Skip to main content

🏛️ Product Vision & Constitution

We are building a Saudi-native business operating system powered by ERPNext, designed to help companies run their core operations with modern UX, built-in compliance, and intelligent automation.

This is not a dashboard product, not a spreadsheet replacement, and not simply an ERP customization. It is a business execution environment that combines the depth of ERP with the clarity of a premium interface, the trust of local compliance, and the leverage of AI.

This vision is urgent because Saudi businesses face ZATCA Phase 2 enforcement, PDPL compliance requirements, and Vision 2030 digitization pressure simultaneously.

The Core Thesis

"Your AI Co-CEO, Always at Your Side." BayanCore’s AI is not a bolted-on chatbot; it is a persistent, ambient intelligence layer that lives alongside every workflow. It understands the entire business context, executes complex tasks across modules, and proactively guides the user—all in natural Saudi Arabic. It transforms the ERP from a system of record into a system of action.

The Five Layers

BayanCore's product architecture is structured into five distinct layers:

1. Modern Experience Layer

  • Aesthetics: Liquid, glassmorphic, premium interface.
  • Native Design: Arabic-first and RTL-native, not LTR translated.
  • Simplicity: Navigation in 3 taps, optimized dual Hijri/Gregorian date pickers, reduced cognitive load.

2. Execution Layer

  • Kernel: Uses ERPNext v15+ as the underlying database and ledger engine.
  • Objects: Workflows, approvals, tasks, and documents exist as first-class objects.
  • Access Control: Strict role-based permissions preventing manual spreadsheet overrides.

3. Intelligence Layer

  • AI Assistants: Assistive AI built directly into employee workflows rather than generic chatbots.
  • In-Kingdom: Embeddings and inference run strictly in Oracle Cloud Infrastructure (OCI) Riyadh.
  • Tiered Agency: Ask, Act, and Automate framework with deterministic guardrails.

4. Compliance Layer

  • Automation: Pre-submission ZATCA Phase 2 checks, VAT 15% calculation, and Wage Protection System (WPS) files.
  • Auditability: Immutable, tamper-evident audit logs with Gregorian & Hijri timestamps.
  • PDPL: Absolute data residency compliance, local storage, and granular data-purging.

5. Infrastructure Layer

  • Hosting: 100% hosted on OCI Riyadh (primary) and Jeddah (Disaster Recovery).
  • Deployment: Containerized microservices running on OCI Kubernetes Engine (OKE).
  • Resiliency: Multi-AZ clustering with automated failover and sub-hour RPO.

Operating Principles

  1. Saudi First: We optimize for ZATCA, PDPL, and Arabic workflows before global parity.
  2. System Over Surface: We build the transaction engine, not just the dashboard display.
  3. Compliance is Product: Regulation is not a checkbox; it is our primary competitive moat.
  4. Clarity Over Configurability: Opinionated, sensible defaults beat endless settings.
  5. Ship to Learn: Weekly releases to validate operations against real Saudi business data.

Core UX/UI Paradigm: The Modern OS Feel

BayanCore rejects the clunky, form-heavy paradigms of legacy ERPs. We are building a consumer-grade, high-density operating system for business. (See full details in the Design System)

  • Embedded, Not Appended: A collapsible, glassmorphic side panel (right-aligned for LTR, left-aligned for RTL) that travels with the user.
    • Accessibility Rule: Glassmorphism is used for the container only; actionable cards inside must have solid, high-contrast backgrounds for WCAG compliance.
  • Mini-Apps Inside Chat: The AI doesn't just output text; it renders interactive UI components (charts, approval cards, ZATCA validation badges) directly in the conversation stream.
  • Multimodal & Voice-First: A prominent mic button accepts spoken Saudi dialects (Najdi/Hejazi). Ideal for warehouse and field operations.
  • AI Tuning / Focus Mode: Users can toggle the AI between Co-pilot (highly proactive), Assistant (reactive/critical only), and Focus Mode (hidden) to prevent the "Clippy annoyance factor."

The Saudi-First Moat (Competitive Differentiators)

Our defensibility lies in our deep, native integration into the Saudi business ecosystem. (Deep dive: Saudi-First Moat | Regulatory Landscape)

  1. True Dialect & Cultural Nuance: Understands code-switching (Arabic/English business terms) and cultural contexts (e.g., scheduling around "بعد صلاة العصر").
  2. ZATCA Compliance Guardian: Intercepts errors before submission using a Local Validation Engine. Never relies on real-time external government API calls for keystroke validation. (Tech specs: ZATCA e-Invoicing)
  3. WhatsApp as a First-Class Citizen: A secure WhatsApp bot for executives. Requires Step-Up Authentication (Biometric/OTP via mobile app) before releasing sensitive metrics like cash balance.
  4. Federated Benchmarking (Network Effect): Provides anonymized industry insights (e.g., "Your logistics costs are 18% higher than Riyadh retail average"). Enforces strict K-Anonymity ($k \ge 10$) to prevent competitor de-anonymization.

