It is already running in production at the pilot bank in Ghana. It is commercially available today, priced per institution (not per seat).
What the daily IT loop looks like before Kilter
Every deployment we've reviewed has the same ritual — and IT carries the load:
06:00 — extract scripts run by hand
An IT staffer logs into the core (Flexcube / T24 / Finacle / BankFusion / Equation), runs four hand-written extract scripts against four lists of account numbers, and SFTPs the .xlsx outputs to ops.
Ops finds a file is missing, wrong date, or wrong account
IT re-runs the script. The cycle slips by 30–60 minutes. The same call happens most days.
The reconciliation tool of record is Corona (or equivalent)
Sessions close at end of day. Breaks don't roll forward — they go onto a manual Excel "carry-forward" sheet that someone owns by name.
Audit asks "who cleared this item on the 14th?"
The answer is a spreadsheet filename and a person's memory. The trail is partial at best.
Kilter removes step 1 entirely.
The Core Pull add-on lets ops and a dedicated IT role pull the same extracts from the bank's core themselves, through the web UI, against SQL templates IT writes once and locks. IT goes from running the loop daily to authoring the templates once and watching scheduled pulls fire.
It also removes step 2 (validation is built-in), changes step 3 (the ledger carries forward as a first-class concept, not an Excel sheet), and finally fixes step 4 — every decision in Kilter is logged with who / when / why, immutably.
Production-ready, today
Everything below is shipping in the v1.0 release running in production at the pilot bank.
admin, it, ops, audit, internal_control · segregation of dutiesnostros/b2w/prepaid/gls listsWhere Kilter is materially different
from Corona and equivalent legacy tools
The trade is maturity vs modernity, breadth vs focus, vendor-managed vs IT-owned. Banks where reconciliation is one of many things IT manages tend to value the latter.
| Kilter | Corona / legacy tools | |
|---|---|---|
| Self-service core extracts | Ops + IT pull from the web UI · SQL templates locked by admin · scheduled pulls with Teams / email on failure | IT runs scripts on a server · output spooled by hand · failures discovered by ops calling IT |
| Carry-forward ledger | Open items live at the account level and outlive sessions · day-N+1 rows clear day-N breaks by reference, narration token, or hand-match | Session-bound · breaks re-keyed into a manual Excel carry-forward sheet, owned by name |
| Audit trail | Every confirm / reject / write-off / certificate-sign / login in audit_log with timestamp, actor, payload, reason · immutable · queryable |
Often partial · per-screen audit · no decision-level history |
| MFA & identity | TOTP mandatory · optional LDAP layer · sliding-window sessions with idle + absolute caps · role flips revoke all existing sessions | Often single-factor or relies on the bank's SSO · few have role-change session revocation |
| Format support | Open: MT940 / 950 / camt.053 / camt.054 / any-core GL .xlsx via column mapping · BYO mapping for vendor shapes |
Vendor-specific · expensive to add new formats |
| Change cycle | Weeks · customer-driven feature releases via add-ons · tested in isolation per release | Months to a year · vendor release windows · customisation via PS engagements |
| Deployment | One Docker container · pilot installs in under a day · backups are a single SQLite file (or MySQL dump) | On-prem fat install with database, app, web tiers · days to weeks |
| Network footprint | Inbound: 443 (web UI). Outbound: optional (Teams webhook, SMTP, LDAP, core DB) · no vendor callbacks | Often phones home for licence / telemetry / updates |
| Licensing | Per-institution tiers (Pilot / Core / Scale / Custom) · Core Pull as a priced add-on · pricing in writing | Per-seat, per-module, per-region · opaque, escalates |
| Cost of running 10 years from now | Renewable per year · source-escrow available · add-ons composable | Has historically meant forced upgrades or migrations when the vendor changes ownership |
Honest about the trade-off. There are things Corona does that Kilter does not — message-warehouse-style storage of every SWIFT message ever received, deep integration with specific switches, and a 25-year track record. Heads of IT have heard too many pitches that pretend the incumbent has no strengths; we won't. We win on modernity, focus, and IT ownership.
What a four-week IT pilot looks like
Pilot exit criteria are written in advance and agreed before Week 1.
Stand up
Spin up the container on a small VM (4 vCPU / 8 GB RAM is plenty for one bank's nostros). Restore an LDAP test bind, enrol the admin. Add one cash account.
Author templates
IT authors the Core Pull SQL templates against the core's test instance. Lock the templates. Add Account Groups that mirror today's .txt files. Hand IT the it role.
Run in parallel
Run the day's pulls from Kilter alongside the legacy spool-and-send. Confirm parity. Hand ops the ops role.
Cut over
Cutover for that account class. Legacy script stays as a fallback for one cycle. IT no longer in the daily loop.
What the IT side is being asked to evaluate
Concrete asks for your team. Each maps to documents you can read before the call.
Security posture
Pentest summary (security/PENTEST_SUMMARY.md), security FAQ (security/SECURITY_FAQ.md), architecture note (security/ARCHITECTURE.md). Internal so far · external attestation in flight.
Deployment fit
docs/DEPLOY.md walks through container, reverse proxy, certificate, backup, log rotation. Confirm it lands in your infra pattern.
Identity integration
LDAP / AD bind specifics in docs/LDAP.md. TOTP enrolment flow is server-keyed — the secret never round-trips the client after enrol.
Core connectivity
Driver matrix in DEPLOY.md §5c. We provide the connection shape · you provide the read-only DB account and the SQL templates. Credentials encrypted at rest before they ever leave the form.
Data residency
Everything stays in your VM. SQLite file lives on your disk. No cloud component · no vendor callback · no analytics.
Commercial terms
Per-institution tiers (Pilot / Core / Scale / Custom) · Core Pull add-on $8K/yr (included in Scale) · additional connectors $3K one-time each. Full pricing on the website.
Closing line for the cover email. Forward this page to your CIO with the line above. We'll come prepared to talk shape-of-deployment, not slides.