Inspiration

Instant payments are fast. Fraud operations are not.

When a customer reports an unauthorized instant-payment transaction, the bank must investigate quickly, but the real world is messy: evidence may be incomplete, external banking APIs may fail, receiver information may be inconsistent, and the final refund decision can create real financial impact.

Most AI demos in fraud either stop at a dashboard or try to automate decisions that should remain accountable to humans. We wanted to build something different:

A UiPath-governed fraud case management system where AI-style investigation helps analysts move faster, but humans remain responsible for high-impact financial decisions.

That idea became CENTINELA.

CENTINELA was built for Track 1: UiPath Maestro Case, because fraud disputes are dynamic, exception-heavy cases. They do not always follow a perfect straight-line process. They require intake, evidence review, investigation, external system checks, human judgment, resolution, and auditability.


What it does

CENTINELA is a fraud dispute intelligence system for instant-payment banking cases.

It orchestrates the full case lifecycle:

  1. A fraud dispute is created.
  2. UiPath Maestro governs the case stages.
  3. CENTINELA Runtime investigates the transaction.
  4. External receiver-bank failure is handled through retry policy.
  5. The fraud policy engine evaluates risk.
  6. Critical cases are escalated to a human decision gate.
  7. The human decision is applied.
  8. The final audit package is exported.
  9. Analysts can inspect the case through a live operational console.
  10. Judges can replay the full lifecycle through a guided public replay mode.

CENTINELA does not autonomously approve refunds.

Instead, it investigates, prioritizes, explains, escalates, and audits — while keeping humans accountable for financial decisions.


Why UiPath matters

UiPath is not a decorative layer in CENTINELA. It is the control plane.

The solution uses UiPath Maestro Case to model and govern the fraud dispute lifecycle:

UiPath capability How CENTINELA uses it
Maestro Case Models the dynamic fraud dispute case lifecycle
Stages Intake, Evidence Review, Investigation, Human Decision, Resolution, Audit Export
Human tasks Keeps intake, evidence validation, and refund decisions accountable
SLAs Tracks operational timing and case urgency
Integration Service Connector Activity Calls the CENTINELA Runtime API from the Maestro case flow
Studio Web / Cloud Debug Validates the connected Maestro + Runtime execution
Orchestrator / Solutions Published Maestro Case v1.0.0 and execution evidence

The key design principle is:

UiPath governs the case. CENTINELA Runtime investigates. Humans decide. The audit trail proves what happened.


Architecture

CENTINELA uses a hybrid, enterprise-ready architecture: UiPath governs the case lifecycle, while the CENTINELA Runtime API executes deterministic fraud investigation, retry handling, policy evaluation, audit export, and analyst intelligence.

High-level system flow

Fraud Case Trigger / Operations AnalystUiPath Maestro CaseHuman Tasks + SLAs + Case StagesUiPath Integration Service ConnectorCENTINELA Runtime APIFraud Investigation Engine + Policy Engine + Retry HandlerHuman Decision GateResolutionAudit ExportAnalyst Console + Judge Replay

UiPath orchestration layer

Layer Component Role
Governance UiPath Maestro Case Controls the fraud dispute lifecycle
Human work Intake, Evidence Review, Human Decision Keeps critical steps accountable
Process control SLAs and case routing Ensures operational visibility and time control
Integration UiPath Integration Service Connector Calls the public CENTINELA Runtime API
Execution validation Studio Web cloud debug Validates the connected end-to-end flow

CENTINELA Runtime layer

Runtime module Purpose
Case Management Service Creates, updates, and tracks fraud dispute cases
Fraud Investigation Engine Evaluates synthetic banking and receiver-bank signals
Retry Handler Handles API-down scenarios and retry exhaustion
Fraud Policy Engine Produces explainable risk and escalation decisions
SLA Tracker Calculates case timing and SLA status
Audit Export Builder Generates a complete audit package
Fraud Network Graph Visualizes case entities and risk signals
Evidence Checklist Shows present, failed, missing, and not applicable evidence
Decision Simulator Supports human analysts with decision-impact options

External signal adapters

CENTINELA uses deterministic synthetic adapters for safe hackathon evaluation:

Adapter What it simulates
Core Banking Adapter Customer, transaction, and account checks
Receiver Bank Adapter Receiver verification, API-down events, conflicting responses
Synthetic Banking Signals Repeatable fraud-risk scenarios for testing and replay

Operator and judge experiences

Experience Purpose
Analyst Console Operational fraud workspace with priority queue, fraud network, evidence checklist, decision simulator, and audit timeline
Judge Replay Guided evaluation mode that runs the full case lifecycle in a few clicks
Public OpenAPI Allows judges to inspect and test the Runtime API directly

Core architecture principle

UiPath is the control plane. CENTINELA Runtime is the investigation intelligence layer. Humans remain accountable for high-impact financial decisions. Every critical event is auditable.


Main scenario

The core scenario demonstrates a realistic failure-heavy fraud dispute:

A customer reports an unauthorized instant-payment transaction. The receiver bank API is unavailable. CENTINELA attempts the receiver trace three times, exhausts retries, evaluates the case as critical risk, and escalates to a human decision.

