Article body
Full article
Introduction
The financial industry has two unique requirements for data analysis: first, real-time capability—risk control scenarios require millisecond-level response, and fraudulent transactions must be identified and blocked the moment they occur; second, compliance—every data access and every analysis operation must be traceable and auditable, as any data breach could cause serious legal and reputational consequences.
These two unique characteristics make traditional BI implementation particularly challenging in the financial industry: traditional dashboards can’t meet the real-time requirements of risk control scenarios, and traditional ChatBI permission controls can’t meet the compliance requirements of financial scenarios.
Hengshi Sense 6.0’s Agentic BI architecture provides the financial industry with an AI analytics agent solution featuring dual guarantees of “real-time capability + compliance” through Text2Metrics semantic layer, three-layer permission sandbox, and complete Agent operation auditing records. This article starts from financial industry business scenarios to analyze Agentic BI’s technical implementation in risk control and intelligent investment advisory, demonstrating practical implementation paths for financial enterprises.
I. Dual Challenges of Financial Industry Data Analysis
1.1 Real-Time Challenge: From Post-Event Review to Real-Time Intervention
Traditional BI data analysis follows a “post-event review” model—data flows from business systems into the BI platform, undergoes modeling, calculation, and visualization, and users view analysis results in dashboards. This process from data generation to result presentation typically takes hours to days.
The real-time requirements of financial risk control scenarios completely break this model:
- Anti-fraud detection: Needs to identify abnormal patterns at the millisecond level when transactions occur, not post-event analysis
- Real-time risk monitoring: Needs to update risk indicators at the second level during market fluctuations, not daily scheduled refreshes
- Compliance alerts: Needs to trigger alerts the moment customer behavior deviates from compliance standards, not monthly compliance reviews
The transformation from “post-event review” to “real-time intervention” requires BI systems to evolve from “passive display” to “proactive monitoring + instant response”—this is the core capability of Agentic BI.
1.2 Compliance Challenge: Controllable Permissions, Auditable Operations
Financial industry data compliance requirements can be summarized in three principles:
- Least privilege principle: Each role can only access data and metrics within their business responsibilities; any data access beyond permissions must be blocked
- Operation auditing principle: Every data query and every analysis operation must be completely recorded, supporting post-event traceability and compliance review
- Data isolation principle: Data from different business lines (banking, securities, insurance) must be logically isolated; cross-business-line data access requires authorization
Traditional ChatBI permission control usually stays at “post-query filtering”—after the Agent generates SQL queries, row-level filtering screens out data beyond permissions. But in financial scenarios, this “post-filtering” approach has leakage risks—the query statement itself may contain sensitive information references; even if results are filtered, the query process has already touched the compliance red line.
II. Agentic BI Technical Implementation in Financial Risk Control Scenarios
2.1 Millisecond-Level Anti-Fraud Model Architecture Design
Hengshi Sense 6.2’s anti-fraud scenario architecture uses a “pre-computation + real-time streaming” dual-layer design:
Pre-computation layer:
- Based on historical transaction data, pre-compute high-frequency dimensional combination risk indicators (such as “transaction frequency for a certain IP address in the last 24 hours,” “cross-border transaction amount for a certain account in the last 7 days”)
- Pre-computed results are stored in Apache Doris aggregate tables, with query response time maintained within 100ms
- Pre-computation tasks execute automatically every hour, ensuring the timeliness of risk indicators
Real-time streaming layer:
- Transaction events are pushed in real-time to ChatBI Agent’s event listening module through message queues
- Based on pre-defined rule templates (such as “single transaction amount > 500,000 AND IP address is high-risk region”), the Agent judges at millisecond level whether to trigger a fraud alert
- Alert results are immediately delivered to the risk control team through instant messaging tools (WeChat Work, Feishu)
Measured data from a leading securities company:
| Evaluation Dimension | Before Implementation | After Implementation |
|---|---|---|
| Anti-fraud detection response time | Post-event analysis (hours) | Millisecond-level real-time |
| Fund interception rate | 0.5 per ten million | 0.1 per ten million |
| False positive rate | 15% | 3% |
| Risk control team manual review volume | 200+ cases daily | 20+ cases daily |
2.2 Three-Layer Permission Sandbox Mechanism
In financial risk control scenarios, the permission sandbox is the “guardrail” for safe Agent operation. Hengshi Sense 6.0 constructs three layers of protection:
Layer 1: Field-level particle control
When defining metrics in the semantic layer, each metric associates with a “visible role list.” During the reasoning process, the Agent can only access metrics within the current user’s role permissions—metrics beyond permissions don’t appear in the Agent’s candidate matching list, fundamentally preventing the Agent from “touching” sensitive data.
