Your Compliance Agent

Compliance Agent — Regulatory Compliance on Autopilot

Your Compliance Agent tracks identity verification, consent expiry, and audit trails — so you never miss a regulatory deadline. It runs in the background, monitoring every transaction, and alerts you before anything expires. Invisible compliance that protects your license.

Try it free

Key Benefits

Seller identity verification is integrated into Phase 1 of the listing workflow. The system collects full legal name, date of birth, citizenship, and government-issued ID details (type, number, and expiry date) in a structured form that matches regulatory reporting requirements. Missing fields are flagged before the workflow can advance.

Consent tracking at the database level, not just a UI checkbox. Every contact record stores consent type (express or implied), the date consent was obtained, and the calculated expiry date. The email send pipeline queries consent status before every send and blocks emails to contacts with expired or missing consent automatically.

Audit trails are generated for every compliance-relevant action. Identity verification submissions, consent grants, consent withdrawals, email sends, and showing access grants all produce timestamped log entries. If your regulator requests documentation, you have a complete record of when each compliance step was completed and by whom.

Proactive compliance monitoring through automated checks. A background cron job monitors consent expiry dates and flags contacts approaching their implied consent deadline — giving you time to request express consent before the window closes. Government ID expiry dates on seller identity records are tracked and surfaced when renewal is needed.

How It Works

1

Collect seller identity during listing intake

Phase 1 of the 8-phase listing workflow includes a dedicated identity verification section. You enter the seller's full legal name, date of birth, citizenship, and government-issued identification details — ID type (passport, driver's license, or government ID), ID number, and expiry date. The system validates that all required fields are present before allowing workflow advancement.

2

Track consent on every contact

When a contact is created or imported, the consent section captures how consent was obtained (express opt-in, business relationship implied, or referral implied), the date of consent, and the applicable expiry. Express consent has no expiry. Implied consent from a business relationship expires based on your jurisdiction's rules. The system calculates and enforces these windows automatically.

3

Compliance gates block non-compliant actions

The system enforces compliance at the action level. Emails cannot send to contacts without valid consent. The listing workflow cannot advance past Phase 1 without complete seller identity records. These are not warning dialogs — they are hard blocks in the execution pipeline that prevent non-compliant actions from completing.

4

Monitor, audit, and report

The compliance dashboard surfaces upcoming consent expirations, incomplete identity records, and any compliance flags across your active listings and contacts. Every compliance action is logged with timestamps for audit purposes. When you need to demonstrate compliance to your regulator or brokerage, the data is structured and exportable.

Frequently Asked Questions

What identity verification requirements does Magnate360 cover?+
Magnate360 covers the individual identification requirements for real estate transactions as required by anti-money laundering regulations. For each seller, the system collects and stores: full legal name, date of birth, citizenship or permanent residence status, and government-issued photo identification details (document type, number, place of issue, and expiry date). This information is collected during the seller intake phase and stored in a dedicated seller_identities table with the listing association. The current implementation covers seller-side identification. Buyer-side identification is on the roadmap.
How does consent tracking actually prevent non-compliant sends?+
Consent enforcement happens in the email send pipeline, not at the UI level. Before any email — whether a manually triggered newsletter or an automated journey email — the system checks the recipient contact's consent record in the database. It verifies that consent exists, that the consent type is valid (express or implied), and that the consent has not expired based on the type-specific rules. If any check fails, the send is blocked and logged as a consent failure. This applies to all email paths in the system: the newsletter engine, the journey automation engine, and the workflow-triggered email steps.
Is the compliance data stored securely?+
Seller identity records containing compliance information (names, dates of birth, ID numbers) are stored in a dedicated Supabase table with Row Level Security policies. Only authenticated users can access the data. The Supabase database is hosted in a SOC 2 compliant data centre. All connections use TLS encryption in transit. Magnate360 does not store copies of government-issued ID documents — only the metadata fields (type, number, expiry) as required by regulatory reporting obligations.
What happens when a contact's implied consent is about to expire?+
A background cron job runs regularly to check consent expiry dates across all contacts. When a contact's implied consent is approaching expiry (configurable threshold, typically 30 days), the system flags that contact and surfaces the upcoming expiry in the compliance monitoring view. This gives you time to reach out and request express consent — which has no expiry — before the implied consent window closes. Once implied consent expires, all automated email sends to that contact are blocked until express consent is obtained and recorded.

Ready to get started?

14-day free trial. No credit card required.

Start Free Trial