0% platform fee — first 1,000,000 customersClaim 0% fee
Financial services

Every dollar of inference
maps to a desk.

An append-only audit trail your examiners can read, PII redaction on every request, and per-desk budgets settled from the provider's own response — exact, not estimated.

No BYOK · negative balances blocked at the database · 4 → 0% platform fee

  • Append-onlyAudit trailEvery key, budget, guardrail change
  • 3Budget scopesOrg · desk/team · per-key
  • InlineGuardrail checksPII redaction runs in-process
  • 4 → 0%Platform feeLower than OpenRouter at 5.5%
Cost governance

Exact cost. Atomic accounting. No overruns.

In a regulated firm, unattributed spend is a finding waiting to happen. Every request reserves credits, forwards, and settles against the provider-reported cost — a failed request releases the reservation. A desk that hits a hard cap gets a clean 402; the database refuses to write a negative balance.

  • Per-desk teams with independent hard and soft budgets
  • Costs settled from the provider response — exact, not inferred
  • Soft-cap alerts at 70 / 90 / 100% via Slack or webhook
  • Per-key spend breakdown for chargeback and cost allocation
  • Append-only audit trail with actor, IP, and diff — CSV/JSON export for your SIEM

Desk — markets research

Soft cap at 90%

Slack alert fired · desk lead sees it before finance does

Desk — client support

Within budget

PII redaction in front of every customer-facing request

Ledger

Negative balance: impossible

Reserve + settle · 402 on a tripped hard cap · no partial debit

Also on every plan

PII redaction before a prompt leaves the desk

Account numbers, SSNs, card numbers, emails, and phone numbers redacted inline — powered by Microsoft Presidio.

Failover for trading-hours workloads

Fallback chains retry on a backup model when a provider degrades — 99.9% uptime SLA on every tier.

Versioned prompt templates

Compliance-approved prompts ship as server-side templates, with every change captured in the audit trail.

Compliance — honest status

What we can prove, and what is in progress.

  • SOC 2 Type II — in progress. SOC 2-aligned controls operate today; the audited report is targeted for Q3 2026. We do not claim “certified” until it is signed.
  • GDPR — compliant. A Data Processing Addendum is published and signable; subprocessors are covered by EU Standard Contractual Clauses.
  • PCI scope — minimal. Nemo Router never touches cardholder data; payments run through Stripe, a PCI DSS Level 1 provider.

Running a vendor security review? security@nemorouter.ai will send a completed questionnaire and walk your risk team through the controls.

Finance questions, answered

Is Nemo Router SOC 2 certified?

Not yet — and we will not say "certified" until the report is signed. Nemo Router operates SOC 2-aligned controls today: encryption, access control, change management, audit logging, and tenant isolation. A formal SOC 2 Type II observation period is underway, with the audited report targeted for Q3 2026. The underlying infrastructure (Google Cloud Run, Supabase) is independently SOC 2 Type II certified. Risk teams that need assurance before the report lands can request a controls walkthrough or a completed vendor security questionnaire from security@nemorouter.ai.

Can we keep customer data in a specific region?

United States is the default footprint. EU residency is generally available on Enterprise; the UK, Canada, Australia, Singapore, and India are available on request. Customer data is replicated within a single region and is never moved without an explicit migration request.

How do we stop one desk from overspending?

Give each desk its own team with a hard budget. A hard cap returns 402 the moment it would be breached — there is no partial debit and no negative balance. Soft caps fire Slack or webhook alerts at 70%, 90%, and 100% so a desk lead sees a problem before finance does.

Do we ever have to handle a provider API key?

No. Nemo Router is a fully managed gateway — your teams authenticate with Nemo Router virtual keys (sk-nemo-…) only. We manage every provider relationship. Enterprise customers who already hold committed-spend provider contracts can have Nemo Router route through that capacity on a dedicated deployment.

Financial services

Bring us your control matrix.

We will walk your risk, security, and finance teams through the audit trail, the residency map, and the budget model — auditors welcome on the call.

SOC 2 Type II audit in progress (target Q3 2026) · GDPR-compliant · data residency on Enterprise