multi-currency escrow with milestone releases, allocation tracking, and automated disbursements via Stripe. Failed-charge retry logic per PAY-01 with grace period before downgrade. |
| Corporate Formation | End-to-end formation workflows across a 14-jurisdiction catalog (DIFC, ADGM, MISA, RAK ICC, Delaware C-Corp, Cayman LLC, BVI BC, etc.). Per-jurisdiction milestone tracking, S3 document upload with signed-URL download, forensic per-transition audit, and JSON timeline export. Phase 2 plugs direct-filing integrations behind a FilingAgent abstraction. |
| Data Room | Per-deal data room with folder-grouped file lists, threaded Q&A with auto-numbered entries per deal, append-only activity log of every file view / download / Q&A event, and view/download counts. PDF downloads route through a watermarking endpoint that overlays a diagonal “CONFIDENTIAL” mark + a corner viewer banner (name · email · UTC timestamp) on every page server-side — the original is never exposed via a presigned URL. SEC-01 scoped via the parent deal. |
| Document Intelligence | Uploaded deal documents — term sheets, MOUs, regulatory filings, financial models (PDF, DOCX, XLSX, PPTX) — are parsed by a Docling extraction service into layout-aware markdown, chunked, and embedded with a multilingual model (English + Arabic) into a pgvector index. The DD Analyst and chat agents answer questions with passage-level citations drawn from the actual document text, and a data-room status badge shows each file’s indexing state (queued / indexing / indexed). Falls back to filename/keyword matching until a document finishes indexing. |
| Indication of Interest (IOI) Workflow | Internal IOIs persist server-side with status transitions (Under Review / Shortlisted / Declined / Withdrawn). External-bidder share-token portal at /ioi/external/[token] lets counterparties submit an IOI without a Meridian account — single-use, time-bounded, revocable links. Submission triggers in-app + email notifications to the deal team and a confirmation email to the bidder. |
| Regulatory Deadline Alerts | Idempotent generator scans RegulatoryItem due dates at 90/30/7-day and overdue thresholds and writes in-app Notification rows + HTML emails via Resend. Runs daily at 02:30 UTC via the BullMQ worker, and ADMIN/OWNER can manually trigger via POST /api/regulatory/alerts/trigger. |
| Pipeline Scout Scoring | Inbound opportunities scored against the org's InvestmentThesis records along deterministic sub-dimensions (sector / corridor / deal-size fit) plus the agent's qualitative strategic-fit narrative. Theses are editable at /settings/investment-theses — each row is a sector + corridor + min/max-size filter with an active toggle, so OWNER/ADMIN can tune the scoring mandate without code changes. Dashboard widget surfaces the top 3 highest-scoring opportunities with rationale snippets. |
| Marketplace | Listing creation, expression-of-interest workflow with NDA gating, and an append-only MarketplaceActivity audit log for compliance + seller-side analytics. Per-status notifications gated by user prefs. |
| Unified Activity Feed | Cross-cutting timeline combining the AuditLog with typed activity streams (DataRoomActivity, FormationAuditLog, MarketplaceActivity, RegulatoryAlert) into a single org-scoped view with filter chips. Dashboard widget surfaces the last 5 events. |
| Notification Preferences | Per-user, per-event channel toggles at /settings/notifications (in-app + email). Backed by NotificationPreference with a free-form eventKey registry, so a new notification surface ships with a sane default without backfilling rows. IOI submission, IOI status change, regulatory deadlines, and marketplace interest all honor the user's preference. |
