Do I need a dedicated AI team?

No. CompleteFlow is designed for teams without ML engineers. Agents are configured through YAML manifests and a guided builder UI. We handle the initial setup and train your team to build and manage agents independently.

Technical Overview

A modular agent platform built for regulated industries

Q: What models does CompleteFlow support?

CompleteFlow supports multi-provider LLM access: Anthropic Claude, OpenAI GPT, Azure OpenAI, and open-weight models (Llama, Mistral) running in your own tenancy. A model registry maps tiers (budget, standard, premium) to provider/model combinations, so you can swap models without changing agent code.

Q: How does the policy engine work?

CompleteFlow uses Open Policy Agent (OPA) for agent-level access control with Rego policies that are version-controlled and tested in CI. Cedar is used for fine-grained, tool-level authorisation with formal verification. Every policy decision is logged in the audit trail.

Q: How does the audit trail work?

Every agent action is recorded in an immutable audit log at two configurable levels. Minimal captures agent ID, user, action summary, model used, token usage, cost, and policy evaluations. Maximal additionally stores the full prompt and response. All records are retained for 7 years by default.

Q: Where does my data go?

Nowhere outside your infrastructure. Models run in your cloud tenancy (Azure UK South, AWS, or GCP) or on-premises. Data is encrypted with keys you manage. CompleteFlow uses delegated OAuth tokens so agents inherit your existing Microsoft 365 permissions — no parallel permission system required.

Policy-as-code governance. Immutable audit trails. Multi-provider LLM support. Deployed on your infrastructure.

Book a Technical Demo Security & Compliance

Architecture

Modular by design

CompleteFlow separates agents, channels, governance, and infrastructure into independent layers. Add new agents without touching the platform. Swap LLM providers without changing agent code. Deploy the same agent to Teams, web, or API.

Your Systems & External Services

📧

Email & Documents

Outlook, SharePoint, Teams

📊

Core Systems

Salesforce, SAP, custom APIs

🌐

Web & Browser

Web UIs, portals, scraping

🔗

Third-Party APIs

Broker portals, market data

APIs · Computer Control · Web UI

CompleteFlow Platform

Agents

Submission Triage

Document Processing

Bordereaux Validator

Data Validation

Contract Reviewer

Document Analysis

Compliance Monitor

Regulatory Monitoring

Platform Services

Agent Builder

Configure & deploy

Orchestration

Workflows & scheduling

Governance

Audit & approvals

Monitoring

Dashboards & alerts

Secure model access · Your encryption keys

Models & Data Security

Recommended

Private Cloud

Models run in your Azure UK South, AWS, or GCP tenancy

Data never leaves your boundary

On-Premises

Air-gapped deployment on your own hardware

Maximum isolation

CompleteFlow Cloud

Hosted & managed by us on UK private cloud

Fastest setup

Stack

What's under the hood

Agent Framework

✓ PydanticAI
✓ Type-safe tool definitions
✓ Multi-turn conversation support

LLM Providers

✓ Anthropic Claude
✓ OpenAI / Azure OpenAI
✓ Open-weight models (Llama, Mistral)

Policy Engines

✓ Open Policy Agent (OPA)
✓ Cedar (tool-level auth)
✓ Rego policies in version control

Data Layer

✓ PostgreSQL 16 + pgvector
✓ Async SQLAlchemy
✓ Alembic migrations

Observability

✓ OpenTelemetry tracing
✓ Per-agent cost attribution
✓ Azure Monitor / Logfire

Integrations

✓ Microsoft 365 / Teams / Copilot
✓ SharePoint & OneDrive (Graph API)
✓ Tavily web search

Agent Builder

From idea to production agent in minutes

Define agents through YAML manifests or the guided builder UI. Connect data sources, set governance rules, test against real data in a sandbox, and deploy to your infrastructure — all with full audit logging from day one.

Define the task

Describe what your agent should do. Connect data sources — SharePoint, email, APIs — and set guardrails. Choose your model tier and provider.

Test and refine

Run your agent against real data in a sandboxed environment. Review outputs, check reasoning traces, and tune behaviour before going live.

Deploy with governance

Push to production on your infrastructure with full audit logging, OPA policy evaluation, human-in-the-loop controls, and cost monitoring.

Submission Triage Agent Draft

✓ Data Sources

✓ Processing Rules

3 Governance

4 Deploy

Model

Claude Sonnet 4.6 — Private (Azure UK South)

Connected Data Sources

Email Inbox SharePoint Broker Portal API

Output Actions

JSON → Core System Alert → Underwriter Queue

Governance Rules

Human review if confidence < 85% All outputs logged PII auto-redacted

Agent Workflow

Ingest Documents

Email, SharePoint, API

Extract & Classify

Risk data, line of business, limits

Governance Gate

Confidence check · PII redaction · Audit

Route to Underwriter

Structured data → core system

Deployment Summary

InfrastructureAzure UK South

EncryptionAES-256 (your keys)

Data ResidencyUK only

Audit TrailEnabled

Governance

Every AI decision. Logged. Explainable. Reviewable.

Designed to support FCA Consumer Duty, SRA obligations, MiFID II reporting, and DUAA 2025 ADM safeguards. Not bolt-on compliance — governance is built into the agent execution pipeline.

🔒

Immutable audit trail

Two configurable levels: minimal (summary, model, tokens, cost, policy decisions) and maximal (full prompt and response). Every record timestamped with user attribution and agent version. Default 7-year retention.

