In the rapidly evolving FinTech industry, customers expect tailored financial guidance that aligns with their unique goals, spending habits, and risk profiles. Traditional one-size-fits-all advisory models often fall short in delivering meaningful value, especially for digitally savvy users who demand personalization similar to what they experience in e-commerce or media platforms. A Personalized Financial Advice Generator addresses this gap by leveraging AI to analyze individual transaction patterns, lifestyle choices, and financial aspirations, delivering real-time, hyper-personalized insights that empower users to make smarter financial decisions and deepen their trust in the FinTech platform.
Context
The Personalized Financial Advice Generator is a microservice designed to deliver tailored financial insights and suggestions to banking customers based on their contextual data. Users interact with the system through a React Native-based mobile app, while bank administrators manage its configurations via a separate Admin App. This microservice intelligently aggregates and analyzes customer information by integrating with several external systems: the Core Banking System (CBS) for account and customer data, the Identity Management System for identity validation, the CRM for relationship insights, the Bills Management System for bill-related details, and the Rewards System to include customer rewards in financial suggestions. It acts as the intelligent backend engine that powers the bank’s personalized finance features, enhancing customer engagement and financial wellbeing through contextual advice.
Personalized Financial Advice Generator
The Personalized Financial Advice Generator is a containerized microservices-based system designed to provide tailored financial guidance to banking customers via a mobile application. At its core lies an Agentic AI component (Agent) that orchestrates data collection, user identification, and interaction with a Large Language Model (LLM) to generate contextually relevant and human-like advice. Users engage with the system through a React Native Mobile App, while bank administrators manage business rules and logic through a dedicated Admin App, which interfaces with the Configurations container. The Agent relies on an Identity component to authenticate users via the external Identity Management System, and it retrieves user-specific data from a dedicated Database. To enrich its advisory capabilities, it integrates with various enterprise systems including the Core Banking System, CRM, Bills Management System, and Rewards System - fetching transaction data, customer relationship history, billing details, and loyalty information respectively. The LLM container, positioned as the “brain” of the system, enables natural language understanding and response generation, transforming raw data into actionable financial advice.
PFM - Agent component
The Agent Component is a core part of the Personalized Financial Advice Generator system. Its primary role is to synthesize customer data, evaluate it through configurable business rules, and generate intelligent, personalized financial recommendations using an LLM (Large Language Model). The Agent acts as the orchestration layer, ensuring secure, compliant, and meaningful communication between user-facing channels and backend intelligence services.
1. User Interaction Layer
The Agent exposes RESTful APIs that are consumed by the mobile application. These endpoints are designed to be secure, responsive, and optimized for real-time user interaction.
- Handles incoming requests from authenticated users.
- Validates basic request structure and routing logic.
- Triggers downstream data orchestration and response composition.
2. Context Aggregation
To generate relevant advice, the system must first understand the user’s financial situation and behavior. This is achieved via the User Context Builder, which fetches and merges data from multiple trusted enterprise systems:
- Identity Service for user verification.
- Core Banking System (CBS) for account and transaction history.
- CRM for previous engagements and customer segmentation.
- Bills System for outstanding and paid bills.
- Database for fetching previous or cached information about the user
The resulting context is a rich, structured representation of the user’s financial profile and behavior. In Generative AI terminology, this is a tool that aggregates the user’s information from different sources.
3. Configuration Management
The business logic governing advice generation is not hardcoded but instead dynamically managed via a Configuration Service. This allows bank administrators to:
- Define rules for different user segments (e.g., young professionals, retirees).
- Adjust thresholds (e.g., spend vs. income ratio) without code changes.
- Enable A/B testing of advice templates and messages.
The Configuration Engine within the Agent fetches and interprets these rules in real time, ensuring adaptability and maintainability.
4. Prompt Engineering and LLM Invocation
Once the user context and business rules are in place, the Prompt Generator constructs a tailored input prompt that reflects the user’s situation. This prompt:
- Encapsulates user financial behavior, spending patterns, and recent activity.
- Includes business rules and product-specific messages.
- Maintains tone, structure, and formatting optimized for LLM processing.
The LLM Client (typically using Spring AI’s ChatClient) sends this prompt to an external LLM provider such as OpenAI or Azure OpenAI, ensuring appropriate API-level security and performance considerations.
5. Advice Composition
LLM responses are often verbose or loosely structured. The Advice Composer ensures the final output:
- Adheres to UX and compliance guidelines.
- Includes actionable items (e.g., “Set up an emergency fund”).
- References relevant products or offers where appropriate.
- Handles fallback logic in case of vague or unusable LLM output.
This component ensures that AI responses are transformed into meaningful financial guidance that can be immediately presented to the user.
6. Auditing and Compliance
Financial systems are held to high standards of accountability. The Audit Logger component captures key information from every interaction:
- Who requested advice and when
- What data was used to generate it
- The LLM response and final advice
- Execution duration and system health
These logs are stored securely and support operational monitoring, audit trails, and model transparency requirements.
7. Guardrails
To ensure reliability, safety, and regulatory compliance, the Agent component enforces strict guardrails on both user input and LLM-generated output. These safeguards are essential when working with generative AI in a financial context, where misinterpretation or hallucination can have real-world consequences.
Input Guardrails
Input Validation: All incoming data from the mobile app is validated for structure, data types, and required fields.
Prompt Sanitization: User input is cleansed to remove any personally identifiable information (PII) or harmful/inappropriate content before it’s passed to the LLM.
Context Filtering: Only relevant, pre-approved data attributes are included in the prompt to minimize leakage and reduce attack surface.
Rate Limiting & Access Controls: Ensure LLM access is gated by user roles and usage thresholds to avoid abuse.
Output Guardrails
Content Filtering: LLM responses are scanned for offensive, discriminatory, or misleading content before being displayed to users.
Domain-Specific Constraints: Business rules are applied post-generation to ensure the advice complies with financial regulations and bank policies.
Fallback Handling: In case the generated content does not meet quality or compliance standards, predefined fallback messages or human-curated templates are served.
Logging & Monitoring: All LLM interactions are logged with input, output, and risk flags, allowing for post-event audits and retraining opportunities.
These guardrails work together to ensure that the advice provided is not only contextually relevant and useful but also secure, explainable, and aligned with institutional standards.
Technologies and Frameworks
Our team primarily consists of Java developers, and the application where this needs to be integrated is also a Spring Microservices based architecture. And hence, it made perfect sense for us to use Spring AI instead of python. The results were good.
| Layer | Technology |
|---|---|
| API | Spring Web (MVC / WebFlux) |
| Context & Rules | Spring Boot Services + RestTemplate/WebClient |
| LLM Integration | Spring AI (ChatClient, PromptTemplate) |
| Async/Audit | Spring Events or @Async |
| Configuration | Spring Config / DB-driven configs |
| Security | Spring Security, OAuth2 (for external calls) |
| Observability | Micrometer, Zipkin, or OpenTelemetry |
Security Considerations
- All external API calls (CBS, CRM, LLM, etc.) are secured via OAuth2 or mutual TLS.
- Input validation and prompt sanitization are applied before LLM invocation.
- Sensitive data such as account numbers or identity markers are anonymized or masked in prompt construction.
Future Enhancements
- RAG (Retrieval-Augmented Generation): Integrate a vector store with Spring AI to provide grounded, policy-compliant answers using enterprise documents.
- Multilingual Support: Enable LLM prompts and outputs in regional languages.
- Feedback Loop: Collect user feedback on advice relevance and continuously refine prompt templates.