-
-
canopy logo
-
dashboard view
-
ai assistant
-
task view
-
data management
Canopy
The portfolio platform for green lending.
Inspiration
Financial institutions are under increasing pressure to demonstrate that their lending practices support environmental sustainability. The Loan Market Association has established Green Loan Principles that require banks to track borrower emissions, verify sustainability claims, and report on environmental impact throughout the loan lifecycle.
Currently, most institutions manage this process through spreadsheets, email chains, and manual document reviews. Borrower emissions are tracked in one file, milestones in another, and evidence documents are scattered across shared drives. When compliance reports are due, data must be pulled manually from multiple sources and assembled by hand.
This creates real operational risk. There is no single source of truth for borrower status, no audit trail for regulatory review, and no visibility into portfolio-wide emissions trends. The system depends entirely on individual loan officers remembering to update their spreadsheets.
We built Canopy because this problem is only getting worse. Green lending portfolios are growing, regulatory requirements are tightening, and the tools that exist are either enterprise systems that cost a fortune or more spreadsheets with a nicer interface.
What it does
Canopy is a desktop application that loan officers use daily to manage their green loan portfolios. It provides a single source of truth for every ESG-linked loan, from initial onboarding through final repayment.
The following table summarizes the key problems and how Canopy addresses each one:
| Problem | Before | With Canopy |
|---|---|---|
| Data fragmentation | Spreadsheets, emails, shared drives | Single borrower profile with all related data |
| Compliance reporting | Manual assembly from multiple sources | One-click report generation |
| Audit trail | Non-existent or inconsistent | Automatic logging of all activity |
| Risk visibility | Discovered reactively, often too late | Dashboard highlights at-risk borrowers |
| Security concerns | Cloud apps, credential management | Local-first, data stays on device |
| Adoption barriers | Complex enterprise systems | Clean interface, natural language queries |
Core Workflow
The platform follows a straightforward three-stage workflow. Data enters through guided onboarding, assessments, and evidence uploads. The core portfolio management layer tracks everything in one place. Compliance outputs generate automatically from the data already captured.
┌──────────────────────────────────────────────────────────────────────────────┐
│ CANOPY WORKFLOW │
└──────────────────────────────────────────────────────────────────────────────┘
┌─────────────────┐ ┌─────────────────────┐ ┌─────────────────┐
│ DATA CAPTURE │ │ PORTFOLIO MANAGEMENT│ │ COMPLIANCE │
├─────────────────┤ ├─────────────────────┤ ├─────────────────┤
│ │ │ │ │ │
│ • Onboarding │ ───▶ │ • Dashboard │ ───▶ │ • GLP Reports │
│ • Assessments │ │ • Borrower Profiles │ │ • Audit Trail │
│ • Evidence │ │ • Milestones │ │ • PDF Export │
│ │ │ • Tasks │ │ │
└─────────────────┘ └─────────────────────┘ └─────────────────┘
Stakeholder Benefits
For Loan Officers: Open the dashboard and immediately see who is on track, who is falling behind, and what needs attention this week. Each borrower has their own profile with baselines, targets, and milestones. Documents attach where they belong. When someone misses a target, you see it.
For Compliance Teams: Generate Green Loan Principles reports with one click. The audit trail builds itself because everything gets logged as you work. Every assessment, every milestone, every document has a timestamp and paper trail ready for regulators.
For Leadership: Portfolio-level visibility into emissions trends, risk distribution, and progress toward institutional sustainability commitments. Real data, not assumptions.
How we built it
The Core Design Constraint
Banking institutions require serious security. Any solution that puts sensitive borrower information in the cloud faces months of security reviews and ongoing compliance burden. But security without usability leads to poor adoption. If loan officers hate using a tool, they will find workarounds.
We solved this tension with a local-first architecture. All data stays on the device. There are no servers to secure, no credentials to manage, no data transmission to worry about.
┌─────────────────────────────────────────────────────────────────────────────┐
│ LOCAL-FIRST ARCHITECTURE │
└─────────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────┐
│ ELECTRON DESKTOP APP │
│ │
│ ┌───────────────────────────────────┐ │
│ │ React UI │ │
│ └───────────────┬───────────────────┘ │
│ │ │
│ ▼ │
│ ┌───────────────────────────────────┐ │ ┌─────────────────────┐
│ │ Dexie.js │ │ ○ ○ ○│ Gemini AI │
│ └───────────────┬───────────────────┘ │◄──────▶│ (User-Initiated) │
│ │ │ └─────────────────────┘
│ ▼ │
│ ┌───────────────────────────────────┐ │
│ │ IndexedDB │ │
│ │ (Local Storage) │ │
│ └───────────────────────────────────┘ │
│ │
└─────────────────────────────────────────┘
Data never leaves the device
Design Decisions
The following table explains the rationale behind each major architectural choice:
| Design Decision | Rationale |
|---|---|
| Local storage | Data never leaves the machine. No servers to secure. |
| Offline-first | Full functionality without network connectivity. |
| Read-only AI | Assistant queries data but cannot modify records. |
| Desktop binary | No browser attack surface. No phishing risk. |
AI Integration
The AI assistant connects to Google Gemini for natural language queries. Users can ask questions like "What's happening with Mombasa Solar?" and get immediate answers from their portfolio data.
