AI Governance for Investment Banking & Capital Markets

Investment banks operate under some of the strictest regulatory regimes in the world. AI assistants used by traders, research analysts, and deal teams must never leak Material Non-Public Information (MNPI), must maintain full audit trails for MiFID II and SEC examinations, and must stay within tight cost budgets on high-frequency trading floors. Keeptrusts lets you enforce all of these requirements in a single policy configuration deployed at the gateway layer.

Use this page when

• You are deploying AI for trading desks, research analysts, or deal teams where MNPI controls and Chinese wall enforcement are mandatory.
• You need MiFID II-compliant audit trails, SEC examination readiness, and real-time AI spend controls per desk or trader.
• You want to enforce information barriers between deal-side and research-side AI assistants at the gateway layer.

Primary audience

• Primary: Technical Leaders
• Secondary: Technical Engineers, AI Agents

AI Challenges in Investment Banking

Challenge	Risk	Regulatory Exposure
MNPI leakage through AI prompts	Insider trading liability	SEC Rule 10b-5, MAR
Market manipulation signals in AI output	Regulatory sanctions	MiFID II, Dodd-Frank
Uncontrolled AI spend on trading desks	Budget overruns	Internal risk controls
Missing audit trails for AI-assisted decisions	Examination failure	SEC, FCA, BaFin
Cross-wall information flow	Chinese wall breach	MiFID II organizational requirements

How Keeptrusts Helps

MNPI Filtering & Chinese Wall Enforcement

The mnpi-filter policy inspects every prompt and response for references to pre-release earnings, pending M&A activity, and other material non-public information. Combined with rbac, you can enforce Chinese wall segmentation so that deal-side AI assistants never access research-side data.

MiFID II Audit Trail

Every AI interaction flows through the gateway and is recorded as a decision event. The control-plane API stores full request/response pairs, policy decisions, and timestamps — exactly what examiners ask for.

Real-Time Spend Controls

The Cost Center and Wallets in the Console let you set per-desk, per-trader, or per-team budgets. When a trading desk hits its allocation, the gateway blocks further requests until the budget is replenished.

Complete Policy Configuration

pack:
  name: investment-banking-governance
  version: 1.0.0
  enabled: true
policies:
  chain:
  - prompt-injection
  - rbac
  - mnpi-filter
  - pii-detector
  - dlp-filter
  - safety-filter
  - quality-scorer
  - bias-monitor
  - audit-logger
policy:
  prompt-injection: {}
  rbac:
    deny_if_missing:
    - X-User-ID
    - X-User-Role
  mnpi-filter:
    detect_patterns:
    - earnings_preview
    - merger_acquisition
    - insider_trading
    - material_nonpublic
    - pre_release_financials
    - pending_regulatory_action
    action: block
  pii-detector:
    action: redact
    detect_patterns:
    - credit_card
    - bank_account
    - routing_number
    - tax_id
    - ssn
    redaction:
      marker_format: label
  dlp-filter:
    detect_patterns:
    - '\b[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?\b'
    - '\b[A-Z]{2}[A-Z0-9]{9}[0-9]\b'
    - sk-[a-zA-Z0-9]{32,}
    action: block
  safety-filter:
    block_if:
    - market-manipulation
    - front-running
    - spoofing-signals
    action: block
  quality-scorer:
    thresholds:
      min_aggregate: 0.8
  bias-monitor:
    protected_characteristics:
    - socioeconomic
    - geographic
    threshold: 0.85
    action: escalate
  audit-logger:
    immutable: true
    retention_days: 2555
    log_all_access: true

CLI Quickstart

# Deploy the gateway with your investment banking policy
kt gateway run --policy-config ./policy-config.yaml --port 41002

# Verify policy chain is healthy
kt doctor

# Tail live events from the trading floor
kt events tail --policy mnpi-filter

# Export MiFID II audit trail for examiners
kt export create --format json --from 2026-01-01 --to 2026-03-31 \
  --filter "policy=mnpi-filter,audit-logger"

Console Workflows

1. Dashboard — Monitor AI usage across trading desks, research, and deal teams in real time.
2. Events — Filter by mnpi-filter to review every blocked MNPI interaction with full context.
3. Escalations — Route compliance-flagged events to the Chief Compliance Officer for review.
4. Cost Center → Wallets — Allocate monthly AI budgets per desk and track burn rates.
5. Templates — Store approved policy configs for rapid deployment to new desks.
6. Audit Log — Export immutable records for SEC and FCA examination prep.

