Sovereign AIP · On-prem · Open-weight Llama · A design-partner proposal for BFSI

The investigation engine that reasons over your world, not text about it.

A sovereign financial-crime platform: a local Llama reasons over a typed ontology of your accounts, claims and companies to expose fraud rings and draft the regulatory report — every action human-approved, nothing leaving the building. We want one design partner to harden it — we think that's Jio Financial Services.

The console runs on-prem — by design, it never leaves your machine. Run it locally →

Zero external egress 6 sectors · 1 engine Copilot, not autopilot
6Ontologies
18Object types
18Link types
0Lines of engine code per vertical
The problem

An Indian bank cannot legally send this data to a frontier API.

So Praheri runs the entire intelligence layer on-prem, on open-weight Llama, with a human on every consequential action.

+ Why the cloud copilot is a non-starter

RBI data-localization rules it out, and a black-box API can't be audited, fine-tuned, or trusted with a freeze decision. The alternative is a model of the institution's own world that reasons in-building — sovereign and capable at once.


The foundation — the Ontology

Not a database. A digital twin of the organization.

Your data stops being rows in a table and becomes a live, connected map of reality that analysts and AI reason over together.

+ The two layers

Borrowing Palantir's framing: a semantic layer — the nouns and how they relate — and a kinetic layer — how decisions are written back as governed actions.

Semantic ·
Objects

Typed objects with properties

Every entity is a typed object — Account, Transaction, Claim, Company — with its own properties.

typeidproperties{}
Semantic ·
Links

Typed links between objects

Relationships are first-class and typed — sent →, owns →. Tracing a ring six hops out is a native traversal, not a recursive SQL nightmare.

linked_ids[]directedtraversable
Kinetic ·
Actions

Governed actions write decisions back

The model never mutates data. It proposes — freeze, file an STR, escalate KYC — a human approves, and it's applied and audited.

proposehuman approvesaudit log

The differentiator — OAG

RAG retrieves text about your world. OAG retrieves the world itself.

Ontology-Augmented Generation feeds the model typed, linked objects — not prose that mentions them — so every claim cites a real object ID. The ring isn't described; it's traversed.

RAG · text retrieval

The model reads paragraphs and guesses

Case notes come back as prose. The model re-parses English to infer who connects to whom — and may invent a link, or miss one.

"Account 4471 received several transfers in March; the holder shares an address with a customer flagged last year…" → can't say it's 5 accounts / 12 txns → links are inferred, unverifiable
OAG · ontology retrieval

The model traverses real structure

The same ring comes back as typed objects with real links. The model follows the edges, sees the cycle, names every node by ID. The structure is the evidence.

{ type:"Account", id:"ACC-4471", properties:{ risk: 0.91 }, linked_ids:["TXN-99","TXN-102"] } → 5 Account · 12 Transaction links → near-circular flow, cited by ID

The wedge — why BFSI, why now

Financial crime is a graph problem, at the exact moment sovereign LLMs became viable.

In BFSI the pain, the regulation and the data-shape all point at the same architecture. Three forces just converged:

01 · THE CRIME

Fraud lives in the links

Laundering, staged-claim rings and shell ownership are patterns of connection, not properties of a single row. A relationship-native ontology is the right data model; flat tables aren't.

02 · THE MANDATE

Regulation forbids the easy answer

RBI data-localization and the DPDP Act rule out a frontier-cloud copilot for this data. The only compliant path is on-prem, open-weight, auditable — and that constraint is our moat.

03 · THE UNLOCK

Open weights are finally good enough

Llama-class models now classify a typology and draft a filing-grade narrative on a single on-prem box. What used to need a frontier API runs inside the building — sovereign and capable, no longer a trade-off.


The honest division of labour

We didn't replace ML with an LLM. We use each for what it's actually best at.

Graph algorithms and rules find the ring — better than any LLM — so they do the detection, in deterministic Python. Llama does the two jobs ML structurally can't.

Deterministic engine · does the finding

Graph + rules detect the ring

Ring traversal, structuring / circular-flow detection and the risk floor are pure code — reproducible, auditable, no hallucination. A fired signal is a confirmed typology the model can escalate but never downgrade to CLEAR.

traverse_ring() → the network compute_signals() → the typology deterministic floor → never un-flags → this is what ML/graph is great at → so the LLM never does the detecting
Llama · does what ML can't

Synthesis + generalization

1 · It writes the report a human can sign. Graph output is a diagram and a score; the officer must file plain English. (A filing-grade STR for FIU-IND, citing real IDs.)

2 · One brain works for every department. Swap the settings file, not the model — no per-sector retraining. (Zero per-domain feature engineering or labelled set.)

+ Why ML can't do these

A graph model outputs a diagram and a risk score, but the compliance officer has to file a written report that names each account and explains, in words, why it's suspicious — grounded in the bank's own rules. That's what an LLM does and a graph model can't.