Critically, the AI only reads data. It uses function calling to retrieve real information from the database but cannot create or modify records. This eliminates hallucination risk in a compliance context where accuracy is essential.
Technology Stack
| Layer | Technology |
|---|---|
| Desktop | Electron |
| UI | React 19, TypeScript |
| Data | Dexie.js, IndexedDB |
| AI | Google Gemini |
| Build | Vite |
| Styling | Tailwind CSS |
Challenges we ran into
Security vs. usability: Any solution putting sensitive borrower data in the cloud faces months of security reviews. But building something so locked down that loan officers hate using it defeats the purpose. Local-first architecture solved both: security through design rather than through complexity.
Making compliance feel natural: Nobody wants to fill out compliance forms. The challenge was making data entry feel like a natural part of the workflow rather than a bureaucratic exercise. The guided onboarding wizard captures everything upfront in a conversational flow. After that, milestones and assessments follow structured patterns. Evidence attaches where you expect it. Reports generate from data you already have.
AI reliability in compliance contexts: Adding an AI assistant to a banking tool is risky. Hallucinations could be catastrophic. We constrained the AI to only retrieve data through function calling. It queries real information from the database and cites actual borrower records, milestone statuses, and task lists. It is a query interface, not an autonomous agent.
Accomplishments that we're proud of
One-click reports: Compliance reports that used to take hours now generate in seconds. The data is already structured; the report just formats it.
Automatic audit trail: Everything gets logged as users work. There is no extra step to maintain compliance documentation because it writes itself.
Zero-configuration security: No servers to secure, no credentials to manage, no VPN required. The application runs locally and works immediately.
Natural language queries: Loan officers can ask questions about their portfolio in plain English. The AI retrieves real data and provides accurate answers with proper context.
The dashboard alone changes how loan officers start their day. Instead of opening six spreadsheets to figure out what needs attention, they see it immediately: who is at risk, what tasks are overdue, which milestones are coming up.
What we learned
The best tools disappear into the workflow. If someone notices they are using a compliance tool, the tool has failed. Canopy works because it feels like a natural extension of how loan officers already think about their portfolios. Compliance documentation is a byproduct of normal work, not an additional burden.
Constraints breed creativity. The security requirement pushed us toward local-first architecture. That choice eliminated entire categories of problems: server costs, scaling concerns, data breach liability, network latency. What seemed like a limitation became our biggest advantage.
Domain expertise matters. Building for green lending without understanding LMA Green Loan Principles, ESG assessment frameworks, and the actual day-to-day of loan officers would have produced a generic tool that solved no one's real problems. The details matter.
What's next for Canopy
The roadmap focuses on expanding capability while maintaining the simplicity that makes the platform usable.
──────────────────────────────────────────────────────────────────────────────
PHASE 1 PHASE 2 PHASE 3
●━━━━━━━━━━━━━━━━━━━━━━━━━━●━━━━━━━━━━━━━━━━━━━━━━━━━━●
│ │ │
│ │ │
Institutional Framework Portfolio
Pilots Expansion Intelligence
│ │ │
Mid-market EU Taxonomy Predictive risk
commercial SFDR Sector
banks Regional standards benchmarking
──────────────────────────────────────────────────────────────────────────────
Phase 1: Institutional Pilots — Deploy with mid-market commercial banks that have dedicated ESG lending teams. Learn from real usage patterns and refine based on feedback from loan officers who use it daily.
Phase 2: Framework Expansion — The core platform handles LMA Green Loan Principles. The same architecture extends to EU Taxonomy alignment tracking, SFDR disclosure requirements, and regional standards as they emerge. Configuration rather than rebuilding.
Phase 3: Portfolio Intelligence — More sophisticated analytics on portfolio-wide emissions trends. Predictive indicators for at-risk borrowers before they miss targets. Benchmarking against sector standards to identify outperformers and laggards.
Canopy — the portfolio platform for green lending.
Log in or sign up for Devpost to join the conversation.