CoreFi turns AI agents into auditable banking operators. Every action runs through permissioned APIs, policy checks, audit trails and human approvals — so you get the speed of automation without losing control of the bank.
Generative models are now good enough to read documents, reconcile statements, prepare credit memos and answer customer questions. The constraint is no longer model quality — it is whether a bank can let an agent take an action without breaking permissioning, AML, audit, capital rules or customer trust.
Most "AI in banking" projects stop at chat. A human reads what the model wrote, retypes it into the core system, and the audit trail breaks. CoreFi closes that loop: the agent can call the same APIs your operators and customers use, but every call passes through the bank's permission model, policy rules and approval flows before it touches the ledger.
This matters most where banks currently lose hours per case — onboarding exceptions, credit underwriting, treasury reconciliations, AML alerts, customer service triage. CoreFi takes those workflows from "human does everything" to "agent prepares, human approves" without rebuilding your core, your reviewer dashboards or your regulator-facing audit logs.
CoreFi is model-agnostic. You can run governed workflows on ChatGPT, Claude, Gemini, your own fine-tuned model or a mix — the control plane stays the same. When the regulator asks "what did the model see, what did it decide, who approved it, what changed in the ledger?", CoreFi answers with one record.
Every CoreFi workflow — onboarding, credit, treasury, compliance, service — runs through the same governed lifecycle. The model proposes; CoreFi enforces.
The agent receives a trigger — a new applicant, an inbound payment, a customer message, a portfolio breach, a scheduled reconciliation — and pulls the relevant context from the core, KYC vendor, document store and ledger through permissioned APIs.
The agent drafts an action plan: what it intends to do, which APIs it will call, which limits and rules apply, what evidence supports the decision. The plan is structured, not free text — it is a machine-readable proposal.
CoreFi runs the plan through policy gates before any side effect: role permissions, customer consent, transaction limits, risk thresholds, AML and sanctions filters, model-output guardrails, and any custom rules the bank has configured. Failed checks stop the workflow.
If checks pass, CoreFi executes the plan through the same APIs a human operator would use — open an account, post a journal entry, release a payment, send a customer notification, update a case. Nothing bypasses the core.
Every step — model context, retrieved data, plan, policy decision, API calls, outcomes — is written to an immutable audit log keyed to the workflow, the customer and the model version. Regulators get a single record per case.
When a policy gate routes a step to a human, CoreFi prepares the case in the reviewer dashboard with the evidence, the model's recommendation and the exact action awaiting approval. The human approves, rejects or edits — the workflow resumes from there.
Outcomes feed back into the workflow: which agent recommendations got accepted, which got overridden, which produced exceptions downstream. CoreFi exposes this signal to model owners and risk teams without giving the model uncontrolled write access to its own behaviour.
Each role uses the same 7-step lifecycle. The difference is which APIs it can call, which policies apply, and which humans approve.
Triages KYC and KYB intake: parses ID documents, extracts beneficial owners, runs sanctions and PEP screens, flags risk indicators and prepares a structured review packet. Cuts time-to-decision on clean files; escalates everything else with the reasoning attached.
Approval gate: any high-risk classification, edge-case document or sanctions hit routes to a human reviewer.
Runs credit applications end-to-end: pulls bureau and open-banking data, classifies bank statements, drafts an underwriting memo, suggests a limit and pricing, prepares the offer document. The agent never approves the loan itself.
Approval gate: every credit decision above policy thresholds requires a human underwriter sign-off before the offer is issued.
Watches balances, sweeps, FX exposure, payment queues and counterparty limits across the institution's accounts. Proposes rebalancing actions, flags breaches, prepares end-of-day reconciliation packs and answers treasury questions from operators.
Approval gate: any movement above defined limits or outside approved counterparties is held for treasurer approval.
Investigates AML alerts, transaction-monitoring hits and suspicious-activity cases. Pulls customer history, ranks indicators, drafts the case narrative and prepares the SAR/STR template with supporting evidence — ready for an MLRO to review.
