Fintra Workflow

From a Risky Action to Evidence an Auditor Trusts

A consequential action, a payment, an IAM change, a bank switch, an agent tool call, gets a SentriAI verdict and an Action Trust Score, is sealed to a hash-chained ledger, and is mapped to the SOC 2 controls it satisfies. Later, verify_chain() proves the record has not been touched.

Talk to usFree to start - no card required.
SentriAI · Action to Evidence
ACTION
move $61,000
agent-initiated
VERDICT
HOLD · 88
action trust score
CHAIN
verify_chain() ✓
intact
1 · Action proposedactor + scope captured
2 · Verdict + Action Trust Scoreallow / challenge / block
3 · Sealed to hash-chained ledgerappend-only
4 · Mapped to SOC 2 CC6 / CC7evidence auto-tagged
Live actuationMCP boundary, opt-in
5 · verify_chain() on demandtamper-evident

Illustrative product view

The path from an action to a control it satisfies

In most companies, the moment a risky action happens and the moment you need evidence of it are months apart, and someone reconstructs the trail from logs and email when the audit lands. This flow closes that gap: the decision and the evidence are the same event. When a consequential action is proposed, it is scored, a verdict is attached, the whole thing is sealed to a tamper-evident ledger, and it is mapped to the compliance controls it satisfies, all at the time it happens.

The five governed steps

  1. 1

    1 · Capture the action

    The actor (human or agent), the scope, and the intended effect are captured before anything runs.

  2. 2

    2 · Score and decide

    SentriAI returns an Action Trust Score and a verdict, allow, challenge, or block, computed on deterministic, explainable inputs.

  3. 3

    3 · Seal it

    The action, its score, and its verdict are written to an append-only, hash-chained ledger, so the record cannot be altered after the fact.

  4. 4

    4 · Map to controls

    The sealed entry is tagged to the SOC 2 controls it provides evidence for (for example CC6 access, CC7 monitoring), so evidence collection is a by-product of doing the work.

  5. 5

    5 · Verify on demand

    verify_chain() recomputes the hash chain to prove the ledger is intact, so an auditor can trust the trail without trusting your word for it.

Decision and evidence, the same event

OutputWhat it isWhy it matters
VerdictAllow, challenge, or block with a scoreA decision at the moment of the action
Sealed entryAppend-only, hash-chained recordTamper-evident proof it happened as recorded
Control mappingTagged to SOC 2 CC6 / CC7 and moreEvidence collected as a by-product, not a project
One action, three outputs, at once

Decides, records, can gate, actuates only at the boundary

Frequently asked questions

What does this incident-to-evidence flow do?

It turns a consequential action into audit-ready evidence in one motion: the action is scored, a verdict is attached, the record is sealed to a hash-chained ledger, and it is mapped to the SOC 2 controls it satisfies, so the decision and the evidence are the same event.

What is the Action Trust Score?

A score attached to a consequential action, computed from deterministic, documented inputs such as the actor trust, the autonomy level, the sensitivity of the scope, and the exposure. It drives an allow, challenge, or block verdict and can always be explained.

What does verify_chain() prove?

It recomputes the hash chain over the sealed ledger to show that no entry has been altered or removed since it was written. That is what makes the trail tamper-evident and trustworthy to an auditor without taking your word for it.

Does SentriAI actually stop a risky action?

It decides, records, and can gate, and live actuation (actually stopping or performing an action) happens at the MCP boundary and is opt-in. Everywhere else it is decide-and-observe: the verdict is real and sealed, but hard enforcement in production is a choice you enable deliberately.

How does this help with SOC 2?

Each sealed action is tagged to the controls it provides evidence for, such as CC6 access and CC7 monitoring, so evidence accumulates as a by-product of normal work instead of being gathered in a scramble before the audit.

Stay in the loop

One practical finance briefing a week - new guides, checklists, and benchmarks.

 

See a whole flow run on one brain

Book a walkthrough and watch a lead, a hire, or a bill move end to end, governed and sealed at every step.

Talk to us