Platform Architecture

Not a tool. Infrastructure.

Six core capabilities built on an event-sourced, cryptographically verified protocol engine. Every AVM decision your institution makes becomes a verifiable, replayable, defensible protocol event.

Start Free Trial →Read the Compliance Page

01MISMO Normalization Engine

24 vendors. Seven metric formats.
One standard.

The normalization engine translates every vendor's proprietary confidence metric — percentages, FSD, letter grades, qualitative terms, 1-5 scales, 1-10 scales, proprietary formats — to the MISMO Common Confidence Score standard on a 0-100 scale with five confidence tiers.

The vendor registry contains 24 vendors across six categories (lending-grade, GSE, platform, data provider, servicer, specialty), with fuzzy alias matching that handles name variations across loan tapes and AVM documents.

PP10 alignment is verified per vendor against published documentation. The platform honestly labels whether each confidence score is vendor-reported (the vendor's own documented PP10 claim), platform-inferred (derived via documented mathematical transform), or not applicable (the source metric type doesn't support a probabilistic claim).

Vendor Registry

→24 vendors across 6 categories

→Three-layer fuzzy matching (exact alias, substring, key-part)

→Fitch-rated vendor identification

→PP10 alignment with cited source documentation

→isAVMConfidenceMetric flag (Fannie CU distinction)

→Automatic successor resolution for acquired vendors

Normalization Methods

→Vendor-specific: known vendor with documented transform

→FSD inversion: cited piecewise linear mapping with Freddie Mac breakpoints

→Percentage direct: 0-1 or 0-100 scale detection

→Letter grade mapping: A+ through F

→Qualitative mapping: Very High through Very Low

→Scale transform: 1-5 (Fannie CU) and 1-10 scales

→Heuristic fallback: value-range detection with low-confidence warning

Audit Trail

→Input: vendor name, raw value, metric name, estimated value

→Detection: metric type, detection confidence, vendor match method

→Output: MISMO score, tier, PP10 basis, usage guidance

→Normalization: method, description, warnings, confidence

→Metadata: timestamp, engine version, MISMO CCS version

// Session lifecycle — 8 protocol events, one hash chain

1.CREATE_SESSION// → loan_pending

2.UPLOAD_LOAN_DOCUMENT// genesis doc, SHA-256 hash

3.CONFIRM_LOAN_DATA// human-in-the-loop

4.UPLOAD_AVM_DOCUMENT// genesis doc, SHA-256 hash

5.CONFIRM_AVM_DATA// MISMO normalization runs here

6.COMPLETE_POLICY_CHECK// five-factor enforcement

7.RECORD_VENDOR_SESSION// vendor analytics updated

8.SEAL_SESSION// cryptographic proof generated

// Each event: SHA-256(payload + previousHash) → actionHash
// Modify any event → every subsequent hash invalidated

02Cryptographic Protocol Engine

Not logged after the fact.
Performed as protocol events.

The platform is built on a State-Oriented Protocol Architecture where every regulated operation — document ingestion, extraction consensus, human confirmation, policy enforcement, cryptographic sealing — is a typed, schema-validated, sequentially hashed protocol event dispatched through a deterministic state machine orchestrator with optimistic concurrency control.

Each action is hashed with SHA-256, incorporating the previous action's hash to form an append-only chain. The result is a Merkle-like structure where modifying any historical event invalidates every event that follows — making tampering mathematically detectable.

The protocol log is not a feature. It is the system. The dashboards, analytics, and compliance proofs are all projections of the protocol state — ephemeral views over an immutable evidence ledger.

03Five-Factor Policy Enforcement

Institution-specific policies. Platform-enforced execution.

Each institution configures their own compliance policies during onboarding — confidence thresholds, loan type eligibility, conflict triggers, QC sampling rates, nondiscrimination settings. The platform enforces those policies identically across every intake method and every loan.

Confidence Cascade

Global threshold → loan type override → property type override. Each layer can only raise the bar. Configurable strictness per level (block, alert, or log).

