Problem
What risks existed before engagement?
Autonomous agents executed payments and data operations without a human in the loop. Existing controls — RBAC, post-hoc transaction monitoring, and human sampling — reduced likelihood but left catastrophic states reachable.
Assessment
What trajectories and reachable failure states were evaluated?
Runtime Governance evaluated each agent's proposed trajectories at the execution boundary, projecting the reachable future states of every action chain across treasury, reconciliation, and customer-data workflows.
Findings
What unsafe paths were discovered?
- Unverified-destination transfers were reachable from normal operation (Ω: unauthorized_transfer).
- Limit breaches without approval were admissible (Ω: limit_breach).
- Customer-data reads could egress to external sinks (Ω: data_exfiltration).
Governance Actions
What constraints were implemented?
- Defined Ω for treasury operations.
- Placed runtime governance at each agent's tool-call boundary.
- Enforced verified-destination and approval invariants on all transfers.
- Restricted customer-data reads to internal sinks; denied external egress.
Outcome
What risk exposure was reduced?
The three reachable catastrophic states were made unreachable by construction. Legitimate operations executed unchanged; only Ω-bound trajectories were intercepted, each producing a regulator-ready audit record.
Executive Summary
What would have happened if the issue had remained undiscovered?
Had the unverified-transfer path remained undiscovered, a single unauthorised transfer carried multi-billion-pound exposure and FCA / AML liability. The engagement removed that reachable path before it could become a business event.