Due diligence checklist

1. Review Security & signing plus release hashes.
2. Download the refund policy and escalation contacts.
3. Confirm telemetry retention explained on /telemetry.
4. Log your safe-start procedure using Quickstart + Knowledge Base.

How we support reviews

Need enterprise paperwork? Contact support for:

• Signed statements on refund, data handling, and incident response.
• References to applicable frameworks (NIST AI RMF, SOC 2 inspired controls).
• Sample runbooks covering simulation → production promotion.

We do not custody funds and do not operate as an exchange. Users remain responsible for protocol-specific compliance.

Internal controls we recommend

Even though FRB provides tooling, desks should implement their own controls:

• Dual-approval for moving from simulation to live capital.
• Weekly review of Ops Pulse anomalies with compliance sign-off.
• Version pinning: record the exact FRB build hash in every change ticket.
• Telemetry retention policy mirrored with your firm’s privacy requirements.

These habits align with NIST, SOC 2, and internal audit frameworks and make external reviews painless.

Sample compliance memo structure

1. Scope: summarize the strategy, chains, and wallets involved.
2. Controls: reference guardrails (slippage, budgets, refunds) with screenshots.
3. Monitoring: link to Ops Pulse dashboards and alerting policies.
4. Incidents: describe escalation paths and timelines (who responds within which SLA).
5. Artifacts: attach hashes from /releases, telemetry notes, and WSS benchmarks.

Store the memo in your GRC or Notion workspace so auditors can trace every production change.

FAQs