Vendor Firewall

Three modes: Allow All, Block List, Approved Only. Registry-backed fuzzy matching resolves name variations in loan tapes to canonical vendor identities.

COI Watchlist

Trigger-based conflict detection with per-trigger strictness. Exact or containment matching. Party disclosure checks at every intake point.

QC Sampling

Cryptographic random selection with verifiable seed. Configurable rates and frequency. Multi-dimensional breadth tracking across four dimensions.

Nondiscrimination Tagging

Every loan tagged with applicable federal and state fair lending laws. 17+ state-specific statutes mapped. FFIEC census tract classification.

Hard Gates

Platform-level prerequisites that short-circuit before policy checks run. Missing vendor, missing confidence, property mismatch — rejected before entering the corpus.

04Nondiscrimination Intelligence

Continuous monitoring.
Not a one-time study.

The fifth quality control standard requires institutions to comply with applicable nondiscrimination laws. Most institutions address this with periodic consultant studies. The platform addresses it continuously — every loan, every vendor, every geography, updated in real time.

Every loan is geocoded to its census tract and classified using the FFIEC standard (majority-minority designation based on non-Hispanic White population below 50%). Disparate impact analysis runs continuously using Welch's t-test for statistical rigor, with per-MSA drill-down to identify which metros drive portfolio-wide results.

The analysis that would cost $50K+ from a consultant and take weeks runs continuously as loans enter the corpus. Whether the result shows no differential or identifies one, having the analysis ready is exactly what the fifth factor contemplates.

Fair Lending Analysis

→Welch's t-test: statistically rigorous disparity detection

→Per-MSA breakdown: identify which metros drive portfolio results

→Majority-minority tract classification (FFIEC standard)

→Pass rate gap: outcome differential by tract classification

→Confidence gap: AVM score differential by demographics

→Value ratio: estimated value differential across tracts

Geographic Intelligence

→Census tract geocoding (server-side, non-blocking)

→17+ state-specific fair housing laws mapped

→Federal coverage: ECOA + FHA on every loan

→Extended protections identification by jurisdiction

→Geographic concentration detection for overlap loans

→Pass rate by predominant demographic group

Vendor Disparity

→Per-vendor pass rate across demographic classifications

→Cross-vendor confidence score comparison by tract type

→Vendor-specific geographic coverage analysis

→Multi-dimensional decomposition: vendor × geography × loan type

Per-Vendor Metrics

→MISMO confidence: avg, min, max, tier distribution

→PP10 basis breakdown: verified / inferred / N/A counts and rates

→Pass, alert, fail rates with session counts

→Normalization method distribution and quality score

→Geographic distribution (state-level)

→Loan type and property type distribution

Vendor Registry Intelligence

→Fitch-rated vendor identification

→Category classification (lending, GSE, platform, data, servicer, specialty)

→PP10 documentation source with verification date

→isAVMConfidenceMetric distinction (appraisal quality vs. AVM confidence)

→Parent company and acquisition tracking

→Active/legacy status with successor resolution

Firewall Controls

→Three modes: Allow All, Block List, Approved Only

→Add/remove with reason codes and audit trail

→COI watchlist cross-reference on firewall entries

→Protocol-chained firewall history with actor attribution

05Vendor Analytics & Governance

Know your vendors.
Govern your vendors.

Vendors are auto-discovered from your loan corpus and matched against the canonical registry. Every vendor gets MISMO-normalized analytics: confidence distributions, tier breakdowns, PP10 coverage rates, normalization quality scores, and geographic performance.

The vendor firewall lets your institution control which AVM vendors are accepted at intake — whitelist mode for approved-only operations, blacklist mode for blocking specific vendors, or allow-all for unrestricted intake. Firewall changes are protocol-chained with actor attribution.

Vendor-level nondiscrimination analysis surfaces whether specific vendors show outcome differentials across demographic classifications — intelligence that only emerges when AVM data and census tract data are analyzed together.

