§ 07Architecture & Profitability Leverage

The stack is boring. The leverage is not.

Modern SaaS defaults for the platform. The differentiation lives in the proprietary control graph, the evidence primitive, and the agentic delivery layer that keeps human COGS near zero as accounts scale.

Recommended stack

LayerChoiceWhy
FrontendReact 19 + TanStack Start, Tailwind v4, shadcn primitivesSSR, edge-deployable, type-safe routing; matches the deliverable in your hands.
BackendTypeScript on Node/Bun for API; Python workers for ML-adjacent tasksTS everywhere shrinks the team; Python only where SR 11-7 quant validation demands it.
DataPostgres (Neon) primary; ClickHouse for evidence-graph analytics; S3 for artifactsLedger-quality durability + cheap columnar analytics for cross-customer benchmarks.
AuthWorkOS (SAML/SCIM/directory sync)Enterprise SSO is table stakes; buying WorkOS is 10× cheaper than building.
LLM planeBedrock (Claude), Azure OpenAI, self-hosted OSS via vLLM for on-prem accountsMulti-provider from day one; contract terms allow zero-retention for regulated buyers.
Agent frameworkIn-house orchestration on LangGraph primitives + own eval harnessOff-the-shelf agent SDKs are unstable; own the orchestration to own the reliability story.
HostingAWS us-east-1 + eu-central-1; VPC deployment SKU for Phase 3EU data residency is a hard sale requirement; VPC unlocks banks and defense.
ObservabilityOpenTelemetry → Grafana Cloud; Sentry; PostHog product analyticsStandard, cheap, hire-able.
Compliance posture (own product)SOC 2 Type II by month 9, ISO 27001 month 15, ISO 42001 month 18, HIPAA-ready month 12Selling AI governance without your own certs is disqualifying.

How this yields 85%+ gross margins

Four structural levers.

Lever 1

Agentic delivery replaces PS labor

Onboarding, control mapping, evidence backfill, doc drafting and audit-pack assembly all run as LLM agents against the customer's connected systems. Human touch collapses to a Solutions Engineer per 25–40 accounts vs. incumbents' 4–8. Estimated COGS impact: −18 pp gross margin savings vs. traditional GRC vendors.

Lever 2

Inference costs contained by design

Small models (Haiku/GPT-4o-mini/Llama-3-70B) do 80%+ of work: classification, extraction, mapping, redlining. Frontier only for validation memo drafting and complex reasoning. Aggressive prompt caching + response reuse per control template. Target LLM COGS <3% of revenue.

Lever 3

Multi-tenant control graph

One update to a framework (new EU AI Act delegated act, new NIST profile) ships to all customers instantly. Every improvement is amortized across the whole book, so ongoing R&D per customer trends toward zero.

Lever 4

Storage is negligible against ACV

Evidence artifacts (JSON + PDFs) dominate storage; even at millions of inference-level artifacts, S3/Glacier cost per $60K ACV account is <$40/mo. ClickHouse for hot analytics stays <$120/mo/account through year 3.

Data model

Core entities — small on purpose.

EntityPurposeNotes
OrganizationTenant boundaryRow-level security via Postgres RLS on every table
AISystemA governed model, agent, or embedded AIOwns risk tier, purpose, jurisdictions, owners
VersionA specific model or agent versionImmutable snapshot; feeds evidence hashing
ControlA discrete obligation from a frameworkCross-mapped via ControlLink to dedupe across frameworks
ControlLinkFramework A control ↔ framework B controlThe proprietary graph; the moat lives here
EvidenceSigned, hashed artifactPoints to Version + Control; time-stamped; immutable
AttestationHuman sign-off on an Evidence/Control pairSR 11-7 requires named validator identity
IncidentAI-specific incident (bias event, prompt injection, drift)Feeds regulator-required incident logs (EU AI Act Art. 62)
AuditPackageScoped, time-boxed export for external auditorRead-only workspace; every view logged

Security & multi-tenancy

Isolation. Postgres RLS enforced on every query with tenant-scoped connection pooling. Separate S3 prefixes per org with KMS-per-tenant CMKs for enterprise SKU. Optional bring-your-own-KMS for banks and defense.

Data handling. No customer content trains any model, ever — contractual and technical (zero-retention endpoints, in-VPC inference for enterprise SKU). PII redaction on prompt/response capture is opt-out, not opt-in.

Meta-governance. Axiom itself is governed inside Axiom (dogfood). Every framework update, every model change on the platform is logged, attested, and included in the SOC 2 / ISO 42001 evidence customers can request.

Build vs buy

Where founder time compounds.

Build

Control graph + cross-framework mappings; evidence-hashing pipeline; agent orchestration and eval harness; audit-package generator; regulator-specific templates. This is the moat.

Buy

Auth (WorkOS), billing (Stripe), transactional email (Resend), observability (Grafana Cloud), CRM (Attio), search (Typesense). Non-differentiating; costs a fraction of the eng time.