Constellation-native
Nova auto-propagates regulatory changes into Orion (rules), Prisma (workflows), and Astra (configs). A defensible wedge no standalone regtech can replicate.
Nova · Compliance Intelligence Platform
Compliance that sees everything.
Real-time regulatory intelligence. Agentic by default. Priced for the 99%. Nova monitors 40+ EU and UK regulators, maps obligations to controls, and orchestrates evidence — so your team stops copying cells across spreadsheets and starts proving compliance in 10 minutes.
Trusted by regulated financial institutions across Europe
Nordex Bank
Kite Payments
Helix Digital Assets
Orbis Mutual
Sterling Asset Management
Meridian EMI
The product
One canvas. Every regulator. Every obligation.
Nova Horizon scans every regulator; Ask Nova answers in plain language with citations. Below is an actual tenant screenshot — not a mock.
Horizon feedLive
14 Apr 2026 · 09:42 CET- High impactDNB · Netherlands · DORA Art. 24
DNB publishes supervisory expectations on DORA ICT third-party register scope.
Affects Nordex Bank · 112 controls · 4 policies
- MediumMFSA · Malta · MiCA
MFSA opens whitepaper review window for crypto-asset service providers.
Affects Helix Digital Assets · 2 obligations
- InformationalFCA · UK · Consumer Duty
Dear CEO letter: Board-level oversight of outcomes monitoring data.
Affects Kite Payments, Sterling AM · 18 controls
Ask Nova
Session #9412What are Orbis Mutual’s DORA incident reporting obligations?
Priya · CCOOrbis Mutual must classify major ICT-related incidents under DORA Art. 18 and submit an initial notification to DNB within 4 hours of classification, followed by an intermediate report at 72h and a final report at 1 month[1][2].
Current posture: 3 of 4 mandatory data fields auto-mapped from your incident module (M10); 1 field requires human review.
[1] Reg. (EU) 2022/2554 Art. 18(1)·[2] DNB Q&A 24-03
Screenshot · Nordex Bank tenant · 14 Apr 2026
Why Nova
Three defensible wedges.
Agentic by default
LangGraph + CrewAI with explainability, model cards, bias/hallucination tests, versioning, and drift monitoring — meeting SR 11-7, PRA SS1/23, MAS FEAT, and EU AI Act high-risk requirements.
Mid-market pricing
€24K–€180K/yr for 2–6 week time-to-value. 15–25% below OneTrust comparable bundles. 40–70% below CUBE / Corlytics / Ascent at Scale tier.
19 modules
One platform. Every compliance job.
V1 ships horizon, change, obligations, policy, Ask Nova, audit. V2 and V3 extend coverage without rebuild.
LiveV2V3
M1Live
Regulatory Horizon Scanning
Continuous ingestion of 40+ EU and UK regulators with AI-assisted triage.
M2Live
Regulatory Change Management
Impact analysis, assignment, and workflow for every regulatory change.
M3Live
Obligation Library
Mapped obligations linked to controls, policies, and evidence.
M4Live
Policy & Procedure Management
Versioned policies with attestation and auto-drafted updates.
M5V2
Controls Library & Testing
Unified control catalogue with automated testing and exceptions.
M6V2
Risk Assessment
Inherent and residual risk scoring mapped to obligations and controls.
M7V2
Compliance Calendar
Every deliverable, filing, and attestation in one calendar.
M8Live
Ask Nova
Agentic assistant with citations, explainability, and audit trail.
M9V2
Training & Attestation
Role-based training with SM&CR-grade attestation records.
M10V2
Incident & Breach Management
Workflow from detection through regulator notification.
M11V2
Regulatory Reporting
Scheduled returns, data prep, and filing packs.
M12V2
Board / MI Dashboards
Curated dashboards for CCO, CRO, MLRO, and the board.
M13V2
Regulator Correspondence
Secure inbox with threading, citations, and response drafting.
M14Live
Audit Trail
Immutable log of every agent action, edit, and attestation.