Approval gate: filing decisions, customer offboarding and high-severity case closures stay with the compliance officer.
Handles inbound customer questions across chat, email and in-app. Reads the customer record through permissioned APIs, performs read-only actions itself (statements, balances, status checks) and prepares ticketed write actions for an agent to release.
Approval gate: any monetary action — refund, reversal, fee waiver, limit change — requires a human agent to approve before it is posted.
CoreFi treats agents like any other operator: they get permissions, they hit policy gates, they leave an audit trail, and they wait for a human when the rule says so.
Role-based access, scoped API tokens, transaction and exposure limits, customer-segment rules, jurisdictional restrictions and model-output filters. The agent literally cannot call an API it has not been granted, and the rule set is configurable per workflow, per market and per customer tier.
Workflows declare which steps require a human. CoreFi prepares the case with full evidence — model context, plan, policy result, recommended action — and routes it to the right reviewer dashboard. The human's decision (approve, reject, edit) is logged and resumes the workflow.
Every workflow writes one immutable record: trigger, retrieved data, model and prompt version, plan, policy outcome, API calls, side effects on the core, escalations, human decisions and final state. Exportable for internal review, external audit and supervisory requests.
Short narratives of CoreFi agents in action. The video walkthrough below is a placeholder — full production landing in Wave 3.
[ Demo video — 60–90s walkthrough of the agent lifecycle ]
Production owner: Wave 3 / TBD
A new business applicant uploads incorporated documents from a higher-risk jurisdiction. The Onboarding Agent extracts the beneficial owners, runs sanctions and adverse-media screens, and assembles a structured risk packet. Policy routes the case to a human reviewer with the agent's recommendation pre-filled; the reviewer approves with two clicks. Total handling time: minutes, not days.
A small-business loan request comes in. The Lending Agent pulls 12 months of bank-statement data, classifies revenue and seasonality, drafts the credit memo and proposes a limit and rate. The offer waits for an underwriter to approve before the customer ever sees it. The audit log shows what data the agent read, what it concluded and what the underwriter changed.
At end of day, the Treasury Agent reconciles nostro balances, flags two breaks against expected sweeps, drafts the correcting journal entries and prepares the reconciliation pack. The treasurer reviews, approves the entries, and the corrections post through the core. The whole loop is one workflow record, not a spreadsheet exchange.
No. CoreFi can run as your core or alongside the one you already operate. The AI workflow control plane sits above whichever core holds the system of record and calls it through APIs — same as any other channel.
CoreFi is model-agnostic. You can run workflows on ChatGPT, Claude, Gemini, your own hosted models, or a mix. The control plane, audit log and policy gates do not change when you swap the underlying model.
Three concrete things. Permissions: agents only see and call what they are scoped to. Policy: every action passes through configurable rules before it touches the core. Audit: every step is recorded as one immutable workflow record, exportable for regulators.
Only inside the limits the bank configures. Most banks set monetary actions to require human approval by default; CoreFi prepares the case and waits. The decision of where the human-in-the-loop sits is yours, not the model's.
CoreFi processes customer data through the bank's existing residency and consent rules. The control plane logs which model received which data, when, and under which legal basis. Workflows can be configured to keep specific data classes inside an EU boundary.
The model never executes directly. The plan goes through policy checks; failed checks stop the workflow. If a check passes but the human reviewer disagrees, the override is logged and feeds back into model-quality reporting. The bank keeps the audit trail either way.
Most banks start with one workflow — usually onboarding exceptions or credit memo preparation — running in parallel with the existing process. The workflow either matches the human outcome or escalates. Once accuracy and approval rates stabilise, the bank widens the scope.
If you are on CoreFi core, the workflows are configuration. If you are on another core, CoreFi connects to it through APIs and brings the policy and audit layer with it. Typical first workflow goes live in weeks, not quarters.
We will walk you through the 7-step lifecycle, show the audit log on a real workflow, and scope a first deployment together.