• 

  Data Flow Architecture

• 

  Multi-Agent Architecture

• 

  Technology Stack

• 

  System Architecture

• 

  Consent Dashboard

PSD3-Compliant Multi-Agent AI System for Consent Management

Inspiration

The project was born from the intersection of two critical trends in modern banking: the rapid evolution of open banking regulations and the transformative potential of AI to handle complex compliance workflows. PSD3 (Payment Services Directive 3) represents a significant shift toward enhanced consumer protection and data rights, but implementing these requirements manually creates substantial operational overhead for financial institutions. We saw an opportunity to leverage multi-agent AI systems to automate the consent management process, ensuring compliance while maintaining a seamless user experience.

What it does

The Open Banking Consent Choreographer is a multi-agent AI system that automates PSD3 compliance for third-party data sharing in banking. It consists of four specialized AI agents that work together to detect consent triggers, validate regulatory compliance using Google Gemini AI, generate audit reports, and provide real-time monitoring through an interactive dashboard. The system integrates with Bank of Anthos to monitor API activity and automatically handles consent management workflows, ensuring banks remain compliant with PSD3 regulations while providing a smooth user experience.

How we built it

The system was constructed using a microservices architecture deployed on Google Kubernetes Engine (GKE) Autopilot. We developed four specialized AI agents: a monitoring agent that detects consent triggers from Bank of Anthos API activity, a validation agent powered by Google Gemini for PSD3 compliance checking, an audit agent for compliance reporting, and a Streamlit dashboard for real-time visualization. The agents communicate through a custom A2A (Agent-to-Agent) protocol, ensuring secure and efficient inter-service communication. Containerization was achieved using Docker, with automated deployment pipelines leveraging Google Cloud Build and Artifact Registry.

Challenges we ran into

Several significant technical challenges emerged during development. Initially, we struggled with agent communication reliability, requiring us to implement robust message queuing and error handling mechanisms. Platform compatibility issues arose when deploying to GKE, particularly with Docker image architectures that needed optimization for the cloud environment. AI integration presented its own complexities, including prompt engineering for regulatory compliance and managing API rate limits. Perhaps the most demanding challenge was balancing real-time processing requirements with the computational overhead of AI validation, requiring careful resource optimization and autoscaling configuration. Domain and SSL certificate provisioning through GCP's load balancer service also presented timing and configuration challenges that required iterative refinement.

Accomplishments that we're proud of

Successfully building a fully functional multi-agent AI system that integrates with a real banking application (Bank of Anthos) without modifying its core code. Achieving automated PSD3 compliance validation using Google Gemini AI with high accuracy rates. Creating a production-ready deployment on GKE Autopilot with proper autoscaling, health checks, and professional domain setup. Developing a comprehensive audit trail system that provides regulatory compliance reporting. Building an intuitive real-time dashboard that demonstrates the complex agent orchestration in action.

What we learned

This project provided deep insights into several key areas. We gained extensive knowledge of PSD3 regulatory requirements, understanding the nuances of explicit consent, data minimization, and third-party access controls. The multi-agent architecture taught us about distributed system design, inter-agent communication protocols, and the challenges of coordinating autonomous AI agents. We also mastered Google Cloud Platform's AI and Kubernetes services, learning to integrate Vertex AI with containerized workloads. Perhaps most importantly, we learned the critical balance between regulatory compliance and user experience in financial technology.

What's next for PSD3-Compliant Multi-Agent AI System for Consent Management

Expanding the system to support additional regulatory frameworks beyond PSD3, such as GDPR and CCPA. Implementing advanced AI capabilities for predictive compliance monitoring and automated remediation suggestions. Adding support for multiple banking platforms and APIs beyond Bank of Anthos. Developing a comprehensive compliance dashboard for financial institutions to monitor consent activities across their entire organization. Exploring integration with blockchain technology for immutable consent audit trails. Scaling the system to handle enterprise-level consent processing volumes with enhanced performance optimizations.

Built With

• agent-to-agent
• bank-of-anthos
• docker
• flask
• gke-autopilot
• google-gemini-ai
• kubernetes
• python
• rest-apis
• streamlit