| Deal Execution Workspaces | Beyond the core deal room, every deal carries persisted, org-scoped execution surfaces: an IC / approvals queue, post-close integration planning, tax-structure modeling, and a categorized expense ledger (DealExpense) with running totals. All edits persist server-side and are audit-logged — no spreadsheet hand-off. |
| Document Studio | A multi-section composer at /deals/[id]/studio assembles IC memos, teasers, and board decks from live deal data. Drafts persist server-side (StudioDraft) and restore on reload; one-click export renders to PDF and native PowerPoint (.pptx) in the browser, so deal content never passes through a third-party document service. |
| Board Reporting | The /board-report view compiles portfolio, corridor, and agent-ROI KPIs into a board-ready report, exportable to PDF and native PowerPoint (.pptx) in a single click. |
| Market Intelligence | A curated EN + AR corridor intelligence feed at /intelligence with per-user saved items (IntelligenceBookmark), so each team member keeps a personal watch-list against the same enrichment pipeline that powers counterparty dossiers. |
| Layer | Choice |
|---|---|
| Web framework | Next.js 16 with React 19 on Vercel (edge + node runtimes). App Router throughout. TypeScript strict mode. |
| UI | Tailwind CSS with a custom teal · emerald palette. Custom components — no UI kit dependency. Sentry browser SDK for client error telemetry. |
| Database | PostgreSQL 17 on Railway with the prisma-client ORM generator (Prisma 7). Migrations versioned in prisma/migrations/. |
| Auth | NextAuth (web sessions) plus JWT bearer for mobile / watch clients. SEC-05 organizationId scoping enforced via a centralized loadAuthUserFromDb path. |
| Background jobs | BullMQ on Redis, deployed to Railway as a Node worker (dist/workers/index.js). Queues: email, pdf-generation, agent-tasks, webhooks, notifications, contact-enrichment, backups, sanctions-refresh. |
| AI | Anthropic Claude (primary), OpenAI (fallback), Google Gemini (vision). AI-06 semantic routing decides per-task. Per-org cost caps + daily token limits per AI-02. |
| Gulf data sidecar | Python 3.12 FastAPI + APScheduler + Playwright (chromium). Deployed as a separate Railway service. Stateless — in-memory entity indexes rebuilt each crawl tick. Hourly to daily cadences per source. |
| File storage | AWS S3 buckets, one per environment, with object-level encryption and quarterly logical-backup retention (OPS-01). |
| Resend for outbound (DKIM-signed); SES inbound MX for catch-all. Gmail and Outlook bidirectional via OAuth (INT-01, INT-06). | |
| Observability | Sentry + Prometheus metrics middleware (OPS-02). Per-request audit log row written for every authenticated mutation. Pino structured logging across Node and Python tiers. |
| CI / deploy | GitHub Actions runs the eval gate (AI-01) + vitest + pytest on every PR. Vercel auto-deploys main to staging.meridianai.fyi and meridianai.fyi. Railway auto-deploys worker + harvester from the same push. |
The platform is built and operated by a single engineer working alongside Claude. Every stack choice optimizes for: (1) ability to ship and operate alone, (2) predictable hosting cost in the four-figures-per-month range, and (3) the ability for any senior engineer to onboard and become productive within a week. Vercel + Railway provide the operational simplicity of a PaaS while keeping egress and database costs sane at pilot scale.
The product surface area is organized into thirteen functional zones. Every zone has explicit role-based access control with four standard roles (Owner, Admin, Collaborator, Viewer) and corridor-level access gates layered on top.
