Tech Stack

Stateful, long-running, conditional routing with human checkpoints. Powers the 6 ALM Optimisation agents (AO-1 to AO-6). Chosen for 10-year swap persistence, complex state machines, and human-in-the-loop approval gates.

Multi-agent group chat with bounded session, Azure service integration, and deterministic speaker order. Powers the 5 Buy-Side agents (BS-1 to BS-5). SK plugins provide ADF, ERP, and Azure OpenAI integration.

Deterministic ETL with full asset lineage, registry polling schedules, and no LLM reasoning. Powers the 6 Supply-Side agents (SS-1 to SS-6). Dagster for primary orchestration; Prefect as fallback for simpler pipeline tasks.

Used exclusively for LLM reasoning tasks in Buy-Side agents (BS-1 liability interpretation, BS-3 CSR narrative). All arithmetic and deterministic operations handled by pipeline code — never by LLM.

Convex optimisation library for the ALM matching engine (AO-2). Minimises duration mismatch between corporate liability profiles and available NRW inventory. Generates optimal ALM match sets with confidence scores.

All internal and external API surfaces. Auto-generates OpenAPI 3.1 documentation from Pydantic v2 models. Async handlers for high-throughput registry polling and event processing.

Primary transactional store for all client records, NRW programmes, swap book state, proof bundles, and audit logs. ACID compliance required for financial instrument records. Azure Database for PostgreSQL (managed).

MRV time-series data from registry polling and VVB audit feeds. Stores NRCS scores, permanence metrics, and additionality measurements over time. Enables trend analysis for proof validation.

Raw file storage for VVB audit PDFs, ISDA term sheet documents, ISSB S2 disclosure packs, and FpML XML files. Versioned, encrypted at rest. Lifecycle policies for 7-year regulatory retention.

Kafka-protocol event streaming for inter-system communication. CloudEvents 1.0 standard. Handles pipeline-to-agent handoffs, CarbonSolvencyRatio events, NRCSScoredEvents, and swap execution notifications.

ERP data ingestion pipeline. Connects to SAP, Oracle, and Workday for GHG inventory data. Normalises to tCO₂e standard. Triggered by BS-1 Liability Aggregator agent via SK ADFPlugin.

Session state for AutoGen group chat sessions. Proof bundle caching for repeated validation requests. MTM price caching for daily swap book loop. TTL-based expiry aligned to market hours.

Primary cloud platform. Azure Kubernetes Service (AKS) for container orchestration. Azure Container Registry for image management. Azure Monitor + Application Insights for observability. UK South region primary, UK West DR.

Zero-trust service-to-service authentication. No secrets in code or environment variables. All service principals use managed identities. RBAC enforced at resource level. FCA-grade audit logging of all auth events.

JSON Object Signing and Encryption (JOSE) with JSON Web Signatures (JWS) for all proof certificates, audit log entries, and swap execution records. Provides cryptographic non-repudiation required for FCA compliance.

GitHub Actions for PR validation, unit tests, and container builds. Azure DevOps for deployment pipelines to staging and production. Blue-green deployments for zero-downtime releases. Quality gates block deployment if FCA-critical tests fail.

All services containerised. Kubernetes for orchestration via AKS. Horizontal pod autoscaling for registry polling and event processing workloads. Namespace isolation between Buy-Side, ALM Engine, and Supply-Side layers.

Distributed tracing across all 17 agents using OpenTelemetry. Azure Monitor for infrastructure metrics. Application Insights for agent performance. Custom dashboards for swap book health, proof gate latency, and registry polling status.