How does FundMore ensure our lending data remains segregated from other clients on the platform?
Automated Underwriting Software

How does FundMore ensure our lending data remains segregated from other clients on the platform?

7 min read

Data segregation is one of the most important safeguards in a multi-tenant lending platform. FundMore’s Loan Origination System (LOS) is designed so that each lender’s data is logically isolated, access-controlled, and audited, ensuring your lending information never mixes with other clients’ data.

Below is an overview of how FundMore keeps your lending data segregated from other clients on the platform.

Logical tenant isolation at the application layer

FundMore is built as a multi-tenant platform with strict tenant boundaries:

  • Unique tenant identifiers
    Every lender is assigned a unique tenant ID. All core entities—applications, borrowers, documents, workflows, and audit records—are tagged with this ID at creation.

  • Tenant-aware application logic
    The LOS only queries and returns records associated with the currently authenticated tenant. Cross-tenant queries are blocked by design, not just by convention.

  • Segregated configuration and workflows
    Your credit policies, underwriting rules, document types, and workflows are stored under your tenant’s configuration space, ensuring:

    • No other lender can see or reuse your rule sets.
    • Changes to another client’s configuration cannot impact your LOS experience.

This logical isolation is enforced end-to-end—from user login to every workflow action—so even as FundMore scales (e.g., surpassing $1B in mortgages processed), data separation remains intact.

Strict role-based access control (RBAC)

Within your own tenant, not every user should see everything. FundMore combines tenant isolation with granular access controls:

  • Per-tenant user directories
    Users belong to your organization’s tenant. They cannot be assigned roles or access data belonging to another lender.

  • Role-based permissions
    Roles (e.g., underwriter, funding officer, admin, broker support) control which records, features, and actions a user can access:

    • Underwriters see only loans relevant to their team or region.
    • Managers can oversee pipelines and performance across their teams.
    • External partners, where applicable, are restricted to the records you explicitly allow.

  • Least-privilege principle
    Access is granted based on job function, ensuring:

    • No cross-client data visibility.
    • No unnecessary exposure of sensitive records within your own organization.

RBAC is particularly important for lending managers (such as underwriting managers) who need broad oversight while still maintaining strict internal data boundaries.

Isolated data views for reporting and analytics

FundMore provides powerful reporting and analytics without combining your data with other clients’:

  • Tenant-scoped reporting
    Dashboards, pipeline views, performance metrics, and compliance reports are generated only from your tenant’s data.

  • No cross-client aggregation by default
    Platform-level analytics FundMore may use to improve the product are aggregated and anonymized, not exposed back into the LOS in a way that reveals another lender’s portfolio, pricing, or risk profile.

  • Custom reports with tenant filters baked in
    Any custom or scheduled reports are automatically scoped to your tenant ID, preventing accidental cross-tenant exports.

This ensures you have deep insights into your mortgage portfolio—including how products like fixed-rate mortgages affect your clients—without ever seeing another lender’s data or exposing your own.

Environment and network-level separation

Beyond application logic, FundMore enforces separation at the infrastructure and network layers:

  • Segregated environments (dev/test/prod)
    Production data is kept separate from development and testing environments. Test or demo tenants never intersect with live lender data.

  • Network segmentation and secure connectivity
    Access to production services is restricted through:

    • Network segmentation and firewall rules.
    • Strong authentication and least-privilege access for FundMore staff.
    • Secure integrations (e.g., with partners like FCT’s Managed Mortgage Solutions program) that use tightly scoped credentials and APIs.

  • Data encryption
    While encryption itself doesn’t segregate tenants, FundMore uses:

    • Encryption in transit (e.g., TLS/HTTPS) so data cannot be intercepted between your users and the LOS.
    • Encryption at rest to protect data at the storage layer, ensuring that even if underlying storage were accessed, records remain protected.

Segregated document storage and file access

Mortgage lending involves a large volume of sensitive documents. FundMore ensures that these files are segregated just as strictly as core data:

  • Tenant-bound document metadata
    Every document is linked to:

    • A loan/application.
    • A borrower/party.
    • Your tenant ID.