M15V3
Third-Party Compliance
TPRM workflows aligned to DORA ICT third-party requirements.
M16V3
Consumer Duty
Outcomes, fair-value assessments, and vulnerable customers.
M17V3
ESG / Sustainability
SFDR, CSRD, and taxonomy reporting with data-lineage traceability.
M18V3
Data Privacy
GDPR, UK-GDPR, DPDP, and UAE PDPL program operations.
M19V2
SM&CR / FAR / SEAR
Senior-manager mapping, statements of responsibilities, attestations.
Coverage
40+ EU and UK regulators. 100+ by end of Year 2.
EBA 🇪🇺ECB 🇪🇺ESMA 🇪🇺EIOPA 🇪🇺BaFin 🇩🇪AMF 🇫🇷CSSF 🇱🇺DNB 🇳🇱AFM 🇳🇱Banca d'Italia 🇮🇹Banco de España 🇪🇸Finansinspektionen 🇸🇪CNMV 🇪🇸CONSOB 🇮🇹CBI 🇮🇪MFSA 🇲🇹FINMA 🇨🇭FCA 🇬🇧PRA 🇬🇧BoE 🇬🇧ICO 🇬🇧PSR 🇬🇧HMRC 🇬🇧EBA 🇪🇺ECB 🇪🇺ESMA 🇪🇺EIOPA 🇪🇺BaFin 🇩🇪AMF 🇫🇷CSSF 🇱🇺DNB 🇳🇱AFM 🇳🇱Banca d'Italia 🇮🇹Banco de España 🇪🇸Finansinspektionen 🇸🇪CNMV 🇪🇸CONSOB 🇮🇹CBI 🇮🇪MFSA 🇲🇹FINMA 🇨🇭FCA 🇬🇧PRA 🇬🇧BoE 🇬🇧ICO 🇬🇧PSR 🇬🇧HMRC 🇬🇧
Built for the people named in the regulator letter
Personas who stake their license on the answer.
Priya Ramanathan
Chief Compliance Officer · Nordex Bank
Prove the compliance program works to the board, the regulator, and the internal auditor — continuously.
Pain points
- Regulatory noise across 14 jurisdictions with no signal.
- Four tools, five spreadsheets, one attestation deadline.
James Whitmore
MLRO (SMF17) · Kite Payments
Defend every AML decision and every typology change under SM&CR personal liability.
Pain points
- Model-risk evidence scattered across email and Jira.
- Regulator asks "why this threshold" — and the answer takes days.
Martin Laurent
Head of Operational Resilience · Nordex Bank
Keep DORA ICT risk, third-party register, and incident reporting evergreen.
Pain points
- DORA Art. 24 maps to 112 controls across 4 teams.
- TLPT testing cycle collides with year-end close.
Time-to-value
Ship value in weeks, not quarters.
14 days
First regulatory intelligence value
6 weeks
Full deployment
6.75×
Year-1 ROI for mid-market EMI
“Nova replaced four tools and cut our analyst review time in half. The Agent Theater let our MLRO prove every output to our SM&CR attestation.”
Priya Ramanathan
CCO · Nordex Bank
Security & compliance
Built to the bar your regulator reads.
ISO 27001:2022
ISO 27017
ISO 27018
ISO/IEC 42001
SOC 2 Type II (in-flight)
CSA STAR Level 2
99.95% SLA · Scale
99.99% SLA · Enterprise
EU: Frankfurt · Dublin
UK: London
India: Mumbai
Singapore · Dubai · Toronto
DORA-compliant
GDPR · UK-GDPR
DPDP-ready · UAE PDPL
Regulatory outlook
Quarterly brief on DORA, Consumer Duty, MiCA, and the UK regulatory timetable.
Nova Academy
Free training tracks for CCO, MLRO, and Operational Resilience leads. CPD-eligible.
Build in partnership
Co-design with Nordex Bank, Kite Payments, and Orbis Mutual. Design-partner seats open each quarter.
Ready to see Nova?
Try the full demo tenant or book a 30-minute call. No pilot contract required.