The system records retry behavior through explicit audit events:

ReceiverBankRetryScheduled
ReceiverBankRetryAttempted
ReceiverBankRetryExhausted
ReceiverBankCheck
InvestigationCompleted
StageTransition
HumanDecisionSubmitted
ResolutionApplied

This matters because enterprise workflows must survive interruptions. A working agentic automation should not collapse when an external system fails.

CENTINELA handles that path intentionally.


Fraud Intelligence Layer

To make the system useful for real fraud operations, CENTINELA includes a fraud intelligence layer.

Priority Queue

Cases are ranked using risk, SLA pressure, retry exhaustion, amount, and human-gate requirements.

The priority score is deterministic:

$$ Priority = RiskScore + HumanGate + RetryExhausted + SLAImpact + AmountImpact $$

Where the amount contribution is bounded:

$$ AmountImpact = min(\frac{amount_cop}{100000}, 20) $$

This lets analysts see which cases should be handled first.


Fraud Network Graph

CENTINELA converts a case into an explainable fraud network:

Customer → Transaction → Receiver Account → Receiver Bank
                         ↘ API Down
                         ↘ Retry Exhausted
                         ↘ Human Gate Required

This helps analysts understand the case visually instead of reading raw JSON.


Decision Simulator

CENTINELA does not decide for the analyst. It simulates the impact of possible decisions:

Decision Purpose
approve_refund Protect the customer when evidence and risk justify reimbursement
reject_refund Avoid loss when the claim is unsupported
request_more_evidence Keep the case open when evidence is insufficient
escalate_fraud_ops Move suspicious patterns to specialized fraud operations

Each option includes customer impact, financial impact, operational impact, risk, and recommended conditions.


Evidence Checklist

CENTINELA generates a structured evidence checklist:

Evidence item Example status
Customer statement Present
Transaction receipt Present
Bank statement Not applicable
Device or IP signal Present
Receiver trace Failed
Retry history Present

For API-down cases, the receiver trace fails, but the retry history remains present and auditable.


Linked Case Signals

CENTINELA also generates deterministic synthetic signals such as:

  • same receiver seen before
  • similar amount pattern
  • retry failure cluster
  • possible mule-account pattern

These are not claimed as real production fraud detection. They are safe, deterministic, synthetic signals for hackathon evaluation.


Analyst Console

CENTINELA includes a public Analyst Console:

https://centinela-uipath-agenthack.onrender.com/analyst

The console acts as an operational workspace for fraud analysts and judges. It shows:

  • runtime status
  • priority queue
  • risk level
  • SLA status
  • human gate status
  • retry attempts
  • selected case detail
  • fraud network graph
  • decision simulator
  • evidence checklist
  • linked case signals
  • analyst brief
  • customer response draft
  • audit timeline
  • raw JSON export

The goal is to make the case understandable, explainable, and auditable from one place.


Judge Replay

CENTINELA also includes a guided Judge Replay mode:

https://centinela-uipath-agenthack.onrender.com/judge

Judge Replay walks evaluators through the full operational path:

  1. Start an API-down fraud case.
  2. Inspect retry behavior and critical risk.
  3. Apply a human decision.
  4. Export the final audit package.
  5. Open the Analyst Console.

This makes the solution easy to evaluate without requiring judges to manually trigger every endpoint.


Public Runtime API

CENTINELA Runtime is publicly deployed and testable.

Endpoint Purpose
GET /health Runtime health check
GET /openapi.json OpenAPI schema
GET /judge Judge Replay interface
GET /analyst Analyst Console
GET /uipath/maestro-api-down-default Maestro-compatible API-down fraud case
GET /uipath/maestro-approve-latest Apply latest human decision
GET /uipath/maestro-export-latest Export latest audit package
GET /api/analyst/export-latest Analyst Console export endpoint
GET /api/judge/replay Full judge replay endpoint

Example:

curl https://centinela-uipath-agenthack.onrender.com/health

How we built it

CENTINELA was built as a layered system:

1. UiPath Maestro Case

We created the governed case lifecycle:

Intake
→ Evidence Review
→ Investigation
→ Human Decision
→ Resolution
→ Audit Export

The Maestro Case represents the enterprise workflow. It controls stages, SLAs, human tasks, and case progression.


2. CENTINELA Runtime API

The Runtime API is a FastAPI service deployed on Render.

It contains:

  • case management service
  • synthetic banking adapters
  • fraud investigation logic
  • retry policy
  • risk scoring
  • policy engine
  • SLA status
  • audit export v2
  • fraud intelligence layer
  • Analyst Console
  • Judge Replay

3. UiPath Integration

UiPath Integration Service Connector Activity calls the public Runtime API during the connected debug flow.

The connected UiPath cloud debug validates that:

Investigation → calls Runtime API
Resolution → applies human decision through Runtime API
Audit Export → retrieves audit package from Runtime API

This proves the Runtime is not separate from the UiPath case; it is orchestrated by UiPath.


