Your AI Agent Just Executed a Trade. Can You Prove It Was Within Limits?

A trading desk deploys an AI agent in the order workflow. The agent runs pre-trade checks, confirms an order sits within position and risk limits, and executes or holds it. It handles volume and speed that a human desk cannot match during a busy session.

Months later, a regulator asks a specific question: for this order, show me the check the agent ran, the limit it tested, and why it executed. The desk pulls application logs and finds timestamps, not reasoning. That gap is the problem.

The record-keeping obligation is already here

MiFID II Article 25 requires firms to keep records of services, activities, and transactions sufficient for the regulator to reconstruct each key stage of the processing of an order. SEC Rule 17a-4 requires electronic records to be preserved in a non-rewriteable, non-erasable form. Both rules predate AI agents, and both apply to them.

An agent making thousands of order decisions produces more evidence than a manual desk. The difficulty is verifiability. Application logs can be edited. A cryptographic, append-only decision log cannot.

What the audit trail must capture

For each order decision, the record needs the decision itself (execute, reject, or flag), an input fingerprint, the agent's rationale, and the limit or check that drove the call. Sigmodx records a hash of the inputs, not the raw order book. It records the order reference, instrument, side, quantity, and notional. Client identities and proprietary signal values stay in the firm's environment.

When the agent flags an order, it records one of nine subtypes: position limit breach, risk limit breach, unusual size, unusual timing, pre-trade check failed, counterparty not approved, restricted security, wash trade risk, or market impact threshold. Decisions marked for regulatory escalation route for immediate review.

Human override rate is the signal that matters most

Trade execution reliability comes from five signals computed from human review: execution accuracy, rejection precision, false positive rate, regulatory flag rate, and human override rate.

Human override rate carries the most weight. It measures how often a supervisor reversed the agent's decision. A high override rate means the desk no longer trusts the agent, whatever its other numbers say. An agent whose decisions supervisors frequently reverse moves to LIMIT above 8% and BLOCK above 15%.

False positives matter too. An agent that blocks legitimate trades costs the desk money and erodes confidence. Above 12% the agent moves to LIMIT, and above 20% to BLOCK. Execution accuracy below 90% and rejection precision below 60% also move the agent to LIMIT.

What the attestation proves

Sigmodx produces a period attestation covering the trade decisions, the reviewer assessments, and the latest reliability signals. The report is serialized deterministically and hashed with SHA-256. The verification string uses the format SIGMODX-TRADE-[ORG]-[HASH].

An auditor or regulator can check that string independently without access to the firm's systems. The attestation confirms what the agent decided over the period, how often humans reversed it, and what state it ended in. That is the record Article 25 and Rule 17a-4 ask for, in a form that survives the question.

Where this fits

Trade execution joins invoice approval, GL entry review, and anomaly detection as a Sigmodx audit scenario. Each one defines what gets logged, how reliability is measured, and what evidence auditors receive. The pattern is the same across all four: log the decision, fingerprint the inputs, measure reliability from human review, and produce a verifiable attestation.

Firms running AI agents in the order workflow can instrument them through the Sigmodx SDK or through framework integrations, and review flagged trades in the same console used for the other scenarios.