Financial services teams operate in a regulated environment where AI errors on billing, account, and refund queries are not just operational problems — they create regulatory exposure, customer harm, and audit risk.
FortiVault and FortiAgent give financial services support teams the governance layer AI requires in regulated environments: a real-time AI Trust Score, category-level automation gating, and a per-decision audit trail that covers every AI-driven customer interaction.
The Governance Requirement
Most AI customer support platforms are built to maximise resolution rate — how many queries the AI handles without human involvement. In financial services, that metric is incomplete. The question regulators, risk teams, and compliance functions ask is different: what controls are in place to ensure the AI is accurate before it automates, and what is the audit trail when it is not?
An AI agent that resolves billing queries at 70% accuracy — without a mechanism to detect that accuracy or require human review when it falls — is not a governed AI deployment. It is an ungoverned one with a resolution rate attached.
FortiVault's governance layer sits above FortiAgent's execution layer. Every AI response is evaluated against the Trust Score for that query category. If accuracy in billing has not reached the configured threshold, the response is held for human review — automatically, before the customer sees it.
Query Categories
Not all support queries carry the same risk in financial services. FortiVault's per-category gating means each query type can have its own accuracy threshold and automation policy — billing queries do not have to wait for FAQ accuracy to catch up, and FAQ automation does not depend on billing gating being resolved.
Incorrect billing information — wrong amounts, missed payments, incorrect refund calculations — creates direct financial harm and regulatory exposure. FortiVault gates billing automation at a higher accuracy threshold and requires human review when Trust Score drops below it.
Account changes, access modifications, and profile updates are sensitive operations. Every FortiAgent action in this category is logged — which knowledge source was retrieved, which connector was called, what change was proposed, and whether a human approved it.
Refund decisions made by AI without governance controls create liability. FortiVault ensures every automated refund decision is traceable and that automation is only enabled once FortiAgent's accuracy in this category meets the configured threshold.
General product queries carry lower risk and can be automated earlier in the governance progression. FortiVault's per-category gating means FAQ automation can be enabled independently of billing automation — each category earns the right to automate based on its own measured accuracy.
Security-related queries — suspicious activity reports, card blocking requests, authentication issues — require human review by default. FortiVault can enforce mandatory human oversight for any category regardless of Trust Score, ensuring sensitive query types always involve an agent.
How It Works
FortiAgent retrieves and responds
The customer sends a billing or account query. FortiAgent retrieves the relevant policy from your configured knowledge base and calls the appropriate connector — Stripe for billing data, Salesforce for account records, or your internal systems via registered REST APIs.
FortiVault evaluates before sending
FortiVault checks the AI Trust Score for this query category. If accuracy meets the threshold, the response is sent. If not — or if the category is in mandatory review — the response enters the human review queue before the customer sees it.
Audit trail logged per decision
Every decision is logged: knowledge source retrieved, connector called and result returned, rule applied, Trust Score at time of decision, automation outcome, and agent action if review was triggered. Accessible without querying raw logs.
Capabilities
Per-category Trust Score
Billing queries, account management, refund disputes, and FAQs each have their own accuracy score — updated continuously as FortiAgent handles real conversations. You see exactly where AI is ready to automate and where it is not.
Mandatory review categories
Any query category can be set to mandatory human review regardless of Trust Score. High-risk categories — fraud queries, account closures, large refunds — can always require an agent, permanently or until you decide to change the policy.
Per-decision audit trail
Every FortiAgent response is logged at the decision level: knowledge source, connector call and result, rule applied, automation decision, agent action. Accessible to support admins and exportable for regulatory review.
Bounded execution
FortiAgent cannot respond from general training data. It answers only from your configured knowledge sources and registered connector APIs. No hallucinated policies, no invented product details, no responses outside configured scope.
Live data from Stripe, Salesforce, and internal systems
FortiAgent retrieves live billing and account data through registered connectors before responding. Customers get accurate, current information — not cached or stale data from a knowledge base.
Human review queue
When a response requires review, FortiAgent drafts the response and holds it in a queue for agent approval. The agent can approve, edit, or reject before the customer sees anything. Review history is logged.
Common Questions
FortiVault's Audit Trail logs every FortiAgent decision at the decision level — which knowledge source was retrieved, which connector was called, which rule was applied, and what the outcome was. This creates a traceable record of every AI-driven customer interaction that can be produced for regulatory review. The Automation Gating mechanism also ensures AI does not make decisions in high-risk categories until accuracy is proven, reducing the risk of AI-driven customer harm.
Yes. FortiVault's Automation Gating supports a "disabled" state per category — meaning human review is required regardless of Trust Score. Teams can configure billing and account change categories to remain in mandatory human review, enabling automation only when they are ready to do so.
FortiAgent retrieves live data through registered connector APIs — Stripe, Salesforce, or your internal systems. The AI cannot access data outside explicitly registered connectors. Each connector call is logged, and FortiAgent cannot respond from general training data — only from configured knowledge sources and live connector results.
FortiVault monitors Trust Score continuously, per category. When billing query accuracy drops below the configured threshold, FortiVault immediately requires human review for all billing responses — before any more customers receive potentially inaccurate information. Automation resumes automatically when accuracy recovers.
Trust Score, Automation Gating, and Audit Trail — working together in a live FortiAgent deployment configured for financial services query types.