For accounting & advisory firms

Your firm's knowledge lives in partners' heads and scattered client files. Estratos turns it into one governed memory that every agent — Claude, Codex, Copilot — reads at exactly the right scope, with a partner's sign-off before anything changes.

The pain

The same context, re-explained on every engagement

A junior asks an assistant to draft a VAT return and gets generic HMRC boilerplate — because the AI has never heard that this client is on a special method agreed in 2023, or that another is flat-rate, or that a third has partial-exemption rental income. Every quirk that a partner carries in their head has to be re-typed into every chat, in every tool. Nothing accumulates, and a junior's mistake only surfaces at review — if it surfaces at all.

  • The special methods and scheme elections live in one partner's memory
  • House style for management commentary is re-explained per assignment
  • A junior's agent has no idea what it isn't allowed to assume
  • Knowledge walks out the door when someone leaves

How Estratos maps your firm

Clients, then services — the way you already think

Model the firm as an ordered hierarchy: root → clients → services. Scoped memory attaches to one folder; a tagged rule attaches to a whole layer — or to one value across it — so a policy you write once applies to every engagement it should.

A concrete example

root.pennine-joinery.vat a scoped memory on one client's VAT service: this client is on the flat-rate scheme layer: services a layer-wide tagged memory: how the firm formats working papers, on every service services = vat a value-targeted tagged memory: the VAT sign-off checklist, applied to every VAT engagement across all clients

Ask for root.pennine-joinery.vat and Estratos returns the whole picture — the client's scheme, the firm's working-papers standard, and the VAT sign-off checklist — assembled in a fixed order, never one memory on its own.

A day in the life

A junior drafts, an agent remembers, a partner signs off

A junior opens Claude to prepare the quarterly VAT return for Brackenfield Care and points it at root.brackenfield-care.vat. Estratos hands the agent the client's profile — welfare services are exempt, partial exemption uses the special method agreed with HMRC in 2023 — alongside the firm-wide working-papers standard and the VAT sign-off checklist. The draft comes back right the first time, because the agent knew not to revert to the standard method.

Mid-conversation, the junior notices the approval letter reference should be recorded on the client. They ask the agent to remember it. Because a junior is a Basic user, that write doesn't publish — it enters the firm's review queue as a proposal, visible only to them until a partner looks at it.

A partner opens the queue, sees the proposed change as a clean diff, adds a note, and approves. Now every future engagement — and every agent — inherits it. Nothing reached shared memory until someone with authority signed off.

app.estratos.ai/w/acme/review
The Estratos review queue for an accounting firm: a list of pending proposals on the left, including a VAT special-method memory proposed by a staff member via Claude Desktop, and a detail pane on the right showing the proposed Markdown as a green diff with Reject, Request changes, and Approve & publish actions.
A junior's agent proposed the change; a partner approves it as a diff — one click from publishing.

The governance payoff

Shared memory is only safe for a firm if it is controlled. Estratos makes the controls the product.

1

Partners guard the tagged policies

A scoped change to one client can be approved by any Admin. A tagged change — one that touches every client, like a firm-wide VAT policy — requires an Owner. The rules that matter most need the most senior sign-off.

2

Every change is versioned and reversible

Each memory keeps its full history with author and change type. Roll back to any earlier version in one click; deletes write a tombstone, never a hard delete. Nothing a junior's agent proposes is ever lost or silent.

3

One audit trail across people and agents

Logins, token grants, every MCP tool call, and every memory change are recorded with actor, target, and time — web and agent activity in one place. Memory content is never written to the audit log.

4

Hard isolation between firms

Every organization's data is separated at the database layer with PostgreSQL row-level security, enforced even against raw SQL. Your clients' data is yours alone.

Questions firms ask

Can a junior's agent change client memory without oversight?

No. Basic users propose; their creates, edits, and deletes — whether typed in the app or written by their agent over MCP — enter a review queue as a diff. A pending proposal is visible only to its author until an Admin or Owner approves it.

How does an agent know which client's rules to apply?

It asks for a scope path like root.brackenfield-care.vat. Estratos walks the hierarchy and returns that client's scoped memories plus the tagged rules for that layer and value — in a fixed order. Paths address scopes, never a single memory.

Is our data isolated from other firms?

Yes — every tenant-owned table enforces PostgreSQL row-level security, so cross-firm reads and writes fail even via raw SQL. Legal terms and our sub-processors are on the legal pages.

Give your firm one governed memory

Start a 14-day trial, model your clients and services, and connect Claude in minutes. No credit card required.