Xoxoday Plum’s AI features are architecturally isolated as independent, modular services that can be toggled off during an incident without disrupting transactional operations or reward fulfilment.
Modular AI architecture by design
Xoxoday Plum separates its AI layer from its foundational infrastructure. Recommendation engines, smart prompts, and content generation run as discrete services layered on top of the core rewards, incentives, and payout engine. This means technical or security teams can disable individual AI services in response to an incident without taking down the broader platform. This architectural choice is deliberate. Incident response windows are tight, and a tightly coupled system would force a full platform shutdown to isolate a single misbehaving component. With Xoxoday Plum’s modular design, the scope of any intervention stays narrow and controlled.Which AI features can be toggled independently
Xoxoday Plum’s AI-driven capabilities — fraud detection, predictive analytics, automated content moderation, and reward recommendations — each operate as independently deployable services. Fraud detection monitors redemption patterns and flags anomalies in real time. Predictive analytics surfaces engagement trends for programme managers. Automated content moderation applies configurable policy rules to user-generated content. Reward recommendations personalise catalogue suggestions based on recipient behaviour. Each of these runs independently from the transactional layer that processes payouts, catalogue access, and HRMS integrations with Workday, SAP SuccessFactors, and Darwinbox. Disabling any AI feature does not interrupt live redemptions or pending fulfilments.Incident response in practice
Consider a scenario where a fraud detection model begins producing false positives at scale, incorrectly flagging legitimate reward redemptions. With Xoxoday Plum’s modular setup, engineering or security teams can disable the fraud detection service while the issue is investigated, allowing employees to continue redeeming rewards without interruption. The same isolation applies to AI-powered notification features that surface through Slack or MS Teams integrations. This capability is especially relevant for organisations operating under compliance frameworks such as ISO 27001 or SOC 2 Type II, where incident response procedures must demonstrate that AI-related risks can be contained without causing cascading service failures.Recovery and re-enablement
Once an incident is resolved, individual AI components can be re-enabled and validated in isolation before returning to production. Xoxoday Plum supports staged rollouts at the service level, so teams can confirm stability without risking a repeat of the triggering condition. This keeps both security posture and programme continuity intact throughout the remediation cycle. Learn more: [Xoxoday Plum Help Centre — AI policy](How does Xoxoday Plum handle data security and compliance?
Xoxoday Plum’s security posture, including SOC 2 Type II attestation and ISO 27001 certification.
What AI features does Xoxoday Plum offer?
A breakdown of Xoxoday Plum’s AI-powered capabilities, from fraud detection to personalised reward recommendations.