Field Report · Vault Tier · Financial Services

Regional Mortgage Lender

Western NorwayActive since January 2025

Six branches. Four source systems. Fourteen thousand applications per year. One definitional layer. No system replaced.

Executive Summary

A mid-sized regional mortgage lender in Western Norway — six branch offices in the Bergen metro area, processing approximately 14,000 applications per year. Four source systems with no shared definitional layer: TietoEVRY core banking, BankID identity verification, Norwegian credit bureau XML feeds, and third-party property appraisals arriving as unstructured PDFs. Stathon deployed at Vault Tier. No system was replaced. The conditional approval cycle compressed from eleven to four working days. Document re-requests dropped by 55–60%. Approximately 1,080 hours per month were redirected from file assembly to credit judgment.

Decision cycle~4 daysFrom ~11 days

Document re-requests−55–60%Manual re-requests

Compliance backlog−~33%Review queue

Capacity redirected~1,080 hrsPer month, from file assembly

01 · Client Overview

The institution.

A regional mortgage lender operating across the Bergen metropolitan area from six branch offices. The institution focuses on residential mortgage origination for private borrowers and small portfolio investors. Approximately 14,000 applications per year, processed by a team of 42 full-time staff spanning underwriting, compliance, and operations.

The core technology stack comprised TietoEVRY's Banking-as-a-Platform as the origination and core banking layer, BankID for Norwegian national identity verification, structured XML feeds from the Norwegian credit bureau, and property valuations arriving as PDF documents from third-party appraisers — with no API access to the valuation source.

The four systems operated independently. No common entity model connected them. Each carried its own implicit logic for what constituted a ready, complete, or compliant application. Regulatory oversight from Finanstilsynet, the Norwegian Financial Supervisory Authority, established compliance obligations under the AML Act 2018, GDPR, and DORA.

System environment at engagement start

Core banking platformTietoEVRY Banking-as-a-Platform

Identity verificationBankID (Norwegian national eID)

Credit scoringNorwegian credit bureau (structured XML)

Property valuationsThird-party appraisals (PDF, no API)

Branches6 regional offices, Bergen metro area

Staff42 FTE (underwriting, compliance, operations)

Applications~14,000 per year

Four source systems. No common entity model. No shared definition of a complete or compliant application.

TietoEVRYCore BankingOrigination, decisioning, customer records

BankIDIdentityNorwegian national eID verification layer

Credit BureauRisk DataStructured XML feed, creditworthiness signals

AppraisalsValuationThird-party PDF documents, no API surface

02 · Situation at Engagement Start

Four systems. No shared meaning.

The mortgage origination process depended on four separate systems that had never been required to share a common definition of an application. Each system had its own implicit notion of completeness, readiness, and compliance. The friction between them was not a technology problem — it was a definitional one.

TietoEVRY could mark an application complete while the property appraisal had not been received. The credit bureau score could be days old by the time an underwriter opened a file. BankID identity confirmation and AML review existed in entirely separate temporal contexts. No system could answer the most basic question in loan origination: is this application genuinely ready for decision?

The problem was not that data was unavailable. The problem was that no one had defined what a complete application means across four systems — and until that was done, every status indicator was structurally unreliable.
Stathon engagement assessment

The entry point

Underwriters regularly requested documents they already held — because they could not verify whether the version in the file matched the applicant's current credit position. The re-request cycle was not caused by missing documents. It was caused by the absence of a shared definition of applicant readiness across systems that had never been required to agree.

Identified definitional gaps

GAP-01

Complete application

No shared definition across systems. Credit, BankID, valuation, and compliance each carried implicit readiness criteria that were never made explicit or aligned. An application could be “complete” in the origination system while missing elements that underwriting considered essential.

GAP-02

Application readiness

The origination system marked applications complete while valuations were pending or credit scores were stale. Underwriters regularly opened files expecting a full package and found structural gaps. The re-request cycle began here — not in the document itself, but in the definition.

GAP-03

Risk threshold

Income-to-debt ratios, valuation discrepancies, and guarantor exposure were assessed in isolation, never correlated. No system held a unified view of combined risk across all three dimensions for a single applicant or household.

GAP-04

Compliance timeline

AML reviews were sometimes completed weeks after underwriting decisions, with no connecting audit trail between them. Compliance and credit operated in separate temporal contexts. Finanstilsynet’s examination risk was structural, not incidental.

Previous partner assessments

A prior consulting engagement had assessed the situation as a systems integration challenge and recommended replacing the TietoEVRY core banking platform with a more modern origination layer. The institution's leadership rejected this assessment: the cost and disruption of core banking replacement was not proportionate to the problem being described. The question was whether definitional coherence could be established above the existing systems — without replacing any of them.

03 · The Deployment

Four phases.

