BackPro
← Platform·BackPro Agent

The AI behind every surface.

BackPro Agent is the reasoning layer underneath the DDQ Engine, the SoA Drafter, Audit & Evidence, and every other capability on the platform. It reads your documents, plans the steps, calls the right tools, and returns the answer with a citation to source. Provider‑agnostic. Runs in your tenancy. No data egress.

See the agent on your dataHow it thinks ↓

The thesis.

A regulated firm cannot ship an answer it cannot defend. BackPro Agent is built on the inverse: every sentence it produces is mapped back to the paragraph it came from, every tool call is logged, every model decision is traceable. The agent is not the answer. The audit trail is the answer.
How it thinks

Five steps, every time.

The loop is deterministic in structure, adaptive in content. Each phase is observable, replayable, and falsifiable. If a step is wrong, you can see exactly where.

01

Read.

Parse the question and the regulatory context.

Question intake includes the firm’s standards, the deadline, the audience, and the templates the output must conform to. Context arrives with the question, not assumed.

02

Plan.

Choose which tools to invoke and in what order.

The agent decomposes the task into tool calls (retrieval, graph query, document analysis, code execution) and sequences them. Each plan is logged before execution.

03

Retrieve.

Pull paragraph‑level citations from your evidence base.

Semantic retrieval over your documents, knowledge‑graph traversal across relationships, or targeted document lookup. Every retrieved fragment carries its source and a relevance score.

04

Reason.

Compose the answer, validate against source.

Draft generated from the retrieved evidence. Validation pass checks every claim against its citation. Drift between claim and source is flagged before the answer surfaces.

05

Cite.

Surface the answer with the audit trail attached.

Every paragraph of output carries a footnote to the paragraph of source. Compliance verifies the citation. The agent never asks to be trusted; it asks to be audited.

The toolset, under the hood.

Function calling, grounded in your data. Each tool has a strict input schema and a logged output. The agent chooses; you see what it chose, and why.

Tool 01

Semantic Retrieval

Paragraph‑level citation across your document corpus.

Vector similarity over your knowledge base returns ranked fragments with relevance scores. Filterable by folder, metadata, date range. The foundation of every cited answer.

Tool 02

Knowledge Graph Query

Traverse relationships across your firm’s documents.

Adviser → practice → file → BID → product → standard. The agent walks the graph to find evidence that retrieval alone would miss.

Tool 03

Document Analyzer

Structured extraction from regulated documents.

Parses SoAs, DDQs, ODD packs, audit findings. Pulls out scope, recommendations, holdings, attestations. Schema‑defined so output is always machine‑checkable.

Tool 04

Code Execution

Calculations, validations, and data transformations.

When the question needs arithmetic (fees, allocations, attribution) or schema validation, the agent runs code in a sandboxed environment. Output and code traced together.

Tool 05

Persistent Memory

Context carried across the engagement.

The agent remembers what your compliance team has approved, what your template requires, what the client asked last quarter. Forgotten on your command, never on ours.

Tool 06

Multi‑Provider Routing

Your choice of model. Switchable without re‑deployment.

LiteLLM under the hood. Run on Claude, GPT‑4, Gemini, Mistral, or a local model behind your firewall. Fallback chains for resilience. Same agent, swappable brains.

Tool 07

Streaming Output

Live response, not a black‑box wait.

Tokens stream as the agent reasons. Tool calls surface as they happen. The compliance officer sees the work, not just the result.

Tool 08

Optional Web Search

Off by default. On when you need it.

Most regulated firms keep this disabled to guarantee a closed information loop. For the cases where horizon scanning matters (new ASIC instruments, regulatory updates), it can be enabled per agent.

Tool 09

Source‑Tagged Output

Every claim ends in a footnote.

No claim leaves the agent without its source attached. Citations are clickable through to the paragraph in the original document, the graph node, or the code output that produced them.

The agent at work.

A real task: a DDQ question lands. The agent plans, retrieves, drafts, cites, and the answer surfaces with every step on the audit timeline.

Live in the demo

Watch the agent run a real task.

Open the actual product. Send a DDQ question to the agent and see plan, retrieval, draft, and citation surface on a live audit timeline.

Open the demo

Fig. BackPro Agent processing a real DDQ question: tool plan on the left, citation trail on the right, drafted answer in the middle.

Four trust pillars

Why a regulated firm can run this agent.

Pillar 01

Citation discipline.

Every claim mapped to a paragraph.

No answer leaves the agent without its source. Citations resolve to the paragraph in the document, the node in the graph, or the code output that produced the figure. The compliance officer verifies; they never author.

Pillar 02

Data sovereignty.

Runs in your tenancy. No egress.

BackPro Agent runs inside your environment. Documents never leave your perimeter. No third‑party data egress to BackPro, the model provider, or anyone else. Sovereignty is a deployment property, not a promise.

Pillar 03

Observability.

Every action logged. Every replay deterministic.

Every tool call, every model response, every retrieval, every retry is logged with a timestamp and a trace ID. Replay any answer step‑by‑step. Used today for internal evaluation; auditable on demand for clients.

Pillar 04

Compliance posture.

Designed against APRA, ASIC, OAIC standards.

Architecture aligned with CPS 230 operational risk, CPS 234 information security, APP 11 privacy, and RG 271 complaints handling. Designed to align, not certified, and the design is open to your audit.

The standards this design aligns with.

The agent is not a certification; it is an architecture. The architecture is designed to satisfy the standards your firm answers to. Tap any chip to see what the standard requires and how this design meets it.

See the persona map
CPS 230CPS 234APP 11RG 271AASB S1 & S2AML/CTF

Questions a CTO asks first.

Your choice. BackPro Agent uses LiteLLM under the hood, which routes to any function‑calling model: Claude, GPT‑4, Gemini, Mistral, or a local model running behind your firewall. Most regulated firms run Claude or a fine‑tuned local model; the choice is yours, and switching is a configuration change, not a re‑deployment.

No. BackPro Agent is retrieval‑based, not trained. It reads your documents at query time, but no fine‑tuning happens on your data, and no data leaves your tenancy for training. The model provider receives only the prompt the agent assembles, and even that can be scoped or hidden depending on your deployment.

Three guardrails. First, every answer must cite a retrieved source; uncited claims are flagged. Second, a validation pass checks claim‑to‑source drift before the answer surfaces. Third, the human reviewer sees the citation alongside the claim and can reject the answer if the citation doesn’t support it. Hallucination doesn’t disappear; it becomes inspectable.

Retry with exponential back‑off, capped at a configurable limit. Failed tool calls are logged with the failure mode (timeout, invalid response, schema error). The agent either re‑plans without the failed tool or surfaces a graceful "I cannot answer because X failed" response. Silent failures are not permitted.

Yes. Tool calls stream as they happen. Tokens stream as the answer composes. Every action is recorded in an audit timeline visible to the compliance officer in real time and replayable afterwards. The agent does not work in the dark.

Configuration change. The agent is provider‑agnostic by design (LiteLLM). Switch from Claude to GPT‑4, from cloud to local, from one local model to another. Tool definitions, citation discipline, and observability are all model‑agnostic. The brains swap; the behaviour holds.

See the agent on your data, inside your tenancy.

Send us a DDQ, an SoA, an audit pack, or just a folder of policies. Thirty minutes. We deploy the agent inside your environment, run a real task, and return the answer with the full audit trail. You keep the trail whether you proceed with us or not.

Book a Private Demo← The platform behind the agent