Agentic-AI controls for financial services
Muswell sits between your AI agents and the tools they touch — CRM, email, payments, files — and enforces least-privilege permissions, human approval gates, kill-switches and tamper-evident audit logs. Built around the controls your second line and external auditors actually look for.
The risk surface
Used well, AI agents are one of the biggest operational gains financial services has had in years. What stands between your firm and that gain is an unfamiliar risk surface — not hallucinated answers, but real actions taken on the firm's behalf by software it cannot fully see.
A coding agent with write access to production. A client-facing agent that can send mail on the firm's behalf. Excessive access turns a small mistake into a reportable incident.
Hostile instructions hidden inside emails, PDFs and CRM notes get silently followed by an agent. The NCSC has confirmed this cannot be fully patched at the model layer.
An agent reading a client mailbox forwards data through a chained tool call. Without a control point between the agent and the tool, you discover it from the client.
A third-party plug-in or tool description is changed upstream. The agent now does something the firm's policy never approved.
No tamper-evident record linking prompt, retrieved context, tool call, approver and outcome. Internal audit cannot evidence what happened, when, or why.
Five risks worth naming. One control plane that addresses them — so the opportunity is yours to take, safely.
The control plane
Control
Capability-scoped tool access. Human approval required for the actions that matter. A single switch that halts every agent in scope, instantly.
Monitor
Every prompt, retrieved context item, tool call, parameter, approver identity, outcome and cost captured in an append-only log built for evidence.
Secure
Risk-score new agents before they go live. Apply policy templates aligned to FCA Consumer Duty, SM&CR and ISO 42001 — without writing them from scratch.
Why financial services
Wealth managers, IFAs, brokers, fintech lenders and accountancy practices are putting AI agents into client mail, advice workflows and back-office tools. Every one of those agents acts inside a regulated process — and the regulator does not grade firms on a curve.
Muswell is built for that world. The policy templates, the audit evidence and the vocabulary are mapped to FCA Consumer Duty, SM&CR and the standards your board already reports against — so the controls fit the rules you already work to, rather than a generic AI-governance checklist.
Explore by firm typeA working example
An LLM agent reads inbound client mail, drafts replies and proposes next actions. Without a control layer the agent can send mail, attach files, and act on instructions hidden in a client's signature.
Standards alignment
FCA Consumer Duty
Demonstrate good outcomes and avoid foreseeable harm from AI-driven decisions.
SM&CR
Evidence senior-manager oversight of AI deployments and accountable decisions.
FCA Operational Resilience
Identify important business services exposed to agentic AI and bound the impact.
ISO/IEC 42001
Operate an AI management system with the documented controls auditors expect.
NIST AI RMF 1.0
Map, measure, manage and govern AI risk with consistent artefacts.
EU AI Act
Meet GPAI obligations and prepare for broad application from August 2026.
Muswell is aligned to these frameworks. It is not itself certified to them.
Thirty minutes. We'll walk you through a working email-triage agent inside Muswell and the evidence pack it produces.