Vault-tier deployment. Four modules — Arché, Core, Athena, Aegis — deployed in phased sequence across four source systems. All existing systems remained in place, unchanged.

Phase 1

Definition & Integration Spine

January–February 2025

ARCHÉDefinitional Authority

Entity graph established: applicant, application, document, credit event, valuation, compliance review

Four definitional gaps formalized: complete application, readiness, risk threshold, compliance timeline

BankID identity signal mapped as a first-class entity with temporal validity window

PDF appraisal ingestion layer: structured extraction of valuation figure, date, and property reference

COREOperational Continuity

Batch extract from TietoEVRY (nightly) and webhook integration for BankID events

Credit bureau XML normalized onto Arché event schema with timestamp and staleness flag

Temporal coherence layer: application readiness signal derived from all four source states

Idempotent state transitions — each document version and score update appears exactly once

AEGISSovereignty & Protection

Deployed from day one (Vault posture: compliance cannot be added later)

RBAC policy: branch-level access boundaries, underwriter vs. compliance role separation

GDPR data lifecycle: applicant right-to-erasure enforced across all four source signals

Audit event taxonomy: every data access, score read, and decisioning signal logged

The first work was not integration — it was definition. The four definitional gaps were not discovered during the engagement; they were mapped in the first two weeks. Until they were resolved, any integration layer would have inherited the same structural incoherence that caused the eleven-day cycle in the first place.
Stathon deployment record

Phase 2

Core & First Live Capabilities

March–May 2025

Application readiness signal

The first live capability: a single readiness indicator per application, derived from all four source systems in real time. An application is ready for underwriter review only when BankID confirmation is current, credit score is within the staleness window, valuation has been received and parsed, and compliance pre-check has cleared. The first week in production, 34% of applications marked “complete” by TietoEVRY were found non-ready under the unified definition.

Document gap surfacing

Gaps in the application package were surfaced within minutes of intake rather than discovered by the underwriter mid-review. The re-request cycle dropped by 55–60% within the first two months. Underwriters no longer opened files to discover missing elements — the definitional layer surfaced gaps before the file reached the review queue.

Temporal coherence enforcement

Credit scores older than the defined staleness threshold triggered automatic re-pull requests before the application entered underwriting. Valuation timestamps were validated against application submission dates. BankID confirmation windows were tracked as time-bounded events, not static flags.

Branch adoption

Adoption was uneven across branches in the first month. Three Bergen-area branches integrated the readiness signal into their intake workflow within the first two weeks. Two branches required on-site calibration sessions before adopting. One branch — the highest-volume originator — required three calibration sessions and a structured parallel run before full adoption.

Compliance review sequencing

AML reviews were sequenced to begin in parallel with underwriting rather than after a decisioning event. The compliance backlog reduced by approximately 33% within the first quarter of full production. The audit trail connecting credit decision and AML review was established for the first time.

Phase 3

Athena — Risk Intelligence

June–October 2025

The Athena layer deployed in advisory mode in June 2025. Rule-based escalation logic layered beneath a probabilistic risk scoring engine — combining income-to-debt ratios, valuation discrepancy signals, and guarantor exposure into a correlated risk view. The model does not make automated credit decisions — it provides signals for underwriter review. The advisory mode was retained permanently as an architectural decision, not a transitional constraint. Human judgment remains in the decisioning loop by design.

Correlated risk scoring

Income-to-debt ratio, LTV discrepancy, and guarantor exposure assessed in combination for the first time. Applications with individually unremarkable signals but correlated risk patterns are flagged for enhanced review.

Guarantor correlation discovery

Three applications arrived in the same week with individually unremarkable risk profiles. The Athena layer identified that all three shared a common guarantor node — a single individual guaranteeing exposure across three separate household borrowings. The combined exposure was material. Without the correlated view, all three would have proceeded independently.

AML parallel scoring

Live from October 2025. AML risk scoring runs in parallel with underwriting rather than sequentially after decision. Validated during a 90-day parallel run against the manual AML process. The compliance team confirmed output equivalence before the manual process was retired.

Phase 4

Full Production & Portfolio Layer

Q4 2025–ongoing

Full production across all four source systems was confirmed in June 2025. The engagement transitioned from deployment to post-deployment expansion. The portfolio-level monitoring layer — tracking geographic concentration, guarantor network exposure, and LTV distribution across the active book — became operational in Q1 2026 as a quarterly risk committee instrument.

DORA compliance posture

The Digital Operational Resilience Act requires financial institutions to demonstrate operational continuity and third-party risk governance. The Aegis layer provided the audit trail and access governance evidence required for DORA documentation. No additional compliance tooling was purchased.

Finanstilsynet readiness

AML Act 2018 obligations are met through the structured compliance pipeline: every application now has a documented AML review timestamp connected to its credit decisioning event. The gap that previously existed between underwriting and compliance timelines has been closed in the audit record.

