CoverProof
Start analysis

What's new

What we have shipped in CoverProof — new features, customer-visible improvements, and fixes.

Updated 11 releases

Classifier quality, human review routing, and evidence pack hardening

The classifier now routes uncertain verdicts to a human reviewer automatically, evidence packs carry statutory admissibility certificates, and accuracy metrics are live on the Trust page.

New
  • Low-confidence classifications are automatically routed to mandatory human review before they appear in the gap report — no uncertain verdict reaches a decision without a reviewer confirming it.
  • CEA 1995 s.9(2) business-records certificate and CJA 2003 s.117 reliability narrative are now embedded in every evidence pack, documenting the reliability basis a court would expect to see.
  • PAdES digital signatures on evidence packs — the signing key, certificate chain, and timestamp are all verifiable independently of CoverProof.
  • The Trust page now shows live accuracy metrics from the held-out evaluation set, not aspirational figures — including the false-negative rate (missed gaps) tracked separately from false positives.
Improvements
  • Classifier tuned to prefer flagging a potential gap over missing one — in the ambiguous middle, the model now errs toward surfacing the individual for human review rather than clearing them.
  • Verdict provenance (model version, prompt version, confidence score) is surfaced in the review queue and embedded in evidence packs, so every classification is traceable to a specific model run.

Gap analysis accuracy and evidence pack archival validation

The coverage baseline now uses actual SMF function codes rather than name-matching, and evidence packs pass real PDF/A-3b archival validation before they are released.

New
  • Coverage baseline rebuilt on SMF function codes from the FCA Register — the previous approach matched names and treated presence in both systems as coverage, which missed individuals who appear in the FCA Register but hold no Senior Management Function.
  • Reconciliation conflicts are now surfaced explicitly: where the firm's SM&CR CSV and the FCA Register disagree on a name, reference, or function code, the conflict is listed with the specific disagreeing fields rather than silently resolved.
  • Evidence packs now pass a real PDF/A-3b archival validation check (veraPDF) before download is permitted — the validation report is attached inside the pack as a PDF/A-3 attachment.
  • Audit log embedded directly in the evidence pack, hash-chained — the chain can be verified independently of the database.
Improvements
  • Advisory NEDs are no longer over-flagged. The classifier now applies the s.250(3) functional test correctly to non-executive roles.
  • Every classification verdict carries an apparent-authority caveat making clear the verdict reflects available data and requires human confirmation before action.
  • Audit trail made fully immutable at the database level — the app role is denied UPDATE and DELETE on audit records, not just by application code.

Billing and payments hardened

Production-ready payments — sandbox onboarding, full Stripe webhook coverage, and bot protection on public forms.

New
  • Stripe sandbox mode for trying CoverProof end-to-end without real card data.
  • Full Stripe invoice webhook coverage — paid, payment_failed, and finalized states stay in sync with your subscription.
  • Cloudflare Turnstile on public sign-up and counterparty forms to block automated abuse.

Defensibility methodology and public trust surface

Three documents the buyer (and a regulator) gets to read: how we measure classifier quality, how we detect drift, and the standard every AI claim is held to.

New
  • Published /methodology — every step from FCA register import to evidence pack, with the verbatim s.250(3) statutory test, the AI model, the temperature setting, the structured-output schema, and the human-review gate documented.
  • Published /trust/benchmarks — the structure of the regression suite, the metrics it produces, and what the numbers explicitly cannot tell you.
  • Published /trust/quality — drift monitoring: a deterministic 5% sample of recent classifications is run through a second judge model nightly, and disagreement above a fixed threshold triggers an alert.
  • 30-day pre-launch defensibility plan — eval scope, prompt-injection coverage, and human-review gates laid out in full.
  • Internal copy standard for AI claims: every customer-facing mention of AI or Claude must ship paired with one of six defence anchors (statutory citation, structured output, deterministic temperature, input hash + cache, audit trail, or human review).
Improvements
  • Product safeguards surfaced inline anywhere an AI verdict drives a decision — confidence score, methodology version, and audit hash visible at the point of action.
  • Trust Centre audited against the copy standard end-to-end. Every AI claim is now grep-verifiable to a defence anchor in the codebase.

