Frequently asked questions.

CovenantFlow is an AI-powered covenant management platform built for commercial lenders. It centralizes every covenant across your portfolio, monitors compliance against live financials, and surfaces risk before it becomes a problem. Loan agreements turn into structured data without manual entry. Borrowers connect their accounting system once and the data flows. Your credit team works in one place instead of seven spreadsheets.

All covenants in a typical commercial loan agreement, structured into the same categories your credit team already uses:

• Financial covenants: DSCR, leverage ratio, current ratio, tangible net worth, loan-to-value, borrowing base coverage, and any custom ratios defined in the agreement.

• Affirmative covenants: required actions like maintaining insurance, providing financial reports, preserving corporate existence.

• Negative covenants: restrictions on additional debt, asset sales, dividends, change of control, with carve-outs and thresholds preserved.

• Reporting deliverables: what's due, by whom, when, and to whom.

• Relationship covenants: deposit balance requirements and other cross-product obligations.

The AI extracts each covenant with its threshold, frequency, exceptions, and any cure rights, not just the headline text.

Upload a loan agreement PDF. The platform reads every page, identifies covenant clauses, and pulls structured data: covenant name, type, threshold, frequency, borrowing entity, and definition. Each extracted covenant is presented for human review with a confidence score before it's committed; you can edit, accept, or reject in seconds. Your credit team still owns the final say. The PDF itself is processed once for extraction and not retained by our AI provider.

CovenantFlow lives inside the systems your bank already runs. Live integrations include:

• Loan origination: nCino (Lightning component embed + bidirectional sync), Finastra Loan IQ, Abrigo (Sageworks). Roadmap: Jack Henry LoanVantage, Q2 PrecisionLender, Baker Hill NextGen.

• Core banking: Fiserv DNA. Roadmap: Jack Henry SilverLake, FIS IBS / Profile.

• Document & e-sign: DocuSign (executed amendments fire re-extraction automatically), Adobe Sign, Box, SharePoint.

• Borrower data: Codat (95% of small-business accounting systems), Plaid, QuickBooks Online, Xero.

• Identity: Okta, Microsoft Entra ID (Azure AD), Ping Identity. SAML 2.0 + SCIM.

• Communications: Microsoft Teams, Slack, Outlook.

• Analytics: Snowflake, Databricks export.

Don't see your stack? Our REST API + webhook contract works with any iPaaS (Mulesoft, Workato, Boomi). Custom connectors typically take days, not weeks.

Yes, and this is one of the strongest reasons to switch. The customer portal lets borrowers connect QuickBooks, Xero, Sage, NetSuite, or any of 95% of accounting systems through Codat. They can also connect bank accounts via Plaid for deposit balance verification on relationship covenants. Once connected, financials flow automatically as new periods close. No more chasing PDFs every quarter. Read-only, revocable at any time, never used for anything beyond covenant calculations.

We're built for the security review your bank's TPRM team actually runs:

• SOC 2 Type II: independent annual audit of security, availability, and confidentiality controls.

• Encryption: TLS 1.2+ in transit, AES-256 at rest. BYOK (customer-managed keys) available for enterprise tenants.

• Identity: SAML 2.0 SSO and SCIM 2.0 with Okta, Microsoft Entra ID, Ping. Row-level security mirrors your nCino RM assignments.

• Audit log: append-only, every covenant edit / document upload / access event captured with actor, timestamp, IP, before/after diff. 7-year retention default.

• Data residency: US by default. EU and Canadian regions available.

• Pre-baked compliance docs: BAA, DPA, sub-processor list, SIG/CAIQ questionnaire response. Reviews close in days.

Full security overview at /security.

You do. Customer data is yours; CovenantFlow processes it under your bank's existing legal basis as a sub-processor. We don't use customer data to train models. Borrower data flows under the same posture, read-only with revocation always available. On contract termination, all data is exported on request and deleted within 30 days, with a deletion certificate provided.

Three typical deployment shapes, each with a defined timeline:

• Standalone pilot: 2 weeks. SSO plus a test loan portfolio, no nCino integration. Good for credit teams that want to evaluate AI extraction quality on their own documents before broader rollout.

• Standard deployment with nCino: 4 to 6 weeks. Includes Platform Event integration, Lightning Web Component on the Loan record, RM-mirrored access control, and BAA/DPA execution.

• Enterprise: 8 to 12 weeks. Multi-instance, custom integrations via your iPaaS, dedicated implementation lead, regulatory reporting bridges (CECL, etc.).

Most banks see their first AI-extracted covenant flowing into production within the first week of any deployment.

Pricing is annual subscription tied to portfolio size and active integrations. Standalone pilots start at a fixed flat rate to remove pricing as a barrier to evaluation. Standard and enterprise deployments are quoted based on your loan count, integration scope, and support tier. Reach out via the demo flow for a quote shaped to your specific stack.