| Functional Area | Modules & Workflows |
|---|---|
| Onboarding & Help | 5-step guided setup wizard at /onboarding (welcome → corridor selection → integrations → calendar → done). Dashboard onboarding checklist widget tracks 6 derived milestones (integration connected, calendar synced, contacts imported, first agent run, first deal created, team invited) and auto-hides once complete. In-app help center at /help covers 23 topics across 7 categories with in-page search and per-answer deep links. |
| Pipeline | Deal board (kanban + table views), opportunity import (CSV / email forward / business-card OCR), agent-driven enrichment, stage transitions with audit trail. Inbound opportunities carry a Pipeline Scout score against the org's investment theses. |
| Marketplace | Two-sided deal marketplace — post a listing through the publish wizard (optionally linked to an existing deal), browse active opportunities with thesis-driven match scores, and express interest behind an NDA gate. Every list / view / interest event writes to an append-only MarketplaceActivity log for seller-side analytics and compliance. |
| Deal Execution | Per-deal execution workspaces: IOI workflow (internal + external-bidder portal at /ioi/external/[token]), IC / approvals queue, post-close integration planning, tax-structure modeling, and a categorized expense ledger. Each persists server-side and is SEC-01 scoped through the parent deal. |
| Deal Room | Per-deal document library, AI Q&A over uploaded docs, side-by-side comparison, redline tracking, watermarked sharing. |
| Contacts & Relationships | Imported from Gmail / Outlook (via OAuth, Path C scopes documented), enriched dossier with Risk / Network / Activity / Audit tabs (ENR-UI), introduction-mapping, sentiment-tracked recent communications. |
| Market Intelligence | Curated EN + AR corridor intelligence feed with per-user saved items (bookmarks), wired to the same enrichment pipeline that powers contact and counterparty dossiers. |
| Regulatory | Framework library, per-deal applicability check, deadline calendar, draft-filing generator, filing-package preparation. Approvals workflow for filings above configurable risk threshold. |
| Documents & Studio | Template library with variable substitution, e-signature with SEC-02 hash-chain audit, version history, and side-by-side comparison — plus a Document Studio composer that assembles multi-section memos and decks from live deal data, persists drafts server-side, and exports to PDF and native PowerPoint. |
| Corporate Formation | 14-jurisdiction formation workflows (DIFC, ADGM, MISA, Delaware C-Corp, Cayman, BVI, …) with per-jurisdiction milestone tracking, S3 document vault with signed-URL download, forensic per-transition audit, and JSON timeline export. |
| Reporting & Analytics | Board-ready reporting compiling portfolio, corridor, and agent-ROI KPIs with PDF + PowerPoint export, plus the cross-cutting unified activity feed and dashboard KPI widgets. |
| Treasury & Escrow | Multi-currency escrow accounts (Stripe-backed), milestone-release rules, allocation tables per investor, automated disbursement, failed-charge retry with grace period (PAY-01). |
| Settings & Billing | Stripe portal deep-links (PAY-02), per-org AI cost cap configuration, enrichment budget UI (ENR-W0.4), integration management, audit-log export. |
| Role | Permissions |
|---|---|
| Owner | Full access including billing, organization-wide settings, audit log export, user management. |
| Admin | Full operational access; cannot transfer ownership or close the account. |
| Collaborator | Read / write on assigned deals + shared resources; no settings access. |
| Viewer | Read-only on assigned deals; cannot trigger agent runs or initiate escrow disbursements. |
Corridor access is enforced as an additional gate. A user may have collaborator-level permissions on a deal but no access to its corridor-specific data feeds — for example, a US-only collaborator on a Gulf-US deal sees the deal but not the underlying SPA / Etimad enrichment.
Meridian ships four production AI agents. Each agent is independently configurable at autonomy levels L0 (read-only suggestion), L1 (suggest with one-click apply), L2 (act on own but require approval before consequential side-effects), or L3 (act autonomously within bounds). Per AI-04, level transitions are explicit per organization and require an audit log entry.
Continuously scans Gulf-harvester sources (SPA, Etimad, MISA, WAM) plus aggregator feeds (GDELT, Newscatcher) for opportunities matching the organization's deal mandate. Scoring is corridor-aware: a $500M PIF infrastructure tender ranks higher for a Saudi-active fund than a $50M UAE retail acquisition.
Runs a five-stage workflow: financial analysis, sanctions screening, beneficial-ownership tracing, competitive landscape, litigation history. Output is a structured briefing with every claim linked to its source document via the ENR-W0.1 RawDocument audit trail.
Maintains the 35+ framework knowledge base and identifies which apply to each deal. Tracks filing deadlines, drafts initial filings, and surfaces risk-scored issue lists for legal review. Output integrates with the document-templating layer so that a CFIUS mitigation letter can be generated against a deal's actual entity structure.