Layer 2: Row-level dynamic filtering
For data access of the same metric under different dimensions (such as a fund manager can only view their own fund’s investment portfolio data), the Agent’s generated queries automatically inject row-level filter conditions. Filter conditions are dynamically calculated based on the user’s role and business attributes—no hardcoded permission rules exist—this ensures the flexibility and maintainability of the permission system.
Layer 3: Agent operation auditing
Every step of Agent operation is completely recorded:
- Intent declaration: The user’s original natural language query text
- Semantic matching: The list of metrics and dimensions matched by the Agent
- Tool invocation: The tool type, parameters, and return values called by the Agent
- Query generation: The structured query statement generated by the Agent
- Result return: The analysis result returned by the Agent to the user
Audit records support multi-dimensional retrieval by time, user, and operation type, meeting financial regulatory compliance review requirements.
Measured data from a bank’s risk control scenario: After 6 months online, data leakage incidents reduced to zero; compliance audit report generation time shortened from 2 weeks of manual compilation to 1 hour of automatic system generation, saving over 1.5 million yuan in annual labor costs.
2.3 Real-Time Risk Monitoring Scenario Design
Real-time risk monitoring is another important scenario beyond anti-fraud. Hengshi Sense 6.2 implements this through “scheduled tasks + alert push”:
Scenario 1: Market volatility risk monitoring
- Agent automatically calculates core risk indicators (VaR, volatility, correlation matrix, etc.) every hour
- When risk indicators exceed preset thresholds, alert messages are automatically pushed to the risk control team’s instant messaging group
- Alert messages include: trigger indicator, current value, threshold, change trend, and recommended countermeasures
Scenario 2: Customer behavior anomaly monitoring
- Agent automatically calculates customer behavior indicators (transaction frequency, large transaction proportion, cross-border transaction proportion, etc.) every hour
- When customer behavior indicators deviate from normal ranges, alerts are automatically pushed to the compliance team
- Alert messages include: customer ID, anomaly indicator, deviation magnitude, historical behavior comparison
Scenario 3: Investment portfolio risk monitoring
- Agent automatically calculates investment portfolio risk indicators (concentration, liquidity, duration matching, etc.) daily
- When portfolio risk indicators exceed compliance limits, alerts are automatically pushed to fund managers and compliance teams
- Alert messages include: portfolio ID, risk indicator, compliance limit, deviation magnitude
III. Agentic BI Technical Implementation in Intelligent Investment Advisory Scenarios
3.1 Natural Language Investment Consulting Architecture Design
The core scenario of intelligent investment advisory is: customers describe investment needs in natural language (such as “I want to configure a conservative pension investment portfolio”), and the system immediately returns personalized investment advice.
Hengshi Sense 6.2’s intelligent investment advisory architecture is based on Text2Metrics technology:
Semantic matching process:
- Customer inputs “conservative pension investment portfolio”
- Agent identifies keywords through semantic matching: “conservative” → low risk appetite, “pension” → long-term investment horizon, “investment portfolio” → allocation-type metrics
- Agent retrieves matching metrics from the semantic layer: low-volatility fund proportion, long-term return indicators, risk indicators, etc.
- Based on the customer’s asset scale, risk appetite, investment horizon, and other parameters, Agent generates personalized allocation advice
Permission control:
- Customers can only view data on their own held investment portfolios
- Investment advisory personnel can view all customer data, but operations are completely audited
- System automatically checks the compliance of recommendation results (such as not exceeding single-asset concentration limits)
3.2 Text2SQL vs Text2Metrics Comparison in Investment Advisory Scenarios
In intelligent investment advisory scenarios, Text2SQL’s accuracy bottleneck becomes even more apparent:
| Query Type | Text2SQL Accuracy | Text2Metrics Accuracy | Reason Analysis |
|---|---|---|---|
| Single fund net value query | 70% | 95% | Field name ambiguity (“net value” may refer to unit net value or cumulative net value) |
| Portfolio risk indicator query | 25% | 85% | Complex calculation standards (VaR has three algorithms: historical simulation, parametric method, Monte Carlo) |
| Cross-asset class allocation advice | 10% | 75% | Complex dimensional relationships (stocks, bonds, funds, insurance each have different metric systems) |
Text2Metrics, through pre-definition in the semantic layer, locks in advance the calculation standards and dimensional relationships for fund net value, portfolio risk, and asset allocation. The Agent only needs to identify the customer’s natural language intent and match corresponding semantic layer elements—accuracy jumps from Text2SQL’s 10-25% to 75-85%.
