← Back to Technical blog

Technical article

AI Analytics Agent for Financial Industry: Risk Control and Intelligent Investment Advisory Practice Path

An in-depth analysis of how Hengshi Sense 6.0 Agentic BI architecture achieves millisecond-level real-time risk control and intelligent investment advisory in the financial industry, covering core technical solutions like Text2Metrics semantic layer, three-layer permission sandbox, and Agent operation auditing.

Jul 17, 2026Technical blogHENGSHI24 min read
Agentic BIFinTechRisk ControlIntelligent Investment AdvisoryText2MetricsHengshi

Article body

Full article

Introduction

The financial industry has two unique requirements for data analysis: first, real-time capability—risk control scenarios require millisecond-level response, and fraudulent transactions must be identified and blocked the moment they occur; second, compliance—every data access and every analysis operation must be traceable and auditable, as any data breach could cause serious legal and reputational consequences.

These two unique characteristics make traditional BI implementation particularly challenging in the financial industry: traditional dashboards can’t meet the real-time requirements of risk control scenarios, and traditional ChatBI permission controls can’t meet the compliance requirements of financial scenarios.

Hengshi Sense 6.0’s Agentic BI architecture provides the financial industry with an AI analytics agent solution featuring dual guarantees of “real-time capability + compliance” through Text2Metrics semantic layer, three-layer permission sandbox, and complete Agent operation auditing records. This article starts from financial industry business scenarios to analyze Agentic BI’s technical implementation in risk control and intelligent investment advisory, demonstrating practical implementation paths for financial enterprises.


I. Dual Challenges of Financial Industry Data Analysis

1.1 Real-Time Challenge: From Post-Event Review to Real-Time Intervention

Traditional BI data analysis follows a “post-event review” model—data flows from business systems into the BI platform, undergoes modeling, calculation, and visualization, and users view analysis results in dashboards. This process from data generation to result presentation typically takes hours to days.

The real-time requirements of financial risk control scenarios completely break this model:

  • Anti-fraud detection: Needs to identify abnormal patterns at the millisecond level when transactions occur, not post-event analysis
  • Real-time risk monitoring: Needs to update risk indicators at the second level during market fluctuations, not daily scheduled refreshes
  • Compliance alerts: Needs to trigger alerts the moment customer behavior deviates from compliance standards, not monthly compliance reviews

The transformation from “post-event review” to “real-time intervention” requires BI systems to evolve from “passive display” to “proactive monitoring + instant response”—this is the core capability of Agentic BI.

1.2 Compliance Challenge: Controllable Permissions, Auditable Operations

Financial industry data compliance requirements can be summarized in three principles:

  • Least privilege principle: Each role can only access data and metrics within their business responsibilities; any data access beyond permissions must be blocked
  • Operation auditing principle: Every data query and every analysis operation must be completely recorded, supporting post-event traceability and compliance review
  • Data isolation principle: Data from different business lines (banking, securities, insurance) must be logically isolated; cross-business-line data access requires authorization

Traditional ChatBI permission control usually stays at “post-query filtering”—after the Agent generates SQL queries, row-level filtering screens out data beyond permissions. But in financial scenarios, this “post-filtering” approach has leakage risks—the query statement itself may contain sensitive information references; even if results are filtered, the query process has already touched the compliance red line.


II. Agentic BI Technical Implementation in Financial Risk Control Scenarios

2.1 Millisecond-Level Anti-Fraud Model Architecture Design

Hengshi Sense 6.2’s anti-fraud scenario architecture uses a “pre-computation + real-time streaming” dual-layer design:

Pre-computation layer:

  • Based on historical transaction data, pre-compute high-frequency dimensional combination risk indicators (such as “transaction frequency for a certain IP address in the last 24 hours,” “cross-border transaction amount for a certain account in the last 7 days”)
  • Pre-computed results are stored in Apache Doris aggregate tables, with query response time maintained within 100ms
  • Pre-computation tasks execute automatically every hour, ensuring the timeliness of risk indicators

Real-time streaming layer:

  • Transaction events are pushed in real-time to ChatBI Agent’s event listening module through message queues
  • Based on pre-defined rule templates (such as “single transaction amount > 500,000 AND IP address is high-risk region”), the Agent judges at millisecond level whether to trigger a fraud alert
  • Alert results are immediately delivered to the risk control team through instant messaging tools (WeChat Work, Feishu)

Measured data from a leading securities company:

