Agentic AI systems deployed in regulated financial environments face a structural contradiction: their reasoning layer is probabilistic by construction, while the regulatory frameworks they must comply with —PSD2, 5AMLD, EU AI Act, DORA, MiCA, GDPR — demand deterministic, auditable, and reproducible enforcement. The model layer is now abundant. The execution control layer is not. Probabilistic guardrails, observability dashboards, and post-hoc audit logs cannot bridge this gap because none of them intervene before consequence binds. RAGF (Rule-Augmented Governance Framework) is a deterministic runtime interception layer designed to close that gap. Rather than certifying the probabilistic model itself, RAGF enforces a strict architectural separation between the Thinking Engine (LLM or agent reasoner) and the Action Engine (a deterministic validator that issues ALLOW / ESCALATE / DENY verdicts under a fail-closed 200 ms latency bound). Hallucinated verbs cannot reach regulated execution paths by construction; every action is matched against a formal regulatory ontology before commitment. The framework rests on four formal contributions: (1) A regulatory domain ontology comprising 34 nodes, 52 relations, and 19 invariants, mapping agent actions to formal regulatory primitives across six EU regimes. (2) An Agentic Maturity Model (AMM, levels 1–5) that conditions runtime enforcement on the demonstrated maturity of each agent class, replacing binary trust assumptions with a graduated authorisation surface. (3) An HMAC-chained audit trail compatible with TimescaleDB, structurally satisfying Article 12 (record-keeping) and Article 14 (human oversight) of the EU AI Act, alongside DORA ICT third-party registration, incident classification, and signed AI-BOM requirements. (4) An Adversarial Evolution Engine (AEE) used to empirically validate the framework against 54 adversarial scenarios with a Specification Failure Probability of 0.0, complementing deterministic guarantees with measured robustness under attack. RAGF is the theoretical foundation of AgentSave (agentsave.ai), a production runtime governance platform for European regulated neobanks and payment institutions, deployed on sovereign EU infrastructure (OVHcloud Milan) in alignment with DORA Article 28 third-party concentration risk requirements. AgentSave has processed over 127,000 runtime validations at a mean latency of 0.02 ms in pre-production. This Zenodo record archives three artifacts that share a common origin but follow independent release cycles: the RAGF v2.4 specification paper, the Fintech implementation appendix v1.2 that formalises the architectural primitives underpinning AgentSave, and a source code snapshot of the reference implementation (v2.2) at the time of publication. The v2.4 specification paper archived in this record is currently under review at the AAAI/ACM Conference on AI, Ethics, and Society (AIES 2026), Malmö, Sweden — October 12–14, 2026.
Yamil Rodriguez Montaña (Tue,) studied this question.