From application to decision in one auditable trace.
Borrower consents. Signals get pulled. Score gets computed. Decision Layer derives a recommendation. Audit row gets written. Outcome feeds back. Every step is reproducible.
Four layers, one explainable result
Consented identity, bank, mobile-money, MFI/SACCO and behavioural signals.
Signals normalised into cashflow regularity, repayment discipline, capacity and risk features.
Deterministic, explainable tree models produce a 300–850 score with SHAP-style reason codes.
Score, band, factors and a recommendation are returned — the credit committee decides.
Every access is purpose-bound and logged; each score records the policy and model version used.
A decision made today can be replayed tomorrow with the exact inputs and logic.
- 1Consent & collectThe borrower grants time-bound, purpose-bound consent; verified signals flow in through your channels.
- 2Score & explainThe engine computes the composite score, sub-scores, factors and reason codes — deterministically.
- 3Decide & recordYour team reviews the recommendation and decides; the score, reasons and audit row are stored.
From consent to score to outcome — one auditable trace.
Every step writes an audit row. Months later, a compliance officer can answer "what happened on this date for this borrower" without depending on memory or screenshots.
- 1Borrower consentsThe borrower grants the lender access to their Duruj Passport — purpose-bound, time-bound, revocable in one tap.
- 2Lender requests a scorePOST /credit-scores/calculate with the person_id. Tenant isolation is enforced from the JWT.
- 3Signals are pulledIdentity (Fayda / Wardya), linked accounts (bank, mobile money, MFI, SACCO), behavioral events with time decay, fraud signals, optional CreditChek bureau lookup, optional ML signal sidecar.
- 4Score is computedEach component lands on a 0–200 sub-range; weighted by the tenant policy; projected to 300–850; fraud penalty subtracted; clamped.
- 5Decision Layer derives recommendationPD%, risk level, recommended limit (tied to cashflow), recommended tenor, decision (Approve / Review / Reject), reasons[], fraud and human-review flags.
- 6Optional AI narrationA loan officer can request a 2–3 sentence Claude-narrated explanation of why this score / why this decision. The LLM is never the scorer; narration is post-hoc and audit-frozen.
- 7Audit row writtengenerated_credit_scores row records the score, components, weights_source, explanation, decision fields, fraud/review flags. Every input is traceable for replay.
- 8Outcome feeds backWhen the loan resolves, the lender POSTs the outcome (paid_off / late / default / written_off). It joins back to the originating score and improves validation.
What is logged on every score.
| Event | Recorded |
|---|---|
| Score request | caller_id, role, request_id, tenant, IP / API-key hash |
| Inputs read | identity rows, account ids, txn windows, consent ids in effect |
| Score computed | component sub-scores, weights_source, policy version |
| Decision Layer | PD%, risk_level, recommended_limit, recommended_tenor, decision, reasons[] |
| Explanation | narrative (when AI-explained), model version, frozen for replay |
| Outcome ingested | status, max_days_late, defaulted_at, recovered_amount, observed_at |
See the trace on your data.
Book a walkthrough and we'll trace a real decision end to end — signals, score, reasons and audit.