7 purpose-built agents that recommend, prepare, validate and generate evidence — bounded by Cerbos policy, tenant isolation, maker-checker and audit trail. Sensitive actions remain approval-gated.
Catalog
Each agent is a discrete SKU with its own scope, policy bounds, inputs, outputs and tier. Click any agent to expand its evidence contract.
Generates audit, regulator, and Shariah-board packs from approved data.
Assembles regulator-ready evidence bundles (controls, attestations, fatwa references, audit trails) on demand. Sources are tenant-scoped and immutable. Every pack is reproducible, signed, and timestamped.
Explains breaks across ledger, core, ISO 20022 messages, and statements.
Takes a reconciliation break and walks the full chain — ledger journal entry → core banking record → ISO 20022 message → counterparty statement. Returns a structured RCA with citations to every system of record.
Checks missing approvals, policy gaps, AAOIFI/IFSB evidence, control failures.
Continuously scans contract lifecycles, workflow states, and Cerbos decision logs for missing approvals, expired attestations, and Shariah-governance gaps. Surfaces findings ranked by severity.
Helps customers integrate APIs, configure webhooks, run conformance tests.
A developer-experience copilot that reads the IOF OpenAPI spec, the customer's sandbox traffic, and webhook delivery logs to diagnose integration issues, suggest fixes, and run conformance suites.
Summarises liquidity, exposures, limits, FX positions; Basel & BCBS 239 evidence.
Surfaces real-time liquidity coverage, large-exposure breaches, FX positions, and limit utilisation. Generates BCBS 239-aligned evidence on data lineage and timeliness — never executes treasury actions.
Supports LC lifecycle review, discrepancy summaries, document checklist assistance.
Walks the documentary-credit lifecycle — issuance, advising, presentation, examination, settlement — and produces UCP 600 / ISBP 821 discrepancy summaries. Always returns the named clause; never approves a discrepancy.
Generates regulator, board, investor, and management reports from approved data.
Composes regulator filings, board packs, investor letters, and management dashboards from approved tenant data. Every report includes a data-lineage manifest and a reproducibility hash.
Use cases
The same agents serve banks, partners and buyers — each with the safety contract, evidence trail and approval gates intact.
Reduce manual reconciliation, prepare regulator filings faster, and surface compliance gaps before audit. Every action remains under maker-checker.
Reconciliation Investigator narrates each break across ledger / core / ISO 20022 / counterparty statement; humans approve postings.
Evidence Pack Agent produces signed regulator-ready bundles. Reproducible, hash-pinned, exported in one click.
Compliance & Governance Agent flags missing approvals, expired attestations, and Shariah-board gaps in near-real-time.
Safety & governance
IOF agents are governed, scoped, auditable copilots. They do not bypass IOF APIs, Cerbos policy enforcement, tenant boundaries, maker-checker, or evidence requirements. Agents can recommend, prepare, validate, and generate evidence. Sensitive actions remain approval-gated.
The hard rule
No IOF agent moves money, executes a transaction, releases a regulator filing, or commits a tenant to any action without an authenticated human approval recorded in the audit trail.
Every agent call resolves to a Cerbos decision against the same ABAC policies that bind human principals. No agent can request a resource its principal cannot access. Decisions are logged to the audit trail with full attribute snapshots.
Approval-gated actions stay approval-gated. Agents can prepare, draft, and recommend, but the second human signature remains a hard requirement. We never short-circuit two-person controls.
Agent calls inherit the calling principal's tenant_id. Cross-tenant traversal is structurally impossible — denied at the API gateway, the policy engine, and the database (row-level security).
Every agent output carries a manifest: data lineage, model + version, prompt hash, retrieval set, decision log. Reproducible, signed, and admissible to auditors. No ungrounded answers.
Agents call IOF rails through the same authenticated, rate-limited, observable APIs as any other client. There is no privileged backdoor — agents are first-class principals subject to the same controls.
Where the agent is uncertain, it abstains and surfaces the uncertainty with a structured confidence score. We prefer a clear 'I cannot determine this' over a confident hallucination.
