Why Lola Send
Bank retains control
Financial institutions configure agent prompts, tool availability, middleware ordering, channel allowlists, and escalation rules. Lola Send is a platform the bank deploys and controls — not a black-box service.
Security-first architecture
Encrypted callbacks (AES + HMAC), JWT session tokens with EC key pairs, secret management through Doppler, and non-root containerized deployment. No credentials are hardcoded; no sensitive data persists in conversation state.
Compliance integration
Lola Send orchestrates CIP/KYC verification flows and routes senders based on AML screening verdicts — but never makes compliance decisions. The bank’s compliance services retain full authority. Human escalation via Chatwoot is available at every stage.
Human-in-the-loop by design
No operation executes without explicit sender approval through authenticated web widgets. Every financial action requires the sender to confirm details in a secure, external interface before Lola Send proceeds.
PCI compliance
Card data never enters the chat layer. All payment instrument collection is handled in external vaulted widgets, isolating sensitive cardholder data from the conversational pipeline entirely.
AI safety
Agents operate with scoped capabilities — each has a defined set of tool functions and a bounded system prompt. Prompt injection protections, hallucination control through tool-function-only data retrieval, and restricted agent routing prevent misuse.
Security posture
Lola Send is designed for deployment in regulated financial environments. Security is not a feature layer — it is the foundation of every architectural decision.| Principle | Guarantee |
|---|---|
| No operation without approval | Every financial action requires explicit sender confirmation via authenticated web widget — the chat channel alone cannot trigger execution |
| Zero card data in chat | PAN, CVV, and expiry are captured exclusively in PCI-scoped widgets with VGS vaulting — the AI layer never sees raw card data |
| Prompt injection containment | Scoped system prompts, fixed tool sets, middleware-enforced authentication — sender input never reaches system instructions |
| Hallucination prevention | All financial data comes from verified tool functions, not model generation — exchange rates, recipients, and balances are never fabricated |
| VPC-contained data | All services deploy within the VPC; Gemini runs on Vertex AI with VPC Service Controls; OpenAI calls operate under zero-retention enterprise agreements |
| Human escalation | Chatwoot integration enables the bank to route any conversation to a live human agent at any point |
AI safety
Prompt injection, jailbreak, and hallucination defenses.
Human-in-the-loop
Two-phase confirmation and callback-gated execution.
PCI compliance
Zero card data exposure through tokenized vaulting.
Explore the documentation
Platform overview
Architecture layers, message flow, and bank control points.
Architecture
Celai framework internals, agent orchestration, and middleware pipeline.
Security and compliance
Defense-in-depth security, data residency, and compliance integration.