Inspiration
Instant payments are fast. Fraud operations are not.
When a customer reports an unauthorized instant-payment transaction, the bank must investigate quickly, but the real world is messy: evidence may be incomplete, external banking APIs may fail, receiver information may be inconsistent, and the final refund decision can create real financial impact.
Most AI demos in fraud either stop at a dashboard or try to automate decisions that should remain accountable to humans. We wanted to build something different:
A UiPath-governed fraud case management system where AI-style investigation helps analysts move faster, but humans remain responsible for high-impact financial decisions.
That idea became CENTINELA.
CENTINELA was built for Track 1: UiPath Maestro Case, because fraud disputes are dynamic, exception-heavy cases. They do not always follow a perfect straight-line process. They require intake, evidence review, investigation, external system checks, human judgment, resolution, and auditability.
What it does
CENTINELA is a fraud dispute intelligence system for instant-payment banking cases.
It orchestrates the full case lifecycle:
- A fraud dispute is created.
- UiPath Maestro governs the case stages.
- CENTINELA Runtime investigates the transaction.
- External receiver-bank failure is handled through retry policy.
- The fraud policy engine evaluates risk.
- Critical cases are escalated to a human decision gate.
- The human decision is applied.
- The final audit package is exported.
- Analysts can inspect the case through a live operational console.
- Judges can replay the full lifecycle through a guided public replay mode.
CENTINELA does not autonomously approve refunds.
Instead, it investigates, prioritizes, explains, escalates, and audits — while keeping humans accountable for financial decisions.
Why UiPath matters
UiPath is not a decorative layer in CENTINELA. It is the control plane.
The solution uses UiPath Maestro Case to model and govern the fraud dispute lifecycle:
| UiPath capability | How CENTINELA uses it |
|---|---|
| Maestro Case | Models the dynamic fraud dispute case lifecycle |
| Stages | Intake, Evidence Review, Investigation, Human Decision, Resolution, Audit Export |
| Human tasks | Keeps intake, evidence validation, and refund decisions accountable |
| SLAs | Tracks operational timing and case urgency |
| Integration Service Connector Activity | Calls the CENTINELA Runtime API from the Maestro case flow |
| Studio Web / Cloud Debug | Validates the connected Maestro + Runtime execution |
| Orchestrator / Solutions | Published Maestro Case v1.0.0 and execution evidence |
The key design principle is:
UiPath governs the case. CENTINELA Runtime investigates. Humans decide. The audit trail proves what happened.
Architecture
CENTINELA uses a hybrid, enterprise-ready architecture: UiPath governs the case lifecycle, while the CENTINELA Runtime API executes deterministic fraud investigation, retry handling, policy evaluation, audit export, and analyst intelligence.
High-level system flow
Fraud Case Trigger / Operations Analyst → UiPath Maestro Case → Human Tasks + SLAs + Case Stages → UiPath Integration Service Connector → CENTINELA Runtime API → Fraud Investigation Engine + Policy Engine + Retry Handler → Human Decision Gate → Resolution → Audit Export → Analyst Console + Judge Replay
UiPath orchestration layer
| Layer | Component | Role |
|---|---|---|
| Governance | UiPath Maestro Case | Controls the fraud dispute lifecycle |
| Human work | Intake, Evidence Review, Human Decision | Keeps critical steps accountable |
| Process control | SLAs and case routing | Ensures operational visibility and time control |
| Integration | UiPath Integration Service Connector | Calls the public CENTINELA Runtime API |
| Execution validation | Studio Web cloud debug | Validates the connected end-to-end flow |
CENTINELA Runtime layer
| Runtime module | Purpose |
|---|---|
| Case Management Service | Creates, updates, and tracks fraud dispute cases |
| Fraud Investigation Engine | Evaluates synthetic banking and receiver-bank signals |
| Retry Handler | Handles API-down scenarios and retry exhaustion |
| Fraud Policy Engine | Produces explainable risk and escalation decisions |
| SLA Tracker | Calculates case timing and SLA status |
| Audit Export Builder | Generates a complete audit package |
| Fraud Network Graph | Visualizes case entities and risk signals |
| Evidence Checklist | Shows present, failed, missing, and not applicable evidence |
| Decision Simulator | Supports human analysts with decision-impact options |
External signal adapters
CENTINELA uses deterministic synthetic adapters for safe hackathon evaluation:
| Adapter | What it simulates |
|---|---|
| Core Banking Adapter | Customer, transaction, and account checks |
| Receiver Bank Adapter | Receiver verification, API-down events, conflicting responses |
| Synthetic Banking Signals | Repeatable fraud-risk scenarios for testing and replay |
Operator and judge experiences
| Experience | Purpose |
|---|---|
| Analyst Console | Operational fraud workspace with priority queue, fraud network, evidence checklist, decision simulator, and audit timeline |
| Judge Replay | Guided evaluation mode that runs the full case lifecycle in a few clicks |
| Public OpenAPI | Allows judges to inspect and test the Runtime API directly |
Core architecture principle
UiPath is the control plane. CENTINELA Runtime is the investigation intelligence layer. Humans remain accountable for high-impact financial decisions. Every critical event is auditable.