And a traditional fraud model must be custom-built and re-trained per area — one for banking, another for insurance — each with its own data and team. The same Llama handles all of them by swapping the config.

"Accounts ACC-MULE-0106 each received sub-₹50k deposits then funnelled to ACC-BENEF-STRUCT — structuring under [policy §]. Recommend FILE." → a document a human can sign → same engine, any ontology, 0 new code

Why Praheri

Sovereign by architecture. Governed by design.

01

Sovereign & open-weight

The whole stack runs on-prem on open-weight Llama. Compliance by construction, not by promise.

  • Your data never leaves the building
  • RBI localization is the architecture, not a setting
  • No per-token tax, no vendor lock-in
  • Auditable, fine-tunable weights
02

Copilot, not autopilot

The model proposes; a human approves; everything is audited. No mutation without a governed action.

  • High-stakes actions need a human signature
  • Freezes & filings route to an approval queue
  • Append-only audit: actor, time, model
  • Defensible in front of a regulator
03

One engine, six sectors

Swap the ontology cartridge and a new sector lights up — zero engine code changed.

  • The investigation loop is universal
  • Only the nouns change per vertical
  • Six verticals, one codebase
  • Build once, monetize six times
Triage Traverse Detect Decide Govern Audit

This pipeline is unchanged across all verticals.


The cartridges — Phase 1 with JFS, then the platform

Two sectors map onto Jio's group today. The rest is your roadmap.

Each sector is a configuration — typed objects, the signals to detect, the governed actions a human approves. The engine never changes. AML and Insurance are where we'd start with JFS — they sit directly on Jio Payments Bank, Jio Finance and Jio Insurance Broking. The other four prove the same engine already reaches across the group.

◆ Phase 1 — live today, mapped to JFS
🛡️ AML — Anti-Money-LaunderingJio Payments Bank · Jio Finance (NBFC) · UPI · RBI / FIU-IND · STR filing +
For JFS: Jio Payments Bank + UPI + Jio Finance move retail money at Reliance scale — which is precisely where mule networks and structuring hide. Banks generate thousands of transaction-monitoring alerts a day; analysts drown in false positives while real laundering hides in the noise. Praheri traverses from the flagged account across its transaction links to counterparties, customers and shared devices to expose the surrounding network — then drafts a Suspicious Transaction Report grounded in object IDs, ready for FIU-IND.
JFS entity
Jio Payments Bank · Jio Finance · UPI
Objects traversed
Account · Transaction · Device · Counterparty
Detects
Structuring / smurfing, layering, funnel accounts, circular mule flows
Governed action
request_account_freeze · file_str → MLRO approves
🚑 Insurance — Claims-Fraud SIUJio Insurance Broking · Allianz Jio Reinsurance · IRDAI · DPDP Act 2023 +
For JFS: Jio Insurance Broking and the Allianz Jio reinsurance JV put the group squarely in claims risk — where organized fraud is the margin killer. A single claim looks legitimate in isolation; organized fraud only shows up in the links between claims. Praheri traverses from a suspicious claim to its policyholder, repair garage, claimant and policy, surfacing entities that recur across supposedly unrelated claims. The signal is shared-node density: one workshop or person at the centre of many "accidents."
JFS entity
Jio Insurance Broking · Allianz Jio Reinsurance
Objects traversed
Claim · Garage · Claimant · Policy
Detects
Staged-accident rings, garage/provider collusion, identity reuse
Governed action
refer_to_siu — hold payout pending review
◇ The platform reach — same engine, JFS's expansion roadmap
🏦 Lending — Early-Warning SignalsMaps to Jio Finance (NBFC) · RBI EWS · Digital Lending 2022 +
As Jio Finance scales its loan book, stress is visible months before an account is classified NPA — but the signals sit scattered across systems. Praheri traverses from a borrower to its loans, directors, related parties and repayment history to assemble a live risk picture — catching distress spreading through a shared-control network before it surfaces in the books.
Objects traversed
Borrower · Loan · Director · Inflow
Detects
EMI-bounce stress, common-director contagion, circular related-party lending
Governed action
margin_call · downgrade_rating (SMA)
📈 Wealth — Suitability & Mis-sellingMaps to JioBlackRock (AMC) · SEBI IA Regs · SCORES +
With JioBlackRock bringing asset management to the group, suitability risk follows. Advisors face incentives to push high-commission products onto clients they don't fit, exposing the firm to SEBI action and restitution. Praheri traverses from a client to their suitability profile, sales, products and advisor, comparing what was sold against the client's documented risk appetite — and flagging advisors who breach repeatedly across a book.
Objects traversed
Client · SuitabilityProfile · Sale · Product · Adviser
Detects
Suitability breach, churning, advisor-level mis-selling clusters
Governed action
flag_misselling → compliance approves
🏢 Corporate — UBO / OwnershipGroup-wide KYC · RBI CDD/EDD · FATF Rec 24 +
Every JFS entity onboarding a corporate customer must know the real human Ultimate Beneficial Owner — but ownership is deliberately obscured through layered holdings across jurisdictions. Praheri traverses the company-owns-company graph through multiple layers to compute effective control and resolve the true UBO — the signal is the shape of the ownership graph itself.
Objects traversed
Company · UBO via owns → shareholding
Detects
Circular / cross-holdings, shell layers, <25% threshold evasion
Governed action
escalate_kyc_review (Enhanced Due Diligence)
📦 Procurement — Maverick SpendThe non-financial proof · Reliance group internal controls +
The proof the platform isn't AML-shaped plumbing: the same engine runs a completely non-financial ontology. Enterprises lose margin and invite collusion when employees buy off-contract or split orders to dodge approval limits. Praheri traverses from a requisition to its vendor, budget and contract, checking spend against policy and the Delegation-of-Authority matrix — the exact same engine, a completely different ontology, relevant to any Reliance-group entity.
Objects traversed
Requisition · Vendor · Budget
Detects
Maverick spend, budget / DoA breach, invoice-splitting, vendor collusion
Governed action
approve_purchase_order — over-budget → same MLRO gate

