product surfaceshow it worksarchitecturepilot
sign in
see the architectureexplore the platform
one platform, every channel.

The operating systemto configure

A config-driven platform for mobile banking, AI voice and chat, employee tooling, consent management, fraud intelligence, and modern core integration.

explore the platformsee the architecture
4,800+credit unions nationwideu.s.
Onecodebase, one config per institutioncu.app
Multitenant operating systemshared
Configover code, network over isolationdesign
4,800+credit unions nationwideu.s.
Onecodebase, one config per institutioncu.app
Multitenant operating systemshared
Configover code, network over isolationdesign
product surfaces

One platform.
One codebase. One configuration per institution.

01

Member app and marketing web

Member mobile app, marketing website, and authenticated web app from one configuration per institution — not a better banking app alone, but a modern, compliant, configurable digital institution without rebuilding the same thing 4,800 times.

02

AI chat and voice banking

Natural language banking with deterministic tool use, explicit permissions, auditability, and escalation to human support — same backend, same permissions, same audit trail across channels.

03

Employee portal

Staff sees the same member truth, same consent state, same interaction timeline — no channel should feel like a separate product.

AB
04

Compliance and fraud network

Compliance and consent surfaces plus a fraud signal network and core adapter layer — config over code, network over isolation, consent over opacity.

configuration matrix

Three steps.
One institution config.

config.ts
1import { cuApp } from '@cu.app/config'
2
3cuApp.tenant({
4  charter: '5536',
5  brand: 'primary',
6})
Ready
architecture

Supabase,
Edge, Postgres.

Core platform: Supabase and Postgres, strict tenant isolation with RLS, Edge Functions for low-latency operations, event-driven audit trail, typed service contracts, and a feature flags and config registry.

RLS
tenant isolation
Edge
functions
Audit
event trail
platform surfacesall operational
Member app
Flutter + cu_ui
12ms
Configuration matrix
Staff portal · Next.js
18ms
Marketing site
Public web · same tokens
24ms
Config API
GET /api/config/[tenantId]
28ms
Voice / IVR
Policy-aware member support
35ms
Edge functions
Supabase · low-latency ops
42ms
platform scale

Shared architecture,
tenant isolation.

live|7:53:06 PM
0+
U.S. credit unions in scope
0
Configuration tiers in the matrix
0.99%
Target availability posture
0
Surfaces — member app, voice + chat, employee portal
integrations

Core adapters
and integrations.

Symitar and Episys first, PowerOn orchestration, FDX-aligned scopes, card processor, KYC, CRM, and statement providers — canonical CU API above adapters.

Symitar
Core adapter
PowerOn
Orchestration
FDX
Open banking
Supabase
Postgres + Auth
Stripe
Payments
Vercel
Edge + Web
PostgreSQL
Database
Edge Functions
Low-latency ops
OAuth2 + PKCE
Consent
Twilio
SMS / Voice
SendGrid
Email
Hume AI
Voice banking
Symitar
Core adapter
PowerOn
Orchestration
FDX
Open banking
Supabase
Postgres + Auth
Stripe
Payments
Vercel
Edge + Web
PostgreSQL
Database
Edge Functions
Low-latency ops
OAuth2 + PKCE
Consent
Twilio
SMS / Voice
SendGrid
Email
Hume AI
Voice banking
Hume AI
Voice banking
SendGrid
Email
Twilio
SMS / Voice
OAuth2 + PKCE
Consent
Edge Functions
Low-latency ops
PostgreSQL
Database
Vercel
Edge + Web
Stripe
Payments
Supabase
Postgres + Auth
FDX
Open banking
PowerOn
Orchestration
Symitar
Core adapter
Hume AI
Voice banking
SendGrid
Email
Twilio
SMS / Voice
OAuth2 + PKCE
Consent
Edge Functions
Low-latency ops
PostgreSQL
Database
Vercel
Edge + Web
Stripe
Payments
Supabase
Postgres + Auth
FDX
Open banking
PowerOn
Orchestration
Symitar
Core adapter
compliance

Consent is
product.

Open banking compliance, fraud intelligence, and auditable privileged staff actions — security should feel visible but not oppressive.

FDX-alignedOAuth2 + PKCERLSAudit trailWCAG AA

Consent and privacy

Consent dashboard: which apps have access, what data categories were granted, when permission started, when it expires, and revoke — every permission screen answers who, what, why, how long, and how to stop.

Security experience

Last sign-in, active devices, recent high-risk actions, biometric state, card state, consent history, export my data, revoke app access — visible but not oppressive.

Fraud and trust layer

Suspicious charge alert, unusual device sign-in, travel anomaly, payment risk prompt — fast, calm, reversible language members can understand.

WCAG 2.2 AA baseline

Dynamic type, clear focus, screen-reader sane labels, reduced motion, plain language alternatives — accessibility is not optional polish.

technical stack

Frontend and backend.
One config contract.

Member app in Flutter and Dart; staff, marketing, and authenticated web in Next.js — same config source, same design token source.

Flutter member app

Custom component library, offline-tolerant patterns, white-label theming from config.

Next.js staff + marketing

Edge-aware rendering, same config source, same design tokens as mobile.

Supabase + Postgres

Strict tenant isolation with RLS, Edge Functions, typed service contracts.

Deterministic AI tools

Policy checks before execution, transcript and receipt logging, escalation framework.

flutter pub add cu_ui
# Staff + marketing web
npm install
# Config API
curl /api/config/[tenantId]
open configuration matrix|see architecture
why credit unions need this now
01 / 04

We needed one member experience across app, voice, and staff — not three products. cu.app is the first stack that sounded like how credit unions actually operate.

J

Jordan Ellis

Chief Digital Officer, Community First CU

outcome

One truth across channels

built for u.s. credit unions

Navy FederalPenFedBECUAlliantFirst TechGolden 1America FirstState Employees CU
Navy FederalPenFedBECUAlliantFirst TechGolden 1America FirstState Employees CU
pilot and phases

Phased rollout,
credible scope

Phase 1 ships the operating-system core; Phase 2 and 3 deepen voice, lending, fraud network, and adapters — not a fintech skin, a real operating system.

MonthlyAnnualSave 17%
01

Phase 1

Pilot-ready core — auth, balances, transactions, transfers, cards, chat, support, profile, consent dashboard, employee portal core, basic marketing site

PilotEvaluate the core OS
  • Auth and balances
  • Transactions and transfers
  • Cards and chat
  • Support and profile
  • Consent dashboard
  • Employee portal core
  • Basic marketing site
start a pilot
Next horizon
02

Phase 2

Voice banking, enriched insights, fraud network, loan application surface, prequalification, document workflows, external account linking, business accounts

ExpandVoice, lending, network
  • Voice banking
  • Enriched insights
  • Fraud network participation
  • Loan and prequal surfaces
  • Document workflows
  • External account linking
  • Business experience
explore the platform
03

Phase 3

Deeper network signals, predictive insights, cross-channel journey continuity, broader core adapters, advanced employee AI, benchmarking where permitted

CustomEnterprise rollout
  • Network-grade signals
  • Predictive insights
  • Journey continuity
  • Advanced core adapters
  • Employee AI tooling
  • Benchmarking surfaces
  • Custom rollout
talk to us

cu.app is the multi-tenant operating system for credit unions: a config-driven member app, AI banking layer, employee portal, consent engine, and fraud network on one shared platform. open the configuration matrix

One platform,
every channel

The operating system your credit union has been waiting for. Config-driven digital banking, AI voice, compliance, fraud intelligence, and employee tooling — one shared platform.

explore the platformsee the architecture

start a pilot — configuration matrix opens in-app