AI and Agentic Workflows Governance for Africa Prudential

About the Company

Africa Prudential Plc is one of West Africa's leading share registrars, managing the shareholder records of many of Nigeria's largest listed companies and processing corporate actions, dividend payments, and investor communications at scale. As a publicly quoted firm regulated by the Securities and Exchange Commission, Africa Prudential operates in an environment where every automated decision touching investor data must be explainable, auditable, and reversible.

Customer Challenge

Africa Prudential's engineering team had begun experimenting with AI assistants and agentic workflows to accelerate internal operations, including ticket triage, document classification, and routine reconciliation tasks. Internal audit raised three specific concerns:

1. No policy layer preventing an automated workflow from taking actions that violated the company's security baseline
2. AI-assisted actions were not consistently linked back to a human approver, which would not satisfy evidence requirements during regulatory examinations
3. Model interactions involving customer or shareholder information were not centrally logged

Without addressing these, the AI programme could not move beyond pilot status.

Partner's Solution

Digitspot designed an AI and Agentic Workflow Governance layer built around managed AWS services, anchored on identity enforcement, a governed delivery pipeline, serverless execution, and AI-specific guardrails. Key components included:

• Dedicated IAM roles with tightly scoped permissions for each agent and automated workflow
• Service Control Policies at the organisation level preventing workflows from touching production data stores, modifying logging configurations, or operating outside approved AWS regions
• Permission boundaries keeping agent roles within their lane even when developers extended them
• AI workflow delivery pipeline rebuilt around AWS CodePipeline and CodeBuild with mandatory human reviewer approval before promotion to production
• Every approval recorded with the reviewer's identity, timestamp, and applied diff
• Agent workloads deployed on AWS Lambda and orchestrated with AWS Step Functions for serverless execution with built-in state tracking, retry logic, and visual audit trail
• Amazon Bedrock Guardrails introduced to filter prompts and responses for PII and shareholder data with denied-topic policies aligned to Africa Prudential's data classification standard
• Internal API Gateway endpoint tagging each request with originating workflow, accountable human, and data sensitivity level
• Tags propagated through CloudWatch Logs and CloudTrail for end-to-end traceability
• AWS Config rules continuously verifying no agent role drifts outside its approved permission set

Results and Benefits

• AI and agentic workflows now operate inside a defined governance perimeter
• Policy violations that previously could only be detected after the fact are blocked at the IAM and SCP layer
• Internal audit team has live dashboards showing every agent action, applied policy decisions, and the human owner ultimately accountable
• AI pilot programme cleared for broader rollout
• Time spent preparing evidence for quarterly control reviews dropped from approximately five working days to under one

About the Partner

Digitspot, established in 2011, continues to pursue its vision of helping both small and large-scale companies leverage cloud solutions to drive growth and innovation. As an AWS Advanced Partner, Digitspot remains committed to delivering world-class cloud strategies and implementations.