Imports contacts from Gmail or Outlook (via OAuth, sync routes documented in INT-01/INT-06). Enriches each contact through the Wave 2 paid sources (ProxyCurl LinkedIn, Newscatcher EN+AR news, Crunchbase). The ENR-BRIEF2 schema separates role / influence / investment / activity / network signals so the briefing layer can compose a per-deal stakeholder map.
Every agent run is recoverable, cancellable, and comparable. Operators do not have to wait for a run to complete before reading what it has done so far, and they do not have to accept a regression silently when an agent's output changes between releases.
/agents/runs/[runId]). Full ReAct
timeline with every tool call, observation, and intermediate LLM response. Token + cost
attribution per step. Live updates while the run is still executing (2-second SSE poll
that stops automatically on any terminal status).RUNNING,
a pulsing status bar shows current step, elapsed time, and cumulative cost. The
ReAct loop polls the database mid-loop before each LLM call so cancellations are
respected within a single step instead of at the end of the run./api/agents/runs/[runId]
endpoint accepts a cancel action with confirm-dialog UX. Cancellation is
idempotent — cancelling an already-terminal run is a no-op success. Cost is
attributed up to the cancellation point./agents/runs/compare?from=X&to=Y).
Side-by-side diff of input, output, and metrics. Recursive JSON diff classifies leaves
as ADDED / REMOVED / CHANGED / UNCHANGED; primitive lists are compared as sets.
Cross-agent comparisons are guarded so analysts don't accidentally compare a
DD-Analyst output against a Pipeline-Scout output. Metric deltas use green-better /
amber-worse arrows so regression is visually obvious.Every Meridian briefing is anchored to source documents through the ENR-W0.1 RawDocument audit trail. There are three concentric rings of data feeds, each with explicit cost tiering and per-org budget gating (ENR-W0.4).
| Source | What It Provides |
|---|---|
| Heuristic signals | Initial scoring from name, email domain, organization — no external calls. Drives the “first-look” pipeline triage. |
| OFAC SDN live | Postgres-backed nightly refresh (ENR-W0.2). Replaces the in-memory cache; survives worker restarts and propagates updates within the hour, not just on cache expiry. |
| OpenSanctions | 200-list aggregate screener (Wave 1 ENR-OS). Covers OFAC, EU consolidated, UN consolidated, UK HMT, Swiss SECO, and 195 more. |
| OpenCorporates | Cross-jurisdiction corporate registry. Verifies legal name + registration status + officers list. |
| Source | What It Provides |
|---|---|
| SEC EDGAR | US public-company filings full-text search (ENR-EDGAR). Surfaces 10-K, 10-Q, 8-K, S-1, proxy statements with citation-ready paragraphs. |
| CourtListener | US federal + state litigation history (ENR-CL). Flags ongoing or settled cases against parties under DD. |
| GDELT | Global news / events feed (ENR-GDELT). Multi-language coverage; captures emerging-market events English-language sources miss. |
| OpenOwnership | Beneficial-ownership graphs (ENR-OO). Traces upstream control through corporate layers across UBO-disclosure jurisdictions. |
| Source | What It Provides |
|---|---|
| ProxyCurl | LinkedIn-derived profiles for contact enrichment (ENR-PC). ~$0.01 per call. |
| Newscatcher EN+AR | Premium news API with Arabic coverage (ENR-NC). Surfaces context the GDELT signal misses. |
| Crunchbase | Startup & funding data (ENR-CB). Captures private-market valuations and round histories. |
| Magnitt | MENA-specific deal database (ENR-MAGNITT). Arabic-language coverage of regional VC and growth equity. |
The Gulf Harvester is a Python sidecar deployed alongside the main app on Railway. It operates the four government data sources that no commercial aggregator covers with sufficient depth:
| Source | What It Provides | Cadence | Method |
|---|---|---|---|
| Etimad | Saudi government tenders & awarded contracts | Every 4 hours | Playwright (CAPTCHA-protected) |
| SPA | Saudi royal court / cabinet / foreign-ministry announcements | Hourly | Public JSON API |
| MISA / Invest Saudi | Investment opportunities, PIF subsidiary deals ($80M–$650M), government RFPs | Daily 04:00 UTC | WordPress REST API (3 sibling feeds) |
| WAM | UAE federal news wire — cabinet, ministerial appointments, FDI announcements | Hourly | ABP JSON API |
The harvester supports two complementary modes. Mode A runs on cron:
each source crawls its public data on its configured cadence and pushes results to
Meridian via the authenticated /api/harvester/ingest endpoint. The Meridian
side upserts into RawDocument using a (source, url) unique
constraint so the same document arriving from two ticks does not duplicate.
