LUNARI
← Suites · Suite · Audit, Risk & Compliance

An audit-ready system, not an audit-ready scramble.

Internal controls, segregation of duties, PBC management, evidence vault, policy attestations and external auditor collaboration — provable on the day they ask, not the week after.

The classic audit cycle is six weeks of evidence-gathering for two weeks of testing. Lunari inverts it: every transaction in the system is already evidenced as it happens, and the auditor logs in to a curated view of exactly the items they need to test. PBC requests answer themselves out of the same vault that controls produced.

Request a demoHow it fits together
lunari.cloud / arc / vault · fy-2025
Evidence vault · FY 2025
Tamper-evident · 1,418 documents
C-101
Journal approval — segregation
18 filesTested
C-104
Vendor onboarding KYC
24 filesTested
C-118
Bank payment release ≥ $50k
9 filesPBC pending
C-201
Period-end roll authorisation
6 filesTested
C-244
Quarterly access review
12 filesIn review
Chapter I · The process, end-to-end

From first event to posted journal.

  1. Policy
  2. Control
  3. Evidence
  4. Test
  5. PBC
  6. Sign-off
Chapter II · A day in the suite

The rhythm, hour by hour.

03 moments
01
Morning

An access review finishes overnight. Three SoD conflicts surfaced with named owners and a 48-hour clock; nobody has to email a control matrix.

02
Midday

The external auditor opens a fresh PBC list. 87% of items are answered straight from the vault; the residual is routed to the right preparer with evidence templates attached.

03
Close of day

A policy attestation deadline lands. The system tracks who has and hasn't acknowledged, and locks user access for those who haven't, on the rule the policy itself defines.

Chapter III · Why it's different

Three things that aren't in the spec sheet.

The features any vendor will list. These are the architectural choices that change how the suite behaves at month thirteen.

I

Evidence as a by-product

Controls don't generate evidence after the fact — every transaction is evidenced at the moment it happens, in the same place it lives.

II

Auditor as a user

Your external auditor logs in to a scoped view. They request, you approve, the trail is captured. No file shares, no zip files.

III

Continuous, not annual

SoD conflicts, control failures and policy lapses surface the day they occur. Year-end is just a date stamp.

Chapter IV · What's inside

Capabilities in Audit, Risk & Compliance.

03 capabilities, all on the same ledger and identity layer.

Audit & PBC management

PBC lists that don't end in a Friday-night Slack panic.

Read more

Compliance & governance

Controls, segregation of duties and policy attestations — by design.

Read more

Evidence & document vault

One vault. Hashed. Versioned. Linked to every transaction.

Read more
Chapter V · Outcomes reported

What teams measure after the switch.

Metric · 01
↓ 70%
audit prep hours
Metric · 02
100%
evidence chain intact
Metric · 03
0
SoD violations at year-end
Chapter VI · Adjacent suites

What sits next to it on the platform.

01
Procure-to-Pay

Buy with control. Pay with evidence.

02
Order-to-Cash

Revenue you can defend.

03
Record-to-Report

One period model. One truth.

04
Assets & Lease

Long-lived items, properly accounted.

05
Treasury & Cash

The position is current.

06
People & Payroll

People costs, accounted.

Ready when you are

See Audit, Risk & Compliance on your numbers.

We'll walk through your current process and show you the same flow inside Lunari.

Request a demoTalk to sales