Saralya
Ask for Demo
Technology

How it is built, underneath.

Architecture decisions are visible to your CTO from day one. No black boxes. No vendor lock-in disguised as proprietary tech. Indian data residency. Inspection-grade audit trail end to end.

Architecture

API-first & cloud-native

  • · Microservices with clean REST + webhooks
  • · Multi-tenant with strict workspace isolation
  • · Indian data residency. AWS Mumbai + DR Hyderabad.
  • · 99.95% SLA · < 200ms p95 latency
Data & AI

Banking-aware models

  • · Models tuned on RBI Master Directions, IRAC norms, IBC and SARFAESI
  • · Anonymised Indian banking corpus (Government of India research programme)
  • · Inference inside India. No customer data leaves your tenant.
  • · Explainable risk scoring for credit officer review
Security

Built for inspection

  • · AES-256 encryption at rest. TLS 1.3 in transit.
  • · RBAC with field-level masking and maker-checker
  • · SSO + MFA. SOC 2 Type II in progress.
  • · Immutable audit log. Inspection pack in 4 clicks.
Integrations

Plugs into what you have

  • · CIBIL · Experian · CRIF · Equifax
  • · Account Aggregator (all 9 ReBIT FI types)
  • · NPCI · NACH · UPI · CIMS · CERSAI · CKYC · GSTN · MCA21
  • · Connectors for FinnOne, Lentra, Finflux, AllCloud and others
Compliance & security

Built for inspection.

Compliance is not a feature shipped after MVP. It is the architecture of the platform. Every module is built against current RBI Master Directions and the DPDP Act 2023.

RBI alignment
MD-FRM (Jul 2024)

Fraud Risk Management Directions, including 21-day Show-Cause Notice workflow per SC ruling in SBI vs. Rajesh Agarwal.

RBI alignment
DLD 2025

Digital Lending Directions. LSP contracts, DLA registration on CIMS, KFS delivery, fund-flow rules, cooling-off period.

RBI alignment
90-day NPA · Apr 2026

Base Layer NBFCs transitioning to 90-day NPA recognition. Saralya reporting and dashboards already pre-aligned.

Data protection
DPDP Act 2023

Notice, consent, purpose limitation and data principal rights. Workspace data isolated. Right to erasure honoured at the row level.

Security
AES-256 · TLS 1.3

Encryption at rest and in transit. RBAC with field-level masking. Maker-checker on sensitive operations. SSO and MFA available.

Audit
Immutable trail

Every mutation logged with actor, timestamp and before/after state. Inspection-ready in 4 clicks.