AI-powered compliance agent for APAC fintech teams — built for Gen AI Academy APAC · Track 1 · Banking & Financial Services
PolicyGuard monitors regulatory feeds from MAS, HKMA, and ACRA, scores compliance obligations, generates structured action plans, and surfaces alerts — all in a single deployable service with an embedded dashboard.
Fintech teams in APAC face three compounding challenges:
| Challenge | Impact |
|---|---|
| Frequent regulatory updates from MAS/HKMA/ACRA | Teams must monitor multiple regulators simultaneously |
| Manual review loops via spreadsheets and email | Weak traceability and inconsistent interpretation |
| GRC tools are expensive | Smaller fintechs lack affordable structured compliance workflows |
Regulatory Update → Ingest → Assess → Summarize → Plan → Track → Dashboard Alert
- Ingest — Polls regulatory feeds and captures raw policy inputs
- Assess — Scores applicability, severity, and enforceability (0–100)
- Summarize — Converts long-form policy text into concise, actionable guidance
- Plan — Generates deadline-aware action items and remediation payloads
- Track — Retains versioned policy history and surfaces alerts in the dashboard
git clone https://github.com/om-pramod/PolicyGuard.git
cd PolicyGuard
python -m venv .venv && source .venv/bin/activate
pip install -r requirements.txtuvicorn app.main:app --reloadOpen http://localhost:8000/ to view the Regulatory Pulse dashboard.
# Run a compliance check
curl -s http://localhost:8000/compliance-check \
-H 'content-type: application/json' \
-d @samples/compliance_check_sample.json
# Generate an action plan
curl -s http://localhost:8000/actions/plan \
-H 'content-type: application/json' \
-d @samples/action_plan_sample.jsonpytest -qPROJECT_ID=<your-gcp-project> \
REGION=asia-southeast1 \
SERVICE_NAME=policyguard \
bash scripts/deploy_cloud_run.shOr use the provided Dockerfile, cloudbuild.yaml, and cloud-run.yaml directly.
| Endpoint | Method | Description |
|---|---|---|
/ |
GET | Embedded React + Plotly dashboard |
/health |
GET | Service health check |
/compliance-check |
POST | Score and assess a regulation |
/feed/status |
GET | Live MAS/HKMA/ACRA feed status |
/alerts/preview |
GET | Preview critical alert queue |
/alerts/dispatch |
POST | Dispatch webhook alert |
/actions/plan |
POST | Generate prioritized action plan |
/policy/diff |
POST | Semantic diff between policy versions |
/ai/summarize |
POST | AI-powered regulation summarizer |
/versions |
GET | Policy version history |
PolicyGuard supports pluggable, free AI providers — no paid API keys required:
| Provider | How to use |
|---|---|
heuristic |
Built-in fallback, always available |
ollama |
Run local OSS models (Llama, Mistral, etc.) |
huggingface |
Free-tier HuggingFace Inference API |
See docs/free_ai_model_resources.md for setup instructions.
- Backend — FastAPI (Python 3.11), modular routers and services
- Dashboard — Embedded React + Plotly (served from
/) - AI — Pluggable providers: heuristic, Ollama, HuggingFace
- Google OSS — OR-Tools (action prioritization), diff-match-patch (policy diffing)
- Storage — In-memory TTL cache + file-backed JSONL version log (no external DB)
- Security — HTTPS enforcement, per-IP rate limiting, hardened headers, optional Google ID token auth
- Deployment — Docker + Cloud Run (
asia-southeast1)
| File | Purpose |
|---|---|
samples/compliance_check_sample.json |
Sample request for POST /compliance-check |
samples/action_plan_sample.json |
Sample request for POST /actions/plan |
samples/policy_diff_sample.json |
Sample request for POST /policy/diff |
samples/ai_summarize_sample.json |
Sample request for POST /ai/summarize |
samples/grc_action_payload_sample.json |
Sample structured GRC remediation output |
| Doc | Contents |
|---|---|
docs/current_state_guide.md |
Plain-English walkthrough — how it's built and how to demo |
docs/policyguard_development_plan.md |
Full architecture, Cloud Run, timeline, and KPI plan |
docs/policyguard_sg_fintech_playbook.md |
Singapore fintech-focused implementation details |
docs/policyguard_detailed_report.md |
Step-by-step execution report for compliance teams |
docs/google_open_source_extensions.md |
OR-Tools and diff-match-patch integration notes |
docs/security_hardening_google_cloud.md |
Security middleware and Google Identity setup |
docs/next_steps.md |
Execution checklist from local to production |
- FastAPI backend with all required endpoints (
app/) - Embedded React + Plotly dashboard (
static/index.html) - Docker + Cloud Run deployment configs
- Tests for core scoring and remediation logic (
tests/) - Sample payloads for all major endpoints (
samples/) - Google OSS extensions (OR-Tools, diff-match-patch)
- Pluggable free AI providers (heuristic, Ollama, HuggingFace)
Built by Omkar Hankare for the Gen AI Academy APAC Edition hackathon.
- Track 1 — Build and deploy AI agents using Gemini, ADK, and Cloud Run
- Theme — Banking & Financial Services · Positive social change through safer fintech compliance
- Region focus — Singapore, Hong Kong, India (MAS / HKMA / ACRA regulators)
PolicyGuard helps APAC fintech teams respond faster, document better, and reduce preventable compliance risk.