Platform Technology

The BOSS

Bank Orchestration Software System

Medici built its own banking platform from the ground up. The BOSS is the software brain between partner apps and the cores that hold ledgers and move money — cloud-native, modular, and designed to swap infrastructure without interrupting service.

The BOSS Ecosystem Core Systems Lending API Infra DevOps Tech Stack

Architecture

The BOSS — Five Systems, One Platform

Five public-facing portals — DAO, OLB, DCU, MYA, and the MBAPI — each connect through the BOSS, which routes through a policy engine, real-time ledger, and interchangeable cores.

The BOSS — Bank Orchestration Software System architecture diagram showing DAO, OLB, DCU, MYA and API systems

Full Ecosystem

Medici Bank Ecosystem

From onboarding and KYC to core banking, back office, and external integrations — the full system is orchestrated through AWS with end-to-end security at every layer.

Core interoperability diagram — modularity by design, supporting FIS, Temenos, MAMBU, Fiserv and proprietary core

Vendor-agnostic by design

Plug into FIS, Temenos, MAMBU, Fiserv, or Medici's own core

Change cores without interrupting service — transaction-level orchestration

Integrations: Twilio, Amazon SES, Netki, Unit21, Coinfirm, Qredo, Gemini

Datastores: MySQL + Redis, backed by AWS RDS

Core Systems

Five purpose-built systems

Every customer-facing and partner-facing interface in the Medici ecosystem is a named, purpose-built system — each with its own domain and URL, all connected through the BOSS.

DAO

open.medici.bank

Digital Account Opening

KYC/KYB-powered onboarding in minutes. The DAO manages the application process from start to finish — Know Your Customer, Know Your Business, secure information checks — so partners don't have to build it themselves.

Online form intake in minutes
Automatic KYC/KYB screening
Crypto loan application flow with LTV selection
Works for personal and business accounts

DAO Digital Account Opening interface screenshots

OLB Online Banking Portal interface screenshots

OLB

my.medici.bank

Online Banking Portal

2FA-secured portal for account and asset management. Business accounts support up to 99 users with role-based access, multi-approver workflows, and instant Medici-to-Medici transfers.

Multi-user access with approval workflows
Instant cross-account transfers
Spend limits per user
Full transaction history and statements

DCU

docuhub.medicibank.io

DocuHub Document Service

Encrypted, self-service document exchange for KYC/KYB paperwork. Clients upload sensitive materials through a secure portal — no email attachments, no unencrypted transfers.

Encrypted document upload and retrieval
Self-service submission portal for businesses
Articles of incorporation, compliance docs, and more
Secure document request workflows

DCU DocuHub document management service interface screenshots

MYA My Admin System interface screenshots showing system control console

MYA

mya.medicibank.io

My Admin System

The single operations console for accounts, clients, transfers, payments, and compliance workflows. Integrates third-party data and tools (KYC, sanctions) so Ops and Compliance have one interface.

Account management and client oversight
Fee configuration and product rules
Authorization workflows and 4-8 eye approval
KYC, sanctions screening, and compliance reports

API

api.medicibank.io

Modular Bank API (MBAPI)

REST/JSON API exposing account management, transactions, payments, and reporting. The entry point for all BaaS integrations — modern, well-documented, what fintechs expect to see.

Create and manage customers and accounts
View balances and transaction history
Transfer between Medici-internal accounts
HMAC-authenticated — secure by design

MBAPI Modular Bank API documentation and interface screenshots

Lending Platform

End-to-end lending infrastructure

From application intake to portfolio management. Medici's lending stack covers loan origination, management, borrower portal, and crypto-backed loans with real-time LTV monitoring.

Medici Bank lending platform: Loan Origination System (LOS), Loan Management System (LMS), and Borrower Loan Portal

Loan Product Configurator — MYA interface for creating personal and business loan products

Loan Admin Management Platform — MYA interface for managing loans and amortization schedules

Real Time Loan Management — automated margin calls, partial liquidation, and full liquidation at LTV thresholds

Dynamic Market Protection

The LMS monitors loan-to-value ratios every minute. When LTV drifts, automated actions protect both borrower and bank in real time.

+30% LTV drift

Margin call — 48h to restore

+50% LTV drift

Partial auto-liquidation triggered

90% LTV reached

Full integrated selloff executed

Crypto-backed loans

Digital Custody

Multi-Signature Digital Custody

dMPC custody accounts are created for two or more verified entities. A master key is generated and immediately sharded — distributed equally across the verified parties. Every transaction requires multi-party approval and is screened via Crystal.

Key Sharding — Master key sharded and distributed to each verified entity — no single point of control.

Transaction Approval — All transactions require signing by each entity using their shard — true multi-party custody.

Wallet Analysis — All incoming and outgoing transactions screened via Crystal for fraud and suspicious activity.

Multi-Signature Digital Custody Accounts diagram — MPC account creation, master key sharding, and transaction authorization

API Infrastructure

Secure by design

The API layer runs on AWS with HMAC-signed requests, per-function Lambda isolation, and encrypted datastores. Every call is authenticated before it reaches the bank.

HMAC Authentication

API clients issued Token + Secret. Every request HMAC-encrypted and vetted before processing.

AWS API Gateway

All API requests internally routed and validated — bad routes rejected automatically.

AWS Lambda

Functions isolated per API endpoint. Billed per usage — efficient at scale, no idle cost.

AWS RDS

All datastores in persistent RDS instances. Sensitive data encrypted at rest.

SSL / HTTPS

All traffic encrypted in transit. No plaintext API calls accepted.

Modular design

Each Lambda function handles one concern — isolating failures and enabling independent deployment.

API Infrastructure diagram — HMAC authentication, HTTPS, AWS API Gateway, Lambda, and RDS flow

DevOps Deployment Pipeline — GitHub, CircleCI, Coveralls, AWS CodeDeploy flow

Engineering

DevOps pipeline

Code coverage enforced at every step — a drop of 1% fails the build. Automated unit testing via CircleCI, code coverage via Coveralls.io, deployment via AWS CodeDeploy. No manual release gates.

Code Development

Engineers write and test code, committing changes via GitHub.

Code Testing

A Pull Request triggers automated unit testing at CircleCI.

Code Coverage

Coveralls.io checks coverage. If it drops by 1%, the build fails.

Code Deployment

Passing PR merges into branch, starting AWS CodeDeploy.

Build Completed

Systems auto-update and redeploy on successful deployment.

ML — applied carefully

ML is being introduced progressively where it adds clear value: anomaly detection, AML screening, and collateral-risk signals in crypto lending. Every decision is paired with human oversight and regulatory controls.

Technology Stack

Built on proven infrastructure

The full Medici technology stack: application and data, DevOps tooling, utilities, and business tools.

Medici Bank technology stack — Application and Data (jQuery, JavaScript, Node.js, HTML5, MySQL, Redis, Amazon EC2, S3, CloudFront, Lambda, Sails.js), DevOps (GitHub, Git, Docker, Amazon ECS, CircleCI, AWS ELB, CloudWatch, Coveralls), Utilities (Postman, Route 53, SES, Twilio, Airtable, Stoplight), Business Tools (Slack, Clickup)

Want to go deeper?

Explore the API documentation or talk to our team about how the BOSS can power your financial product.

API Documentation Talk to Medici