4. Evidence and reproducibility

We added smoke tests for:

python scripts/smoke_test_centinela_runtime.py --base-url https://centinela-uipath-agenthack.onrender.com
python scripts/smoke_test_analyst_console.py --base-url https://centinela-uipath-agenthack.onrender.com
python scripts/smoke_test_judge_replay.py --base-url https://centinela-uipath-agenthack.onrender.com

These tests verify that the public deployment works and that the audit export includes the required intelligence fields:

  • policy summary
  • SLA summary
  • fraud network
  • decision simulator
  • evidence checklist
  • linked case signals
  • timeline

Challenges we faced

1. UiPath Connector Activity body serialization

During integration, the UiPath Connector Activity had trouble serializing request bodies in this Labs environment.

To keep the Maestro flow reliable, we created no-body GET endpoints specifically for Maestro-compatible execution:

/uipath/maestro-api-down-default
/uipath/maestro-approve-latest
/uipath/maestro-export-latest

This allowed the connected Maestro debug flow to run successfully.


2. Connected publish limitation

The published Maestro Case v1.0.0 exists, and the connected Maestro + Runtime flow works in UiPath cloud debug.

However, publishing the connected version is currently blocked by a UiPath Labs custom connector packaging/export limitation:

Failed to download custom-hackathon26868-centinelaruntimeapi_1.1.0.connector
Message: elements unknown

We documented this transparently as product feedback, including reproduction context, impact, workaround, and suggested platform improvements.

This is not hidden because enterprise automation requires honest operational visibility.


3. Balancing autonomy and governance

The hardest product decision was not technical. It was deciding what the system should not automate.

We intentionally avoided autonomous refund approval.

Financial decisions require accountability. CENTINELA supports analysts with investigation, prioritization, policy explanation, and decision simulation, but UiPath keeps the human in the loop.


What we learned

We learned that agentic automation is not just about calling an LLM or chaining tools.

For enterprise systems, agentic means:

  • adapting to dynamic case context
  • handling external failures
  • retrying safely
  • escalating when confidence or policy requires it
  • keeping humans responsible
  • producing audit evidence
  • operating under a governance layer

In CENTINELA, that governance layer is UiPath.

Agentic does not mean autonomous without control. In CENTINELA, agentic means adaptive investigation under UiPath governance.


Why this is agentic

CENTINELA behaves like a deterministic coded investigation agent:

  1. It receives a dynamic fraud dispute case.
  2. It gathers signals from banking adapters.
  3. It handles receiver-bank failure.
  4. It retries external dependencies.
  5. It evaluates risk and policy.
  6. It determines the next required action.
  7. It escalates to a human when needed.
  8. It explains its reasoning.
  9. It exports an audit trail.

But it does not operate outside governance.

UiPath Maestro coordinates the stages, human tasks, SLAs, transitions, and accountability.


Production path

CENTINELA is a hackathon-safe, deterministic implementation. It does not claim production banking readiness.

A production version would add:

  • authenticated banking APIs
  • secure connector credentials
  • RBAC
  • secret management
  • database persistence
  • encrypted audit retention
  • PII protection
  • rate limiting
  • monitoring and alerts
  • enterprise observability
  • production UiPath tenant deployment
  • formal model risk governance
  • secure human decision workflows

The architecture was designed so the synthetic adapters can be replaced with real enterprise integrations.


Product feedback for UiPath

This project generated actionable UiPath product feedback:

  1. API Workflow publish issue.
  2. Custom connector packaging/export issue.
  3. Connector Activity body serialization issue.
  4. Need for clearer publish-time connector validation.
  5. Need for better diagnostics when connector resources cannot be exported.
  6. No-body endpoint workaround for reliable Maestro integration in Labs.

This feedback is documented because it can help improve the experience for developers building Maestro + custom connector solutions.


What makes CENTINELA different

Many fraud demos focus only on detection.

CENTINELA focuses on the full governed lifecycle:

Detect
→ Investigate
→ Retry
→ Explain
→ Prioritize
→ Escalate
→ Decide with human accountability
→ Resolve
→ Audit

That is what enterprise fraud operations need.


Final positioning

CENTINELA is not an AI that approves refunds.

CENTINELA is a UiPath-governed fraud case management system that investigates, prioritizes, explains, escalates, and audits — while keeping humans accountable for high-impact financial decisions.

Built With

  • antigravity
  • audit-export
  • coding-agent-assisted
  • css
  • custom-connector
  • deterministic-fraud-policy-engine
  • development
  • fastapi
  • html
  • jsonl-persistence
  • openapi
  • pydantic
  • python
  • render
  • rest-apis
  • retry-policy
  • synthetic-banking-adapters
  • uipath-automation-cloud
  • uipath-human-actions
  • uipath-integration-service
  • uipath-maestro-case
  • uipath-orchestrator
  • uipath-slas
  • uipath-studio-web
  • uvicorn
  • vanilla-javascript
  • with
Share this project:

Updates