Agentic Capabilities

The AI is divided into specialized agents bound by strict RBAC. (Full topology: AI Architecture | Prompt & Tool specifications: Agent Tooling and Prompts)

Agent TypeFunctionExample ActionTooling Spec
Action AgentExecution & Workflow Chaining"Run payroll" $\rightarrow$ fetches attendance, calculates GOSI, drafts ledger entries, presents approval card.[API/Schema Specs](../ai/agent-tooling-and-prompts.md#action-agent-tools)
Information AgentRead-Only & Semantic RAGAnswers queries, generates charts, and explains anomalies using internal knowledge bases.[RAG Ingestion](../ai/data-pipelines.md)
Proactive CockpitPush NotificationsPushes morning briefings, anomaly detections, and compliance deadlines to the user.[Scheduler Specs](../ai/agent-tooling-and-prompts.md#proactive-triggers)
Onboarding AgentAutonomous TrainingGuides new users through workflows via voice and UI highlighting.[Interactive UI Guide](../ai/capabilities.md)

Security, Compliance & Data Sovereignty

Zero compromises on data residency and enterprise security. (Deep dive: Security Architecture | Compliance Overview)

  • PDPL & Local Cloud: Zero cross-border data transfer. LLMs are hosted entirely on Saudi soil (Google Dammam, Oracle Jeddah, AWS/Alibaba Riyadh).
  • PII Redaction Gateway: A fail-safe layer that masks PII and exact financial figures before any data reaches the LLM.
  • Strict RBAC Integration: The AI Agent's toolset is strictly bound to the active user's Role-Based Access Control.
  • Audit Trails & Human-in-the-Loop: The AI drafts, the human approves. Action logs explicitly state: "Action [X] executed by [User] via AI Assistant."
  • Session Memory Security: Redis Context Layer uses strict TTL and session-termination hooks to instantly purge conversational context upon logout/timeout, preventing context leakage.

Final SOTA Architecture Diagram

The Execution Roadmap (How We Build This)

This vision is executed through six strategic steps. Each step maps directly to a dedicated section in this documentation.

Step 1: Market, Personas, Workflows & JTBD (The "Who" and "Why")

Before writing backend code, we map the operational reality of Saudi SMEs in Contracting and Trading.

Step 2: The Core Deterministic Engine (The "Body")

The hardcoded, non-AI math and logic engines (Financial Ledger, ZATCA XML, Project WIP, Landed Costs, GOSI/Nitaqat).

Step 3: The "OS" Design System & Frontend (The "Face")

The RTL-first CSS architecture, high-density data grids, and optimistic UI state management.

Step 4: Integration & Middleware Layer (The "Nervous System")

Connecting BayanCore to Qiwa, Muqeem, GOSI, ZATCA, Open Banking, and local e-commerce (Salla/Zid).

Step 5: Multi-Tenant SaaS & Database Design (The "Skeleton")

Row-level security, schema-per-tenant isolation, and database indexing for heavy financial reporting.

Step 6: Go-To-Market, Pricing & Pilot (The "Launch")

The wedge strategy (e.g., ZATCA + Trading Inventory), pricing tiers, and the Riyadh sales playbook.

Phase 1 Non-Goals

To maintain focus, we explicitly will NOT build:

  • ❌ A custom General Ledger accounting or payroll calculation engine (we extend ERPNext).
  • ❌ On-premise deployments or hosting on clouds outside the Kingdom (e.g. AWS US/EU).
  • ❌ A public API developer marketplace.
  • ❌ Compliance templates for non-Saudi regions.
  • ❌ Custom user interfaces per customer.
  • ❌ AI agents that post financial ledger transactions without human validation and approval.

Key Success Metrics

The product vision is successful when Saudi businesses begin to use the platform as their primary operating environment.

  • FWCR (First-Workflow-Completion-Rate): >80% across core workflows.
  • ZATCA Latency: <2 seconds for invoice stamping/clearance.
  • Spreadsheet Reduction: <5% of financial and operational work performed in external spreadsheets.
  • NPS (Net Promoter Score): >40 from cohort beta users.
Document Control & Routing Rules

This is the Master Source of Truth for the BayanCore product vision. To prevent document duplication, adhere to the routing rules defined in the Main Index:

Version 1.1 — June 2026 | BayanCore Group