How ThinkBonds keeps brokers and wholesalers in sync
Every access request, approval, and audit trail lives in one secure workspace. Explore how the portal orchestrates onboarding, proposal reviews, and compliance-grade history.
2K+ broker teams
Activated through gated onboarding and delegated limits.
99.95% uptime
SLA-backed infrastructure mirrored across regions.
SOC 2 underway
Controls mapped directly to every workflow step.
Workflow
From access request to final decision
Each stage validates data with shared Zod contracts, routes duties to the right role, and writes a durable audit log so compliance can always reconstruct the journey.
Request access
A broker or wholesaler submits a short access request outlining their organisation and role.
Wholesaler / admin review
The request is reviewed by a wholesaler or administrator, and an email with a secure registration link is issued when approved.
Registration & 2FA
The user completes a secure registration flow using the emailed link (Keycloak) with password + 2FA.
Profile setup
Broker profiles, policyholders, and beneficiaries are created; beneficiaries can be checked via CreditSafe.
Proposal submission
Brokers submit structured bond proposals and attach the required documentation.
Wholesaler decision
Wholesalers review proposals, approve or decline them, and capture the decision in the portal.
Audit & history
Edits and soft deletions are written to a dedicated history view for later review and compliance checks.
Layer 1
Access & policy data
Central identity, CreditSafe checks, and policyholder records.
Layer 2
Proposal studio
Guided submissions with attachments, approvals, and notes.
Layer 3
Audit-grade history
Soft delete queues and immutable change tracking.
Teams
Roles at a glance
Each persona has a dedicated workspace with appropriately scoped permissions, notifications, and reporting dashboards.
Controls + reporting
Wholesaler
Owns programme limits and approvals, manages delegated agents, and gates onboarding.
Deal origination
Broker
Builds proposals, maintains policyholders, and collaborates with wholesaler reviewers.
Delegated authority
Agent
Operates within a wholesaler org, with restricted authorisation tiers and activity logs.
Ops + compliance
Administrator
Configures integrations, monitors compliance, and drives support and audit responses.
Security
Security by default
Identity, access, and compliance controls are embedded in each surface. No shadow portals, no bypassed approvals.
All access requires authentication and two-factor verification. The only public entry points are the request access form and the registration flow triggered by an approval.
- ✓2FA and SCIM-backed identity for every login.
- ✓Fine-grained roles backed by Domino data sources.
- ✓Immutable audit log plus soft delete queues.
Control 1
SSO + OIDC
Keycloak, Azure AD, and custom IdP connectors.
Control 2
Geo redundancy
Nightly encrypted backups with 35-day retention.
Zero trust posture
Every API route validates input with shared Zod contracts inside AppDirSync, ensuring the portal remains a thin proxy with no accidental data exposure.
Explore
See the portal in action
Start with a guided access request or review the technical documentation for architecture details, integrations, and deployment guidance.