Engineered for
Including EU AI Act Annex III high-risk obligations: documented risk management, data governance, human oversight, accuracy / robustness, cyber-security, and post-market monitoring.
Plans
Cerbos enforcement, tenant isolation, maker-checker and signed evidence packs are baked into every plan — never sold as upsells. Commercial terms are scoped to your jurisdiction and call volume — we discuss them on the first call.
Build with confidence on a sandbox tenant. Integration Copilot included.
Start in sandboxReconciliation + Trade Finance copilots wired into one production tenant.
Talk to salesFull catalog. Multi-tenant. BYOC option. Compliance & evidence at audit grade.
Book an enterprise demo| Agent | Sandbox | Professional | Enterprise |
|---|---|---|---|
| Evidence Pack Agent | |||
| Reconciliation Investigator Agent | |||
| Compliance & Governance Agent | |||
| Integration Copilot | |||
| Treasury / ALM Agent | |||
| Trade Finance Agent | |||
| Reporting Agent |
Agent evidence packs
A regulator should be able to take any agent-generated artefact and verify, in isolation, that it is exactly what the system says it is. That is the bar. Below is the manifest schema every IOF agent emits.
{
"schema_version": "1.0.0",
"pack_id": "ep_2026Q1_aaoifi_demo-bank",
"tenant_id": "demo-bank",
"framework": "AAOIFI Shariah Standards (SS-8 → SS-39)",
"generated_at": "2026-04-24T08:14:00Z",
"generated_by": {
"principal_type": "AGENT",
"agent_id": "evidence-pack-agent",
"model_family": "claude-opus-4-7",
"model_vendor": "anthropic",
"supervisor_user_id": "usr_alice@demo-bank"
},
"approvals": [
{
"approver_id": "usr_alice@demo-bank",
"role": "TENANT_ADMIN",
"approved_at": "2026-04-24T08:13:55Z",
"signature": "ed25519:5b8f...e1a"
}
],
"evidence": [
{
"type": "contract",
"id": "ctr_murabaha_4f2c",
"shariah_structure": "Murabaha (commodity)",
"fatwa_reference": "SB-2026-0143",
"ledger_entries": ["led_8a2e", "led_8a2f"]
},
{
"type": "control_attestation",
"control_id": "AAOIFI-SS-8-3.4",
"attested_by": "usr_omar@demo-bank",
"attested_at": "2026-04-22T14:00:00Z"
}
],
"reproducibility": {
"commit_sha": "0a0fe3b9c…",
"policy_bundle_hash": "sha256:6e1c…",
"input_hash": "sha256:7d22…",
"output_hash": "sha256:c0b5…"
}
}Sample manifest — your packs will reference your own tenant, principals, and approved data only.
Cryptographically signed
Every pack carries an Ed25519 signature from the approving principal. Tampered packs fail verification at the auditor's tooling.
Reproducible
Each pack pins commit SHA, policy bundle hash, input retrieval hash, and output hash. Re-running with identical inputs reproduces identical bytes.
Maker-checker recorded
Every pack lists the human approver(s), their role, the timestamp, and the signature — so the audit trail is intrinsic to the artefact.
Framework-aware
Packs are templated per framework: AAOIFI, IFSB, SOC 2, GDPR, PSD2, ISO 27001, Basel III, FATF, MiCA, DORA, EU AI Act.
Lineage-complete
Every claim cites the upstream contract, ledger entry, control attestation, or messaging event. No orphaned figures.
Auditor-friendly
Bundle ships as a signed ZIP with a JSON manifest, a Markdown summary, and a PDF executive overview — no proprietary readers required.
Demos
Live demos run against a sandbox tenant. Real schemas. Real Cerbos checks. Real evidence outputs. Zero customer data.
Watch the Evidence Pack agent assemble an AAOIFI quarterly compliance bundle from approved Murabaha and Ijarah contracts, with Shariah board fatwa references.
Request access
Tell us your jurisdiction, the agents you care about, and your preferred timeline. A named human will reply within one business day. We do not auto-respond.