The Financial
Chain of Custody
The Sovereign Banking Core for Microsoft Dynamics 365.
We replace manual bank uploads with a RAM-only Iron Layer cryptographically signed by Microsoft Entra ID.
The Chain of Custody
is Broken.
Your Business Central ledger is secure. Your Entra ID identity perimeter is secure. But the CSV file on the desktop is not.
When a Finance Officer exports a payment file to their local machine to manually upload it to a bank portal, they create a "Plaintext Gap."
For that interval, the file is unencrypted, mutable, and invisible to the audit log. Under the SOCI Act and ASIC v RI Advice rulings, this is no longer just a process failure—it is a Boardroom liability.
Dynamics 365
Local DesktopHigh Risk
User downloads EFT_BATCH_001.csv. Entra ID protection is lost. File is editable.
Bank Portal
The Ghost Protocol.
We do not store your data. We stream it.
Demiton utilizes Ephemeral Memory Processing to ensure financial artifacts exist only for the milliseconds required to transmit them.
Volatile Execution
Files are generated, signed, and encrypted in RAM. Power loss equals total data obliteration.
Pass-by-Value
We act as a sealed pipe. Data is encrypted (PGP) before it leaves the enclave. No plaintext storage.
Identity Binding
Every transaction is cryptographically signed by the user's Entra ID (OIDC) for non-repudiation.
The Sovereign Alliance.
We do not disrupt banks; we modernize them. Demiton transforms legacy Host-to-Host (SFTP) protocols into a modern, bi-directional API experience for the Enterprise.
CommBiz
Westpac
NAB Connect
ANZ Transactive
BNZ
ASB
Direct Host-to-Host
We bypass the web portal entirely. Files are pushed directly to the bank's clearing server via encrypted SFTP tunnels.
Bi-Directional Sync
We don't just send payments. We retrieve technical ACKs, Dishonour Reports, and Statement Files (BAI2/camt.053) automatically.
Protocol Maintenance
Banks change their keys and formats. We manage the cryptography updates so your IT team never has to touch a PGP key again.
The 5-Verb Iron Protocol.
Every transaction is subjected to a strict, deterministic lifecycle. If any gate fails, the transaction is atomically rolled back. Nothing is left in an unknown state.
Data is retrieved from the ERP via OData v4. It is hydrated into volatile memory. No local files are created.
The payment file (ABA/ISO20022) is constructed in RAM. A SHA-256 hash is generated immediately for audit integrity.
The payload hash is signed using the user's Entra ID (OIDC) token. Limits and approval workflows are enforced.
The stream is PGP encrypted (AES-256) and transmitted via the Static Exit Node to the Bank's clearing server.
Technical ACKs and Dishonour reports are retrieved, parsed, and matched back to the ERP Journal to close the ledger.
The Boardroom Mandate.
Security is no longer just an IT problem; it is a Director duty. Demiton is architected to satisfy the specific risk controls required by Critical Infrastructure and Regulated Entities.
Critical Infrastructure
Meets the supply chain risk management protocols required for Energy, Mining, and Transport sectors.
- Data Egress Control
- Supply Chain Integrity
- Asset Register Visibility
Director Liability
Mitigates personal liability for Board Directors by enforcing a strict Chain of Custody on financial assets.
- Chain of Custody Enforcement
- Non-Repudiation (Digital Signatures)
- Audit Log Immutability
Fraud Defense
Protects against Authorized Push Payment (APP) fraud by eliminating the 'Plaintext Gap' where invoice numbers are swapped.
- No Human Access to Files
- Destination Account Validation
- Impossible Travel Detection
Data Residency Guarantee
We guarantee your data never leaves the Australia East Azure Region.
We do not utilize offshore processing or support.
Secure your
Financial Chain of Custody.
Demiton is deployed via a high-touch onboarding process. We work directly with your Risk Committee and MSP to architect a sovereign payment tunnel tailored to your governance requirements.