Mode B runs on demand: when an agent performs DD on a specific contact,
Meridian POSTs to the harvester's /screen endpoint, which fans out to every
enabled source in parallel and returns HarvesterFact[] inline within seconds.
The web application is the primary surface and supports every workflow described in the preceding sections. The mobile and watch applications are deliberately scoped to high-frequency-use deal-flow workflows: capturing leads at events, approving agent actions on the go, and receiving deadline alerts.
Production URL: meridianai.fyi. Staging: staging.meridianai.fyi. Optimized for desktop deal-room workflows. Responsive down to tablet sizes; phone-sized access falls through to the native iOS app for a better experience.
Mobile API delegate flow (MOB-01): tap-to-act approvals on agent recommendations, business-card OCR with auto-import to contacts, push notifications for deadline alerts and agent completions. Secure-store token refresh per MOB-03.
Approval-only surface. The watch app receives push notifications when an L2 agent requires approval (regulatory filing, escrow disbursement) and lets the user approve or defer with a single tap. Haptic alerts are categorized by urgency.
| Category | Trigger |
|---|---|
| Critical | Sanctions hit on active deal counterparty; CFIUS filing deadline today; escrow milestone missed. |
| High | New pipeline match in user's mandate; DD agent surfaced a strong-tier red flag. |
| Medium | Agent completed a long-running task; calendar conflict on a deal call. |
| Low | New enrichment batch landed (suppressed during meeting hours). |
Web push is provided via VAPID-authenticated subscriptions (INT-07). Mobile pushes route through APNs (iOS / watch) and FCM (Android API surface for future). MOB-02 implements delivery-confirmation tracking so missed pushes can be re-fired through email fallback on the next user action.
Cross-border deals in the Gulf-US corridor are bilingual by construction. A typical counterparty has an English-named subsidiary with an Arabic parent, an Arabic-language royal-court announcement that confirms a phase-gate, and a board roster split between English-publishing executives and Arabic-only government appointees. Meridian treats Arabic as a first-class language, not a translation layer.
| Surface | Arabic Treatment |
|---|---|
| Data ingestion | SPA (royal court / cabinet) and Magnitt (MENA deals) are pulled in Arabic; entity extraction is anchored on Arabic honorifics (سمو الأمير, وزير, معالي) and connector tokens (bin, Al). |
| Contact records | Every contact carries both an English name and an Arabic name field. Both are screened against sanctions lists independently; the strong-tier match wins. |
| Briefings | The DD briefing renders citations in the source language. Arabic source paragraphs are quoted in Arabic with an inline English translation; transliterations follow ALA-LC. |
| UI | Right-to-left layout switches on user-preference. Arabic numerals (Eastern or Western) configurable per organization. Date formats default to Gregorian but Hijri tooltips are available on every date. |
| Documents | Templates support a bilingual two-column layout (English left, Arabic right) standard in regional commercial law. PDF generation correctly handles RTL with embedded Noto Naskh Arabic. |
| Search | Postgres full-text search uses the Arabic analyzer; queries in either language match documents in the other through normalized stems. |
Arabic text is normalized before matching: tashkeel diacritics stripped via
pyarabic.araby.strip_tashkeel, hamza variants (إ أ آ) collapsed
to ا, yaa variants (ى) collapsed to ي, tatweel
(kashida) removed. The same normalization runs on both indexed corpus and user query so
matches survive across the common transliteration variants (e.g., Mohammed vs Mohammad
vs Muhammad).