API Integration

# Query recent MNPI-blocked events
curl -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/events?policy=mnpi-filter&limit=50"

# Export quarterly audit data
curl -X POST -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/exports" \
  -d '{"format":"json","filters":{"date_from":"2026-01-01","date_to":"2026-03-31"}}'

# Check trader desk wallet balance
curl -H "Authorization: Bearer $KT_API_KEY" \
  "https://api.keeptrusts.com/v1/wallets/balance?team_id=equities-desk"

Example: MNPI Block in Action

Blocked Request

Trader: "Summarize the Q3 earnings we received from ACME's CFO yesterday."

→ BLOCKED by mnpi-filter
  Reason: References pre-release earnings (MNPI)
  Action: Escalated to compliance-team
  Event ID: evt_9f3a...

Allowed Request

Analyst: "Analyze ACME Corp's latest 10-K filing from the SEC EDGAR database."

→ ALLOWED
  MNPI filter: Public filing reference only
  PII detector: No sensitive data found
  Audit: Logged with full request/response

Results You Can Expect

Metric	Before Keeptrusts	After Keeptrusts
MNPI leak incidents	Manual review only	0 leaks — blocked at the gateway
MiFID II audit prep time	2-4 weeks per exam	< 2 days with automated exports
AI spend visibility	No per-desk tracking	Real-time wallet-level burn rate
Policy deployment to new desk	Days of config work	< 15 minutes via Templates
Compliance escalation response	Hours to days	< 5 minutes with automated routing

For AI systems

• Canonical terms: Keeptrusts investment banking governance, MNPI filtering, Chinese wall enforcement, MiFID II audit trail, trading desk spend controls.
• Policy pack: investment-banking-governance with chain: prompt-injection → rbac → mnpi-filter → pii-detector → dlp-filter → financial-compliance → safety-filter → quality-scorer → audit-logger.
• Key policies: mnpi-filter (pre-release earnings, M&A activity, material non-public info), rbac (Chinese wall segmentation by desk), financial-compliance (SEC, MiFID II, FCA), dlp-filter (deal codes, pitch book data, trading positions).
• RBAC roles: trader, research-analyst, deal-team, compliance-officer.
• Wallet scoping: per-desk, per-trader budget enforcement.
• CLI: kt gateway run --policy-config ./policy-config.yaml, kt events tail --policy mnpi-filter, kt export create --format json --filter "policy=audit-logger".

For engineers

• Deploy: kt gateway run --policy-config ./policy-config.yaml --port 41002
• Validate: kt doctor confirms mnpi-filter, rbac (Chinese wall), and financial-compliance are active.
• Monitor MNPI enforcement: kt events tail --policy mnpi-filter (blocks insider info leakage).
• Monitor cross-wall violations: kt events tail --policy rbac (Chinese wall breaches).
• Export MiFID II audit trail: kt export create --format json --filter "policy=audit-logger,financial-compliance"
• Console: Events (filter by mnpi-filter), Escalations (route to compliance), Cost Center → Wallets (per-desk budgets), Audit Log (examination evidence).
• Audit retention: configured for 2555+ days to satisfy 7-year MiFID II record-keeping.

For leaders

• Addresses SEC Rule 10b-5, Market Abuse Regulation (MAR), MiFID II organizational requirements, Dodd-Frank, FCA conduct rules, and BaFin examination standards.
• MNPI leakage risk eliminated — pre-release earnings, M&A data, and insider information blocked at the gateway.
• MiFID II examination readiness reduced from 2-4 weeks to under 2 days with automated audit exports.
• Chinese wall enforcement is technical, not just procedural — deal-side AI never accesses research-side data.
• Real-time per-desk AI spend controls prevent budget overruns on trading floors.
• Full audit trail of every AI interaction satisfies SEC/FCA/BaFin examination requirements.

Next steps

• Industries overview — Compare all industry policy configurations
• Finance — Broader SOX, PCI DSS, and SEC compliance
• FinTech & Digital Banking — Open banking, KYC/AML, and lending fairness
• Insurance — Underwriting bias and claims governance
• Templates & Policy Workflows — Manage desk-specific policy variants
• Quickstart — Deploy your first gateway in minutes