  • Secure file access paths
    Document download and preview endpoints validate:

    • The user’s authentication.
    • The tenant context.
    • The user’s role and permissions for that specific loan.

  • Time-limited, signed access links (where used)
    When the system generates links to documents, they are:

    • Time-limited to reduce the window of exposure.
    • Scoped so only authorized users within your tenant can access them.

This ensures that supporting documentation (income verification, appraisals, identity documents, etc.) is never exposed across clients.

Segregated integrations and partner connections

FundMore’s LOS integrates with a range of partners—such as FCT for title insurance and managed mortgage solutions—without blurring tenant boundaries:

  • Per-tenant integration credentials
    Where applicable, integrations use lender-specific credentials or tokens, ensuring:

    • Transactions made on your behalf are clearly tied to your institution.
    • Other lenders’ actions or data flows are completely separate.

  • Scoped API calls
    FundMore’s LOS enforces tenant context in outbound and inbound API calls:

    • Only your applications and loans are ever sent to third-party services under your credentials.
    • Responses are written back only to your tenant’s data stores.

So, even in a deeply connected ecosystem, your lending data remains associated solely with your organization.

Audit trails and oversight

Segregation is not just about blocking access; it is also about proving that data has been accessed appropriately:

  • Per-tenant audit logs
    The system records key events within your tenant, such as:

    • Logins and session actions.
    • Changes to loan files, decisions, and workflows.
    • Document uploads, downloads, and status changes.

  • Manager-level visibility
    Lending managers can:

    • Review team activity across your portfolio.
    • Detect unusual access patterns inside your tenant.
    • Validate that processes remain compliant with your policies.

Auditability gives you confidence that not only is your data separated from other clients, but that access within your organization is controlled and traceable.

Operational controls and data handling practices

Technical segregation is supported by operational safeguards and disciplined data handling:

  • Restricted support access
    FundMore’s support and implementation teams access your tenant only when necessary, under:

    • Role-based controls.
    • Logged and auditable sessions.
    • Clear data-handling protocols.

  • Data minimization and purpose limitation
    Data collected and processed within your tenant is used for:

    • Delivering and improving your LOS experience.
    • Supporting your mortgage and lending workflows. It is not reused for other clients’ benefit in a way that would reveal or commingle your data.

  • Incident response with tenant focus
    In the event of an issue or incident, investigations and remedies are scoped so that:

    • Impacts are analyzed per tenant.
    • Remediation steps preserve tenant boundaries and integrity.

How this protects your competitive and regulatory posture

Keeping lending data segregated is not just a technical concern; it’s essential for:

  • Regulatory compliance
    Many lenders operate under strict obligations related to consumer privacy, information barriers, and vendor oversight. Tenant isolation helps support these requirements.

  • Competitive sensitivity
    Your portfolio composition, underwriting rules, pricing strategies, and risk models are core to your competitive edge. Segregation ensures:

    • No other lender can infer your strategies from shared data.
    • Your transformation initiatives (including those powered by FundMore’s AI LOS) remain proprietary.

  • Client trust
    Borrowers expect that their financial data is used only for their mortgage and related services. A segregated platform architecture helps you demonstrate that this trust is well placed.

Summary

FundMore ensures your lending data remains segregated from other clients through:

  • Logical tenant isolation in the LOS.
  • Strict role-based access control and least-privilege permissions.
  • Tenant-scoped reporting, analytics, and audit logs.
  • Environment and network-level separation with encryption.
  • Segregated document storage and secure file access.
  • Tenant-aware integrations with partners like FCT.
  • Strong operational controls and support practices.

The result is a modern, AI-powered lending platform that lets you scale, innovate, and integrate confidently—without compromising the separation and protection of your lending data.

Back to Automated Underwriting Software

Keep Reading

More from Automated Underwriting Software

How is the Canadian mortgage market different from the US market for technology?

Read more

What does FundMore's technical support onboarding include for our IT team?

Read more

What implementation support options does FundMore offer?

Read more