Security & Control

Automation Only Works When Control Comes First

Execution must be controlled, auditable, and accountable by default. That’s how automation scales without increasing risk.

Book a 15-min Fit Check

Control-first design

Built to operate like a well-run finance function

NUMA mirrors the way strong finance teams already operate — but with software-level consistency. Every digital employee:

Executes only predefined tasks

Follows acceptance criteria you set

Operates within strict access boundaries

Logs every action taken

“Nothing runs on intent. Everything runs on rules.”

Guardrails

Guardrails & acceptance criteria

Each automated task in NUMA is governed by:

1

Clearly defined rules

2

Explicit acceptance criteria

3

Permitted data sources

4

Expected outcomes

If a task cannot meet those criteria, it does not complete.

This prevents: silent failures partial execution uncontrolled automation

Visibility & accountability

Every action visible. Every exception handled.

No black boxes. Automation is auditable at all times, and anything outside the rules goes to a human.

Audit trail by default

Every action performed by a digital employee is logged automatically:

  • Data accessed
  • Actions taken and outcomes produced
  • Exceptions raised
  • Time-stamped and traceable end-to-end

Exceptions route to humans

When work falls outside predefined rules:

  • Execution stops immediately
  • An exception is flagged with context
  • A task is created for human review
  • Judgment remains human; accountability is preserved

“There is no black box. Automation is visible at all times.”

Access control

Access control by design

NUMA enforces role-based, three-level access control.

Organisation level
Employee level
Task level

Digital employees can only:

Access what they are permitted to

Execute what they are authorised to

See what they need to complete a task

Any unauthorised request is blocked automatically.

Security & compliance

Built for finance-grade security

  • All data encrypted in transit and at rest
  • Deployed on secure, audited cloud infrastructure
  • Aligned to SOC 2 Type II, ISO 27001, and PCI DSS frameworks

NUMA is built on SOC 2 Type II, ISO 27001, and PCI DSS certified infrastructure. All data is encrypted at rest (AES-256) and in transit (TLS). GDPR and CCPA compliant by design. Your data stays within your environment and is never used to train AI models.

Why this matters

Speed without control increases risk. Automation without auditability creates exposure.

NUMA ensures that:

  • Automation reduces risk instead of introducing it
  • Finance teams gain capacity without losing oversight
  • Trust is earned before scale is applied

Book a 15-Minute Fit Check

Talk directly with the founder. We’ll confirm your ERP, choose the best starting workflow, and share the 30-day pilot plan.

Thanks — we’ll be in touch within 24 hours.

View the 30-day pilot →