Trust

Your clients' books deserve an AI you can audit.

You hold the most sensitive financial data there is. We built Maxed so that an AI can do the heavy lifting and you can still see, approve, and trace everything it touches. Here is how we build it, how we secure it, and where we draw the line between what is open and what we run for you.

What we promise

A few commitments we hold ourselves to.

Open by default

We build on open-source integrations, tooling, and standards. No lock-in, and your data comes with you if you ever leave.

Built with real CPA firms

The product is shaped by working firms, not assumptions. Design partners help decide what gets built and how it behaves.

We document how we work

We write down how we build and how we secure the system, in plain language, so your firm can review it.

Hardened and least-privilege

We harden the components we run, enforce authentication and tenant isolation, and grant the least access required to do the job.

WISP-aligned controls

We maintain security controls aligned with IRS Pub 4557 and the FTC Safeguards Rule, with SOC 2 Type II on the roadmap.

Your data is not our training set

We do not train shared models on your client data. It stays isolated to your firm.

The problem we're solving

The old way, and the new way.

The old way
  • Client data scattered across a dozen vendors, each with its own login and its own security posture
  • AI bolted on as a black box you can't inspect or audit
  • No clear record of what touched a client's books, or when
  • Data you can't fully export, held by a vendor you can't fully see into
The new way
  • One system with tenant isolation, so each firm's data stays separate
  • AI that drafts and suggests, with a human approving every client-facing output
  • A full audit trail of every action the agents take
  • Open components and standard exports, so you keep control of your data

Built for the most sensitive data there is

The controls underneath.

Tenant isolationRow-level isolation keeps each firm's data separated. One firm's data is never commingled with another's.
EncryptionClient data is encrypted in transit and at rest.
Audit loggingEvery agent action and every approval is logged, timestamped, and traceable.
Least-privilege accessRoles and permissions grant only the access required for a task. Sensitive actions can require step-up verification.
Secrets handlingCredentials and integration keys are stored and handled with care, never exposed in the product surface.
No shared-model trainingWe do not train shared models on your client data. Your data serves your firm.

Building in the open

An honest line between open and commercial.

Maxed is an open-source platform with AI agents on top. We keep the seam clear on purpose, so you always know what you can inspect, run, and export, and what we operate for you.

What is open

  • +Integration adapters
  • +The spec
  • +The command-line interface (CLI)
  • +The user interface (UI)
  • +Deployment templates
  • +The statement normalizer
  • +The classifier shell
View the GitHub org →

What is commercial

  • -The hosted Maxed platform we run for you
  • -Max, the back-office AI agent
  • -Ed, the client-facing AI agent

The hosted product and the agents are how we keep the lights on and the system supported. Everything around them you can see and run.

Open source is safer, not riskier

It is already securing your money.

Open source can sound risky if you have not worked with it. In practice, it is what the most sensitive financial systems already run on, because anyone can inspect it, and problems get found and fixed in the open rather than hidden in a black box.

Banks run on open-source databases

The core data systems behind large financial institutions are open source, inspected by thousands of engineers.

Card crypto is open

The cryptography that protects your card payments is public and openly reviewed, which is exactly why it holds up.

Your data already moves over open standards

Accounting data already flows over open standards like OFX and OAuth. Open is the norm for financial plumbing, not the exception.

Sub-processors & data handling

Who touches the data, and how.

We use a small set of trusted infrastructure and service providers to host, process, and connect your data. We keep the list current and share it with firms on request, including what each provider does and what data it sees. Bank connections are gated through established financial-data infrastructure, and integrations connect only with your explicit authorization.

Official Plaid partner

Secure bank connections, built into Maxed.

When client bank data needs to sync, Maxed uses Plaid as the secure connection layer behind the scenes. It is infrastructure inside Maxed, not another app your firm has to adopt or train staff on.

Plaid

Want the current sub-processor list and our data-handling documentation? Email [email protected] and we will send it over.

FAQ

Straight answers.

Is it safe to let AI touch my clients' books?
Yes, because the agents never act on their own. Max and Ed draft, categorize, route, and reply, but every client-facing output waits behind a CPA approval gate. Every action is logged and traceable, so you always have a record of what the AI did and when.
Do you train AI on my client data?
No. We do not train shared models on client data. Your firm's data is isolated to your firm and used to serve your firm. We document how we handle and secure it below.
Can I self-host or export everything?
Your data is fully portable and exportable anytime in standard formats. The platform is built on open components and deployment templates rather than a brittle black box, which gives your firm far more control and lower switching risk than a typical closed vendor.
How do you meet IRS Pub 4557, the FTC Safeguards Rule, and WISP requirements?
We maintain a Written Information Security Program aligned with IRS Publication 4557 and the FTC Safeguards Rule, and SOC 2 Type II is on our roadmap. We are happy to walk a firm through our current posture and share documentation.
What's open source and what's commercial?
Open: the adapters, the spec, the CLI, the UI, the deployment templates, the statement normalizer, and the classifier shell. Commercial: the hosted Maxed platform and its AI agents, Max and Ed. That is the honest seam, and we keep it clear on purpose.

Want to dig into the details?

We are happy to walk your firm through our security posture, our open-source seam, and our data handling.

Book a callView on GitHub