Sentinel: Autonomous Fraud Defense System

Monitoring financial activity, making decisions, and taking action in real time.

Comment

Sentinel: Autonomous Fraud Defense System

💡Inspiration

Modern fraud systems are reactive, rigid, and often frustrating. They rely on static rules or simple models that either miss sophisticated fraud or overcorrect by locking accounts unnecessarily.

We were inspired by the idea that fraud prevention should not just detect risk, but actively respond, adapt, and improve over time. Instead of building another detection tool, we wanted to design a system that behaves like an intelligent operator—continuously monitoring activity, making contextual decisions, and taking meaningful action in real time.

⚙️ What It Does

Sentinel is an autonomous fraud defense system that monitors financial activity in real time, investigates suspicious behavior, and executes the safest intervention while continuously improving its decisions.

Rather than relying on static rules or binary classification, Sentinel operates as a closed-loop system:

  • Observes live financial events
  • Reasons about risk using contextual intelligence
  • Decides the safest intervention strategy
  • Acts by modifying system state
  • Learns from outcomes to improve future decisions

This allows Sentinel to adapt dynamically, reducing false positives while maintaining strong protection against real threats.

🧠 How We Built Sentinel

Sentinel is a proactive, real-time multi-agent system designed to enhance the security of financial applications. The system is deployed on DigitalOcean using Kubernetes, where all backend services, agent orchestration, and event pipelines are hosted.

The core principle was to build a system that can operate alongside existing infrastructure, consuming events, reasoning about risk, and acting through controlled system state updates rather than modifying core application logic.

The architecture is composed of several specialized agents working in concert:

  • DigitalOcean + Kubernetes Infrastructure: DigitalOcean Kubernetes (DOKS) serves as the backbone of the system, managing deployment, scaling, and networking of all agent services. It hosts the backend API, event ingestion pipeline, and agent orchestration layer.

  • Monitor Agent: The system’s frontline sensor. It ingests real-time transaction events, device changes, and account activity, applying lightweight anomaly detection to flag suspicious behavior such as unusually large transactions or unfamiliar locations.

  • Investigation Agent: Powered by Google DeepMind, this agent acts as a digital analyst. It gathers contextual information such as user history and behavioral patterns, then produces a structured fraud assessment including a risk score and explanation.

  • Decision Agent: Also powered by Google DeepMind, this agent determines the safest response. Instead of defaulting to account locks, it selects from actions such as verification, delay, restriction, or full lock based on risk level and prior outcomes.

  • Action Agent: The execution layer. It applies the chosen intervention, updates system state, and records outcomes for future learning.

  • Assistant UI Control Center: The frontend interface built with Assistant UI. It visualizes the entire agent pipeline in real time, showing events, reasoning, decisions, and actions in a transparent and interactive way.

The system operates as a continuous loop:

Observe → Reason → Decide → Act → Learn

💬 Challenges We Faced & What We Learned

Building a real-time multi-agent system in a short timeframe introduced several challenges:

  • Balancing Autonomy and Simplicity: Our initial architecture was more complex, but we simplified to four core agents to ensure clarity and reliability.

  • Real-Time System Coordination: Ensuring smooth event flow between agents without delays or race conditions required careful orchestration.

  • LLM Output Reliability: DeepMind outputs sometimes required structuring and validation to ensure consistent, machine-readable decisions.

  • Agent Boundary Design: Clearly defining responsibilities between agents was critical to avoid overlap and maintain a coherent system.

  • Transparency and Debugging: Making agent reasoning visible through the UI was essential for debugging and building trust.

Through this process, we learned that the biggest leap is not improving detection—it is enabling systems to decide and act. Effective agent systems require clear separation of concerns, real-time feedback loops, and strong visibility into decision-making.

🔍 What’s Next

  • Personalized risk profiles for individual users
  • More advanced feedback loops for decision optimization
  • Integration with real financial APIs
  • Expansion into broader financial operations beyond fraud prevention

Built With

TypeScript, Node.js, React, Assistant UI, Google DeepMind API, DigitalOcean Kubernetes (DOKS), PostgreSQL, FastAPI, REST APIs, event-driven architecture

Github Link temporarily removed for further development.

Built With

Share this project:

Updates