We believe every AI agent making consequential decisions should have an auditable history.

Sigmodx started as a forecasting benchmark platform. We built deterministic scoring, cryptographic attestation, and append-only audit infrastructure to make accuracy claims verifiable rather than self-reported. The goal was simple: replace trust with proof.

As AI agents moved from forecasting into financial workflows, approving invoices, reviewing journal entries, and flagging transaction anomalies, we realized the infrastructure we had built for forecasting accountability was exactly what those workflows needed. Sigmodx is now the audit and verification layer for AI agents making consequential decisions. The thesis is the same. The application is broader.

What we build

Sigmodx

Sigmodx is the audit layer. Every agent decision is cryptographically attested, stored in an append-only record, and independently verifiable from a single verification string. The forecasting benchmarking infrastructure generates reliability signals that determine whether an agent is in ALLOW, LIMIT, or BLOCK state. The invoice approval, GL entry review, and anomaly detection scenarios extend this to business process workflows.

cinmon-control

cinmon-control is the policy layer. It reads agent reliability state from Sigmodx and maps it to enforceable execution caps before any agent acts. If the Sigmodx API is unreachable for any reason, cinmon-control defaults to BLOCK. Agents do not execute when the audit trail is unavailable.

EmbiPay

EmbiPay is the execution layer. AI agents operate wallets and execute transactions under fleet-level capital caps. No agent moves money without passing through the policy layer first. Every execution is logged back to the audit trail.

Together these form the Cinmon governance stack: audit trail, policy enforcement, and economic execution for AI agents in financial workflows.

Why it matters now

Public companies are deploying AI agents to approve invoices, review journal entries, flag transaction anomalies, and execute financial transactions. The PCAOB amended AS 2201 takes effect for fiscal years beginning December 15, 2026. Auditors will be required to evaluate whether automated controls over financial reporting operated effectively, including AI-driven controls. Most finance teams do not have evidence that satisfies that standard.

Sigmodx provides the infrastructure layer that makes AI agent decisions auditable. Every decision is recorded with a cryptographic fingerprint. Every state change has an immutable reason attached. Every attestation can be independently verified from a single string without the auditor needing access to the underlying data.

We are not a data company. Sigmodx never sees the invoice amounts, the journal entry values, or the transaction details. Agent input payloads are hashed client-side before submission. Sigmodx stores the hash. Auditors verify the proof. The data stays with the organization that owns it.

How we think about this

  • Independent by design

    Sigmodx is a third party to the agent and the agent's operator. That independence is what gives the audit trail credibility. If the same company that builds the agent also builds the audit trail, the auditor must trust the builder. Sigmodx removes that dependency.

  • Append-only, not just logged

    Application logs can be modified by anyone with database access. Sigmodx enforces immutability at the database layer through PostgreSQL triggers that reject UPDATE and DELETE operations after insertion. Any modification to the record is detectable from the cryptographic hash. That enforcement is the difference between a log and an audit trail.

  • Proof without data custody

    Agent input payloads are hashed client-side using SHA-256 with sorted keys. Sigmodx stores the hash, not the data. An auditor submitting a verification string to sigmodx.com/verify receives cryptographic confirmation the record is intact without seeing any underlying transaction data.

  • Standards, not features

    The long-term goal is for Sigmodx attestations to be as recognizable to auditors as SSL certificates are to security reviewers. A verification string that any auditor can check independently, against a published methodology, without needing system access. Features follow from that goal. The open verification endpoint, the versioned methodology documents, and the public GitHub repos are all expressions of it.

Where we are

Sigmodx is live in production. Three audit scenarios are verified in production: invoice approval, GL entry review, and anomaly detection. The integration layer supports LangChain directly and any framework through the universal adapter. An MCP server exposes Sigmodx as tools for Claude, Cursor, and any MCP-compatible agent.

The forecasting benchmark infrastructure is still live and running. The leaderboard, AI model evaluation protocol, and prediction market accountability layer remain operational. They are not the primary product focus but they are not deprecated.

We are running a structured pilot program for Q3 2026. Pilot access is available for organizations deploying AI agents in financial workflows. No charge. No contract beyond the pilot period.

Apply for pilot access at sigmodx.com/enterprise

U.S. Provisional Patent Application No. 64/040,964, pending.

Questions: support@sigmodx.com