Every financial transaction evaluated before it posts.
Every decision logged. Every signal captured at the moment of evaluation.
CommunityPay is HOA payments and accounting built to stay correct under audits,
turnover, and real-world exceptions. It reduces board workload by making approvals
and records consistent — so you can prove where the money went.
Enforcement-first ledger · Immutable decision records · Guard chain evaluation · Signal snapshot at decision time
Best for
Boards, treasurers, and property managers who need approval workflows they can actually follow, accounting they can actually trust, and records that hold up under scrutiny.
Not designed for
Community social features (events, forums) or resident engagement platforms.
01
The Enforcement Thesis
Most HOA accounting errors share a root cause: decisions that were never logged
and controls that were optional. CommunityPay eliminates both by making enforcement
mandatory and decisions immutable.
Core invariant: No journal entry can exist without an enforcement decision.
No decision can be modified after creation. No bypass goes undetected. A missing decision
record is itself a signal — of a bug or a breach.
Transaction Request
↓ Journal Engine— single posting interface, all entries flow here
↓ Enforcement Dispatcher— mandatory choke point
↓ ↓ ↓ ALLOWBLOCKOVERRIDE log + persist log + reject log + persist (with audit)
Every guard in the chain executes. There is no short-circuiting on pass.
The full signal state is captured at the moment of evaluation, so any decision
can be reconstructed from its snapshot alone.
02
The Layer Stack
The ledger is the foundation — the system of record that everything sits on.
Five data layers build upward from it, each consuming the outputs of the layer below.
Identity and authority set the rules. Financial events generate the raw data.
Behavioral telemetry monitors how the system is used. Attestation makes the record
portable and verifiable. Risk intelligence evaluates everything.
The foundation layer. True double-entry fund accounting with operating and reserve
segregation. Every journal entry flows through a single posting interface and is evaluated
by the enforcement dispatcher before persisting. Production guards
check invariants ranging from balance verification to fund segregation
to debt covenant compliance.
Double-Entry Ledger
Debits equal credits on every entry. Fund-native chart of accounts.
170+ HOA-specific account templates.
Period Controls
Fiscal period and year-end locking. Configurable bank reconciliation
prerequisite for period close. No backdating.
Ledger Integrity Scan
Automated checks: balance verification, orphan detection,
missing enforcement, fund assignment, closed period, control account reconciliation.
Assessment calculation is a system-of-record function, not a spreadsheet exercise.
The platform stores the allocation method, applies it consistently across every unit,
and posts the result through the enforcement-evaluated journal engine.
01
Board approves annual budget.
Total operating and reserve expenses determine the assessment amount the association needs to collect.
02
Allocation method is selected.
The board chooses how to distribute the total across units: equal share, by square footage,
by ownership percentage, by unit type, by bedroom count, or custom weights.
03
Allocation engine computes per-unit amounts.
Deterministic calculation with rounding control. The last unit absorbs remainder
to prevent drift. Every allocation is auditable.
04
Assessment schedule generates invoices.
Monthly, quarterly, or annual cadence. Each invoice posts a balanced journal entry
through the enforcement dispatcher.
05
Unit-level AR tracks payment status.
Aging reports, late fee automation, collection queues. Every payment receipt
clears the receivable with a posted, enforced journal entry.
Enterprise Debt Subledger
Event-sourced loan management for both HOA liabilities and resident receivables.
Every loan state change is an immutable event. Amortization schedules are versioned
and never edited. The subledger balance reconciles to the general ledger daily.
HOA Loans
Term, revolving, construction, bridge, balloon. Fixed or variable rate
with index tracking. Full amortization schedule generation.
Resident Loans
HOA-to-resident lending with recovery plan allocation.
Automatically generates AR invoices for scheduled payments.
Subledger Reconciliation
Daily automated verification that subledger posted balances
match GL control accounts. Hard health alerts on mismatch.
Before a transaction can be evaluated, the platform must know
who is authorized to act, what policies govern them, and what spend limits apply.
Board member tenure, approval workflows, policy snapshots, and enforcement
configurations are all resolved at this layer before any financial event fires.
Board Authority
Board member tenure tracking with role assignments, term dates,
and signature authority for attestation and approval.
Approval Workflows
Multi-level approval chains with configurable thresholds,
escalation rules, and latency tracking.
Policy & Spend Controls
Fund policies, spend limits, and enforcement point configuration.
Every policy change creates an immutable snapshot.
05
Financial Events
Every financial transaction in the system — resident payments, vendor disbursements,
refunds, reconciliation runs. Resident payments flow directly from bank account to HOA
bank account via Stripe Connect. CommunityPay is the platform — not an intermediary
in the funds flow. A provider-agnostic gateway interface ensures business logic never
couples to a single processor.
