Incline Trust


Back to selected work

Finance Operations · AI Trust · Exception Review


Public-Safe Prototype · Simulated Data

Incline Trust

A reviewer workspace for AI-assisted corporate spend review. The model can flag an exception, but the interface has to make the call legible enough for a controller to accept, reject, tune, or escalate it with a record that survives review.

The design challenge is the original one, kept tighter here: prevent reviewers from rubber-stamping a drifting model, and prevent them from ignoring the model and falling behind during close.

Siarhei Mardovich designed an AI-trust and RegTech exception-review workspace that keeps model mechanism, uncertainty, and peer context visible, so a controller can accept, tune, or reject each flagged transaction with an immutable audit artifact. Built as a single-file D3.js and Material Design 3 prototype. The same Trust Architecture transfers to AML transaction monitoring, fraud detection, KYC review, and model-risk management under SR 11-7.

Agency recruiters: copy this straight into a client submission.

Role

Principal product designer and prototype engineer. Designed the exception-review interaction model, score-and-uncertainty system, weight controls, and attestation artifact.

Approach

Trust Architecture for AI output: expose what drove the score, which signals matter, where uncertainty sits, and what the reviewer is about to sign.

Outcome

A reviewer can work a filtered queue, tune weights, cross-check history, attest the verdict under a confidence band, and emit a reviewable record without leaving the page.

6
Coordinated views
Queue, score, timeline, weights, peers, and audit, in one workspace.
7
Steps, one session
Filtered inbox to signed record, with no context switch.
1
Immutable record per decision
Signals, weights, sigma band, peer cohort, timestamp, reference ID.

From Thesis to Prototype

How the case was produced, end to end. A solo build, with the frontend coded by directing AI coding agents, so the judgment is the design work and the keystrokes are accelerated.

  1. ThesisTrust Architecture and the 2 failure modes.
  2. Information architectureOne workspace, from inbox to signed record.
  3. UX flowThe 7-step signing path.
  4. Visual systemScore, sigma band, Material Design 3 dark.
  5. Prototype buildSingle-file, framework-free shell.
  6. Frontend codeD3.js views and state, directing AI coding agents.
  7. Validation framingGuided tour and scenario presets.

AI finance operations has a specific failure pattern: the model narrows a high-volume queue, but the reviewer still carries the audit signature. Too much trust lets drift pass under a clean-looking score. Too little trust turns every case back into manual review.

Incline Trust keeps the original case logic but compresses it around the updated artifacts. A controller opens a filtered case, reads the signal mix, adjusts weights only when the evidence supports it, checks history and peer fit, then signs a verdict that captures the state of the decision.

The prototype is not trying to make the model look certain. It makes uncertainty operational: confidence, variance, model weights, peer fit, timeline geometry, and the audit artifact stay visible because the reviewer has to own the final call.

The real failure is not the model. It is the interface around the model. A recommendation without visible mechanism asks the reviewer to choose between obedience and suspicion. Neither is a reviewer.

3 Accountability Anchors

Mechanism

The score is broken into visible signals and weights so the reviewer can challenge the recommendation.

Calibration

The queue is governed by thresholds, not a flat ranked list. Policy can move without hiding the tradeoff.

Record

Approved, rejected, and escalated paths all terminate in the same reviewable audit artifact.

Interactive Prototype
Exception review workspace · Interactive prototype

Position the Prototype ↓

The guided path inside the prototype moves from queue to explanation to weights to score to timeline to verdict. That order matters. Reading the explanation before touching weights prevents the reviewer from tuning toward a preferred outcome. Reading history before signing prevents a decision that ignores seasonality or peer movement.

The result is a workspace rather than a dashboard. Each visual answers a question the reviewer has to answer before signing: what moved the score, how wide is the confidence band, what does the last year of behavior say, what does the peer cohort say, and what exactly will be captured in the audit record?

Black-Box Score vs Accountable Workspace

The same flagged case, 2 ways. The difference is not the model’s accuracy. It is whether the reviewer can own and defend the call.

Before

Black-box score

  • The reviewer sees a score with no mechanism behind it
  • The call cannot be defended when the audit arrives
  • Drift passes under a clean-looking number
  • Backlog grows and the AI gets written off as a failed productivity story
After

Accountable workspace

  • Every score exposes the signals that drove it
  • The decision is defensible, with the record built at signing
  • Uncertainty stays visible, not flattened into a point estimate
  • The reviewer owns the call as an accountable colleague

Where This Transfers

The case is corporate spend, but the accountability pattern is the transferable asset. Any regulated queue where a human signs off on an AI flag is the same design problem: a model narrows the work, a person owns the call, and an audit reads the record later.

This case
Corporate spend exception review
The transferable pattern
Trust Architecture
visible mechanism, visible uncertainty, a defensible record
  • AML transaction monitoring
  • KYC / KYB anomaly review
  • Fraud detection queues
  • Model-risk management (SR 11-7)
  • Credit-risk review
  • Operational-risk exceptions

5 Decision Questions, One Signing Path

The screen is not a dashboard. It is a single workspace that carries a case from filtered inbox to attested artifact in one session. Each visualization answers a distinct question the reviewer must answer to sign the record.

Inbox

Which cases are confidently flagged, and which have a wide band that deserves review?

Score

Is the point estimate stable, or is the same score carrying enough variance to change scrutiny?

Timeline

Does the current month break from its own history, or only look strange in isolation?

Weights

Is the score driven by signals the reviewer trusts, or by a signal that should be argued with?

Peers

Is this case the outlier, or is the cohort itself drifting into a policy question?

Audit

What did the reviewer see, weight, and sign at the moment the record was created?

