Operational Alpha ($\Sigma\alpha$) • Compliance-as-Infrastructure • Privacy by Design

FoundLab: Auditable Trust Infrastructure (ATI)

FoundLab Tecnologia Ltda.
Google Cloud Select Technology Partner • Built on Palantir Foundry

FoundLab is a Brazilian deep-tech company delivering Auditable Trust Infrastructure (ATI) for regulated environments that require automation, AI-assisted decisioning, and strict regulatory compliance.

Founded in 2024, FoundLab was created to address a structural challenge faced by financial institutions, auditors, and enterprises: scaling automation and artificial intelligence without increasing regulatory exposure, audit complexity, or data retention risk.

FoundLab’s core platform, FoundLab Umbrella, transforms compliance, risk analysis, onboarding, and document-driven workflows into deterministic, auditable, and regulator-ready processes. Each execution is produced with full traceability, generating structured audit evidence instead of opaque logs or narrative explanations.

🏗️ Auditable Trust Infrastructure (ATI)

At the core of FoundLab’s architecture is Auditable Trust Infrastructure (ATI) — a foundational layer that converts automated and AI-assisted decisions into cryptographically verifiable audit artifacts.

Unlike traditional compliance and governance tools that rely on data accumulation and post-hoc explanations, FoundLab is built on a zero-persistence, cloud-native architecture. Sensitive data is processed ephemerally and is not retained by default. Every decision produces a verifiable artifact, including a decision identifier, sealed rationale, and policy reference, designed to withstand internal audits, external audits, and regulatory scrutiny.

This approach enables organizations to meet regulatory obligations while reducing long-term data liabilities under LGPD, GDPR, and similar data protection frameworks.

Key Capabilities

• Compliance automation with auditability by design
• Auditable AI decisioning with traceable rationale and evidence
• Zero-persistence processing to minimize data exposure
• Regulator-ready evidence generation
• Cloud-native integration with Google Cloud environments

Why FoundLab

FoundLab enables institutions to scale automation and AI without compromising legal certainty or regulatory trust. By combining zero-persistence processing with cryptographically verifiable auditability, FoundLab transforms compliance from a reactive cost center into a programmable, infrastructure-level capability.

💼 Use Cases

FoundLab is designed for organizations operating in regulated or high-risk environments, including financial institutions, fintechs, audit and advisory firms, and enterprises with strict governance, risk, and compliance requirements.

Common use cases include:

• Compliance automation
• Due diligence & Onboarding workflows
• Document analysis
• Internal controls
• Audit preparation

🏢 Company Information

• Partner Tier: Google Cloud Select – Technology Partner
• Founded: November 29, 2024
• Location: Balneário Camboriú; Florianópolis, Santa Catarina, Brazil
• Website: https://foundlab.com.br

🔄 End-to-End Workflow

The FoundLab architecture orchestrates a secure lifecycle for sensitive data, ensuring that plaintext never rests in a vulnerable state and that all actions are audit-proof.

graph TD
    subgraph "Ingestion Layer (Palantir Foundry)"
        A[Legacy Document/PDF] -->|OCR Module| B(Text Extraction)
        B -->|Raw PII| C{Umbrella Proxy}
    end

    subgraph "Umbrella Platform (Key Management)"
        C -->|Request Key| D[KMS]
        D -->|Generate Unique KEK| C
        C -->|Encrypt Data| E[Encrypted Artifact]
        D -->|Audit Log| V[Veritas Protocol]
    end

    subgraph "Storage Layer"
        E -->|Store Ciphertext| F[(Database / Data Lake)]
    end

    subgraph "Zero-Persistence Fabric (Google Cloud TEE)"
        G[Authorized User/App] -->|Request Access| H[Enclave]
        F -->|Load Ciphertext| H
        D -->|Release Key to Enclave| H
        H -->|Decrypt in RAM| I[Processing Logic]
        I -->|Result| G
        I -.->|Secure Wipe| H
        H -->|Audit Access| V
    end

    subgraph "Veritas Protocol (Audit)"
        V -->|Timestamped Hash| L[Immutable Ledger]
    end

Loading

Workflow Steps:

1. Secure Ingestion: Data (documents, logs, transactions) enters via Palantir Foundry pipelines. The current OCR module is an example of this entry point.
2. Cryptographic Decoupling: Immediately upon extraction, the Umbrella Proxy requests a unique Key Encryption Key (KEK) for the data object. The data is encrypted before it hits permanent storage.
3. Storage: Only the Encrypted Artifact (Ciphertext) is stored in the Data Lake. It is mathematically useless without the key.
4. Ephemeral Processing: When data needs to be used (e.g., for a credit check or medical review), it is loaded into the Zero-Persistence Fabric (hosted on Google Cloud Confidential Computing).
   • The Enclave authenticates with Umbrella.
   • The Key is released only to the Enclave's volatile memory.
   • Processing occurs, and memory is wiped immediately after.
   • Reference Implementation: FoundLab-ATI-Dedicated-Compliance-Enclave
5. Immutable Audit: Every step—key generation, encryption, access, and eventual key destruction (erasure)—is recorded by the Veritas Protocol, providing a tamper-evident compliance trail.

🔮 Strategic Verticals

I. Compliance-by-Design (SDK)

A "Stripe for Privacy" SDK for startups.

• Feature: Client-side encryption and managed key lifecycle.
• Benefit: Zero-liability architecture for Fintechs and Healthtechs.

II. HealthTrust (Crypto-Cryogenics)

Verticalized solution for Electronic Health Records (EHR).

• Scenario: Managing the 20-year retention rule vs. patient consent revocation.
• Mechanism: Granular keys for Clinical, Billing, and Research access.

III. Guardian AI (XAI Dashboard)

Auditability for AI decision-making in finance.

• Function: Cryptographic snapshots of model inputs and decisions.
• Compliance: Meets BCB IN No. 587/2025 requirements for explainability.

IV. Drex On-Ramp (Web3 Privacy)

Privacy infrastructure for the Digital Real (Drex).

• Solution: Off-chain key management with on-chain encrypted state.
• Result: Solves the blockchain privacy/auditability trade-off.

V. Green Logic (ESG)

Sustainable data lifecycle management.

• Concept: "Logical Erasure" reduces "Dark Data" storage, lowering carbon footprint.
• Metrics: Carbon certificates for data deletion.

🛠️ Technical Stack (Palantir Foundry)

The current repository is deployed as a Palantir Foundry Code Repository, utilizing Python Functions to integrate with the Ontology and external systems. It currently hosts the OCR Ingestion Module.

Features

• PDF Parsing: Converts PDF attachments to images.
• Preprocessing: Advanced deskewing and image correction.
• OCR: Tesseract-based text extraction.

Usage

from functions.api import function, Attachment
# The module ingests an attachment, processes it via Tesseract, 
# and prepares the text for encryption within the Umbrella Platform.

📚 Platform Documentation & Attribution

This project is built upon Palantir Foundry, an operating system for data integration and analytics. The architecture leverages Foundry's native capabilities for data lineage, security, and function execution.

For detailed documentation on the underlying platform and deployment procedures, please refer to the official resources:

• Palantir Foundry Documentation – Comprehensive guide to the operating system.
• Marketplace Installation Guide – Instructions for uploading and installing this package in your enrollment.

📄 License

Licensed under the Apache License, Version 2.0. See LICENSE.md for details.

Copyright © 2026 FoundLab Tecnologia Ltda.

FoundLab | Transforming documents into dynamic, trustworthy assets.