A financial operations agent with built-in SOC2 compliance, role-based access control, sanctions screening, and comprehensive audit trail β powered by the real Agent OS governance APIs.
| Feature | Description | SOC2 Control |
|---|---|---|
| Separation of Duties | Role-based tool permissions (AP / FM / CFO) | CC6.1 |
| Approval Workflows | Transactions > $10K require human approval | CC6.3 |
| Audit Trail | Immutable JSON + CSV logging | CC7.1 |
| Rate Limiting | Max 10 transfers per session | CC8.1 |
| Sanctions Screening | Blocked-pattern matching for OFAC entities | CC7.3 |
| PII Protection | SSN and credit-card regex blocking | CC7.3 |
# From the repo root
python examples/finance-soc2/main.pyNo external dependencies beyond agent-os itself.
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Finance SOC2 Demo β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββββββ β
β β accounts_ β β finance_ β β cfo β β
β β payable β β manager β β β β
β β β€$5K, no β β β€$50K, can β β unlimited, can β β
β β approve β β approve β β approve β β
β ββββββββ¬ββββββββ ββββββββ¬ββββββββ ββββββββ¬ββββββββββββ β
β β β β β
β βΌ βΌ βΌ β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β SOC2Interceptor (custom interceptor) β β
β β β’ Role-based allowed_tools check (CC6.1) β β
β β β’ Blocked patterns: sanctions + PII (CC7.3) β β
β β β’ Transfer amount limits per role (CC6.3) β β
β β β’ Rate limiting (CC8.1) β β
β β β’ Max tool calls enforcement β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Agent OS Governance Layer β β
β β GovernancePolicy Β· BaseIntegration Β· ExecutionContext β β
β β ToolCallRequest Β· ToolCallResult Β· Event Emitters β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Immutable Audit Log (JSON + CSV export) β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Role | Allowed Tools | Max Transfer | Can Approve |
|---|---|---|---|
accounts_payable |
transfer, query_balance |
$5,000 | No |
finance_manager |
transfer, approve, query_balance |
$50,000 | Yes |
cfo |
transfer, approve, query_balance, generate_report |
Unlimited | Yes |
Each role gets a GovernancePolicy from agent_os.integrations.base:
from agent_os.integrations.base import GovernancePolicy, PatternType
policy = GovernancePolicy(
name="soc2_accounts_payable",
require_human_approval=True,
max_tool_calls=20,
allowed_tools=["transfer", "query_balance"],
blocked_patterns=[
(r"\b\d{3}-\d{2}-\d{4}\b", PatternType.REGEX), # SSN
(r"\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b", PatternType.REGEX), # CC
"password",
"secret",
"SanctionedCorp",
"BadActor LLC",
"Blocked Inc",
],
log_all_calls=True,
checkpoint_frequency=5,
version="1.0.0",
)The demo runs six scenarios that exercise every governance control:
| # | Scenario | Role | Expected Result |
|---|---|---|---|
| 1 | Small transfer ($500) | AP | β Auto-approved |
| 2 | Large transfer ($25K) | FM | β³ Pending human approval |
| 3 | Sanctioned entity | AP | β Blocked by pattern match |
| 4 | Rate limit burst | AP | β Blocked after 10 transfers |
| 5 | Balance query | AP | β Allowed |
| 6 | Role escalation (AP β approve) | AP | β Blocked β not in allowed_tools |
| SOC2 Criteria | Description | Agent OS Implementation |
|---|---|---|
| CC6.1 | Logical and Physical Access | Role-based allowed_tools per policy |
| CC6.3 | Access Control | SOC2Interceptor enforces transfer limits |
| CC7.1 | System Operations | log_all_calls=True, immutable audit log |
| CC7.2 | Change Management | Version-controlled GovernancePolicy |
| CC7.3 | Risk Mitigation | blocked_patterns for sanctions + PII |
| CC8.1 | Incident Response | Rate limiting, event emitters for alerts |
The demo exports a complete audit trail in two formats:
soc2_audit_trail.jsonβ structured JSON for programmatic analysissoc2_audit_trail.csvβ flat CSV for compliance review
Fields: timestamp, agent_id, event_type, tool, role, call_count,
reason, checkpoint, amount, recipient, decision.
================================================================
Finance SOC2 Compliance Demo β Agent OS
================================================================
Roles: accounts_payable, finance_manager, cfo
Human approval required: YES (transactions > $10,000)
...
--- Scenario 1: Small transfer β accounts_payable (auto-approved) ---
β ALLOWED | tool=transfer (call 1/20)
β
PROCESSED: $500.00 to Vendor ABC β approved
--- Scenario 3: Sanctioned entity β blocked by governance ---
β BLOCKED | tool=transfer
| reason: Blocked pattern detected: SanctionedCorp
--- Scenario 6: Role escalation β AP tries to approve (blocked) ---
β BLOCKED | tool=approve
| reason: Tool 'approve' not permitted for role 'accounts_payable'
π Separation of duties enforced (SOC2 CC6.1)
MIT