Northern TrustByron · Byron 3.0
Enter demo

Architecture document

Byron on the GAI Platform

How Byron fits inside Northern Trust's GAI (Generative AI) platform — from identity at the bottom to mini-apps at the top — and how it unifies digital coworkers, business-unit agents, and ASTAC Copilot Studio agents into one governed surface.

0. Document purpose

This document is the architectural reference for the Byron@NT instance. It is intended for the Emerging Technologies team, Cloud Architecture, Information Security, and the Architecture Review Board. Where it overlaps with existing GAI platform standards (identity, secrets, observability, model gateway), GAI standards take precedence and Byron inherits them.

1. GAI is the substrate

The GAI platform is Northern Trust's enterprise generative-AI substrate. It provides: a model gateway with private routing to Anthropic, OpenAI (Azure), Google (Vertex), and NT-hosted open-weight models; an identity layer rooted in Entra ID and federated via Okta; a secrets vault; a shared eval harness; and an observability pipeline that lands in the enterprise SIEM. Byron consumes GAI rather than reimplementing any of these primitives.

Practically: Byron does not hold model keys directly. Every model call routes through the GAI gateway with the partner's identity, the workspace ID, and a budget tag attached. This is what lets Risk & Compliance get a single pane of attribution for AI usage across Byron 3.0, ASTAC, and any future intelligence initiative.

2. Layered architecture

From top to bottom:

Experience       Byron chat · Mini-apps · Embeds (Outlook, Teams, Salesforce, ServiceNow)
Orchestration    Intent router · Agent registry · Tool selection · Guardrails
Agents           ARTY · FARA · LARA · CORA · BU agents · ASTAC bridge
Models (BYOM)    Claude 4.6 · GPT-4.1 · Gemini 2.5 · NT-hosted Llama 3.1 70B
Retrieval        Hybrid RAG · Vector store · Workspace-scoped re-ranking
Data layer       MCP servers · REST/GraphQL clients · JDBC · SFTP gateways
GAI platform     Identity · Secrets · Model gateway · Telemetry · Eval · Cost
Systems          Salesforce FSC · GFAS · Eagle · Aladdin · ServiceNow · SharePoint · Workday

3. Data integration model

3.1 MCP servers

MCP (Model Context Protocol) servers are the preferred integration shape for any tool that an agent should be able to call on demand. We use MCP for Bloomberg and FactSet today, with Aladdin and Eagle on the near-term roadmap. Each MCP server is deployed in the NT tenancy, fronted by the GAI gateway, and emits structured tool-call telemetry.

3.2 REST & GraphQL APIs

Transactional systems (Salesforce FSC, ServiceNow, Workday) integrate via their first-party APIs through a typed client layer. Agents see these as named tools, not raw endpoints. Tool descriptions are reviewed by the owning BU before publication.

3.3 Snowflake (GAI data lake)

Certified data products in Snowflake are the source of truth for analytical queries. Byron issues parameterized SQL through a JDBC tool with row-level security enforced by Snowflake roles mapped to Entra groups. Free-form SQL is disabled by default.

3.4 Unstructured knowledge

SharePoint, Confluence, and OneDrive are ingested into a workspace-scoped vector store. Embeddings are computed inside the NT tenancy. Re-ranking is hybrid (BM25 + dense). Retrieval results are filtered by the requesting partner's ACL.

3.5 User connectors

Partners can wire personal connectors (their own Outlook, OneDrive, GitHub) through OAuth flows that scope tokens to the individual user. These never leak across workspaces.

4. Agents & digital coworkers

Three classes of agents share the same runtime:

  • Digital coworkers — ARTY, FARA, LARA, CORA — enterprise-known personas that any partner can converse with directly.
  • Business-unit agents — Wealth Management, Asset Management, Asset Servicing, C&IS, Risk, COO, HR — each scoped to that BU's tools, data, and personas.
  • Platform agents — the ASTAC bridge that federates agents authored in Microsoft Copilot Studio so they appear natively in Byron.

5. Orchestration & intent routing

The chat home is the single entry point. When a partner sends a message, the orchestrator runs intent classification across (a) registered mini-apps, (b) registered agents, and (c) the default general assistant. If a mini-app matches with high confidence, Byron offers a one-click handoff that pre-fills the mini-app with extracted parameters. Otherwise it routes to the best agent for the message, or answers directly.

The orchestrator is transparent. Every routing decision shows its reasoning in the conversation so partners learn the system, and so Risk & Compliance can audit why a given agent was chosen.

6. BYOM & model routing

Each workspace pins a default model. Each agent can override it. Each conversation can override that. The model gateway in GAI enforces region (EU prompts stay in EU regions, etc.), egress policy (no prompts to providers outside the approved list), and cost ceiling. Sensitive-classification prompts route to NT-hosted Llama by default.

7. Governance, audit & cost

Every prompt, every tool invocation, every document retrieved, every model response, and every cost-bearing token is captured with the partner identity, workspace, agent, and correlation ID. The stream lands in the enterprise SIEM and in a Snowflake audit schema available to Risk & Compliance. Per-user, per-workspace, and per-BU budgets are enforced in real time by the GAI gateway.

8. Rollout roadmap

Q3 2026   GA for Asset Servicing (FARA + Fund Accounting mini-app), Risk (LARA)
Q4 2026   Wealth Management (CORA + Review Book), C&IS (RFP assistant), ASTAC bridge GA
Q1 2027   Asset Management agent, Aladdin MCP server, NT-hosted Llama default for restricted classifications
Q2 2027   Embedded surfaces in Outlook + Salesforce, partner-built mini-apps via Cowork

Ready to see it?

Open the demo environment and try the orchestrator.

Enter demo →