The proposal — design partner

Why Jio Financial Services, and how we'd build it together.

JFS spans every sector this engine already runs — payments, lending, insurance, asset management — at Reliance scale, greenfield enough to build compliance-native. We're proposing a design partnership to harden Phase 1 on your real workflows.

Your
offering

Jio Payments Bank · Jio Finance · UPI

Retail money movement at Reliance scale is the natural home of mule networks and structuring. → Praheri AML: expose the ring, draft the STR for FIU-IND, propose the freeze — human-approved, audited.

Your
offering

Jio Insurance Broking · Allianz Jio Reinsurance

Claims exposure is where organized fraud erodes the loss ratio. → Praheri Insurance SIU: surface staged-accident and garage-collusion rings across otherwise-unrelated claims before payout.

Your
roadmap

JioBlackRock · group KYC · Reliance procurement

As the group expands, the same engine extends to wealth suitability, corporate UBO resolution and procurement controls — zero engine code per sector. One platform, the whole JFS surface.

VALUE

What JFS gets

  • Fewer false positives, faster analyst throughput
  • Filing-grade STRs drafted, not hand-written
  • Insurance fraud caught before payout
  • One platform across the whole group, not six tools
  • Compliance-native from day one — no retrofit
USP

Why only this works

  • Sovereign: on-prem, open-weight — RBI/DPDP-compliant by architecture
  • OAG over a typed ontology — reasons on structure, cites real IDs
  • Copilot, not autopilot — human approves every action, all audited
  • Reusable engine — 0 lines of engine code per new sector
DELIVERABLES

What we ship together

  • AML + Insurance cartridges on JFS's own ontology
  • Connectors to JFS transaction & claims systems
  • MLRO / SIU approval + audit workflow, JFS roles
  • On-prem deployment, zero-egress verified
  • A co-defined success metric per sector
How you adopt it — a staged partnership
Stage 0
2–4 wks

Sandbox pilot — AML, your data shape

Deploy on-prem against a masked slice of Jio Payments Bank transactions. Prove the ring-to-STR loop on real workflow shape. Success metric agreed up front. No data leaves JFS.

Stage 1
1 quarter

Design-partner hardening — AML + Insurance

Iterate the two Phase-1 cartridges on live JFS ontology and MLRO/SIU feedback. Wire the real approval + audit workflow. This is where we co-build — your analysts shape the product.

Stage 2
roadmap

Platform rollout — group-wide

Extend the same engine to Jio Finance lending EWS, JioBlackRock suitability, group UBO and procurement — each a config cartridge, not a new build. One sovereign intelligence layer for all of JFS.


See it run

Pick an alert. Watch the ring light up.

The live console runs the full loop — triage, traverse, expose the ring, draft the report, propose a freeze, approve as MLRO, read the audit trail — all on-prem, zero egress.

Sovereign by design — the console can't be hosted on a public cloud without breaking the premise. It runs on your own machine, with no network egress.

Run it yourself

Five commands. Your machine. Zero egress.

Open source, on-prem, open-weight Llama via Ollama. Clone it, point at a local model, and the full loop runs with no network calls.

terminal
# 1 · clone the repo
git clone https://github.com/surajsrivastava94/praheri-sovereign-aip.git
cd praheri-sovereign-aip

# 2 · python env + dependencies (Python 3.11+)
python -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt

# 3 · pull the open-weight models, then serve them locally
ollama pull llama3.1:8b
ollama pull nomic-embed-text
ollama serve

# 4 · generate the synthetic bank + planted fraud rings
python -m praheri.generate
python -m praheri.generate_verticals

# 5 · launch the console  →  http://localhost:8501
streamlit run app/streamlit_app.py
No GPU required for the 8B demo model · synthetic data only · nothing leaves your box. Need a hand? Email me →