Awa means river in Te Reo Māori. We named it that because we believe audit documents should flow — from client to team — without friction, without chasing, without chaos.
Audit clients aren't disorganised — they're overwhelmed. They're running businesses while responding to document requests they don't fully understand. Awa meets them where they are: one upload zone, plain language guidance, and an AI that handles the filing. When you make it easy to do the right thing, people do the right thing.
Awa's AI classifies documents and suggests where they belong — but a human always confirms. We don't believe in black-box automation for audit work. Every classification has a confidence score. Every action has an audit trail. The AI is a capable assistant, not an unsupervised agent. That's not a limitation — it's a design principle.
We don't rely on prompts or policies to keep data safe. Our AI physically cannot send documents to email addresses not registered by a human. Every engagement is isolated at the database level. Even a fully compromised AI can't leak data across engagement boundaries. Security isn't something we added — it's how we built the foundations.
Awa was born from a simple observation: audit teams spend more time managing documents than reviewing them. The PBC lifecycle — request, chase, receive, classify, file, chase again — is the most manual, repetitive, and frustrating part of an engagement.
We built Awa because we believed AI could handle the sorting, filing, and chasing — so auditors could get back to the work that actually requires professional judgement.
Based in Auckland, New Zealand. Built for the way audit firms actually work.
Engagement locking, controlled unlocks, and full audit trail built into every workflow.
All data hosted in Supabase Sydney (ap-southeast-2). Your data stays close to home.
Input sanitisation, prompt architecture, output validation, access enforcement, and audit logging.
SOC 2 Type II certification underway. We're building for the compliance bar your clients expect.
All data encrypted in transit and at rest. Documents stored in isolated, encrypted buckets.
Every classification, confirmation, upload, and retrieval is logged with timestamp and actor.