EnforceCore EnforceCore

Securing AI-Powered Financial Analysts

This is a reference scenario demonstrating how EnforceCore can be applied in financial services. It is not a client testimonial.

Financial analyst agents process sensitive data — account numbers, transaction histories, and personally identifiable information. When deployed as autonomous AI systems, they need hard runtime boundaries.

The Threat Model

An AI agent built with LangGraph or CrewAI to assist financial analysts may:

  • Leak customer PII in its responses (names, SSNs, credit card numbers)
  • Execute unauthorized queries against production databases
  • Exceed cost budgets through uncontrolled API calls
  • Produce no verifiable record of what it accessed or modified

Static prompts like "do not share sensitive data" offer no guarantee. The model can be jailbroken, hallucinate tool calls, or simply misinterpret instructions.

Applying EnforceCore

EnforceCore intercepts every tool call at runtime. Here's how a financial services team would configure it:

name: "financial-analyst-policy"
version: "1.0"

rules:
  allowed_tools:
    - search_market_data
    - calculate_portfolio_risk
    - generate_report

  denied_tools:
    - execute_shell
    - send_email
    - write_file

  pii_redaction:
    enabled: true
    categories: [email, phone, ssn, credit_card, name]
    strategy: placeholder

  resources:
    max_tokens_per_call: 4000
    max_cost_usd_per_session: 2.00
    max_calls_per_minute: 20

on_violation: block

What This Enforces

  1. Tool gating — only search_market_data, calculate_portfolio_risk, and generate_report are allowed. Any other tool call is blocked before execution.
  2. PII redaction — emails, phone numbers, SSNs, credit card numbers, and names are automatically redacted from agent outputs.
  3. Cost control — the agent cannot exceed $2.00 per session or 4,000 tokens per call.
  4. Audit trail — every action is logged to a tamper-proof Merkle-chained log for compliance review.

Expected Outcomes

Metric Without EnforceCore With EnforceCore
PII exposure risk High (model-dependent) Eliminated (regex + policy)
Unauthorized tool calls Possible Blocked at runtime
Audit trail None or best-effort Tamper-proof Merkle chain
Cost overrun risk Unbounded Hard budget limits
Compliance readiness Manual review Automated enforcement

Compliance Mapping

This configuration directly addresses requirements from:

  • EU AI Act — Article 9 (risk management), Article 13 (transparency), Article 14 (human oversight). See our EU AI Act compliance mapping.
  • GDPR — Article 25 (data protection by design), Article 30 (records of processing). See our GDPR compliance mapping.

Try It

pip install enforcecore

Define your policy, wrap your agent, and every action is enforced. See the Quickstart Guide to get running in 5 minutes.