Original case logic preserved: the gauge does not hide uncertainty, the timeline does not flatten history into one mean, the sliders do not let tuning disappear, and the inbox is not ranked by score alone. Every visual is accountable to the signature at the bottom of the workflow.

A Threshold Instrument, Not a List of Flags

The threshold instrument makes the governance tradeoff tangible. Drag the escalation and auto-approve handles and the same synthetic queue re-bins in real time. The point is not the counts themselves. The point is that policy changes become visible before they become reviewer behavior.

Illustrative confidence scores. Drag the handles to re-bin the queue.

Every Verdict Path Creates the Same Reviewable Record

The state machine is the accountability model behind the screen. A low-confidence case is flagged, routed to review, then approved, rejected, or escalated. The branch can change, but the end condition does not: each verdict creates an audit artifact that can be re-read later.

re-review accept decline escalate Flagged Under review Approved Rejected Escalated Immutable record
Accept, decline, and escalate all terminate in the same immutable record. Escalated cases re-enter review first.

What the Audit Record Captures

Every verdict, whatever the branch, writes the same immutable record. This is what a reviewer signs, and what the audit reads back later. Values below are illustrative.

Audit artifact
Signed
VerdictAccepted
Captured signalsrecurrence_match, amount_deviation
Captured weights0.70, 0.50, 0.80, 0.60
Sigma band±12
Peer cohortSame category, outlier
Timestamp2026-06-14T14:32:00Z
Reference IDIT-C-04-2026-0614-001

The immutable record the audit review reads.

Model-Risk Concerns Mapped to Screen Controls

The governance map shows what the interface exposes without exposing the proprietary model. Model inventory, validation, monitoring, exception management, and audit trail concerns are translated into things a reviewer can actually see and use: the confidence-band inbox, weight sliders, geometry timeline, peer fit bars, and attestation artifact.

MODEL-RISK PILLAR (SR 11-7) SCREEN CONTROL Model inventory Validation Monitoring Exception mgmt Audit trail Score gauge Weight sliders Timeline Inbox + sigma Peer fit bars Audit artifact
Each model-risk pillar maps to a control the reviewer can see and use, without exposing the proprietary model.

Who This Workspace Serves

A solo prototype has no team to manage, but it still has an ecosystem to design for: the roles the workspace must answer to.

Exception-review workspace
  • Signed byController / ReviewerNeeds mechanism, not just a score.
  • Cleared byAP Lead / Compliance AnalystNeeds throughput, kept defensible.
  • Audited byCompliance OfficerNeeds reference IDs and timestamps.
  • Governed byModel Risk ManagerNeeds tunable weights and drift signals.
  • Integrated byEngineering LeadNeeds a prototype, not just Figma.
  • Measured byProduct ManagerNeeds adoption and a defensible story.

How This Case Was Built

This case was built from a public-safe concept prototype and local source files. The interaction model and accountability pattern are the design work; the names, amounts, vendors, and production connections are intentionally simulated.

1 2 3 4 5 6 Conceptbrief Single-fileprototype Thresholdcalibration Lifecycle +governance WP mirrorpage Live casepage
Authentic throughout: the interaction model and accountability pattern. Data, vendors, amounts, and production connections are protected.

Why there is no outcome number: no audited production metric exists for this concept build. The proof is the interaction and the decision architecture, not a fabricated savings claim.

Design Trade-offs

A senior decision is usually a trade-off made on purpose. Here are 3 I made on this build, and what each one bought.

A single self-contained HTML file
Tradedcomponent reuse and a build pipeline
Fora prototype any reviewer can open and read end to end, the trust thesis applied to my own artifact
4 tunable signals, not 12
Tradedmodel fidelity
Fora weight panel a controller can actually read in a 60-second review
Audit card stays dark until signed
Tradeda more impressive first-load screen
Forhonesty, because a pre-signature audit is a design lie

Technical Details

  • Single-file HTML prototype using a Material Design 3 dark shell, D3.js v7 visualizations, and no framework runtime.
  • 5 coordinated decision views: confidence-band inbox, score gauge, 12-month timeline, weight-tuning controls, and peer cohort fit bars.
  • Threshold instrument added as a separate iframe so the D3 logic stays outside the WordPress editor and can be updated independently.
  • Native label-and-input accessibility pattern on the attestation checkbox, visible focus states, and keyboard shortcuts for queue review.
  • Immutable audit artifact captures the verdict, signal weights, confidence band, peer cohort, timestamp, and control reference pattern.
  • Reduced-motion preference respected in the prototype and threshold instrument.
Disclosure

Incline Trust is a portfolio demonstration. Product name, vendor names, cardholder names, transaction amounts, and peer cohorts are simulated. The prototype does not connect to any real corporate spend platform. No proprietary model, weight set, or production ruleset is disclosed. The interaction model and accountability pattern are authentic to the design practice demonstrated across this portfolio.

What This Demonstrates

AI-assisted review is not only a productivity problem. It is an accountability problem. A reviewer cannot own a call if the interface hides why the model made it, how uncertain it is, and what evidence will be captured when the verdict is signed.

Incline Trust demonstrates a Trust Architecture approach to AI decision support: keep the mechanism visible, make threshold policy adjustable, preserve uncertainty, and bind the final action to a reviewable record. That is the difference between an AI dashboard and a decision interface.

The broader thesis remains unchanged from the current page: probabilistic systems fail in the interface when uncertainty is flattened, mechanism is buried, or the reviewer cannot defend the call later.




Continue through the showcases
Previous showcase
Know Who Knows
An enterprise talent mapping interface that makes the topology of expertise visible across 3 coordinated views.
View case study →
Next showcase
Uncertainty as Signal
A climate risk disclosure platform that turns probabilistic models into decision-ready financial views.
View case study →

View all selected work →