Outlance | Devpost

Inspiration

Walking into the hackathon, we were struck by a staggering reality in the financial sector: wealth management firms face millions of dollars in SEC and FINRA fines every year simply because of poorly phrased client communications. Financial Advisors (FAs) are not compliance experts; they are relationship builders. Yet, when drafting an email, they are often paralyzed by the fear of accidentally using "promissory language" or crossing fiduciary boundaries. Even those who undergo rigorous compliance training face a critical "between-session gap" when staring at a blank email draft. The rules are complex, and independent recall is genuinely hard. That gap, however, felt solvable. Not by replacing compliance officers, but by giving advisors a real-time bridge. We wanted to build something an advisor could use on a Tuesday afternoon to confidently draft an outreach email, knowing they were protected by immediate, automated guardrails. The idea of a gatekeeper engine came naturally: compliance that is visible, educational, and frictionless, rather than a frustrating block at the end of the process.

What it does

This app provides an engaging, low-friction email drafting interface tailored for Financial Advisors to safely communicate with prospects while maintaining strict adherence to SEC/FINRA regulations. The purpose is to ensure that advisors are protected by real-time checks while giving compliance teams a reliable, automated first layer of defense.

The application is composed of a drafting modal powered by a real-time gatekeeper engine featuring several distinct modules. As the user types their message, the Compliance Audit Sidebar actively monitors the text. It features a Zero-Guarantee Filter that actively flags promissory or high-pressure language (like "guaranteed," "can't lose," or "major returns"). Next, it runs a Balance & Disclosure Check: if a tax benefit like "QSBS" is mentioned, the system enforces the inclusion of a corresponding risk disclosure. Finally, a Fiduciary Guardrail ensures the advisor doesn't improperly suggest "replacing" a current advisor without framing it as an "ancillary" service.

To keep the application educational and engaging, the sidebar utilizes Explainable AI (XAI) tooltips. Instead of just blocking an email, it highlights the exact offending phrase and explains why it violates (e.g., FINRA Rule 2210). A Human-in-the-Loop state machine ensures the "Send to Client" button remains securely disabled until the draft is completely verified. If a draft fails, the advisor can only "Send for Internal Review," passing the unique Audit Hash to a human Compliance Officer who holds the power to manually override the system.

How we built it

This app was built as a combined effort between the team members. To begin, we had a planning session where we brainstormed the most critical compliance pitfalls advisors face and how we could intercept them without ruining the user experience. We developed plans for the core gatekeeper engine hooks, the UI grid layout for the sidebar, and the state-machine logic required to securely handle the drafting flow.

Then, we moved into the development phase, utilizing a Next.js App Router and React framework. We spent time developing our own approaches to the compliance engine. One focus was on building the complex regex and string-matching logic required to catch nuanced phrasing without triggering too many false positives. Another member focused entirely on the UI/UX, transforming a standard email modal into a two-column, responsive desktop interface that made room for the dynamic Audit Trail sidebar.

Once we had the base prototype, we pushed it to GitHub and began integrating the complex state management. We used real‑time useMemo hooks to ensure the compliance checks ran instantly as the user typed. We also built out the role-based conditional logic, ensuring that a user logged in as an Advisor saw a restricted "Send for Review" flow, while a user logged in as a Compliance Officer received the "Manual Override" buttons. Throughout this process, there was constant communication between the team as we continually refined the UI state and tested edge cases to ensure nothing slipped past the gatekeeper.

Challenges we ran into

Our first challenge was figuring out how to balance strict regulatory enforcement with a smooth UI. If we made the compliance checks too aggressive, no email would ever pass. If we made them too lenient, the feature would be useless. Tuning the gatekeeper engine to understand the relationship between a "benefit" keyword and a "risk" keyword required careful logic mapping.

Building the real-time sidebar was heavily complex and took significant time to program. We had to ensure that the React state was updating securely without causing massive input lag in the textarea as the user typed. We couldn't figure out exactly what the user's workflow should be until we integrated the Human-in-the-Loop state machine, meaning an advisor must explicitly resolve issues or hand it off to a human officer to proceed.

The user interface of our app was constantly changing. We first started with a standard single-column draft popup but had to branch out to an expanded, side-by-side desktop interface to make room for the live Rule Checklist, Audit ID, and XAI tooltips. We had to carefully format the alerts to be visible but not overbearing while typing.

Accomplishments that we're proud of

We built a working, deployable compliance prototype in a single hackathon session despite significant architectural challenges. The gatekeeper engine produces genuinely useful, real-time clinical output for regulatory adherence. The Explainable AI (XAI) tooltips translate complex FINRA rules into plain-language rationale and help advisors actually learn from their mistakes rather than just being blocked by them.

Furthermore, we achieved real security functionality. The interface securely disables dispatch mechanisms until mathematical verification is achieved (or explicitly overridden by an authoritative role). The Human-in-the-loop metaphor landed as we hoped and makes the compliance process feel like a collaborative safety net rather than a bottleneck. Overall, we are proud that we shipped something we genuinely believe could save real financial institutions millions of dollars while saving advisors from severe anxiety, rather than retreating into a demo that looked good but did nothing functional.

What we learned

One of the biggest takeaways from this project was that constraints can push the work in the right direction. Every time we ran into a limitation, such as the complexities of FINRA Rule 2210, the time we had, or the requirement to keep the UI from feeling cluttered, we were forced to strip the app down to what truly mattered. The product is cleaner precisely because we didn't have the luxury of overcomplicating the engine logic.

We also dove deep into how compliance regulations actually operate in the financial sector. We learned why balanced risk disclosures are an absolute necessity, why fiduciary solicitation rules are strictly fenced, and how "promissory language" can sneak into everyday sales pitches. Understanding this framework made our UI decisions far more intentional and gave us regulatory grounding for choices that might otherwise have just been aesthetic preferences.

From a technical standpoint, we picked up extensive handling of complex, real-time React state management and role-based access control (RBAC). The learning curve was steep in places, especially when designing an audit trail that feels responsive, but the team covered it efficiently.

What's next for Outlance

The next stage for our application is to expand its scope with Generative AI. First, we want to connect the Gatekeeper Engine to an LLM so that instead of simply flagging a compliance violation, the sidebar can offer a one-click "Rewrite to comply with SEC/FINRA standards" button, automatically adjusting the text to be compliant while maintaining the advisor's original intent.

Another feature we want to build out is the comprehensive Compliance Officer Dashboard. This would allow an institutional officer to have a bird's-eye view of all flagged emails across the firm, view the unique Audit IDs in a database, and approve or deny outgoing drafts in bulk. We already have the foundational status tracking for this, but we wish to build out the full analytics suite.

Finally, we want to implement deeper semantic analysis. While our current engine is incredibly fast and reliable, moving to NLP (Natural Language Processing) would allow the gatekeeper to understand the full context of a financial claim and detect nuanced guarantees and aggressive sales tactics that might slip past standard keyword boundaries.