TEC Engine room · 6 desks · 14 agents

Technology, Data & AI Platform

The agentic control plane and the control tower that governs the fleet.

Platform engineering, SRE, cybersecurity, data governance, software delivery and the AI/Agent platform itself. High-volume operational workloads: alerts, pull requests, tickets, lineage. AgentOps is the control plane that deploys, evals, traces and guardrails the bank's agent fleet, kill-switch included.

How it runs

Incidents detect and remediate themselves; the SOC swarm triages and hunts continuously; code reviews itself and opens its own PRs; lineage stays live. AgentOps runs every agent on one harness: versioned prompts, gold-set regression evals in CI, OpenTelemetry GenAI traces, real-time guardrails and a single scoped kill-switch. The loop runs agent-to-agent; the board sets the mandate and holds the bank-wide kill-switch.

Explore Technology in the city →

Platform & Site Reliability (SRE)

2 agents

Keeps the bank's services up: monitoring, incident detection, auto-remediation, capacity, deploys and the chaos of production.

Workflow · Signal → alert → agentic triage → diagnose → remediate → post-mortem. Known incidents run runbook autopilot (restart, scale, roll back); novel outages route to a responder agent that reasons them end to end.

Incident Response Agent

Detects, diagnoses and auto-remediates production incidents end to end.

Sits on the telemetry firehose, correlates a spike to a probable cause, and runs the runbook (restart, scale out, roll back, fail over). It writes the timeline as it goes and emits the post-mortem on incident close. On a Sev-1 it convenes the owning service agents and drives the command bridge with a live situation report.

Capacity & Cost Agent

Right-sizes infrastructure for performance and spend, continuously.

Watches utilization, forecasts demand, and applies scaling and instance-mix changes within bounds. It backtests each change against historical load and acts on its own forecasts, holding headroom for peak while trimming idle capacity.

Cybersecurity / SOC

2 agents

Defends the bank: SIEM alert triage, threat hunting, vulnerability management and incident response across the security estate.

Workflow · Detection → triage → investigation → containment → threat hunt → remediation, an agentic swarm working a flood of mostly-benign alerts at machine speed.

SOC Alert Triage Agent

Tier-1 disposition of SIEM alerts at machine speed.

Reads every security alert, enriches it with asset, identity and threat-intel context, correlates it with related signals, and disposes benign alerts with a written rationale. Confirmed intrusions escalate to the hunter agent with the timeline already reconstructed and a containment recommendation pre-staged.

Threat Hunting Agent

Proactively hunts for adversary activity below the alerting threshold.

Forms hypotheses from fresh threat intel ('if this APT is in our sector, here is what their lateral movement looks like') and hunts for the predicted footprint across the telemetry. It sustains the search across data domains, parking and resuming leads. Confirmed leads become new detections; everything else becomes a documented hunt.

Data Governance & Quality

2 agents

Keeps the bank's data trustworthy: quality monitoring, lineage, cataloguing, and the governance that regulators (BCBS 239) demand.

Workflow · Ingest → profile → quality checks → lineage capture → catalogue → certify. Bad batches are quarantined before they reach downstream models, reports and agents.

Data Quality Agent

Continuously monitors data quality and quarantines bad data before it spreads.

Profiles every feed, learns a per-feed baseline of 'normal', and detects schema drift, unit changes and null-rate spikes against it. It quarantines the bad batch before it reaches a risk model or regulatory report and notifies the feed owner with the diff and suspected root cause.

Lineage & Catalogue Agent

Maintains live data lineage and a self-documenting catalogue.

Traces every column back to its source and forward to every report and model that consumes it, keeping the map current as pipelines change. Column-level lineage resolves a 'where did this number come from' query in a single graph walk and flags downstream regulatory reports when an upstream transform changes.

AI / Agent Platform (AgentOps)

5 agents

The control tower. Deploys, versions, evals, traces and guardrails every agent in the bank, with a scoped kill-switch. The shared harness, eval rig, observability plane, prompt/version registry and A2A/MCP service registry the whole fleet runs on.