| Control | Implementation |
|---|---|
| Multi-tenancy (SEC-01) | Every authenticated query is automatically scoped to the user's organizationId via a centralized getOrgFilter helper. Defense-in-depth: cross-org leak tests pinned in CI for every entity model. |
| Agent org scoping (SEC-05) | Agents are owned by their creator's organization. The agent-execute path loads the calling user via loadAuthUserFromDb so SEC-05 enforcement is identical between bearer-token (mobile / watch / harvester) and NextAuth-session (web) paths. |
| Hash-chain audit (SEC-02) | Every e-signature event is cryptographically anchored to the prior event in the deal's signature chain. Tampering with one event invalidates every subsequent signature. |
| Soft-delete consistency (SEC-03) | All entities support deletedAt soft delete. CI enforces that every multi-table join filters on deletedAt IS NULL for the parent entity. |
| Bcrypt + admin unlock (SEC-04) | Passwords hashed with bcrypt cost 12. Owner-initiated admin unlock flow for locked accounts; rate-limited per IP + per account. |
| Audit log org scoping (SEC-06) | Every AuditLog row carries the actor's organizationId, captured automatically by the logAudit() helper. The admin Audit Log endpoint at /api/audit filters by the caller's org, so an ADMIN/OWNER from one workspace cannot read audit history from any other workspace. |
| Token storage | OAuth refresh tokens (Google, Microsoft) stored encrypted at rest via AES-256-GCM with a key in environment scope. Rotated keys version-stamped per row. |
| External bidder share tokens (IOI-ST) | External-bidder portal links are 32 random bytes (64-char hex) from crypto.randomBytes, single-use, time-bounded (default 14 days, max 60), revocable. List views never reveal the raw token — only an 8-char fingerprint — so leaked log files cannot be replayed against the portal. |
| Internal-secret auth | Worker ↔ app and harvester ↔ app traffic authenticated via per-environment INTERNAL_WORKER_SECRET bearer tokens. |
| Backups (OPS-01) | Nightly pg_dump to AWS S3 with quarterly retention. Each backup includes a verification fixture so partial corruption fails the next restore-test cron. |
| Framework | Status |
|---|---|
| SOC 2 Type II | Controls implemented; observation period begins post-first-pilot. Audit log retention configured per SOC 2 CC2.1. |
| GDPR | Compliant. Data subject export and delete flows wired to the existing soft-delete + audit-log infrastructure. EU data residency available on request via Vercel + Railway EU regions. |
| Saudi PDPL | Compliant. Data-residency option for Riyadh region available on request. Cross-border transfer notice included in the standard data-processing addendum. |
| ISO 27001 | Roadmap target post-pilot. Controls mapped; certification will follow SOC 2 observation. |
| CASA Tier 2 (Google) | Intentionally deferred. The restricted Gmail scopes (gmail.send, gmail.readonly) that would require CASA assessment ($25k + 6–12 weeks) are dropped from the default OAuth scope list. Email send for Gulf customers is provided through the INT-06 Microsoft Outlook integration, which covers the same use case without CASA. Re-enabling Gmail requires only a one-line scope-list change once first revenue justifies the assessment. |
The public Trust Center at meridianai.fyi/trust consolidates everything a security reviewer needs in one page: compliance posture (SOC 2 Type II in-progress, GDPR, Saudi PDPL, ISO 27001 roadmap), implemented controls (SEC-01 through SEC-05 plus encryption at rest and in transit), audit-trail coverage, incident response process, operational facts (hosting regions, RPO/RTO, backup retention), and direct security/legal/privacy contact emails. The page is reachable without an account so it can be linked into procurement workflows directly.
A current list of sub-processors is published at meridianai.fyi/sub-processors and updated when new vendors are added. Notification of material changes is given to active customers 30 days in advance per the standard data-processing addendum.