Direct Bank Transfers
Stripe Connect direct charges. Resident bank to HOA bank.
No commingling. No holding accounts.
Gateway Abstraction
Provider-agnostic interface with a normalized API surface.
Business logic never calls Stripe directly.
Daily Reconciliation
Automated provider-to-ledger reconciliation.
Payment, refund, and payout matching every 24 hours.
The connective tissue between transactional data and governance output.
L3 monitors how the system is actually used — tracking approval latency,
override attempts, and policy violations in real time. These behavioral signals
feed upward into L5 Risk Intelligence, where they inform eligibility evaluation,
exclusion triggers, and governance risk scoring.
Approval Latency
Tracks time from request to decision across all approval workflows.
Surfaces bottlenecks before they become governance failures.
Override & Bypass Detection
Every override attempt is logged with actor, scope, and outcome.
Missing decision records are themselves a signal.
Policy Violation Monitoring
Attempted actions that violate active policies are captured in real-time,
even when blocked by enforcement.
How Telemetry Feeds Risk Intelligence
01
Financial event fires at L2.
A vendor payment, fund transfer, or journal entry is submitted for posting
through the enforcement dispatcher.
02
L3 captures behavioral signals.
Approval latency, override attempts, and any policy violations
are recorded as immutable telemetry records at the moment of evaluation.
03
Signals aggregate into patterns.
Individual records become rates and trends — override frequency,
average approval latency, violation density by category.
04
L5 evaluates risk from telemetry.
Eligibility rules and exclusion triggers consume L3 signals.
High override rates, stale approvals, and repeated violations
feed directly into governance risk scoring and CARI.
05
L4 produces the attestation artifact.
The enforcement decision, its signal snapshot, and the telemetry context
are captured in an immutable, hash-verifiable record.
Vendor Intelligence
Contractor compliance monitoring that combines public record data — licenses,
bonds, insurance, violations, debarment — with proprietary payment history
from the accounting layer below. Compliance signals feed upward into the
risk intelligence layer.
Cross-layer integration. Vendor Intelligence feeds signals into
L2 (Financial Events) via payment history and into L4 (Attestation) via the VECR
attestation artifact. It is not a numbered layer — it is a specialized intelligence
service that enriches the stack.
Every layer generates immutable attestation artifacts designed for third-party
verification. Each artifact includes a SHA-256 content hash computed from canonical
JSON serialization, enabling independent verification that content has not been
altered after generation.
The CARI (Community Association Risk Index) layer generates four additional report types
for third-party subscribers via authenticated API: Lender Report, Insurer Report,
Title/Escrow Report, and Buyer Summary. Each is a signed attestation artifact
with SHA-256 content hash.
The enforcement dispatcher evaluates every journal entry against a configurable
guard chain. Guards are stateless, independent, and composable. The same inputs
always produce the same outputs. Every evaluation creates an immutable decision
record with the full signal snapshot captured at decision time.
Risk Intelligence consumes behavioral telemetry from L3 — override rates,
approval latency, and policy violation patterns — as first-class signals.
13 Production Guards
Balance, closed period, fund segregation, subledger, invariant,
eligibility, bill payment, reversal, trust segregation, vendor risk,
covenant, payment split, interest calculation.
Controlled overrides. Guards can be overridden with explicit authorization,
documented reason, expiration date, and a maximum use count. Every override is linked
to the enforcement decision it enables. There are no silent bypasses.
CARI — Community Association Risk Index. Risk Intelligence
powers CARI, a standardized HOA health score used by lenders, insurers, and
title companies to assess community financial health. CARI consumes signals from
every layer — including L3 behavioral telemetry — to produce a unified
0-100 governance and financial health index.
09
Correctness Over Time
HOA boards turn over. Property managers change. Treasurers rotate.
In most systems, institutional knowledge leaves when people do. Decisions
that were made last year — why a vendor was chosen, why a reserve
transfer was approved, what the board agreed to — become hearsay.
CommunityPay is designed so the ledger is the institutional memory.
Every enforcement decision, every approval workflow, every policy snapshot
persists in the system of record. When a new board member takes office or
a CPA begins an engagement, the full history is there — not in someone's
email, not in a spreadsheet, not in the outgoing treasurer's head.
Survives Board Turnover
Immutable decision records mean a new board inherits complete context.
No lost institutional knowledge. No "we think that's what happened."
Ready for Professional Review
CPAs, auditors, escrow officers, and attorneys can independently
verify the record. Every artifact is hash-verifiable.
Less Error, Less Risk
Enforced controls catch problems at posting time, not at year-end.
The longer the platform runs, the more complete the governance record.
Governance should not depend on who happens to be on the board.
It should depend on a system of record that enforces correctness, logs every
decision, and makes the full history available to whoever needs it next.