EMILIA FINGUARD · FIN-00X

Pre-execution trust for treasury & payment ops.

FinGuard binds beneficiary changes, vendor remittance updates, and payout destination changes to a one-time, action-bound trust receipt before SWIFT, ACH, Fedwire, RTP, or internal treasury release. The receipt cannot be replayed, cannot outlive its expiry, and cannot be consumed without the exact action it authorizes.

How it works API reference Request pilot

WHY FINGUARD

Most expensive failures happen inside approved-looking workflows.

The session is authenticated. The role has the right permissions. The form passes validation. None of that detects that the vendor's bank account was swapped by a phisher 90 seconds before the wire is released. FinGuard binds the wire to the exact pre-change state. Anything else fails consume.

PROTECTED ACTIONS

Initial FinGuard policy pack.

vendor_bank_account_change

Vendor bank-account change

AP user updates routing before $250K release

beneficiary_creation

Beneficiary creation

New SWIFT-eligible counterparty added

large_payment_release

Large payment release

Treasury releases wire above $50K threshold

ai_agent_payment_action

AI-agent initiated payment action

Autonomous agent triggers a transfer

HOW IT WORKS

Six stages from precheck to evidence.

1

Precheck

Treasury system POSTs the proposed change to FinGuard with before/after state and risk flags.

2

Policy decision

Money-destination changes, large amounts, AI-initiated actions — all routed through deterministic rules.

3

Accountable signoff

Treasury approver must be different from initiator. Approval binds to exact action hash.

4

Trust receipt

One-time receipt with action hash, policy hash, nonce, expiry. SOX-ready.

5

One-time consume

SWIFT/ACH/Fedwire connector consumes the receipt at release. Reuse fails.

6

Evidence packet

Complete event timeline ready for audit, regulator review, and incident reconstruction.

SCENARIOS

What FinGuard catches.

Vendor bank-account swap before payment

AP user changes a vendor's bank account, then immediately submits a $250K payment release. FinGuard requires treasury signoff on the bank change before any release referencing the vendor will consume.

AI agent triggers a transfer

An autonomous agent attempts to initiate a wire. Policy flags ai_agent_payment_action — human signoff required regardless of amount. The agent's receipt is issued in pending_signoff state.

Large payment escalation

Threshold-based escalation: > $50K requires single signoff, > $1M requires out-of-band verification (configurable per workflow).

API

Same v1 surface as GovGuard.

POST   /api/v1/trust-receipts
GET    /api/v1/trust-receipts/{receiptId}
POST   /api/v1/trust-receipts/{receiptId}/consume
GET    /api/v1/trust-receipts/{receiptId}/evidence
POST   /api/v1/signoffs/request
POST   /api/v1/signoffs/{signoffId}/approve
POST   /api/v1/signoffs/{signoffId}/reject

The same v1 product surface powers GovGuard and FinGuard. Action types and policy packs differ; the underlying receipt invariants do not.

Pilot in 30 days.

Pick one workflow — beneficiary change, payout destination change, vendor remittance update, or treasury release approval. We wire it to observe mode. You get the audit of what would have been blocked. Flip to enforce on your timeline.

Request pilot