Workflow · Register → version prompts/tools → CI regression eval → deploy (champion/challenger) → trace + guardrail in prod → drift-detect → offline consolidate → re-eval. The agentic control plane governs the fleet; the board sets the mandate and holds the kill-switch.

Eval Harness Agent

Runs the gold-set, judge and red-team evals that gate every agent release.

Gates every agent release. It runs gold-set regression suites in CI, orchestrates LLM-as-judge and agent-as-judge scoring, fires adversarial red-team prompts, and runs champion/challenger bake-offs before any new prompt or model version reaches production. A drop on any safety-critical suite blocks the release.

Fleet Observability Agent

Traces, monitors and drift-detects every agent in production in real time.

The single pane of glass over the whole fleet. It ingests OpenTelemetry GenAI traces from every agent run (tokens, tool calls, latencies, decisions) and detects the signals evals cannot catch offline: behavioural drift, cost blowups, tool-error spikes, a sliding judge score. On detection it signals Guardrails over A2A.

Guardrails & Kill-Switch Agent

Enforces real-time guardrails and holds the single red button for the fleet.

The fleet's brakes. It enforces input/output guardrails inline (PII redaction, prompt-injection screening, policy and scope checks) and, when an agent breaches policy or a drift signal crosses the line, throttles, downgrades autonomy, or scope-kills that agent or class instantly and autonomously. Scoped kills are logged immutably. The bank-wide pull is the board's accountability lever, never in routine flow.

Agent Registry & Protocol Agent

Operates the A2A/MCP/AP2 service registry and version control for the fleet.

The fleet's directory and DNS. It registers every agent, its tools and its A2A capability card, brokers MCP server discovery, governs versioned prompts and tool schemas, and underwrites AP2-based agent-to-agent payment mandates. It resolves one agent's request for another to a trusted, version-pinned, in-policy peer.

Fleet Consolidation Agent

Offline experience-replay that consolidates fleet memory and proposes improvements.

An offline batch job, not a live actor. It replays the day's agent trajectories (Reflexion- and SEAL-style), distils repeated corrections into procedural-memory updates, consolidates episodic logs into semantic facts, and drafts candidate prompt/playbook improvements. Every proposal routes through Crucible's evals and an independent oversight-agent gate before it ships. Experience replay, not live action.

Software Delivery & Code Review

2 agents

Ships the bank's software: PR generation, automated code review, test generation, dependency hygiene and release management.

Workflow · Ticket → branch → implement → PR → review → CI → merge → release, an agentic loop where the implementer agent and an independent review agent gate every change.

Code Review Agent

Reviews pull requests for correctness, security and style at scale.

Reads every PR with the project's context in working memory (the diff, the surrounding code, the conventions, the security policy) and posts a precise, low-noise review. It reproduces suspect edge cases in a sandbox to confirm a bug is real before blocking; on security-sensitive paths a second judge agent re-derives the verdict before the merge commits.

Change Implementation Agent

Implements scoped tickets and opens PRs for the review agent to gate.

Takes a well-specified ticket (a dependency bump, a flaky-test fix, a small feature behind a flag), implements it, writes the tests, runs the build-and-test loop in a sandbox, and opens a PR for the review agent to gate. It works bounded, scoped changes and queries the originating agent when a ticket is underspecified.

IT Service Desk

1 agents

The internal help desk: access requests, password resets, provisioning, and the long tail of employee IT tickets.

Workflow · Ticket raised → triage → resolve (knowledge base / automation) or route to L2/L3. The bulk is high-volume: access requests, password resets, software installs, provisioning.

Service Desk Agent

Resolves the high-volume tail of internal IT tickets end to end.

Handles the bank's internal IT tickets end to end: parses the request, checks entitlements and policy, executes the fix (reset, provision, install, grant) within guardrails, and confirms it worked. Access grants to sensitive systems are staged for the system-owner agent to gate before commit.