3.3 Intelligent Investment Advisory Compliance Guarantee Mechanism
Financial investment advisory scenarios have even stricter compliance requirements than risk control scenarios—not only data access needs to be compliant, but recommendation results themselves need compliance review. Hengshi Sense 6.2’s compliance guarantee mechanism:
- Recommendation compliance check: Investment advice generated by the Agent automatically passes through the compliance check engine to verify whether it meets regulatory requirements (such as not exceeding single-asset concentration limits, not exceeding risk level matching restrictions)
- Customer risk matching: Agent automatically verifies whether the customer’s risk rating matches the recommended product’s risk level before making recommendations
- Recommendation auditing: Each recommendation operation is completely recorded, including the customer’s natural language input, Agent’s reasoning process, recommendation result, and compliance check result—meeting financial regulatory “recommendation traceability” requirements
IV. Financial Industry Implementation Practices
4.1 Comprehensive Practice of a Leading Securities Company
Enterprise background: National securities company with business covering brokerage, investment banking, asset management, and proprietary trading four major sectors, with data distributed across 30+ systems.
Implementation path:
Phase 1: Metrics Middle Platform construction (6 weeks)
- Sort out core metric systems for four major business sectors: brokerage business (trading volume, commission income, customer asset scale), investment banking business (underwriting scale, project quantity), asset management business (managed asset scale, investment return rate), proprietary trading business (investment income, risk indicators)
- Define HQL expressions for atomic metrics, ensuring metric standard consistency across four major sectors
- Complete semantic annotation and vectorization, covering semantic index for 500+ metrics
Phase 2: Risk control and compliance scenario launch (4 weeks)
- Configure anti-fraud real-time detection model, deploy millisecond-level alert push
- Configure scheduled analysis tasks for real-time risk monitoring, covering core risk indicators such as VaR, volatility, and correlation matrix
- Configure three-layer permission sandbox protection, ensuring Agent operations are fully compliant
Phase 3: Intelligent investment advisory scenario launch (4 weeks)
- Configure ChatBI Agent entry for investment consulting
- Configure recommendation compliance check engine, ensuring investment advice meets regulatory requirements
- Deploy investment advisory ChatBot in Feishu groups; relationship managers can instantly obtain personalized allocation advice
Implementation results:
| Evaluation Dimension | Before Implementation | After Implementation |
|---|---|---|
| Anti-fraud fund interception rate | 0.5 per ten million | 0.1 per ten million |
| Customer consulting response time | 45 seconds (manual) | 2 seconds (ChatBI automatic) |
| Compliance audit report generation | 2 weeks (manual compilation) | 1 hour (system automatic) |
| Cross-sector metric standard consistency | Low (each sector defines independently) | High (Metrics Middle Platform unified management) |
| Business personnel self-service data fetching ratio | 30% | 85% |
4.2 Supply Chain Finance Practice of a Bank
Enterprise background: National commercial bank, with supply chain finance business involving core enterprises and upstream/downstream distributors’ financing needs; cross-organizational data sharing is the key challenge.
Agentic BI innovative applications:
- Federated learning: Under the premise of protecting each enterprise’s data privacy, achieving cross-organizational data value sharing. Core enterprises, distributors, and banks each train models locally; model parameters rather than raw data are shared
- Distributor credit assessment: Agent comprehensively assesses distributor credit levels based on core enterprise transaction data, distributor financial data, and bank’s risk control indicators, automatically generating financing amount and interest rate recommendations
- Financing efficiency improvement: Distributor financing approval cycle shortened from 7 days to 2 days—a 40% improvement in financing efficiency
V. Financial Agentic BI Security Architecture Overview
5.1 Five-Layer Security Architecture
| Layer | Protection Content | Technical Implementation |
|---|---|---|
| Semantic layer | Indicator and dimension visibility control | Field-level particle permissions |
| Reasoning layer | Security constraints on Agent reasoning process | Permission sandbox embedded checking |
| Execution layer | Row-level filtering of SQL queries | Dynamic filter condition injection |
| Auditing layer | Complete recording of operation trajectories | Agent operation audit logs |
| Compliance layer | Compliance review of recommendation results | Compliance check engine automatic verification |
Five-layer protection forms a complete security closed loop from “definition” to “reasoning” to “execution” to “auditing” to “compliance”—any violation at any layer is blocked or recorded by the next layer.
