Written by: Mohamed Othman, AI Engineer II, Services Engineering
Beyond the demo
If you have spent time in fintech this year, you have seen the demo: a single AI agent reads an invoice, queries a ledger, drafts an email, and the room applauds. The demo is real, and it is genuinely impressive. What it leaves out is the part that decides whether any of it reaches production; the governance, the approvals, and the audit trail a regulated institution requires before an agent goes anywhere near a system of record or a customer’s money.
That gap is where real engineering lives. The industry has already moved past the demo. BNY now counts more than 130 “digital employees,” each with its own login credentials and a human manager. JPMorgan, which already credits AI with a 20 percent lift in private-banking gross sales, plans to deploy long-running autonomous agents this year, framing them as managers that decompose problems and delegate work. So the question the clients raise is rarely whether orchestration beats a single agent, they accept that it does. Their question is sharper: how do we run these systems inside a regulated environment without losing control of risk, approval, and trust?
Start with maker–checker
Finance answered a version of this a century ago. No bank lets the person who initiates a payment also approve it; the maker–checker principle exists because self-review is not review. That control is the foundation of how we design agent systems at Finaira, and it is the clearest reason a single agent is the wrong default: an agent that plans, executes, and verifies its own work is the automation equivalent of one employee holding every key in the branch.
So, we do not begin with “how many agents” or “which framework.” We begin with separation of duties and ask which actions an agent may take alone, which require an independent check, and which must pause for a person. Multi-agent orchestration falls out of that design, it is the consequence of the controls, not the goal. A document-extraction agent, a screening agent, and a matching agent each work in a clean context, and a separate verifier re-checks the result against source material rather than trusting a summary of it. The orchestration pattern itself is well established, Anthropic reports orchestrated teams outperforming a comparable single-agent setup by roughly 90 percent on internal evaluations, so we treat it as settled and spend our effort on the layer that makes it deployable. Thid is what we call the Agent Control Plane: the governed layer where identity, authority, verification, and audit are enforced, and where the value increasingly sits as the underlying models commoditize.
The four controls we design in from day one
Tiered autonomy. Autonomy is a dial set per action, not a switch set per system. Low-risk, reversible, repeatable actions run on their own; anything touching regulated data, writing to a system of record, or moving money pauses for human approval. The decision boundary is defined by risk, impact, and reversibility before a single agent runs.
Agent identity and least privilege. Each agent enters the stack with a defined identity and only the tools its role requires, the matching agent can read ledgers but cannot post entries; the screening agent can query watchlists but cannot approve a client. Separation of duties, enforced at the API level rather than asserted in a prompt.
Independent verification. Critic agents review work they did not produce, and every inter-agent hand-off is logged. The result is a decision trail an auditor can replay end to end, something that is genuinely easier to deliver with a well-instrumented agent team than with a human one.
Real observability. Agentic systems fail non-deterministically, and small changes cascade into large behavioral shifts. Real-time telemetry of decisions and hand-offs, not just uptime, is what separates teams who catch drift early from teams who explain it to a regulator later.
What this looks like in a workflow
Reconciliation is the natural first candidate, because the economics are stark: EY research finds nearly 59 percent of a finance team’s capacity goes to transactional matching, and roughly 95 percent of that effort merely confirms items that already agree. A Finaira-designed team inverts this. A collection agent normalizes feeds; a matching agent clears the items that agree; an exception agent investigates the rest and proposes journal entries; and the orchestrator clears low-risk items by policy while escalating the remainder with a complete evidentiary file. Crucially, nothing posts to a system of record without crossing the maker–checker boundary. In our own production deployments, we have found that boundary, not the model choice or the framework, is the artifact a risk committee actually reviews, and designing it explicitly is what turns a promising pilot into an approved system. Onboarding is the opposite shape, a fan-out of independent checks, entity verification, beneficial-ownership mapping, sanctions and PEP screening, running in parallel rather than in the six-week sequence banks often run today, but the governance is identical: parallel work, independent verification, human sign-off where it counts. Banks adopting this model report KYC and AML review times cut by up to 60 percent and manual errors roughly halved, without lowering the compliance bar.
The honest close
Governance-first orchestration is not free. Anthropic puts orchestrated systems at roughly fifteen times the token cost of a simple chat interaction, and the operational complexity is real. The pattern earns its keep only when a workflow genuinely decomposes into parallel, independently verifiable work and the value of getting it right dwarfs the compute bill, which, conveniently, describes most of finance.
The institutions that win the next phase will not be the ones with the cleverest single agent. They will be the ones who run agents the way they already run people: in teams, with clear roles, limited authority, and someone independent checking the work. That is what we build at Finaira, not just orchestration, but the control layer that lets a risk committee say yes. A century of financial controls, finally expressed in software.
References
- Anthropic Engineering – “How we built our multi-agent research system”: com/engineering/multi-agent-research-system
- Banking Dive – “Banks aim for agentic AI scale in 2026,” covering Accenture’s Top Banking Trends for 2026: com/news/banks-agentic-ai-scale-2026-accenture