Classifier benchmark and versioned prompts

Round two of classifier quality: a formal eval suite and prompt versioning so every classification ties to a known, reviewable prompt revision.

New
  • Benchmark suite — fixture CSVs covering the SM&CR role taxonomy and Section 250 edge cases, scored against a held-out adversarial set.
  • Versioned prompts (now at v8) so every classification links back to a known prompt revision.
  • Side-by-side diff tool that scores the current prompt against any candidate revision before it ships. No silent prompt changes in production.
Improvements
  • Benchmark score: 46/46 fixtures passing at ≥95/100, zero hallucinations on the adversarial set.
  • A measurable improvement over the prior, smaller eval set (18/20 at ≥97/100) — every prompt revision is now graded against the same yardstick.

Landing page redesign

A clearer first impression for compliance directors evaluating Section 250 coverage.

New
  • Re-skinned landing page in a light institutional palette with a sharper hero proposition.
  • Updated positioning and copy across the marketing surface based on prospect feedback.

Classifier v5: deterministic and role-aware

Round one of classifier quality: same input, same answer, every time — and the model finally knows the SM&CR role taxonomy.

New
  • Role-aware classification guidance — the model now distinguishes SMF holders, Certification Regime employees, and out-of-scope administrators. False-positive gap calls dropped sharply.
Improvements
  • Deterministic result caching — the same input produces the same classification every time. Reproducible for any future audit.
  • Early eval set: 18/20 fixtures passing at ≥97/100. Superseded by the formal benchmark suite on 30 May.

Trust Centre, data rights, and accessibility

The pages a compliance director reads before booking a demo, plus GDPR self-service for administrators.

New
  • Trust Centre, Security, Privacy, Responsible Disclosure, and Data Processing Agreement pages.
  • Self-serve data export and data-erasure tools for firm administrators (GDPR Articles 15 and 17).
  • security.txt and a published disclosure mailbox at the well-known path.
Improvements
  • WCAG AA contrast across all marketing and dashboard surfaces.
  • Skip-to-main-content links, ARIA dialog roles, and keyboard-navigable modals.

Pricing tiers and ROI calculator

A clear path from "interested" to "purchased" without needing a sales call.

New
  • 4-tier pricing ladder with transparent per-firm pricing.
  • Reverse-trial onboarding — start on the paid tier, downgrade if you do not use it.
  • ROI calculator that takes firm size and counterparty volume and returns a buy-vs-build estimate.

Counterparty cycle and board evidence pack

Close the legal loop: collect declarations from external counterparties without friction, and download business-record evidence packs (PDF/A-3B, designed to support admissibility under CEA 1995 / CJA 2003).

New
  • Zero-login counterparty declaration flow — recipients complete declarations on a one-time link, no account required.
  • Counterparty requests dashboard with status, expiry tracking, and one-click re-trigger.
  • Board evidence pack generator producing PDF/A-3b documents (independently verified for archival conformance).
  • Counterparty confirmations embedded inline in the evidence pack PDF.

SM&CR gap analysis and declaration cycle

The first end-to-end slice of CoverProof: see your Section 250 exposure, send declarations, keep an immutable record.

New
  • SM&CR gap analysis with AI classification and a human reviewer queue — confirm, override, or exclude each row.
  • Declaration cycle: invite email, signed declaration, bounce handling, and 14-day / 7-day renewal reminders.
  • Mobile-first declaration UX so recipients can complete on phones.
  • Immutable hash-chained audit trail across every declaration and classification.
  • Per-firm tenant isolation enforced at the database row level.
Want a feature, or spotted something wrong? Email us — we read everything.