50+ AI agents in production: every identity and actions verified, traceable, explainable.
The Challenge
Bank of America's AI teams had moved fast. Merrill Lynch had autonomous rebalancing agents managing positions for high-net-worth clients. Global Markets had orchestration agents routing trade execution across venues. Consumer Banking had conversational copilots handling account servicing for millions of retail customers. Each division had built independently, using different frameworks, different credential models, and different logging conventions.
The result was an agent estate with no unified identity layer. Security could not answer basic questions: which agent had access to which systems, what those agents were permitted to do, and whether any had exceeded their intended scope. When regulators from the OCC and SEC requested a mapping of autonomous decision-making systems to the controls governing them, the firm had no single document to produce, because no single document existed.
A secondary concern was privilege escalation. Several trading agents had been granted broad API permissions during development that were never scoped down for production. The threat model was not external attack but internal drift: an agent reasoning its way into an action it was never intended to take, with no enforcement layer to stop it.
The Solution
Every agent across all three divisions was onboarded into a central agent registry with a unique cryptographic identity, declared operational scope, and RBAC-enforced boundaries on data access and tool invocation. The zero-trust framework evaluates each agent request against its registered policy at runtime, authorization is not assumed from deployment; it is verified on every call.
The trace layer captures the full reasoning chain for every agent decision: LLM calls, tool invocations, intermediate states, and final actions. Compliance and legal teams access business-readable summaries rather than raw logs, structured narratives that map directly onto the evidence format required by OCC model risk guidance and SEC AI advisory rules. Regulatory evidence that previously required weeks of manual assembly is now generated on demand.
Cryptographic Agent Identity Across 200+ Systems
Each agent is issued a verified identity at onboarding, scoped to the specific data sources, APIs, and execution venues it is permitted to access. Permissions are not inherited from a service account or broadly granted at the infrastructure level, they are declared explicitly and enforced by the OPA policy engine on every request. An agent authorized to read client portfolio positions cannot call the order execution API without a separately declared, separately approved scope. Any attempt outside declared bounds is rejected, logged, and escalated to the model risk committee.
Division-Level Policy Without Division-Level Silos
Merrill Lynch, Global Markets, and Consumer Banking each carry distinct regulatory obligations, fiduciary duty under Regulation Best Interest, market conduct rules under FINRA, and consumer protection requirements under CFPB. The policy engine encodes each division's specific constraints as composable rule sets applied to agents operating in that context. A single governance infrastructure governs three separate risk regimes without requiring three separate teams to maintain it.
Explainability at Regulatory Grade
When an OCC examiner requests evidence of how a specific agent decision was made, the answer is a structured audit record, not a log export. The trace translation layer converts multi-step agent reasoning into plain-language decision summaries: what data the agent accessed, what it inferred, what actions it considered, and why it acted as it did. The format is designed to satisfy examiner expectations, not just satisfy engineers. Post-incident investigations that once took weeks now take hours.
Results
Every autonomous system across Merrill Lynch, Global Markets, and Consumer Banking carries a declared scope enforced at runtime.
Zero-trust enforcement blocked every out-of-scope action attempt: all logged, none successful.
OCC and SEC audit packages that required manual assembly across three divisions are now generated on demand.
Full reasoning chain captured for every autonomous decision across all production agents.
See what Thndr AI can do for your team
Talk to our team about your specific AI governance challenges.
