Fintech

    Control AI in lending decisions, fraud detection, and customer-facing automation — with hard limits, policy, and tamper-evident audit on every regulated decision, before it executes.

    A customer-support workflow drafts a response touching an account number. A higher-risk transaction workflow reaches for a non-approved model. A low-priority analytics job floods the provider during a critical reporting window. No one noticed until the bill arrived.

    Keel evaluates a permit before each provider call, using the rules your team defines, and writes a tamper-evident record of every decision.

    Where Systems Break Down

    • A retry loop added to a customer-support workflow silently doubles spend; no one notices until the invoice lands
    • A model upgrade rolls into a high-volume workflow and cost per call jumps 8× before finance can catch it
    • A prompt containing an account number routes to a non-approved provider because no rule blocked it
    • An auditor asks who authorized a specific disclosure — and the answer is "we have logs"
    • Finance asks for per-business-unit AI spend — engineering reconciles from provider invoices and internal tickets for a week

    What Stops Before the Provider Call

    Every request is evaluated at the permit seam. Unsafe, unbudgeted, or unauthorized requests don't reach the model.

    • Policy gates — provider, model, and workflow choices are checked against authored rules before dispatch; mismatches never reach the model
    • Budget enforcement — per-tenant, per-business-unit, and per-workflow budgets evaluated before the provider bill accrues
    • Throttle as a first-class outcome — HTTP 429 with Retry-After for lower-priority flows during peak windows
    • External attestation gate — challenge sensitive workflows until an approved reviewer, an internal approval service, or an existing customer-operated upstream control attests that execution may proceed

    Example Rules You Can Enforce

    Plain English, backed by the policy engine today.

    • "Customer comms only on zero-retention providers." Deny when the workflow is customer communications and the routed provider's data retention is not zero.
    • "Any transaction above $10,000 is blocked unless it routes through an audited model and a sanctioned risk-tier workflow." Deny when the transaction amount exceeds $10,000 and either the selected model is outside the risk-approved allowlist or the workflow is not in the sanctioned risk-tier set.
    • "Market-close window throttles non-critical workflows." Throttle requests during the close window when workflow priority is below critical.
    • "High-sensitivity disclosure workflows require external attestation before execution." A challenge decision holds the request until an approved reviewer or upstream control attests the workflow may proceed.

    Where the Firewall Strengthens the Baseline

    The prompt firewall runs a platform-wide baseline every project inherits. Your team can add fintech-specific detectors on top — never weaken below the floor. Detectors are evaluated before provider dispatch; blocking matches precompute a deny outcome and are recorded in the decision details. This layer screens request content; the decision still happens at the permit.

    • PAN, credit card, IBAN, SSN, and account-number patterns
    • MNPI and embargoed-language lexicons — earnings terms, deal code-names
    • Broker-dealer restricted-communication patterns
    • AML sanctions watchlist terminology

    What the Decision Record Proves Later

    This is what your auditor will ask for. Every evaluated request produces a permit — the decision artifact that survives the conversation.

    • Permit — the unit of governance; decision, reason, rule basis, provider, model, budget state
    • Stable reason code — machine-readable codes that mean the same thing across every audit, replay, and SDK
    • Tamper-evident per-project chain — every governance event participates in a chain that makes modifications detectable on later review
    • Cryptographically signed export — Ed25519 signed, verifiable via included CLI, for SOC 2, regulatory audit, or procurement review
    • Externally anchored checkpoint — signed chain snapshots published to storage outside the runtime, on a regular cadence
    • RFC 3161 timestamp receipt — external timestamp witness evidence from an authority Keel does not control

    Cost Now, Compliance Later

    Cost. Provider charges don't show up on the CFO dashboard until the bill arrives. Keel blocks unbudgeted and out-of-policy execution at the permit seam — before the provider call, not during month-end reconciliation. When estimated cost diverges from actual cost, the usage ledger supports correction, not just reporting.

    Compliance. SOC 2, regulatory review, and procurement all ask the same question — who made this request, under what rule, using which provider and model, and why was it allowed? The permit answers it. The signed export produces it. The externally anchored checkpoints and independent timestamps let an auditor verify the record against a party Keel does not control.

    If a request shouldn't have run, it shouldn't reach the provider.

    Next