Banking and financial services

Banking.

Five on-device wins for NBK across the operational stack: retail KYC, SME loan documents, STP at scale, AML pre-triage, and warehouse-light analyst dashboards. Plus a Hadron-native customer assistant on top. No added compute.

What Hadron routes away

Onboarding biometric compute, loan-document images sent to a US or EU OCR SaaS, the manual-review queue labour at scale, the AML false-positive review burden, and per-interaction warehouse round-trips for analyst dashboards. The CITRA Tier 3 and 4 perimeters around each shrink to the verdict and structured fields the bank receives.

What the buyer keeps

Same NBK Mobile, iBusiness, and Wealth dashboards, same MLRO paper trail, same authoritative AML system of record. Plus a customer assistant on top. Same runtime, no added compute. Marginal cost per additional user trends to zero on the analytics tier.

Patents demonstrated: P1 P2 P3 P4 P5 Customer profile: tier-1 retail banks, sovereign-data regulated GCC deployments

+ Kuwait regulatory bar (CITRA, CBK CORF, KNBCC + PDPL) - cleared by construction

CITRA Cloud Computing Framework

Tier 3 & 4 data cannot leave Kuwait - must reside in licensed Kuwait data centres.

Data stays on the customer's device. Tier question doesn't apply.

CBK CORF
Cyber and Operational Resilience Framework, Dec 2025

Tightens third-party risk and operational resilience for every SaaS in the stack.

Hadron has zero runtime third-party network calls. Third-party risk surface: nil.

KNBCC + PDPL
National basic cybersecurity controls + Personal Data Protection Law

Customer PII must stay in residency, with full audit and consent trail.

User PII is never serialised over the wire. The audit trail is the bank's own server-side log of what each session asked for and what verdict came back, with the PII never present.

+ What if a customer uses the app from another country? edge case answered

Data-residency frameworks across regulated markets - GDPR (EU), CCPA (US), CITRA (Kuwait), MAS (Singapore), OSFI (Canada), HKMA (Hong Kong) - all regulate the same thing: where the bank processes and stores customer data on its own infrastructure. None of them regulate where the customer's personal device is at any given moment.

Hadron's contribution is on the part the regulators actually enforce - the bank's server-side data plane. The customer's location becomes irrelevant to the compliance question.

Implementation	Bank's data plane crossing borders	Compliance posture
Cloud-default banking Datadog, Algolia, OpenAI, Snowflake in-loop	Every request to a hosted SaaS sends customer data abroad	Data-residency breach regardless of customer location
Hadron-powered banking all compute runs on the user device	Zero bytes leave the bank's residency boundary	Residency cleared by construction regardless of customer location

UI heartbeat: 0 frames painted Longest frame gap (last 5s): 0 ms main thread responsive

For your retail customer · inside NBK Mobile onboarding

Onboarding biometric, routed off the bank's books.

Today: server-side face-recognition for every applicant. Routed to device: the encoder compute, biometric storage, and the CITRA / PDPL perimeter that follows it.

For your SME or corporate applicant · NBK iBusiness loan onboarding

Loan document onboarding, routed off the bank's books.

Today: documents are uploaded to a US or EU OCR SaaS, which is a CITRA Tier-4 residency breach by upload. Routed to device: the document images, the OCR compute, and the residency exposure. The bank receives structured fields and a verdict, never the source images.

For your onboarding ops team · STP across retail KYC and SME documents

The straight-through-processing view, on the ops device.

Per-case engines (above) feed a single ops queue. Most cases auto-resolve on a verified, byte-exact engine; ambiguous ones queue for human review. Routed to device: manual-review labour on the fraction that now auto-resolves, plus the queue backlog and review-SLA delay.

For your AML / compliance team · alert pre-triage

A pre-filter that cuts the AML false-positive review burden.

Industry-typical AML alerts are 90 to 95% false positives, and every one is reviewed by hand. Routed to device: the analyst hand-review of the obvious false positives, with a human-readable audit reason on every dismissal. The authoritative AML/CFT system of record stays server-side.

For your RM / Watani Wealth analyst · workstation

Interactive dashboards that never round-trip to the warehouse.

Up to 1M rows loaded once into the page. Every filter, group-by, and sort runs as a fused pipeline on the analyst's laptop. Routed to device: a warehouse query and round-trip per interaction, plus the backend capacity provisioned for peak concurrent users. Marginal cost per additional user trends to zero.

Potential new feature · free since there is no compute

NBK Insights: an assistant the bank can ship for free.

No LLM, no model download. Answers are computed locally over the customer's own statement history. Cost to add: zero compute. The runtime is already on the page for KYC.