Fintech Startup Cuts Agent Incident Response From 2 Hours to 4 Minutes

A Series B fintech startup was running Claude agents across their stack — automated code review on every PR, fraud pattern analysis on transaction streams, and customer data pipeline processing. The agents were genuinely useful. They were also completely uncontrolled.

The Problem

The engineering team had followed the natural path: give Claude your credentials, run it locally, see what it can do. When they wanted to automate, they added --dangerously-skip-permissions and scheduled the agents as cron jobs.

Six months in, two things happened in the same week:

First, a runaway loop. A fraud analysis agent started retrying a failed API call on a 10-second interval. Nobody noticed until the Anthropic bill arrived with $340 in charges for a task that should have cost $4. The agent had been looping for 19 hours overnight.

Second, a compliance review. Their SOC 2 auditor asked a simple question: “Can you show me exactly which systems your AI agents accessed last Tuesday, and what they did?” The answer was no. The agents used shared credentials. There were no structured logs. The conversation history in Claude’s terminal output wasn’t something you could present to an auditor.

They had three months until the audit. They needed a control plane.

The Solution

The team deployed Sentrely in their AWS VPC in an afternoon. Per-agent identity meant each of their nine agents had its own identity in the audit trail. RBAC policies scoped each agent precisely:

• Code review agents: read-only access to their GitHub organization. No write access. No AWS access.
• Fraud analysis agents: read access to transaction data in specific DynamoDB tables. No write access to anything.
• Data pipeline agents: read from raw S3 prefix, write to processed prefix only.

Human approval gates on every operation that touched production infrastructure. Slack messages to #engineering-agents when any agent requested something outside its policy scope.

Token budgets at $5/session for routine tasks, $20 for batch jobs. Alert at 80% consumption.

The Results

Zero production incidents in 90 days. The runaway loop scenario can’t happen — per-session token limits cut off agents that exceed expected consumption before they cause damage.

SOC 2 audit passed. The auditor asked for exactly what they’d asked before: which agent accessed what system on a specific date. The answer was a query in the Sentrely dashboard returning a structured, immutable log with timestamps, agent identity, and action detail. The auditor approved without follow-up questions.

62% reduction in token costs. Mostly from catching runaway loops early and right-sizing per-session budgets based on actual usage data.

14,000+ hours saved annually — the original productivity gains from the agents, now sustainable because the team trusts them enough to run more of them.

The team lead put it plainly: “We had agents before. Now we have agents we can actually explain to our auditors and our CTO.”