06Compliance Proof Generation

Not reports about compliance.
Proof of compliance.

Every sealed session is a self-contained compliance proof: the original document hashes, the extraction record, the human confirmation, the policy check result, the MISMO normalization audit, and the cryptographic seal — all chained together with SHA-256.

The protocol log provides a cross-domain audit view of every action across every protocol domain — sessions, policies, vendor management, QC, actors, tenant configuration. Each action is independently verifiable: an examiner can export a single action's proof and confirm its position in the hash chain without access to the platform.

Batch compliance certificates attest to the processing of loan tapes with policy version, exception counts, acknowledgment records, and a certificate hash. These are the artifacts your compliance team needs when an examiner asks “show me your control system.”

Session Seal

→SHA-256 hash of complete session state

→Loan document genesis hash (content-addressable)

→AVM document genesis hash (content-addressable)

→Combined data hash (loan + AVM confirmed data)

→Previous seal reference (chain continuity)

→Sealed-by actor attribution and timestamp

Protocol Log

→10 protocol domains: tenant, actors, onboarding, policies, sessions, QC, vendor management, batch, SSO, exports

→Per-domain hash chain verification

→Human-readable action summaries with styled segments

→Payload inspection with collapsible detail

→One-click proof export (self-contained JSON)

→Filterable by domain, actor, date range, action type

Compliance Artifacts

→Batch compliance certificates with certificate hash

→Per-session compliance proof (PDF-exportable)

→Policy version tracking and change audit trail

→QC round reports with reviewer attestation

→Data export with session-level audit metadata

Architecture

Built different. By design.

AVMS.AI is not a conventional web application with a database behind it. It is an event-sourced protocol engine where every state change is a validated, sequenced, hashed action — and the UI is an ephemeral projection over immutable protocol state.

Event-Sourced State Derivation

Application state is not stored — it is derived by deterministic reduction over an ordered sequence of immutable, content-addressed protocol events. State at any historical point is reconstructible by replaying the event sequence through pure reducer functions with snapshot-optimized tree reconstruction.

Cryptographic Hash Chain

Every protocol event is content-addressed via SHA-256 with chained hash linkage to its predecessor, forming an append-only Merkle-like structure with O(1) integrity verification. Modification of any historical event produces a cascade failure detectable at any subsequent node in the chain.

Schema-Enforced Dispatch

Every action payload is validated at runtime against a strict algebraic type schema before entering the protocol. ~90 action types across 10 domains with compile-time and runtime type enforcement. Structurally invalid payloads are rejected at the protocol boundary — they never enter the hash chain.

Ephemeral Projection Layer

The presentation layer is a stateless, read-only projection over immutable protocol state. Components consume derived views through permission-gated selector hooks with safe default hydration. The UI is ephemeral — the protocol chain is the source of truth.

Integration

Sits alongside your systems.
Replaces nothing.

AVMS.AI is not a loan origination system, a document management platform, or a valuation ordering tool. It is the compliance proof layer that sits alongside whatever systems you already use. Four intake methods, one protocol. All paths produce identical cryptographic state.

◎

Document Upload

Upload loan + AVM PDFs through the web dashboard. AI-powered extraction with human confirmation. Zero integration required.

▤

Batch Tape

CSV, Excel, JSON, MISMO XML. AI-assisted column mapping with smart normalization. Census tract geocoding. Process thousands of loans at once.

REST API

Single-loan or batch validation. API key authentication with scoped permissions. Full MISMO response including audit trail. Embed in your LOS workflow.

⇅

SFTP

Drop files into your institution's inbox. Automated processing with configurable templates. Results delivered to your SFTP results directory.

This is the control system
your institution needs.

Start your free trial today. No credit card required. Full platform access. Your compliance evidence begins building from the first loan you process.

Start Free Trial — No Credit Card Required →

AVM Final Rule in effect since October 1, 2025 · FIRREA § 1125 · 12 CFR Part 1125