SupaProxyby Numstack
Built on open-source

AI compliance, handled

Every AI interaction in a regulated environment is an audit event. SupaProxy ensures all AI interactions are governed, logged, and compliant before your regulator asks.

Documentation →
FICA tipping-off prevented
AML case reference detected - FICA s.29
Blocked
...re: [STR REF REDACTED] on the Khumalo account
Unlicensed advice intercepted
Redirected to licensed advisor - FAIS s.7
Redirected

Connects to everything your team already uses

SlackWhatsAppMicrosoft TeamsAirtableZendeskMicrosoftGoogleConfluenceREST APIHugging Face

The problem

Without governance, AI becomes a liability.

South African financial services regulations were written before AI. The obligations still apply.

Every query logged, every tool call recorded.

SupaProxy captures the full audit trail: who asked, what the AI did, which tools it called, how much it cost, and how long it took. Searchable, exportable, ready for examination.

Activity log
J. NdabaCheck my policy statusget_policy$0.0031.2s
S. MokoenaFile a motor claimcreate_claim$0.0082.4s
T. van WykWhat is my balance?get_balance$0.0020.9s

Regulatory basis

FICA s.22(1)No record means no defence in a regulatory examination
POPIA s.14Subject access requests cannot be fulfilled without interaction logs
NCA s.100Credit-related AI conversations must be retained by credit providers
FSCA CS 3AI-generated advice is not exempt from FSP logging obligations
FSRA s.9FSCA conduct mandate extends to all customer-facing AI processes

Platform

Compliance built in. Not bolted on.

Every AI interaction flows through guardrails your compliance team controls. A plugin architecture means you extend without rebuilding.

Guardrails

PII redaction, scope enforcement, tipping-off prevention.

Compliance rules configured once, enforced everywhere. Every channel, every workspace, every query. Your organisation sets the floor; no team can go below it.

Audit trail

Examination-ready from the first query.

Who asked, what the AI did, which tools it called. Searchable, exportable, retention-compliant.

Plugin architecture

Bring your own providers, consumers, and guardrails.

Open-source plugin packages. Swap AI providers, add channels, or write custom compliance rules without touching the core.

Connections

Connect your systems safely.

Core banking, CRM, knowledge bases. Governed access with org-wide blocking for flagged connections.

Isolation

Sealed workspaces. Zero bleed.

Each team operates in full isolation. Data, tools, and conversations never cross workspace boundaries.

Model context protocol

Every department builds. You govern.

SupaProxy becomes the single governed gateway for every MCP in your organisation. Departments build freely. Your compliance team governs from one place.

Departments connect their MCPs. You set the rules.

Each team registers their MCP servers as connections in a workspace. Every connection goes through a review process before it goes live. Once governed, all tool calls flow through your org-wide compliance layer.

Workspace · Customer Support
Refunds MCP
Finance · 3 tools
Governed
Order Lookup MCP
Operations · 5 tools
Governed
Customer Profile MCP
CRM · 4 tools
Governed
Fraud Check MCP
Security · 6 tools
In review

How it works

One gateway, many MCPs
Every department keeps building. You govern from one place.
Semantic routing
NER and vector search match requests to the right MCP automatically.
Policy enforcement
Business policies checked on every tool call. Not after the fact.
Any AI client
AI assistants, Cursor, custom agents. If it speaks MCP, it connects.

Trust & Security

Built for teams that take compliance seriously.

Every layer of SupaProxy is designed with security, auditability, and data governance in mind.

Data isolation

Every organisation is fully isolated. Workspace data, connections, and conversations never cross org boundaries.

PII redaction

Built-in guardrails detect and redact sensitive data before it reaches the LLM. Configurable per workspace.

Full audit trail

Every query, tool call, and AI response is logged with cost, tokens, and duration. Exportable and searchable.

Credential security

API keys are encrypted at rest and never exposed in logs or responses. Cookie-based auth with SameSite protection.

Role-based access

Admin, workspace admin, and user roles. Control who can configure workspaces, connections, and compliance rules.

Open source core

The server is open source. Self-host with full control, or use our managed cloud with zero infrastructure.

See it in action.

Book a walkthrough with our team.

Already have an account? Log in.