A straightforward explanation of what problem Veritrail solves, why it matters, and how it actually works — written for anyone, not just compliance teams.
Imagine you work at a Singapore fintech — a digital lending app, say — and your app uses AI to decide whether to approve someone's loan. The AI looks at their income, spending patterns, repayment history, and dozens of other signals, then spits out a score: approve or decline.
That decision happens in milliseconds. Thousands of times a day. And then it's gone.
The AI didn't write down what it was thinking. It didn't save its working. It just made a call and moved on.
Now fast-forward 18 months. A customer complains that they were unfairly declined. Or Singapore's financial regulator (MAS) shows up for an inspection and asks: "Show us the records for every AI decision you made in 2025."
If you didn't save anything at the time, you have nothing to show. And that's a serious problem — not just reputationally, but legally.
Think of it like the black box on an aeroplane. The plane flies fine 99.9% of the time
and no one ever needs the black box. But the moment something goes wrong — an incident, a complaint,
an investigation — the black box is the only record of exactly what happened, second by second.
You can't reconstruct it from memory. It either exists or it doesn't.
Veritrail is the black box for your AI decisions. Every time your AI makes a decision,
we capture a complete, tamper-proof record of it — silently, automatically, in the background —
so you always have it if you ever need it.
For each AI decision your system makes, Veritrail captures a complete snapshot at the moment it happens:
This record is then written to a secure, append-only store in Singapore. It can never be modified or deleted. It stays there for 5 years — exactly as long as MAS requires.
Here's the step-by-step of what happens every time your app calls an AI model through Veritrail:
Nothing changes in how your code works. You call OpenAI, Anthropic, or whichever AI you use — exactly as before. Veritrail sits invisibly in between, like a transparent layer of glass.
Before the request reaches the AI, we capture everything about it — the full input, the model being called, the timestamp. This takes microseconds and adds no noticeable delay to your app.
The AI model receives the request and sends back its response — a credit score, a decision, an explanation, whatever it's being asked for. Your app gets the answer just like before.
We capture the AI's full response and combine it with the input snapshot into a single record. We then generate a cryptographic hash — a unique fingerprint — of the entire record. If even one character changes, the fingerprint changes. Tampering becomes mathematically detectable.
Each new record includes the fingerprint of the previous one — like links in a chain. This means you can't quietly delete or alter a record in the middle without breaking every record that came after it. The chain is the proof.
Every 24 hours, we publish a summary fingerprint of all that day's records onto the Bitcoin blockchain. Bitcoin is a public, permanent, global ledger that no one — not even us — can alter. This gives you an external, independent proof of when your records existed. Even if someone wanted to accuse you of backdating your audit logs, Bitcoin's blockchain proves otherwise.
All records are encrypted with AES-256-GCM (the same encryption used by banks) and stored exclusively on AWS servers in Singapore. No data ever leaves Singapore. This keeps you compliant with Singapore's data residency rules.
Three lines of code. That's it. Here's what it looks like in Python:
from veritrail import audit
import openai
# Wrap your existing client — nothing else changes
client = audit(openai.OpenAI(), retain_years=5)
# Use exactly as before
response = client.chat.completions.create(
model="gpt-4o",
messages=[{"role": "user", "content": credit_decision_prompt}]
)
# ↑ Every call is now automatically recorded, hashed, and stored
You don't rewrite your application. You don't change your AI provider. You don't learn a new system. You wrap your existing client with one line, and from that point on every AI call is automatically logged, fingerprinted, and stored for 5 years.
| Scenario | Without Veritrail | With Veritrail |
|---|---|---|
| MAS asks for all AI decision records from 18 months ago | Records don't exist — AI vendor deleted them after 30 days | Export a signed audit package in minutes |
| Customer disputes a loan decline from last year | Can't reconstruct what the AI saw or why it decided | Pull the exact record — inputs, output, model version — instantly |
| Your AI model is updated and someone asks what changed | No version history per decision — impossible to tell | Every record has the exact model version that made it |
| Someone claims your audit logs were altered after the fact | No cryptographic proof either way | Hash chain + Bitcoin timestamp proves records haven't changed |
| Internal audit asks for all decisions above a threshold | Manual reconstruction from scattered logs, if possible at all | Query by customer ID, date range, decision type |
Veritrail is built specifically for Singapore fintechs that use AI in any part of their lending, credit, fraud detection, or risk assessment workflow. If your company:
...then you almost certainly have a compliance gap today, and Veritrail closes it.
To be clear about what we are and aren't:
Book a demo and we'll show you a live AI decision being logged, fingerprinted, and packaged for a MAS examiner — against your actual use case.
Book a demo →No sales deck. Just a live demonstration of the product doing what this article describes.