meilynx_

Frameworks

Controls that map to named regulations.

Meilynx leads with the frameworks a financial-services examiner actually asks about — not generic compliance. Each framework page explains what the regulation requires, maps it to specific Meilynx controls, and shows the examination artifact you can hand over.

Coverage map

Presets today, configurable beyond.

Curated control bundles ship for the core financial-services frameworks. The policy engine enforces the underlying controls for the rest today, with curated bundles sequenced next.

Available as presets today

Curated control bundles ship in the product. Drop in, scope to your environment, go.

SR 11-7NYDFS 23 NYCRR 500FINRA 24-09SOC 2 Type II
Configurable today, curated bundles in progress

All controls already enforceable via the policy engine. Curated, examiner-aligned bundles are sequenced next.

HIPAA Technical SafeguardsEU AI ActISO 42001NIST AI RMF
Industries served
Financial servicesEnterprise SaaSHealthcareLegalInsurancePublic sector
By framework

Pick a framework.

SR 11-7Model risk management — inventory, monitoring, and documentation for AI models.NYDFS 23 NYCRR 500Cybersecurity — audit trails, access controls, and encryption for AI systems.FINRA 24-09AI supervision and recordkeeping under existing FINRA rules.More coverageEU AI Act, HIPAA, ISO 42001, and NIST AI RMF — configurable today.
SOC 2

Evidence for your audit — and ours.

Meilynx's audit trail, access controls, and continuous monitoring produce the kind of evidence a SOC 2 examination of your AI systems needs. And we hold ourselves to the same bar.

  • Access controls and policy-as-code map to Common Criteria for logical access.
  • The tamper-evident audit trail backs monitoring and change-evidence controls.
  • Per-customer data isolation supports the Confidentiality criteria.

Our SOC 2 status

A SOC 2 Type I audit is engaged with Prescient Assurance; fieldwork is scheduled and the report is targeted for mid-July 2026 at the earliest. Initial scope covers the Security and Confidentiality Trust Service Criteria across our Managed and Self-Hosted deployment modes. Type II observation begins immediately after.

FAQ

Common questions.

Does Meilynx certify my firm against these frameworks?

No. Meilynx produces the controls and examination-ready evidence that map to each framework's requirements — model inventory, access controls, monitoring, and a tamper-evident audit trail. Your auditors and examiners reach the certification conclusion; Meilynx makes the evidence defensible.

What's the difference between a preset and configurable coverage?

Presets are curated control bundles that ship in the product today — SR 11-7, NYDFS 23 NYCRR 500, FINRA 24-09, and SOC 2 Type II. Configurable coverage means the policy engine can already enforce the underlying controls (for EU AI Act, HIPAA, ISO 42001, and NIST AI RMF), but the curated preset bundle is still being packaged.

Is Meilynx itself SOC 2 compliant?

A SOC 2 Type I audit is engaged with Prescient Assurance; fieldwork is scheduled and the report is targeted for mid-July 2026 at the earliest, covering the Security and Confidentiality Trust Service Criteria across our Managed and Self-Hosted deployment modes. Type II observation begins immediately after.

Get started

See the evidence an examiner receives

Download a sample examination package, or walk through framework coverage live.

Get the sample packageRequest a demo