Concepts

The policy layer

Three actors, one contract. Understand them and the rest of this documentation falls into place.

Three actors

  • The agent proposes. It reads state, sizes ideas, and calls validate or propose endpoints. It never executes.
  • The policy decides. The user’s Investment Policy Statement is encoded as a structured bundle of bands, floors, ceilings, and standing rules. Every proposal is evaluated against it deterministically.
  • The human attests. Allowed proposals land in the user’s attestation queue in the AC app, where the user accepts or rejects before anything reaches a custodian.

Why not let the agent execute?

Letting an agent execute compresses every risk decision into one prompt. That decision happens at the worst possible moment — under whatever context window pressure the model is under — and the consequence is irreversible. We hoist those decisions out of the prompt and into a contract you defined off-line, when you weren’t under pressure.

A request’s lifecycle

  • The agent sends a validate_trade or propose_trade call with the trade payload.
  • The server resolves the user’s active IPS, builds a current portfolio snapshot, and runs the proposal through every guardrail (mandate bands, asset authority, standing rules, drawdown).
  • The decision is written to the audit log — accept or reject, with the rule that fired.
  • For validate, the call ends here. For propose, an allowed decision creates a ServiceRequest for human attestation. A blocked decision creates nothing — the agent gets the violations back instead.
  • On attestation, the user accepts; the AC backend executes against the custodian and updates the request to completed.

Compared to execute-style platforms

  • Who decides: the model in the moment (execute) vs. the IPS encoded off-line (policy).
  • Audit trail: per-platform, often opaque vs. every decision logged with the rule.
  • Recovery: the trade already executed and recovery becomes a dispute vs. caught at attestation and never executed.
  • Custody risk: you delegate authority to the agent vs. custody never leaves the user.

Implications for your code

  • Surface attestation back to the user. After propose_trade succeeds, tell the user to open the AC app to approve — don’t pretend the trade executed.
  • Lean on validate_trade. It’s free, audit-logged, and tells you exactly which rules would block your proposal so you can shape it correctly.
  • Let the policy shape sizing. Read get_mandate and use the utilization numbers to choose amounts that fit. Don’t guess.
Last updated 2026-06-15
Suggest an edit·Changelog