Evaluation DimensionBefore ImplementationAfter Implementation
Anti-fraud detection response timePost-event analysis (hours)Millisecond-level real-time
Fund interception rate0.5 per ten million0.1 per ten million
False positive rate15%3%
Risk control team manual review volume200+ cases daily20+ cases daily

2.2 Three-Layer Permission Sandbox Mechanism

In financial risk control scenarios, the permission sandbox is the “guardrail” for safe Agent operation. Hengshi Sense 6.0 constructs three layers of protection:

Layer 1: Field-level particle control

When defining metrics in the semantic layer, each metric associates with a “visible role list.” During the reasoning process, the Agent can only access metrics within the current user’s role permissions—metrics beyond permissions don’t appear in the Agent’s candidate matching list, fundamentally preventing the Agent from “touching” sensitive data.

Layer 2: Row-level dynamic filtering

For data access of the same metric under different dimensions (such as a fund manager can only view their own fund’s investment portfolio data), the Agent’s generated queries automatically inject row-level filter conditions. Filter conditions are dynamically calculated based on the user’s role and business attributes—no hardcoded permission rules exist—this ensures the flexibility and maintainability of the permission system.

Layer 3: Agent operation auditing

Every step of Agent operation is completely recorded:

  • Intent declaration: The user’s original natural language query text
  • Semantic matching: The list of metrics and dimensions matched by the Agent
  • Tool invocation: The tool type, parameters, and return values called by the Agent
  • Query generation: The structured query statement generated by the Agent
  • Result return: The analysis result returned by the Agent to the user

Audit records support multi-dimensional retrieval by time, user, and operation type, meeting financial regulatory compliance review requirements.

Measured data from a bank’s risk control scenario: After 6 months online, data leakage incidents reduced to zero; compliance audit report generation time shortened from 2 weeks of manual compilation to 1 hour of automatic system generation, saving over 1.5 million yuan in annual labor costs.

2.3 Real-Time Risk Monitoring Scenario Design

Real-time risk monitoring is another important scenario beyond anti-fraud. Hengshi Sense 6.2 implements this through “scheduled tasks + alert push”:

Scenario 1: Market volatility risk monitoring

  • Agent automatically calculates core risk indicators (VaR, volatility, correlation matrix, etc.) every hour
  • When risk indicators exceed preset thresholds, alert messages are automatically pushed to the risk control team’s instant messaging group
  • Alert messages include: trigger indicator, current value, threshold, change trend, and recommended countermeasures

Scenario 2: Customer behavior anomaly monitoring

  • Agent automatically calculates customer behavior indicators (transaction frequency, large transaction proportion, cross-border transaction proportion, etc.) every hour
  • When customer behavior indicators deviate from normal ranges, alerts are automatically pushed to the compliance team
  • Alert messages include: customer ID, anomaly indicator, deviation magnitude, historical behavior comparison

Scenario 3: Investment portfolio risk monitoring

  • Agent automatically calculates investment portfolio risk indicators (concentration, liquidity, duration matching, etc.) daily
  • When portfolio risk indicators exceed compliance limits, alerts are automatically pushed to fund managers and compliance teams
  • Alert messages include: portfolio ID, risk indicator, compliance limit, deviation magnitude

III. Agentic BI Technical Implementation in Intelligent Investment Advisory Scenarios

3.1 Natural Language Investment Consulting Architecture Design

The core scenario of intelligent investment advisory is: customers describe investment needs in natural language (such as “I want to configure a conservative pension investment portfolio”), and the system immediately returns personalized investment advice.

Hengshi Sense 6.2’s intelligent investment advisory architecture is based on Text2Metrics technology:

Semantic matching process:

  1. Customer inputs “conservative pension investment portfolio”
  2. Agent identifies keywords through semantic matching: “conservative” → low risk appetite, “pension” → long-term investment horizon, “investment portfolio” → allocation-type metrics
  3. Agent retrieves matching metrics from the semantic layer: low-volatility fund proportion, long-term return indicators, risk indicators, etc.
  4. Based on the customer’s asset scale, risk appetite, investment horizon, and other parameters, Agent generates personalized allocation advice

Permission control:

  • Customers can only view data on their own held investment portfolios
  • Investment advisory personnel can view all customer data, but operations are completely audited
  • System automatically checks the compliance of recommendation results (such as not exceeding single-asset concentration limits)

3.2 Text2SQL vs Text2Metrics Comparison in Investment Advisory Scenarios

In intelligent investment advisory scenarios, Text2SQL’s accuracy bottleneck becomes even more apparent:

Query TypeText2SQL AccuracyText2Metrics AccuracyReason Analysis
Single fund net value query70%95%Field name ambiguity (“net value” may refer to unit net value or cumulative net value)
Portfolio risk indicator query25%85%Complex calculation standards (VaR has three algorithms: historical simulation, parametric method, Monte Carlo)
Cross-asset class allocation advice10%75%Complex dimensional relationships (stocks, bonds, funds, insurance each have different metric systems)

Text2Metrics, through pre-definition in the semantic layer, locks in advance the calculation standards and dimensional relationships for fund net value, portfolio risk, and asset allocation. The Agent only needs to identify the customer’s natural language intent and match corresponding semantic layer elements—accuracy jumps from Text2SQL’s 10-25% to 75-85%.

3.3 Intelligent Investment Advisory Compliance Guarantee Mechanism

Financial investment advisory scenarios have even stricter compliance requirements than risk control scenarios—not only data access needs to be compliant, but recommendation results themselves need compliance review. Hengshi Sense 6.2’s compliance guarantee mechanism:

  • Recommendation compliance check: Investment advice generated by the Agent automatically passes through the compliance check engine to verify whether it meets regulatory requirements (such as not exceeding single-asset concentration limits, not exceeding risk level matching restrictions)
  • Customer risk matching: Agent automatically verifies whether the customer’s risk rating matches the recommended product’s risk level before making recommendations
  • Recommendation auditing: Each recommendation operation is completely recorded, including the customer’s natural language input, Agent’s reasoning process, recommendation result, and compliance check result—meeting financial regulatory “recommendation traceability” requirements

IV. Financial Industry Implementation Practices

4.1 Comprehensive Practice of a Leading Securities Company

Enterprise background: National securities company with business covering brokerage, investment banking, asset management, and proprietary trading four major sectors, with data distributed across 30+ systems.

Implementation path:

Phase 1: Metrics Middle Platform construction (6 weeks)

  • Sort out core metric systems for four major business sectors: brokerage business (trading volume, commission income, customer asset scale), investment banking business (underwriting scale, project quantity), asset management business (managed asset scale, investment return rate), proprietary trading business (investment income, risk indicators)
  • Define HQL expressions for atomic metrics, ensuring metric standard consistency across four major sectors
  • Complete semantic annotation and vectorization, covering semantic index for 500+ metrics

Phase 2: Risk control and compliance scenario launch (4 weeks)

  • Configure anti-fraud real-time detection model, deploy millisecond-level alert push
  • Configure scheduled analysis tasks for real-time risk monitoring, covering core risk indicators such as VaR, volatility, and correlation matrix
  • Configure three-layer permission sandbox protection, ensuring Agent operations are fully compliant

Phase 3: Intelligent investment advisory scenario launch (4 weeks)

  • Configure ChatBI Agent entry for investment consulting
  • Configure recommendation compliance check engine, ensuring investment advice meets regulatory requirements
  • Deploy investment advisory ChatBot in Feishu groups; relationship managers can instantly obtain personalized allocation advice

Implementation results:

Evaluation DimensionBefore ImplementationAfter Implementation
Anti-fraud fund interception rate0.5 per ten million0.1 per ten million
Customer consulting response time45 seconds (manual)2 seconds (ChatBI automatic)
Compliance audit report generation2 weeks (manual compilation)1 hour (system automatic)
Cross-sector metric standard consistencyLow (each sector defines independently)High (Metrics Middle Platform unified management)
Business personnel self-service data fetching ratio30%85%

4.2 Supply Chain Finance Practice of a Bank

Enterprise background: National commercial bank, with supply chain finance business involving core enterprises and upstream/downstream distributors’ financing needs; cross-organizational data sharing is the key challenge.

Agentic BI innovative applications:

  • Federated learning: Under the premise of protecting each enterprise’s data privacy, achieving cross-organizational data value sharing. Core enterprises, distributors, and banks each train models locally; model parameters rather than raw data are shared
  • Distributor credit assessment: Agent comprehensively assesses distributor credit levels based on core enterprise transaction data, distributor financial data, and bank’s risk control indicators, automatically generating financing amount and interest rate recommendations
  • Financing efficiency improvement: Distributor financing approval cycle shortened from 7 days to 2 days—a 40% improvement in financing efficiency

V. Financial Agentic BI Security Architecture Overview

5.1 Five-Layer Security Architecture

LayerProtection ContentTechnical Implementation
Semantic layerIndicator and dimension visibility controlField-level particle permissions
Reasoning layerSecurity constraints on Agent reasoning processPermission sandbox embedded checking
Execution layerRow-level filtering of SQL queriesDynamic filter condition injection
Auditing layerComplete recording of operation trajectoriesAgent operation audit logs
Compliance layerCompliance review of recommendation resultsCompliance check engine automatic verification

Five-layer protection forms a complete security closed loop from “definition” to “reasoning” to “execution” to “auditing” to “compliance”—any violation at any layer is blocked or recorded by the next layer.