Main scenario
The core scenario demonstrates a realistic failure-heavy fraud dispute:
A customer reports an unauthorized instant-payment transaction. The receiver bank API is unavailable. CENTINELA attempts the receiver trace three times, exhausts retries, evaluates the case as critical risk, and escalates to a human decision.
The system records retry behavior through explicit audit events:
ReceiverBankRetryScheduled
ReceiverBankRetryAttempted
ReceiverBankRetryExhausted
ReceiverBankCheck
InvestigationCompleted
StageTransition
HumanDecisionSubmitted
ResolutionApplied
This matters because enterprise workflows must survive interruptions. A working agentic automation should not collapse when an external system fails.
CENTINELA handles that path intentionally.
Fraud Intelligence Layer
To make the system useful for real fraud operations, CENTINELA includes a fraud intelligence layer.
Priority Queue
Cases are ranked using risk, SLA pressure, retry exhaustion, amount, and human-gate requirements.
The priority score is deterministic:
$$ Priority = RiskScore + HumanGate + RetryExhausted + SLAImpact + AmountImpact $$
Where the amount contribution is bounded:
$$ AmountImpact = min(\frac{amount_cop}{100000}, 20) $$
This lets analysts see which cases should be handled first.
Fraud Network Graph
CENTINELA converts a case into an explainable fraud network:
Customer → Transaction → Receiver Account → Receiver Bank
↘ API Down
↘ Retry Exhausted
↘ Human Gate Required
This helps analysts understand the case visually instead of reading raw JSON.
Decision Simulator
CENTINELA does not decide for the analyst. It simulates the impact of possible decisions:
| Decision | Purpose |
|---|---|
approve_refund |
Protect the customer when evidence and risk justify reimbursement |
reject_refund |
Avoid loss when the claim is unsupported |
request_more_evidence |
Keep the case open when evidence is insufficient |
escalate_fraud_ops |
Move suspicious patterns to specialized fraud operations |
Each option includes customer impact, financial impact, operational impact, risk, and recommended conditions.
Evidence Checklist
CENTINELA generates a structured evidence checklist:
| Evidence item | Example status |
|---|---|
| Customer statement | Present |
| Transaction receipt | Present |
| Bank statement | Not applicable |
| Device or IP signal | Present |
| Receiver trace | Failed |
| Retry history | Present |
For API-down cases, the receiver trace fails, but the retry history remains present and auditable.
Linked Case Signals
CENTINELA also generates deterministic synthetic signals such as:
- same receiver seen before
- similar amount pattern
- retry failure cluster
- possible mule-account pattern
These are not claimed as real production fraud detection. They are safe, deterministic, synthetic signals for hackathon evaluation.
Analyst Console
CENTINELA includes a public Analyst Console:
https://centinela-uipath-agenthack.onrender.com/analyst
The console acts as an operational workspace for fraud analysts and judges. It shows:
- runtime status
- priority queue
- risk level
- SLA status
- human gate status
- retry attempts
- selected case detail
- fraud network graph
- decision simulator
- evidence checklist
- linked case signals
- analyst brief
- customer response draft
- audit timeline
- raw JSON export
The goal is to make the case understandable, explainable, and auditable from one place.
Judge Replay
CENTINELA also includes a guided Judge Replay mode:
https://centinela-uipath-agenthack.onrender.com/judge
Judge Replay walks evaluators through the full operational path:
- Start an API-down fraud case.
- Inspect retry behavior and critical risk.
- Apply a human decision.
- Export the final audit package.
- Open the Analyst Console.
This makes the solution easy to evaluate without requiring judges to manually trigger every endpoint.
Public Runtime API
CENTINELA Runtime is publicly deployed and testable.
| Endpoint | Purpose |
|---|---|
GET /health |
Runtime health check |
GET /openapi.json |
OpenAPI schema |
GET /judge |
Judge Replay interface |
GET /analyst |
Analyst Console |
GET /uipath/maestro-api-down-default |
Maestro-compatible API-down fraud case |
GET /uipath/maestro-approve-latest |
Apply latest human decision |
GET /uipath/maestro-export-latest |
Export latest audit package |
GET /api/analyst/export-latest |
Analyst Console export endpoint |
GET /api/judge/replay |
Full judge replay endpoint |
Example:
curl https://centinela-uipath-agenthack.onrender.com/health
How we built it
CENTINELA was built as a layered system:
1. UiPath Maestro Case
We created the governed case lifecycle:
Intake
→ Evidence Review
→ Investigation
→ Human Decision
→ Resolution
→ Audit Export
The Maestro Case represents the enterprise workflow. It controls stages, SLAs, human tasks, and case progression.
2. CENTINELA Runtime API
The Runtime API is a FastAPI service deployed on Render.
It contains:
- case management service
- synthetic banking adapters
- fraud investigation logic
- retry policy
- risk scoring
- policy engine
- SLA status
- audit export v2
- fraud intelligence layer
- Analyst Console
- Judge Replay
3. UiPath Integration
UiPath Integration Service Connector Activity calls the public Runtime API during the connected debug flow.
