Type-Checked Compliance: Deterministic Guardrails for Agentic Financial Systems Using Lean 4 Theorem Proving
Paper β’ 2604.01483 β’ Published β’ 7
YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
Agentic AI Security & Governance Strategy for Large Financial Organizations
A Dual-Perspective Framework: CISO + Principal Data Scientist / AI Architect
This repository contains a comprehensive, research-backed strategy document for governing and securing Agentic AI systems in large financial organizations.
π What's Included
- Full Strategy Report β The complete dual-perspective framework
π― Who This Is For
| Role | What You'll Find |
|---|---|
| CISO | Threat models, 4-layer defense-in-depth security controls, regulatory compliance mapping (SEC/FINRA/OCC/EU AI Act), incident response framework, red team program |
| AI Architect / Principal Data Scientist | 5-layer governance control plane architecture, guardrail stack design, observability architecture, developer standards |
| CRO / Board Risk Committee | Risk taxonomy, maturity model, KPIs, implementation roadmap |
| Vendor Management | 7-dimension vendor assessment framework, risk tiering, contractual requirements |
π Research Foundation
Grounded in 25+ peer-reviewed papers (2024β2026), including:
| Framework | Paper | Link |
|---|---|---|
| TRiSM for Agentic AI | Trust, Risk, Security Management for multi-agent systems | 2506.04133 |
| MI9 Runtime Governance | 6-component runtime governance with Agency-Risk Index | 2508.03858 |
| NVIDIA Safety Framework | Dynamic framework with 10K+ attack traces | 2511.21990 |
| AgentDoG | 3D risk taxonomy + diagnostic guardrail models | 2601.18491 |
| SAGA (NDSS 2026) | Cryptographic security architecture for agents | 2504.21034 |
| Lean-Agent Protocol | Formal verification for financial AI | 2604.01483 |
| POLARIS | Governed execution for financial back-office | 2601.11816 |
ποΈ Key Components
- Comprehensive Threat Taxonomy β 4 risk classes, 20+ attack vectors specific to agentic AI in financial services
- Defense-in-Depth Controls β 4 security layers mapped to financial regulations
- 5-Layer Governance Control Plane β From agent identity to lifecycle management
- Maturity Model β 5 levels from Ad-Hoc to Optimizing
- SaaS Vendor Assessment β 7-dimension checklist with 35+ criteria
- 18-Month Implementation Roadmap β Phased rollout with milestones
- KPI Dashboards β For both CISO and AI Architect perspectives
β οΈ Key Statistics
- 98% of IT professionals plan to expand AI agent usage, 96% view them as security threats
- 75% of multi-tool agents vulnerable to cross-tool attacks
- 80% of frontier models vulnerable to skill-file prompt injection
- Only 54% have full visibility into AI agent data access
π License
This document is provided for educational and strategic planning purposes. Please cite the underlying research papers when referencing specific frameworks or findings.
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support
Papers for sudarsonisb/agentic-ai-security-governance-financial
AgentDoG: A Diagnostic Guardrail Framework for AI Agent Safety and Security
Paper β’ 2601.18491 β’ Published β’ 125
POLARIS: Typed Planning and Governed Execution for Agentic AI in Back-Office Automation
Paper β’ 2601.11816 β’ Published
A Safety and Security Framework for Real-World Agentic Systems
Paper β’ 2511.21990 β’ Published
SAGA: A Security Architecture for Governing AI Agentic Systems
Paper β’ 2504.21034 β’ Published