Capacity transformation

Approximately 1,080 staff hours per month previously spent on file assembly, document re-requests, and manual status tracking were redirected to credit judgment. Underwriters now spend their time on applications that are genuinely ready for decision — not on resolving the ambiguity of what “ready” means.

04 · Results to Date

What changed.

Measured across the 12-month window from January 2025 to January 2026. All six branches in full production from June 2025.

Decision cycle

~11 days→

~4 days

Validated, 12-month window

Document re-requests

Baseline→

−55–60%

Gaps surfaced in minutes vs days

Compliance backlog

Baseline→

−~33%

Structured review pipeline

Capacity redirected

~1,080 hrs/mo→

Credit judgment

From file assembly to analysis

AML scoring

Manual only→

Live

Parallel-run validated, Oct 2025

Portfolio monitoring

Did not exist→

Live

Quarterly risk committee instrument

Nature of the change

The eleven-day approval cycle was not slow because people worked slowly. It was slow because the system required underwriters to manually verify readiness conditions that should have been structurally enforced. The four-day cycle is not faster processing — it is the removal of time spent resolving definitional ambiguity.

Capacity redirection

The approximately 1,080 hours per month previously spent on file assembly, document re-requests, and manual status reconciliation were not eliminated. They were redirected: underwriters now apply that time to credit judgment on applications that are structurally ready for decision.

05 · Observations

What this case revealed.

Replacement was the wrong answer

The prior consulting engagement recommended replacing TietoEVRY — the core banking platform that the institution had operated for years and understood completely. That recommendation would have taken eighteen to thirty-six months to execute, cost multiples of what the actual engagement cost, and solved a problem that did not require new systems. The definitional work resolved the same gap in six weeks, above the existing infrastructure, without displacing anything. The institution retained its systems and gained structural coherence.

Branch adoption required calibration, not persuasion

Three branches adopted the readiness signal within two weeks. Two required on-site calibration sessions. The highest-volume originator required three calibration sessions and a parallel run. This was not resistance — it was evidence that the definitional layer was exposing something real: each branch had developed slightly different informal definitions of application readiness. The calibration sessions resolved the remaining definitional gaps at the branch level, not the system level.

Advisory mode as architectural decision

The Athena risk scoring layer was deployed in advisory mode and has remained in advisory mode. This was not a transitional arrangement pending full automation — it was a deliberate architectural decision. The institution’s credit officers provide the judgment that connects risk signal to lending decision. The infrastructure provides the correlated signal. This division of function is permanent, not provisional.

The guarantor node discovery

Three applications arrived in the same week with individually unremarkable risk profiles — none would have triggered enhanced review under the previous process. The Athena layer identified that all three shared a common guarantor node: a single individual guaranteeing exposure across three separate household borrowings. The combined exposure was material. The correlation was invisible without the unified entity graph. This discovery occurred five months after deployment — not during onboarding, but in ordinary production operation.

The data existed in four systems. The meaning existed in none of them. That is the gap definitional infrastructure closes.
Stathon deployment conclusion

06 · Forward

Forward roadmap.

In production

Application readiness signal across all four source systems

AML parallel scoring (validated, October 2025)

Portfolio concentration monitoring (Q1 2026)

In pilot

Broker performance scoring (three highest-volume relationships)

Application quality benchmarking by origination channel

On roadmap

Cross-lender guarantor exposure detection

Norwegian lending consortium infrastructure participation

Q1 2026

Portfolio concentration monitoring

Geographic, guarantor-network, and LTV exposure analysis. Now operational as a quarterly risk committee instrument. The lender has for the first time a structured view of where risk is accumulating — not just within individual applications, but across the portfolio as a whole.

Q2 2026

Broker performance scoring

Application quality benchmarking by origination channel. In pilot with three highest-volume broker relationships. The scoring model evaluates completeness rates, re-request frequency, and compliance gap incidence by broker — not loan officer assessment, structural evidence.

2026

Cross-lender guarantor exposure

Extending guarantor detection beyond own portfolio where inter-lender data sharing permits. The guarantor correlation capability discovered during Phase 3 has potential network-level implications. Participation in any future Norwegian lending consortium infrastructure is being evaluated.

07 · Engagement Parameters

Deployment record.

Engagement typeVault Tier · Financial Services

Engagement startJanuary 2025

Phase 1 completeFebruary 2025

Full productionJune 2025

Current phasePost-deployment — expansion

Core banking platformTietoEVRY Banking-as-a-Platform

Regulatory frameworkFinanstilsynet · AML Act 2018 · GDPR · DORA

Systems modifiedNone — batch extract + webhook integration

Stathon · Definitional Infrastructure Company. Client identity anonymized at the institution's request. Operational metrics and system references reflect the actual deployment environment.

← Back to Field Reports