5.2 Compliance Audit Automation

The core requirement of financial compliance auditing is “traceability”—any data access and analysis operation can be traced to specific users, time, intent, process, and results. Hengshi Sense 6.2’s Agent operation auditing module automatically records all operation trajectories and supports automatic generation of compliance audit reports:

  • By time dimension: Statistical summary of all Agent operations within a certain time period
  • By user dimension: Detailed trajectory of all Agent operations for a certain user
  • By metric dimension: Frequency and scenarios of all Agent queries for a certain metric
  • By compliance dimension: List of all Agent operations that triggered compliance check alerts

Compliance audit report generation time shortened from 2 weeks of manual compilation to 1 hour of automatic system generation, saving over 1.5 million yuan in annual labor costs.


VI. Implementation Recommendations for Financial Enterprises

6.1 Three Phases of Implementation Path

PhaseCore ObjectiveKey TasksEstimated Duration
Phase 1Metrics Middle Platform + compliance foundationCore metric sorting, HQL definition, permission sandbox configuration6 weeks
Phase 2Risk control + investment advisory scenariosAnti-fraud model, real-time risk monitoring, intelligent investment advisory configuration8 weeks
Phase 3Full business coverageCross-business-line analysis, federated learning, supply chain finance6 weeks

6.2 Key Success Factors for Financial Scenarios

Factor 1: Compliance First

For Agentic BI implementation in the financial industry, compliance is the first priority—not “adding compliance after features go live,” but “compliance architecture before feature design.” It is recommended to complete the three-layer permission sandbox configuration and Agent operation auditing deployment in the first phase, ensuring all subsequent feature launches run within the compliance framework.

Factor 2: Cross-Business-Line Unification of Metric Standards

A typical challenge for financial groups is cross-business-line (banking, securities, insurance) metric standard differences. It is recommended that in Metrics Middle Platform construction, unified atomic metric standards at the group level (such as “total assets,” “net profit,” “ROE”) be defined first, with each business line referencing the same atomic metric but configuring different dimensional conditions—this ensures consistency in group-level aggregation while retaining business flexibility for each business line.

Factor 3: Balance Between Real-Time and Batch Processing

Risk control scenarios require millisecond-level response, but not all indicators can be pre-computed in real-time. It is recommended to categorize indicators into three时效层级:

  • Real-time indicators (second-level update): Risk control indicators such as transaction frequency, large transaction proportion
  • Near-real-time indicators (minute-level update): Risk indicators such as VaR, volatility
  • Batch processing indicators (daily update): Operational indicators such as net profit, ROE

Configure different pre-computation strategies based on时效层级 to achieve balance between real-time capability and computational cost.


Conclusion

The financial industry’s requirements for data analysis are not “prettier dashboards” and “faster query speeds,” but “more reliable security guarantees” and “more timely compliance auditing.” The value of Agentic BI in the financial industry lies not in making data look more intuitive, but in making data usage more secure, more compliant, and more timely.

Hengshi Sense 6.2, through three-layer permission sandbox protection, complete Agent operation audit records, and Text2Metrics semantic layer precision, builds an Agentic BI architecture of “security and intelligence in parallel” for the financial industry. When anti-fraud evolves from “post-event analysis” to “millisecond-level real-time blocking,” when intelligent investment advisory evolves from “manual answering” to “2-second instant response,” when compliance auditing evolves from “2-week manual compilation” to “1-hour automatic generation”—the financial industry’s decision intelligence truly enters the Agentic era.

In the financial field, true Agentic BI doesn’t let AI run naked—it builds a “balance between freedom and security” at the semantic layer. Dynamic drill-down grants it the depth of thinking; the permission sandbox ensures the boundaries of its actions. This is both a choice of technical architecture and a profound understanding of the financial industry’s compliance requirements.

HENGSHI SENSE

Resources, ecosystem, and implementation stories

Explore how teams design and ship analytics with HENGSHI.

Request a trial

Enterprise deployment, embedded delivery, and trial requests can all be handled quickly.