AI & Business Intelligence

Your data answers
your questions.

YBNW One's intelligence layer is not a bolt-on analytics tool. It is built directly into the data layer — the same Supabase PostgreSQL tables your modules write to are the ones the AI reads from, in real time, scoped to your workspace only.

Read-onlyAI data access
0ETL delay
Workspace-scopedall queries
100%audit logged

Architecture

How the intelligence layer works.

No separate data warehouse. No nightly sync. No stale dashboards. The AI and analytics modules query your live operational database directly through a read-optimised view layer.

Single Source of Truth

All 172 database tables live in a single Supabase PostgreSQL instance. Finance, HR, Projects, CRM, Compliance — all in the same database, workspace-scoped via Row-Level Security. The intelligence layer reads from this single source. No data duplication, no ETL pipeline to fail, no lag between "a transaction happened" and "the AI knows about it."

Workspace Isolation

Every AI query runs inside the requesting user's workspace context. Row-Level Security policies enforce this at the PostgreSQL level — not the application layer. Even if the AI assistant were compromised, it cannot return data belonging to a different workspace. The isolation is structural, not policy-based.

Read-Only Enforcement

The AI module connects via a read-only Supabase role with no INSERT, UPDATE, or DELETE permissions. The AI cannot create records, modify data, or trigger any write operation regardless of what query is constructed. Enforced at the database user permission level, not application code.

Full Audit Trail

Every AI query and response is logged: user ID, timestamp, query text, response text, tables accessed, execution time. Audit logs are immutable and available to workspace administrators. Queries against sensitive financial or HR data are permanently recorded.

Permission-Aware Responses

The AI respects the requesting user's RBAC permissions. A user without VIEW_ALL_INVOICES cannot retrieve financial data by asking the AI. A user without VIEW_HR_ANALYTICS cannot query salary data. Permissions checked before constructing any query — not after.

Real-Time Answers

The AI queries live tables directly, so answers reflect the current state of the business at the moment of the query. "What is our outstanding AR balance?" returns the sum of all open invoices right now — not yesterday's figure. Standard analytical queries return in under 3 seconds.

Module: AI Assistant

Ask questions. Get answers from your own data.

The AI assistant is a natural-language interface to your business data. Type a question, get a structured answer sourced from live records.

What you can ask

"What is our current cash position?"
Returns opening bank balance plus confirmed AR inflows minus confirmed AP outflows within the current week's cash flow forecast window.
"Which projects are running over budget?"
Queries the projects table, compares actual_cost to budget, returns all over-budget projects with variance amounts sorted descending.
"Who hasn't completed mandatory training?"
Cross-references completion records against mandatory course assignments per role. Returns employee list with course name, due date, and days overdue.
"What is our pipeline value this quarter?"
Sums value × probability for all open CRM opportunities with expected close date in the current quarter. Returns weighted and unweighted totals.
"Which compliance controls are overdue?"
Queries compliance tracker for controls where next_review_date is past and status is not compliant. Returns framework, control ID, owner, days overdue.
"What did we spend on travel last quarter?"
Aggregates expenses where category is Travel within the last quarter. Breaks down by department and top individual spenders.

What the AI cannot do

Cannot modify data

Zero write access to any table. Cannot create invoices, approve requests, update statuses, or modify any record regardless of what it is asked.

Cannot access other workspaces

RLS policies at the database layer make cross-workspace queries structurally impossible. Cannot be prompted into revealing another tenant's data.

Cannot bypass permissions

A Viewer-role user asking about payroll data gets permission-denied. Permissions are checked before constructing any query.

Cannot send data externally

Internal tool only. All outputs stay within the workspace session. No external API connections, no data transmission outside the platform.

Module: Predictive Forecasting

Forecasts built from your actual operational data.

Revenue Forecast

Aggregates confirmed invoices due in period + CRM pipeline weighted by probability (value × probability/100 per opportunity) + recurring revenue from active contracts. Three forecast lines: confirmed, probable (weighted), and optimistic (full pipeline). Updates in real time as pipeline changes.

Cash Flow Forecast

13-week rolling forecast. Inflows: AR invoices by due date. Outflows: payroll run dates (exact), AP invoices by payment date, purchase orders by delivery. Each week shows opening balance, inflows, outflows, closing balance. Configurable low-balance alert threshold.

Headcount Forecast

Forward projection: current headcount + active requisitions (by expected hire date) − historical attrition rate by department. Shows headcount by department for next 6 months. Identifies periods falling below minimum staffing levels.

Project Completion Forecast

Agile: forecasts completion using current sprint velocity vs. remaining backlog. Waterfall: uses task completion rate vs. remaining tasks. Flags overruns at least 2 sprints before the deadline — not after it is missed.

Procurement Demand Forecast

Forecasts stock depletion dates per SKU based on 90-day consumption rate. Generates predicted reorder dates. Aggregates total procurement spend forecast for next quarter vs. procurement budget.

KPI Trajectory Forecast

For KPIs with 6+ historical data points, a trend line projects forward to end of current period. Identifies KPIs on declining trajectories before they breach the warning threshold — managers see it coming, not after.

Domain Analytics

Pre-built analytics across every module.

Each business area ships with its own pre-built analytics view. No configuration required.

Financial Analytics

Revenue by month, COGS breakdown, gross margin %, operating expense trend, net profit by period, invoice aging analysis, DSO, DPO, budget vs. actual by department and project.

Project Analytics

Project delivery rate (on-time/late/cancelled), average overrun %, budget variance distribution, resource utilisation across portfolio, milestone completion rate, EVM metrics (CPI, SPI), change request approval rate.

HR Analytics

Headcount trend by department, voluntary and involuntary turnover rate, time-to-hire by role level, cost-per-hire, absenteeism rate, overtime trend, training completion rate, gender pay gap by grade.

CRM Analytics

Pipeline velocity (avg days lead to close), stage-to-stage conversion rates, win rate by source/owner/sector, average contract value trend, customer acquisition cost, support ticket resolution time, NPS trend.

Compliance Analytics

Framework compliance % by month, control status breakdown per framework, open audit finding age distribution, risk heatmap current state, DSAR response time compliance.

Procurement Analytics

Total spend by vendor/category/department, PO approval cycle time, 3-way match exception rate, vendor performance score distribution, contract renewal calendar, single-source supplier concentration risk.

Document Intelligence

Extracting data from documents automatically.

Receipt OCR

Expense receipts scanned on upload: extracts vendor name, date, total, VAT amount, and payment method. Pre-populates expense form fields. Employee reviews and confirms. Reduces expense submission time from ~90 seconds to ~15 seconds per claim.

Invoice Extraction

Vendor invoices uploaded to AP are scanned: extracts invoice number, date, vendor, line items, amounts, tax, and due date. Extracted data pre-populates the AP record for three-way match against the purchase order.

Contract Metadata

Contracts uploaded to DMS: extracts party names, effective date, expiry date, contract value, and governing law. Extracted metadata populates the Contract Management module record, pre-seeding the renewal alert calendar.

Document Search

Full-text search across all document metadata and extracted content in the DMS. Results respect cabinet-level access permissions — users only see documents in cabinets their role permits. Ranked by relevance with matched text excerpts.

See it in action

Every answer your business needs is already in your data.

Book a demo and we will show the AI assistant, forecasting, and analytics modules working with a live workspace.

Book a Demo AI Security Details