The "Privacy vs. Utility" trade-off in FinTech AI is a false dichotomy. You just have to be willing to engineer a harder architecture. ️
Lately, I've had a lot of conversations with CTOs panicking about upcoming DORA regulations. They want to use frontier LLMs to reason over client portfolios, but piping raw, personally identifiable financial ledgers (PII) to a centralized cloud provider is a massive compliance liability.
At Pocket Portfolio, we solved this with a Split-Brain Architecture.
For our core portfolio reasoning, we don't send raw data to the LLM. We run a deterministic client-side compiler (buildPortfolioContext) that aggregates the portfolio, drops account identifiers, and constructs a strict, PII-free summary string. That aggregate context is what the LLM reasons against.
But what about when users want the LLM to analyze a specific, messy CSV file?
We built a secure, stateless pipeline for that, too:
- Local Pre-processing: When you attach a file in our dashboard, we use
Papa.parse in the browser to trim the file, lowercase headers, and truncate the payload to strict limits.
- Stateless API:** We pass that truncated text to our
/api/ai/chat endpoint so the LLM can answer questions directly against your ledger.
- Zero Database Retention: Our servers drop the payload immediately after the API call. We store usage telemetry, but your ledger text is never written to our database—it is strictly processed in-memory and passed to our AI provider under their API terms.
We just updated our UI to visualize this workflow. Head to our homepage to see a simulation of our local normalization steps, or grab a Founders Club pass to test the complete Papa.parse-to-LLM pipeline in the dashboard.
If you are an architect building in FinTech, I challenge you to upgrade, open your network tab, and audit our payload boundary.