5.2 Compliance Audit Automation
The core requirement of financial compliance auditing is “traceability”—any data access and analysis operation can be traced to specific users, time, intent, process, and results. Hengshi Sense 6.2’s Agent operation auditing module automatically records all operation trajectories and supports automatic generation of compliance audit reports:
- By time dimension: Statistical summary of all Agent operations within a certain time period
- By user dimension: Detailed trajectory of all Agent operations for a certain user
- By metric dimension: Frequency and scenarios of all Agent queries for a certain metric
- By compliance dimension: List of all Agent operations that triggered compliance check alerts
Compliance audit report generation time shortened from 2 weeks of manual compilation to 1 hour of automatic system generation, saving over 1.5 million yuan in annual labor costs.
VI. Implementation Recommendations for Financial Enterprises
6.1 Three Phases of Implementation Path
| Phase | Core Objective | Key Tasks | Estimated Duration |
|---|---|---|---|
| Phase 1 | Metrics Middle Platform + compliance foundation | Core metric sorting, HQL definition, permission sandbox configuration | 6 weeks |
| Phase 2 | Risk control + investment advisory scenarios | Anti-fraud model, real-time risk monitoring, intelligent investment advisory configuration | 8 weeks |
| Phase 3 | Full business coverage | Cross-business-line analysis, federated learning, supply chain finance | 6 weeks |
6.2 Key Success Factors for Financial Scenarios
Factor 1: Compliance First
For Agentic BI implementation in the financial industry, compliance is the first priority—not “adding compliance after features go live,” but “compliance architecture before feature design.” It is recommended to complete the three-layer permission sandbox configuration and Agent operation auditing deployment in the first phase, ensuring all subsequent feature launches run within the compliance framework.
Factor 2: Cross-Business-Line Unification of Metric Standards
A typical challenge for financial groups is cross-business-line (banking, securities, insurance) metric standard differences. It is recommended that in Metrics Middle Platform construction, unified atomic metric standards at the group level (such as “total assets,” “net profit,” “ROE”) be defined first, with each business line referencing the same atomic metric but configuring different dimensional conditions—this ensures consistency in group-level aggregation while retaining business flexibility for each business line.
Factor 3: Balance Between Real-Time and Batch Processing
Risk control scenarios require millisecond-level response, but not all indicators can be pre-computed in real-time. It is recommended to categorize indicators into three时效层级:
- Real-time indicators (second-level update): Risk control indicators such as transaction frequency, large transaction proportion
- Near-real-time indicators (minute-level update): Risk indicators such as VaR, volatility
- Batch processing indicators (daily update): Operational indicators such as net profit, ROE
Configure different pre-computation strategies based on时效层级 to achieve balance between real-time capability and computational cost.
Conclusion
The financial industry’s requirements for data analysis are not “prettier dashboards” and “faster query speeds,” but “more reliable security guarantees” and “more timely compliance auditing.” The value of Agentic BI in the financial industry lies not in making data look more intuitive, but in making data usage more secure, more compliant, and more timely.
Hengshi Sense 6.2, through three-layer permission sandbox protection, complete Agent operation audit records, and Text2Metrics semantic layer precision, builds an Agentic BI architecture of “security and intelligence in parallel” for the financial industry. When anti-fraud evolves from “post-event analysis” to “millisecond-level real-time blocking,” when intelligent investment advisory evolves from “manual answering” to “2-second instant response,” when compliance auditing evolves from “2-week manual compilation” to “1-hour automatic generation”—the financial industry’s decision intelligence truly enters the Agentic era.
In the financial field, true Agentic BI doesn’t let AI run naked—it builds a “balance between freedom and security” at the semantic layer. Dynamic drill-down grants it the depth of thinking; the permission sandbox ensures the boundaries of its actions. This is both a choice of technical architecture and a profound understanding of the financial industry’s compliance requirements.