# 7. Security, Compliance & Risk
Neox is not an asset manager, it is **autonomous financial infrastructure**.
Partners and clients define their own mandates; Neox enforces them through code, policy, and continuous monitoring.
Our approach to security and compliance combines **agentic oversight**, **multi-layer safeguards**, and **on-chain transparency**.
This ensures that capital is always deployed responsibly and in full alignment with partner objectives and regulatory expectations.
> **Trust in Neox comes not from promises, but from verifiable logic.**
***
### **7.1 Security by Design**
Every component of Neox’s architecture is built around the principle of **deterministic safety,** removing human error wherever possible.
* **Audited smart contracts:** All core vault and routing contracts undergo external audits and live bug-bounty programmes.
* **Time-locked upgrades:** Smart-contract changes are subject to multi-sig approvals and transparent waiting periods.
* **Key management:** Role-based access with hardware security modules (HSM) and threshold signing.
* **Network redundancy:** Multiple bridge and routing options (CCIP, CCTP, USDT0 and others) ensure no single point of failure.
* **Circuit breakers:** Real-time triggers can pause deposits or reallocate liquidity if anomalies are detected.
> **Security is engineered, not added.**
***
### **7.2 Agentic Risk Monitoring**
Neox’s **Risk Agent** functions as a continuous, autonomous risk-management layer monitoring every protocol, stablecoin, and cross-chain operation in real time.It tracks:
* Stablecoin price stability and issuer risk.
* Protocol liquidity depth, utilisation, and volatility spikes.
* Oracle accuracy, governance events, and audit history.
* Bridge health, transaction latency, and reconciliation accuracy.
* Market-wide indicators such as gas surges and volume shocks.
If a risk threshold is breached, the Risk Agent:
1. Freezes new allocations to the affected venue.
2. Commands the Routing Agent to withdraw and reallocate funds.
3. Updates policy parameters across the network.
This ensures **instant, policy-bound protection** without requiring manual oversight.
***
### **7.3 Policy Enforcement Framework**
Every integration within Neox operates under a **defined policy profile**. Partners choose their appetite for yield and risk; Neox’s agents execute within those boundaries.
Key parameters include:
* **Stablecoin policies:** single-asset or diversified stablecoin exposure (e.g. USDC, USDT, PYUSD, RLUSD, USDE).
* **Protocol caps:** maximum percentage of assets per pool, protocol, or chain.
* **Sector mix:** allocation ratios between lending, liquidity, and RWA exposure.
* **De-peg contingencies:** automated migration if a stablecoin deviates beyond a pre-set threshold.
* **Geographical or regulatory exclusions:** optional restrictions aligned with jurisdictional compliance.
> **Clients define the rules.** **Neox’s agents enforce them precisely and automatically.**
***
### **7.4 Transparency & Reporting**
Transparency is embedded in Neox’s architecture. Every allocation, reallocation, and yield event is recorded and verifiable.
* **On-chain proof:** live tracking of vault balances and capital flows.
* **Partner dashboards:** exposure breakdowns, historical APY, and performance analytics.
* **Third-party attestations:** optional independent audits for institutional clients.
* **Webhook & API feeds:** real-time data for compliance and treasury systems.
This makes Neox suitable for both **retail-facing fintechs** and **regulated institutions** requiring audit-grade traceability.
***
### **7.5 Compliance Alignment**
Neox’s infrastructure is designed to integrate with global compliance standards without restricting accessibility.
* **KYC / AML Compatibility:** built to connect with regulated custodians and on-ramp providers.
* **Jurisdictional flexibility:** partners can host assets within preferred legal frameworks.
* **Policy templates:** pre-built strategies aligned with common regulatory requirements (EU, UK, LATAM, APAC).
* **Data integrity:** all key operational events are cryptographically logged for audit readiness.
> **Neox bridges decentralised performance with institutional discipline.**
***
### **7.6 Continuous Resilience**
Security is not a one-time event, it is a continuous process.\
Neox’s multi-agent monitoring, redundant architecture, and adaptive policy engine ensure the network remains operational even during extreme market volatility.
* Multiple bridge and chain redundancy.
* Automated fallback logic for stablecoin or protocol instability.
* Stress testing and live simulation environments.
* Disaster-recovery and uptime guarantees for partner integrations.
***
### **The Result**
Neox delivers **institutional-grade security and transparency** through autonomous systems rather than manual processes.\
It replaces subjective decision-making with verifiable, programmable safety ensuring that yield remains reliable, compliant, and continuous.
> **In Neox, every safeguard is an algorithm.**\
> **Every decision is accountable.**
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://neox-3.gitbook.io/neox-docs/overview/7.-security-compliance-and-risk.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.