Trusted agent platform
A guarded agentic AI system for regulated banking support
Built with LangGraph, retrieval, guarded tool execution, audit envelopes and a multilingual regression tests across French, German and English
Demo and agent UI
Start with the guided walkthrough, then open the interface to chat, inspect live traces, guarded execution and escalation flows in action
Customer
Ma carte a ete volee. Peux-tu verifier mon compte ?
Tessera
I can help, but account lookup is blocked until identity is verified. I am escalating this with redacted evidence
Live guard trace
Open the interactive interface to explore live traces and guarded execution
Before action
Tool arguments checked before execution
Replayable
Failure catalogue lives as JSON test cases
Structured
Every guard decision is inspectable
Explicit
Low confidence becomes a handoff
Scope
A concrete assembly for one regulated European banking support workflow
3
Languages
French, German, English
40
Failure cases
CI-gated non-regression set
4
Quality layers
Guard, eval, audit, escalation
4
Regulatory corpora
DORA, CNIL, BaFin, GDPR
What it proves
Tessera shows that guarded tool calls, multilingual grounding, audit evidence, and escalation paths can work together in one concrete banking support flow
mcp-firewall
Sensitive tool calls are checked before execution with allow, deny, transform, and redaction decisions
Regression suite
Documented failure cases are replayed against the agent graph so safety behavior can regress loudly
JSON evidence
Each guard decision records the policy rule, rationale, target tool, redacted arguments, and operational timestamps
Reviewer node
Low-confidence or high-stakes turns route to escalation instead of pretending the answer is certain
Multilingual operating surface
Each language path shows how Tessera routes the request, applies the relevant regulator context, checks the guard, and keeps the customer reply controlled
France
Je veux contester un paiement carte visible depuis hier
Germany
Meine Karte wurde gestohlen. Kannst du mein Konto pruefen?
Cross-border EU
Can you explain why my loan simulation changed?
Regression scorecard
Tessera treats known agent failures as JSON test cases. Each case declares the failure pattern, the check that must pass, and the expected bounded behavior before the demo can be trusted
Catalogue
40 cases
Locales
FR / DE / EN
Gate
eval.yml
Output
JSON + markdown
Prompt injection
Prompt injection
PII leakage
PII leakage
Citation hallucination
Citation hallucination
Overconfident action
Overconfident action
Scenario spotlight
An unguided agent might answer with whatever tool result is easiest to fetch. Tessera treats the banking situation as the product surface: urgency, ownership, disclosure risk, and escalation all change the route before a tool is allowed to run
Customer turn
The request combines urgency and fraud. The account lookup path is no longer the right default
Route contrast
Looks helpful, leaks context
The assistant optimizes for an answer before ownership, urgency, and disclosure risk are resolved
Guarded, auditable handoff
The system keeps the user moving toward help while preserving a reviewer-ready trail
Controlled execution path
Each customer turn moves through routing, retrieval, guard checks, audit emission, and a final response or escalation path
Classify language, intent, and urgency before planning
Pull product and regulation context from pgvector
Check sensitive tool calls through policy before execution
Emit structured evidence for reviewer and operator views
Answer, decline, or escalate with confidence signals
Delivery assurance
The strongest signal is not a single UI screen. It is the chain from local quality gates to deployed infrastructure, with an on-prem path when regulation changes the deployment boundary
Build gate
The system is framed as software that must keep compiling, typing, and replaying
Safety gate
Known agent failures are catalogued as JSON test cases instead of left as anecdotes
Hosted path
The frontier path is deployable with managed runtime, secrets, logs, and monitoring
Local path
The on-prem mode keeps the banking story credible when data cannot leave the perimeter
Try the system
Visitors should be able to leave the case study and test Tessera for themselves. This block will point to the deployed dashboard as soon as the public URL is available
Customer
Ma carte a ete volee. Peux-tu verifier mon compte ?
Tessera
I can help, but account lookup is blocked until identity is verified. I am escalating this with redacted evidence
Live guard trace
Test the multilingual banking-support flow with guarded tool calls
Inspect policy decisions, redactions, policy rules, and reviewer evidence
Replay known failure cases and see what still needs work
Operating evidence
The diagrams show how Tessera is assembled: agent orchestration, guarded tools, audit evidence, cloud and on-prem paths, and evaluation checks
LangGraph orchestration, retrieval, guarded tools, audit sinks, and dual LLM deployment paths
Failure cases move through schema validation, multilingual replay, scoring, and CI gates
Operating model
Tessera treats banking support as a controlled workflow: language, intent, policy, tool permission, audit evidence, and escalation remain visible from the first message to the final handoff
Architecture summary
Router, planner, reviewer and workers are separated so useful work and controlled action remain distinct
Account lookup, card blocking and transaction search stay behind policy checks and auditable decisions
Vertex AI and Cloud Run cover the frontier path; Ollama and Llama 3.3 70B keep an on-prem option explicit
LangGraph agent, FR / DE / EN prompts, audit trail, guard adapter, JSON eval test cases
Public demo URL, mcp-firewall upstream contribution, German escalation calibration
Open-source & transparent
Tessera stays honest about what it contributes: an end-to-end regulated assembly with reusable dependencies, visible guardrails and documented failures
Related Projects
Open channels
Follow the work
AI engineering, data platforms and applied machine learning, shared through practical case studies and shipped systems
Privacy-friendly analytics may be used to understand aggregate visits and improve the site experience.
