🛡️ Inspiration
Living in India, you see the fintech boom everywhere. But behind the convenience is a massive, quiet crisis: the Reserve Bank of India (RBI) has been penalizing fintech companies hundreds of crores because their AI-driven customer service tools are hallucinating financial terms.
I’ve seen AI advisors quote monthly interest rates instead of annual ones, or tell users their loan is approved without providing the mandatory Key Fact Statement (KFS). The scary part is that these companies don't want to break the law—their LLMs are just completely unmonitored at the point of customer impact. I realized that passive monitoring dashboards are useless; if a customer sees an illegal interest rate, the damage is already done. I wanted to build something that stands right in the middle of the data stream—acting as an immediate, autonomous protective shield. That’s how LoanGuard was born.
⚙️ What it does
LoanGuard is an autonomous middleware agent that intercepts responses from AI loan advisors in real time, evaluates them against 30 strict RBI Digital Lending Guidelines, and rewrites or completely escalates non-compliant answers before the customer ever sees them.
Instead of a basic single-prompt check, it uses a multi-step reasoning pipeline powered by Gemini 2.5 Flash Lite. The system classifies the query type, pulls the exact grounding rule from a native compliance data store, scores the compliance metrics, and even runs an independent, programmatic hallucination evaluator. If a response passes, it goes through safely. If it violates a rule (like hiding processing fees or misstating an APR), LoanGuard actively rewrites it to include the missing disclosures or instantly escalates it to a human compliance officer.
🛠️ How we built it
I built this as a high-performance, containerized FastAPI backend deployed on Google Cloud Run to ensure it could handle enterprise-scale transaction volumes with sub-2-second latency.
The core intelligence relies on Vertex AI running Gemini 2.5 Flash Lite. To keep the grounding rock-solid and bulletproof against regulatory drift, I mapped the 30 RBI guidelines into a native Vertex AI Agent Builder Data Store, which acts as our compliance anchor. For real-time auditability and deep diagnostics, I hooked up OpenInference and OpenTelemetry to span every single agent decision directly into Arize Phoenix Cloud. Finally, I didn't want the system to be static, so I built an autonomous self-improvement loop that queries its own Arize Phoenix traces to detect violation trends and dynamically updates its own system instructions.
🛑 Challenges we ran into
The absolute biggest headache was getting the OpenTelemetry traces to reliably flush asynchronously from Google Cloud Run without slowing down the user response time. I spent hours reading through telemetry documentation and debugging container states to prevent spans from being dropped during scale-down events.
Another massive hurdle was tuning the evaluation prompts. Financial regulations are incredibly pedantic; if the evaluation prompt was too aggressive, it flagged safe responses as violations, but if it was too soft, subtle monthly interest rate hallucinations slipped right by. Finding that sweet spot required constant, meticulous iterative testing.
🏆 Accomplishments that we're proud of
I’m incredibly proud that the entire app is fully deployed, functional, and live on a public Cloud Run URL. It's not a local mockup or a theoretical pitch—it actually works.
More than that, I am proud of the closed-loop self-improvement system. Seeing the agent look at its own historical traces inside Arize Phoenix, identify that 80% of its failures were happening in the interest rate module, and autonomously patch its own knowledge base context felt like a massive engineering breakthrough.
🎓 What we learned
This project completely shifted my perspective on building AI systems. I learned that building production-grade agents means you must design with observability as a core foundational pillar from day one, not as an afterthought.
Arize Phoenix opened my eyes to how powerful trace spans are—turning a completely black-box LLM decision into a transparent, step-by-step tree that can be audited, debugged, and optimized programmatically.
🚀 What's next for LoanGuard
Right now, LoanGuard is optimized for text-based loan advisors, but the next logical step is integrating voice-agent interception. Many digital lenders in India use automated voice bots for collections and initial processing. Expanding LoanGuard to run real-time audio compliance streaming would completely revolutionize regulatory technology for the entire fintech ecosystem.
Built With
- arize-phoenix
- fastapi
- gemini
- google-agent-builder
- google-cloud-run
- html
- javascript
- openinference
- opentelemetry
- python
- vertex-ai
Log in or sign up for Devpost to join the conversation.