📜

Policy-as-code

OPA evaluates agent-level access control via Rego policies that live in version control and run in CI. Cedar handles fine-grained, tool-level authorisation with formal verification. Every policy decision is logged.

👥

Human-in-the-loop

Agents escalate to humans when confidence drops below configurable thresholds. Review queues surface low-confidence outputs for approval, rejection, or correction — and corrections feed back into agent improvement.

🔐

Role-based access control

Inherits your Microsoft Entra ID roles and permissions. Agents access only what the requesting user can access — no parallel permission system. OPA enforces who can invoke which agents.

💰

Cost tracking & attribution

Per-agent, per-user LLM cost attribution with token-level granularity. Track spend by model tier, provider, and department. Set usage quotas and budget alerts per team.

🔎

Reasoning traces

Every agent output includes the chain of tool calls, data sources consulted, confidence scores, and the decision path that led to the result. Exportable for regulatory review.

Enterprise Features

Built for production at scale

Multi-provider LLM

Swap between Anthropic, OpenAI, Azure OpenAI, and open-weight models without changing agent code. Model registry maps tiers to providers.

Channel abstraction

Agents are channel-neutral. Deploy the same agent to Teams, Copilot Chat, web UI, or API — the channel adapter handles formatting and auth.

Delegated OAuth

Agents inherit the requesting user's Microsoft 365 permissions via delegated tokens. No separate credential store. No over-provisioned service accounts.

Per-agent configuration

Every agent has its own config: model tier, rate limits, timeout, content length limits — all tuneable via environment variables without code changes.

Conversation persistence

Multi-turn context preserved across sessions. Agents remember prior interactions and can pick up complex workflows where they left off.

State machine pipelines

Agent workflows are modelled as state machines with validated transitions. Each state change is logged, making complex multi-step processes auditable and recoverable.

Vector search (pgvector)

Built-in similarity search with HNSW indexes for retrieval-augmented generation across your internal document corpus.

Container-native deployment

Docker Compose for development, Azure Container Apps for production. Hub-spoke VNet with private endpoints. IaC with Bicep.

Agent versioning

Version-controlled agent configurations with rollback capability. Promote agents through dev, staging, and production environments with full traceability.

Webhook notifications

Notify external systems — Slack, email, SIEM — when agents complete tasks, escalate to humans, or trigger policy violations.

A/B model evaluation

Compare model performance before swapping in production. Run parallel evaluations across providers and tiers to optimise for accuracy, cost, and latency.

SSO & identity

Native Microsoft Entra ID integration. Extensible to Okta, Google Workspace, and SAML 2.0 identity providers for broader enterprise deployment.

Deployment

Your infrastructure. Your rules.

Recommended

Private Cloud

Deploy on your own Azure, AWS, or GCP tenancy. Container-native with Azure Container Apps or ECS. Hub-spoke VNet with private endpoints. Data never leaves your environment.

Fastest setup

CompleteFlow Cloud

Hosted and managed by us on UK private cloud infrastructure. We handle ops, updates, and monitoring. You get the fastest path to production with UK data residency guaranteed.

Maximum isolation

On-Premises

Full air-gapped deployment on your own hardware. Docker Compose or Kubernetes. Open-weight models only. Maximum isolation for the most sensitive workloads.

Integrations

Connects to your existing systems

Native Microsoft 365 integration via the M365 Agents SDK. Graph API access to SharePoint and OneDrive with delegated user permissions. Extensible to any system with an API.

Microsoft Teams

Copilot Chat

SharePoint

OneDrive

Outlook

Graph API

Salesforce

SAP

ServiceNow

Slack

Jira

NetDocuments

Plus any system with an API or web interface. Custom integrations scoped during pilot.

FAQ

Technical questions

What models does CompleteFlow support? +

CompleteFlow supports multi-provider LLM access: Anthropic Claude, OpenAI GPT, Azure OpenAI, and open-weight models (Llama, Mistral) running in your own tenancy. A model registry maps tiers (budget, standard, premium) to provider/model combinations, so you can swap models without changing agent code.

How does the policy engine work? +

How does the audit trail work? +

Every agent action is recorded at two configurable levels. Minimal captures: agent ID, user, action summary, model used, tool calls, token usage, cost, confidence score, duration, and policy evaluations. Maximal adds the full prompt and response. All records are timestamped and retained for 7 years by default.

Where does my data go? +

Nowhere outside your infrastructure. Models run in your cloud tenancy or on-premises. Agents access documents via delegated OAuth — they inherit the requesting user's Microsoft 365 permissions, so there's no parallel credential store or over-provisioned service account.

How do agents access our documents? +

Through the Microsoft Graph API with delegated user tokens. When a user asks an agent to research something, the agent searches SharePoint and OneDrive using that user's existing permissions. No admin consent for broad access required.

What happens when an agent isn't confident? +

Configurable confidence thresholds trigger human-in-the-loop escalation. Low-confidence outputs are routed to a review queue where team members can approve, reject, or correct them. Corrections feed back into agent improvement.

Can we run this without Microsoft 365? +

Yes. The channel layer is abstracted — agents are channel-neutral. The web channel and API endpoints work independently of M365. Microsoft integration is the primary channel for enterprise deployments but not a hard dependency.

See the platform in action

Book a 30-minute technical walkthrough tailored to your industry and infrastructure requirements.

Book a Technical Demo