Plans built for the size of your firm
Every plan includes the complete audit trail, supervisory controls, and policy enforcement engine. Pick the tier that matches your firm size.
Solo & Small Firm
Up to 10 employees
$1,500/mo, billed annually
- Complete audit trail
- Sensitive-data detection & alerting
- Policy enforcement at the API layer
- Cost & usage attribution
- All major AI providers
- 1-year retention
- Email support
Most popular
Growth Firm
Up to 50 employees
$3,000/mo, billed annually
- Everything in Solo & Small Firm
- Supervisory review workflow
- Marketing rule controls
- Model access controls by team
- Budget guardrails & Slack alerts
- SSO / OIDC
- 3-year retention
- Quarterly compliance review
- Priority support
Established Firm
50-200 employees
$6,000/mo, billed annually
- Everything in Growth Firm
- Custom retention up to 7 years
- Dedicated implementation
- Named customer success manager
- Real-time anomaly detection
- Role-based access controls
Large Firm
200+ employees
Customstarts at $12,000/mo, billed annually
- Everything in Established Firm
- VPC or self-hosted deployment
- Annual security review
- Multi-tenant administration
- Dedicated solutions engineer
All plans include implementation support and a 60-day pilot. Cancel anytime.
Questions you're probably asking
How does TinyFox work?
TinyFox sits between your firm's applications and your AI providers as a proxy. You change one endpoint URL per provider — no SDK, no code changes. Every request and response flows through TinyFox, where it's logged, scanned, and policy-checked in real time.
How long does setup take?
Most firms are live within two weeks. Configuration itself takes about an hour per AI provider. The remaining time is for your compliance team to review supervisory rules, retention settings, and team policies before turning capture on firm-wide.
Which AI providers are supported?
OpenAI and Anthropic via API today. Browser-based tools (ChatGPT, Claude, Copilot, Gemini) via our Chrome extension — coming May 2026. One dashboard, one audit trail, one cost view across every provider your team uses.
What if we already use a compliance archive (Smarsh, Global Relay, MyComplianceOffice)?
TinyFox works alongside them, not against them. We capture and supervise AI interactions; archives like Smarsh and Global Relay capture email, chat, and voice. Today we provide structured exports your archive vendor can ingest. Native integrations with the major archives are on our roadmap — talk to us if your firm needs a specific one.
How do you handle data security for our clients' information?
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Audit logs are append-only and tamper-resistant once written. We never train on your data. Established Firm and Large Firm tiers include self-hosted or VPC deployment so client data never leaves your environment. SOC 2 readiness is on our roadmap for our design partner phase.
What rules is TinyFox built around?
TinyFox captures the artifacts most AI governance regimes call for: complete prompt and output records, user attribution, supervisory review trails, and access controls. For RIAs that maps to the Investment Advisers Act recordkeeping and compliance program rules; for broker-dealers, FINRA's supervision, books-and-records, and communications rules. Your compliance team uses our exports as evidence for whichever frameworks apply to your firm.
Can I upgrade between plans?
Yes. As your firm grows, move from Solo & Small to Growth, Established, or Large at any time. Your audit trail, retention, and configuration carry over — no migration required.
How is pricing structured?
Flat annual subscription, priced by firm size (employee count). No per-call billing, no surprise overages. Talk to us if your firm sits between tiers and we'll work it out.
Ready to give your compliance program the evidence it needs?
Book a 15-minute call. We'll walk through how TinyFox maps to your firm's supervisory and recordkeeping obligations.