The connected UiPath cloud debug validates that:
Investigation → calls Runtime API
Resolution → applies human decision through Runtime API
Audit Export → retrieves audit package from Runtime API
This proves the Runtime is not separate from the UiPath case; it is orchestrated by UiPath.
4. Evidence and reproducibility
We added smoke tests for:
python scripts/smoke_test_centinela_runtime.py --base-url https://centinela-uipath-agenthack.onrender.com
python scripts/smoke_test_analyst_console.py --base-url https://centinela-uipath-agenthack.onrender.com
python scripts/smoke_test_judge_replay.py --base-url https://centinela-uipath-agenthack.onrender.com
These tests verify that the public deployment works and that the audit export includes the required intelligence fields:
- policy summary
- SLA summary
- fraud network
- decision simulator
- evidence checklist
- linked case signals
- timeline
Challenges we faced
1. UiPath Connector Activity body serialization
During integration, the UiPath Connector Activity had trouble serializing request bodies in this Labs environment.
To keep the Maestro flow reliable, we created no-body GET endpoints specifically for Maestro-compatible execution:
/uipath/maestro-api-down-default
/uipath/maestro-approve-latest
/uipath/maestro-export-latest
This allowed the connected Maestro debug flow to run successfully.
2. Connected publish limitation
The published Maestro Case v1.0.0 exists, and the connected Maestro + Runtime flow works in UiPath cloud debug.
However, publishing the connected version is currently blocked by a UiPath Labs custom connector packaging/export limitation:
Failed to download custom-hackathon26868-centinelaruntimeapi_1.1.0.connector
Message: elements unknown
We documented this transparently as product feedback, including reproduction context, impact, workaround, and suggested platform improvements.
This is not hidden because enterprise automation requires honest operational visibility.
3. Balancing autonomy and governance
The hardest product decision was not technical. It was deciding what the system should not automate.
We intentionally avoided autonomous refund approval.
Financial decisions require accountability. CENTINELA supports analysts with investigation, prioritization, policy explanation, and decision simulation, but UiPath keeps the human in the loop.
What we learned
We learned that agentic automation is not just about calling an LLM or chaining tools.
For enterprise systems, agentic means:
- adapting to dynamic case context
- handling external failures
- retrying safely
- escalating when confidence or policy requires it
- keeping humans responsible
- producing audit evidence
- operating under a governance layer
In CENTINELA, that governance layer is UiPath.
Agentic does not mean autonomous without control. In CENTINELA, agentic means adaptive investigation under UiPath governance.
Why this is agentic
CENTINELA behaves like a deterministic coded investigation agent:
- It receives a dynamic fraud dispute case.
- It gathers signals from banking adapters.
- It handles receiver-bank failure.
- It retries external dependencies.
- It evaluates risk and policy.
- It determines the next required action.
- It escalates to a human when needed.
- It explains its reasoning.
- It exports an audit trail.
But it does not operate outside governance.
UiPath Maestro coordinates the stages, human tasks, SLAs, transitions, and accountability.
Production path
CENTINELA is a hackathon-safe, deterministic implementation. It does not claim production banking readiness.
A production version would add:
- authenticated banking APIs
- secure connector credentials
- RBAC
- secret management
- database persistence
- encrypted audit retention
- PII protection
- rate limiting
- monitoring and alerts
- enterprise observability
- production UiPath tenant deployment
- formal model risk governance
- secure human decision workflows
The architecture was designed so the synthetic adapters can be replaced with real enterprise integrations.
Product feedback for UiPath
This project generated actionable UiPath product feedback:
- API Workflow publish issue.
- Custom connector packaging/export issue.
- Connector Activity body serialization issue.
- Need for clearer publish-time connector validation.
- Need for better diagnostics when connector resources cannot be exported.
- No-body endpoint workaround for reliable Maestro integration in Labs.
This feedback is documented because it can help improve the experience for developers building Maestro + custom connector solutions.
What makes CENTINELA different
Many fraud demos focus only on detection.
CENTINELA focuses on the full governed lifecycle:
Detect
→ Investigate
→ Retry
→ Explain
→ Prioritize
→ Escalate
→ Decide with human accountability
→ Resolve
→ Audit
That is what enterprise fraud operations need.
Final positioning
CENTINELA is not an AI that approves refunds.
CENTINELA is a UiPath-governed fraud case management system that investigates, prioritizes, explains, escalates, and audits — while keeping humans accountable for high-impact financial decisions.
Built With
- antigravity
- audit-export
- coding-agent-assisted
- css
- custom-connector
- deterministic-fraud-policy-engine
- development
- fastapi
- html
- jsonl-persistence
- openapi
- pydantic
- python
- render
- rest-apis
- retry-policy
- synthetic-banking-adapters
- uipath-automation-cloud
- uipath-human-actions
- uipath-integration-service
- uipath-maestro-case
- uipath-orchestrator
- uipath-slas
- uipath-studio-web
- uvicorn
- vanilla-javascript
- with
Log in or sign up for Devpost to join the conversation.