Active pilot · Regulated financial institutions

Authorization
Network for
AI Agents.

Before an AI agent executes — AIIAN proves it's authorized. Scoped, time-limited, payload-bound. Default-Deny.

No admissibility proof. No permission issued. No execution path opened.

Request Invitation Try the demo
POST /aiian/evaluate
Request
{
  "action_type": "payment.execute",
  "agent_id":    "agent-sg-01",
  "payload": {
    "amount":       2800000,
    "currency":     "GBP",
    "counterparty": "XY Corp"
  }
}
Response · 141ms WOULD_RELEASE 
{
  "decision":     "WOULD_RELEASE",
  "pao_id":       "pao_a3f7c291",
  "expires_in":   300,
  "payload_hash": "sha256:7f3ab2…",
  "evidence_id":  "evd_88c4f1"
}

Live response · AIIAN Cloud Sandbox

Works with your stack

Claude Code LangChain AutoGen MCP Server REST API Azure AI Foundry
DORA MiFID II Basel III J-SOX FCA

The chain-of-command problem

AI agents don't just
recommend. They execute.

A Singapore clearing agent receives an instruction from a Tokyo orchestrator. It can verify the instruction came from another agent. It cannot verify that a human authorised it, that the amount is within limits, or that the counterparty passed sanctions screening — unless something upstream enforced those checks and left proof.

Four failure modes. All silent. All undetectable at the execution boundary.

Identity spoofing — agent claims authority it was never granted
Payload tampering — instruction modified between agents
Replay — valid instruction re-executed against a new position
Race — two concurrent agents exceed a shared limit

Tokyo · Orchestrator Agent

"Execute settlement · ¥420,000,000 · Counterparty XY"

Singapore · Execution Agent

Identity verified. But: sanctions? Limits? Human approval?

No way to know. No proof exists.

External Settlement System

Executed. Irreversible. £2,800,000 moved.

How it works

Prove before execute.
Default-Deny.

An authorization check at the execution boundary — not in the prompt, not in the agent, not reconstructed after the fact.

1

Propose

Before executing a high-consequence action, the agent calls AIIAN with the full action payload.

POST /aiian/evaluate
→ action_type, payload, agent_id

2

Evaluate

AIIAN checks the request against an approved ControlPack. Default-Deny: denied unless all conditions explicitly pass.

identity_verifiedPASS
amount_within_authorityPASS
sanctions_clearPASS
human_approvedPASS
3

Execute

A signed, single-use PAO is issued. The execution boundary verifies it. Action proceeds — or stays blocked.

pao_a3f7c291 · valid 5min
payload-bound · single-use

Policy is never inside the prompt. Evidence written to audit trail regardless of outcome.

What AIIAN provides

The full execution
control stack.

One governance layer above all agent frameworks. The same authorization network — regardless of what stack your agents run on.

Signed Authorisation Proof

Single-use, time-limited PAO bound to the approved policy, proposed action, execution route, and time. Cannot be replayed against a different instruction.

Default-Deny Policy Engine

Agents ask AIIAN before they act. Denied by default — only explicitly authorised operations within defined risk budgets are released. Policy is never in the prompt.

Signed Audit Trail

Every authorise and block decision written to a tamper-evident signed event at the moment of evaluation. Ready for regulatory review, underwriter verification, or internal audit.

Shared Risk Budget

Multiple agents share a governed risk limit. When one consumes capacity, others see the updated ceiling in real time — not on the next reporting cycle.

Delegated Scope Chain

Child agents inherit scope, not authority. Permitted action types, amount ceiling, and expiry must remain a strict subset of the parent — verified before every authorisation.

Governor Review Queue

Above-threshold actions pause for human review. Reviewers approve or reject via a secure interface. Every review is countersigned and QR-linked to a verifiable evidence page.

AIIAN Cloud Sandbox

Test the authorization
layer before
you deploy.

Shadow-mode execution control. Run realistic payment scenarios against two pre-configured demo ControlPacks — no production system connections required.

  • Evaluate actions — WOULD_RELEASE / WOULD_INHIBIT / NEEDS_APPROVAL
  • Issue and verify sandbox PAOs
  • Execute mock payments against PAO lifecycle
  • Retrieve signed evidence records
Get sandbox key
AIIAN Cloud Sandbox 
# Evaluate a payment action
curl -X POST \
  https://aiian-gate-node.../sandbox/actions/evaluate \
  -H "X-Sandbox-Key: sbx_..." \
  -H "Content-Type: application/json" \
  -d '{
    "tenant_id":   "demo_bank",
    "agent_id":    "my-agent-01",
    "action_type": "payment_instruction.create",
    "payload": {
      "amount":          450000,
      "counterparty_id": "cp_acme",
      "sanctions_status":"clear"
    }
  }'

# Response
{
  "decision":          "WOULD_RELEASE",
  "evidence_record_id":"evd_3a9f12",
  "payload_hash":      "sha256:b4c2f…",
  "severity":          "none"
}

Regulatory compliance

Built for regulated
environments.

DORA Art.28

ICT risk management for EU financial entities

MiFID II

Algorithmic trading controls & audit trails

Basel III

Operational risk & internal controls framework

J-SOX · FCA

Japan & UK financial services governance requirements

Compliance flags attached to every decision event automatically. Machine-verifiable internal control evidence for AI-initiated transactions.

Get started

If your agents act,
AIIAN controls
the gate.

Active pilot with regulated financial institutions. Settlement, FX, procurement, contract commitments — if your agents execute high-consequence transactions, we want to talk.

Pilot access is by invitation. We respond to every request personally. No sales funnel.

Email hello@aiian.ai Try the live demo

Initial focus: financial institutions operating under DORA, Basel III, MiFID II, and J-SOX.