One identity, one approval engine, one source of truth.

Every RETRO.FMS module stands on the same foundation: single sign-on with role-based access, an approval matrix that routes any workflow by module, vessel, category, amount, and criticality, controlled documents with evidence tracking, versioned master data, and an offline-first design built for the satellite link. Vessels keep working with no internet for 30 or more days, and reconcile with shore when the link returns.

30+ days offline Vessels keep working, no internet
One approval engine Routed by module, vessel, and amount
Controlled documents Versioned, signed, and tracked
Cross-module BI Dashboards, exports, and APIs

What it covers

The foundation layer

Identity & approvals

Single sign-on, roles and permissions, and a configurable approval matrix with SLA timers and escalations.

Offline resilience

An onboard agent that keeps the vessel working offline and synchronises with shore.

Documents & forms

Controlled documents, evidence, and a forms and checklists builder that works offline.

Data & analytics

Versioned master data and codes, with cross-module dashboards, exports, and APIs.

01

Identity & access

One login, the right access, everywhere.

Single sign-on (OIDC/SSO) with role-based access across the whole platform: roles carry granular page- and action-level permissions, governing who can see and do what in every module.

  • OIDC single sign-on
  • Role-based access platform-wide
  • Page- and action-level permissions
02

Approval engine

Any workflow, routed the way you govern.

A configurable approval matrix routes any workflow by module, vessel, category, amount, and criticality, with SLA timers, escalations, an in-app inbox, and email digests — including exception rules for single source, fewer than three quotes, and over budget.

  • Routing by module, vessel, category, amount, criticality
  • SLA timers, escalations, inbox, and digests
  • Exception rules for single-source and over-budget
03

Offline & sync

Built for the satellite link.

Vessels keep working with no internet for 30 or more days. An onboard agent stores data locally and synchronises with shore over a secure, resumable channel, with field-level conflict resolution and a manual-review queue for safety-critical changes.

  • 30+ days of offline operation
  • Secure, resumable ship-shore synchronisation
  • Field-level conflict resolution with a review queue
04

Documents & evidence

Controlled documents, provable reading.

A controlled-document engine with versioning, controlled copies, distribution lists, read-and-understood tracking, e-signature, watermarking, expiry, and obsolescence management — the evidence locker used by maintenance, HSSEQ, and claims.

  • Versioning, controlled copies, and distribution
  • Read-and-understood tracking and e-signature
  • Watermarking, expiry, and obsolescence
05

Forms & checklists

Your forms, versioned and enforced.

Build and version forms and checklists with validations, assign them to maintenance, defects, audits, and inspections, and enforce mandatory completion — all available offline.

  • Form and checklist builder with validations
  • Assigned across maintenance, defects, audits, and inspections
  • Mandatory completion, offline-capable
06

Analytics & BI

Every module, one analytics layer.

A cross-module analytics layer with data marts, scheduled exports and APIs, and dashboards spanning technical, procurement, HSSEQ, operations, finance, and claims.

  • Data marts across every module
  • Scheduled exports and APIs
  • Dashboards from technical to claims

Offline & sync

The ship keeps working. The record keeps up.

Connectivity at sea is intermittent by nature, so the platform assumes it. Work happens on the vessel’s own instance, changes queue locally, and synchronisation reconciles ship and shore when the link allows — with human review where safety demands it.

Work on board The onboard agent stores everything locally
Sync Secure, resumable, field-level reconciliation
Review Manual queue for safety-critical changes

Also in the platform

The quiet machinery underneath

Master data & codes

Vessels, ports (UN/LOCODE), currencies and FX, Incoterms, HS codes, accounts, cost centres, tax codes, vendors, ranks, permit types, and risk templates — versioned.

Notifications & digests

SLA timers, escalations, an in-app inbox, and email digests across every workflow.

Administration

Roles, approval matrices, and code-list administration that keep the platform consistent.

Questions, answered

Questions, answered

How long can a vessel work offline?

Thirty or more days. The onboard agent stores everything locally and synchronises with shore when the link is available.

How are sync conflicts handled?

Field-level conflict resolution, with a manual-review queue for safety-critical changes.

Is access centrally controlled?

Yes. Single sign-on with roles carrying page- and action-level permissions across every module.

How flexible is the approval routing?

The matrix routes by module, vessel, category, amount, and criticality, with SLA timers, escalations, and exception rules such as single source or over budget.

Can we get data out for our own BI?

Yes. Scheduled exports and APIs sit on cross-module data marts, alongside the built-in dashboards.

One foundation under every module, ship and shore.

Request a demo ← All modules