Most legacy pawn systems weren't built encryption-first β customer DOB and DL numbers often sit unprotected, and few can tell you who viewed which record. ODIN encrypts every PII column at rest, audits every PII read, and lets you export all of your data anytime β your records are never held hostage.
Every PII column (DOB, DL number, DL state, address, SSN fragment) is encrypted at rest with authenticated column-level encryption (AES + HMAC-SHA256). Searchable lookups use an HMAC-SHA256 hash sidecar so 'is this a returning customer?' doesn't decrypt every row. A stolen database file yields ciphertext, not an identity-theft pack.
Every read of a customer's DOB, DL, or address writes an audit_log entry with employee ID, IP, user-agent, and timestamp. State examiner asks 'who looked at this customer's record?' β we have the answer.
Form 8300, OFAC, MLA, ATF 4473, CDD, GLBA, TCPA β all checked BEFORE the operator commits a transaction. Compliance Copilot dismissals are also logged so override patterns surface.
Square handles every card-present + card-not-present transaction. We never touch a primary account number (PAN). PCI assessment is the cheapest tier (SAQ-A).
Automated nightly snapshots with a verified off-site copy β to a USB/NAS path, a synced cloud folder, or your own S3-compatible target β plus a documented, tested restore runbook. Off-site copies inherit the encryption of the destination you choose.
Your data is yours. One-click export of customers, tickets, inventory, payments, and audit logs anytime, plus a documented exit path. ODIN is proprietary, but never a black box to you β no hostage situation, ever.
Every regulation that touches a pawn transaction. Mature means built and validated end-to-end ahead of our July 1, 2026 go-live. Partial means the framework exists, last 10% on the roadmap.
| Regulation | Status | Notes |
|---|---|---|
| Form 8300 (26 USC Β§6050I) | Mature | Pre-hoc detection + structuring band (31 USC Β§5324) |
| OFAC SDN (31 CFR Part 501) | Mature | Auto-screen on every customer + transaction |
| MLA / SCRA (10 USC Β§987) | Partial | MLA 36% MAPR cap + SCRA active-duty gate built; production DoD/DMDC API key provisioning in progress |
| ATF 4473 + Bound Book (18 USC Β§923(g)) | Mature | A&D entries + 4473 capture + eForm metadata |
| GLBA Safeguards (16 CFR Part 314) | Partial | 7y log retention + customer redaction; ISP review pending |
| GLBA Privacy Rule (16 CFR Part 313) | Mature | Annual privacy notice + right-to-cure |
| TILA APR disclosure | Mature | APR computed + included on every pawn ticket |
| TCPA SMS opt-in | Mature | Disclosure snapshot + STOP keyword + audit |
| CDD Rule (31 CFR Β§1010.230) | Mature | ID-state vs address-state mismatch detection |
| BSA / SAR | Partial | Framework exists; SAR filing pipeline manual |
| ECOA Reg B (15 USC Β§1691) | Partial | Pending-notices framework built; adverse-action notice generation on the roadmap |
| CPSC recalls (15 USC Β§2068) | Mature | Recall list integration on inventory intake |
For DPA / GLBA disclosure purposes. We update this list any time we add or remove a sub-processor; customers are notified by email 30 days before any change.
Our incident response policy follows GLBA Safeguards Rule Β§314.4 + state breach-notification statutes (NC GS Β§ 75-65 + 49 other states). Customers affected by any incident involving their data get notified within 72 hours, with a full post-mortem within 30 days.