Request access
RankShield Network · Financial · Solutions

Corporate treasurypayment security.RankShield Financial is a verifiable, pre-settlement corporate treasury payment security platform. It proves who approved every outbound wire and AP payment — payer, payee, amount, purpose — governs autonomous payables agents with a signed constitution, and holds suspicious payments before they settle on an irreversible rail.

verified before settlementagent-governed APauthorization path, not custody
agent ap_7f3 · signed constitutionml-dsa-65
rolling aggregate · 24h$20,000 / $25,000
RELEASEDintent ⊆ authority · signed · released
01 // Outbound intent
Why treasury is targeted

Why are outbound payments a treasury team’s highest-value risk?

Outbound payments are where a treasury or accounts-payable team moves the most value with the fewest people, which is exactly why attackers aim there. CEO fraud, wire fraud, and business email compromise all converge on one move: manufacture a convincing authorization for an urgent transfer to an account the attacker controls. A spoofed executive email, a cloned voice on a call, a hijacked vendor thread that quietly swaps bank details on a real invoice — each targets the human approving the payment, not the network moving it. On RTP and FedNow the released wire is final in seconds, and after that recovery becomes a legal problem, not a payments one. The controls most teams rely on — an approval click, an emailed confirmation, a callback to a number the attacker supplied — produce logs you have to trust, not proof you can check. RankShield Financial moves the decision to the only point that still changes the outcome: before the payment is released.

The urgent wire

A cloned CEO pushes a $96,000 wire

Finance gets a call. The voice is the CEO’s, cloned from a keynote, and the instructions are urgent and specific: a new vendor account, wire it before the board meeting. By the time anyone doubts it, an irreversible payment has settled.

RankShield: the intent is held for a liveness challenge in the company’s own verified channel; a synthetic verdict keeps the wire held, not released.
The swapped invoice

A hijacked vendor thread changes the bank details

A long-running email thread with a real supplier is compromised, and the account number on this month’s invoice is quietly changed. The payment looks routine to an approver.

RankShield: the payee is bound into the signed intent; a changed counterparty breaks the seal against the vendor allow-list and the payment is held for review.
Final
Instant-rail payments (RTP, FedNow) settle with irrevocable finality — no chargeback, no reversal on an outbound wire.
2026
Nacha’s expanded fraud-monitoring rules (Phase 2) push detection earlier, toward pre-settlement verification.
~$10–12B
Estimated annual authorized-push-payment and crypto-rail scam losses (2024 range) — an estimate, not a precise figure.
02 // Governed
Govern the AP agents

How do you give an autonomous AP agent authority without a blank cheque?

You give an autonomous AP agent a signed constitution and enforce it cryptographically on every payment, rather than trusting it to stay in its lane. RankShield Financial issues each AP automation or agentic payables system a signed identity, then attaches a constitution: a maximum per transaction, a maximum rolling aggregate within a window, an allow-list of vendors it may pay, an allow-list of purposes it was granted, an expiry after which the authority lapses, and a dead-man heartbeat. Before any agent payment settles, RankShield checks the intent against that constitution. If the amount is over limit, the vendor is not on the list, the purpose is outside the grant, the mandate has expired, or the heartbeat has gone silent, the payment is held rather than released. This is what AP automation fraud prevention looks like when it is structural: a prompt-injected agent that tries to split one large exfiltration into many small sub-threshold payments still breaches the rolling aggregate, so the payments stop. The panel here is the real authority check — change the amount, vendor, purpose, or heartbeat and watch the verdict resolve.

agent ap_7f3 · signed constitutionml-dsa-65
rolling aggregate · 24h$20,000 / $25,000
RELEASEDintent ⊆ authority · signed · released
What the constitution encodes

Four bounds on every AP payment agent.

RankShield Financial does not ask an AP agent to behave. It defines, signs, and enforces the authority the agent may exercise — and verifies each payment against it before settlement.

Spend limits

per-tx + rolling aggregate

A maximum per payment and a maximum rolling aggregate within a window. Splitting one large transfer into many sub-threshold payments still breaches the aggregate, so the payments are held.

Vendor + purpose allow-lists

counterparties + reasons

The agent may only pay vendors on its list, for purposes it was granted. A payment to a brand-new payee, or for a purpose outside the mandate, is refused before it settles.

Expiry

valid_until

Authority lapses at a set time. A forgotten or abandoned automation cannot keep spending indefinitely — once the constitution expires, its payments stop being released.

Dead-man heartbeat

silence stops pay

A signed liveness beat the agent must keep sending. Silence trips the switch and refuses further payments, so a killed, quarantined, or impersonated agent cannot move money.

03 // Verify approval
Deepfake liveness on approvals

How does liveness on payment approvals defeat a cloned executive?

Liveness on payment approvals defeats a cloned executive by refusing to accept a face or voice as proof unless it passes a signed, single-use challenge bound to the specific payment. When a high-value or unusual intent is raised, RankShield Financial issues a one-time challenge nonce inside the app’s own verified channel, captures the approver’s response, and requires a detector verdict that is cryptographically signed by an enrolled detector identity. The media is bound one-to-one to that exact intent, so a recording cannot be lifted and reused; replayed media is treated as synthetic and the payment stays held. This is deliberately narrow, and honesty matters here: the check works only inside RankShield’s own channel. It does not analyze a live carrier phone call or a FaceTime call — no platform reliably can. What it does is make the approval that passes through the app cryptographically hard to fake, so an urgent wire authorized by a synthetic voice on an out-of-band call cannot be laundered into a released payment.

liveness verdict · signed detectordetector-signed
synthetic likelihood12 / 100
threshold: hold at ≥ 70
verdict · human · live
RELEASED — liveness confirmed, intent may settle

The verdict is cryptographically signed by an enrolled detector and bound 1:1 to this exact payment intent, so it can’t be forged or replayed. Liveness applies only inside the app’s own verified channel.

04 // Held or released
The verdict model

What does a pre-settlement hold on a suspicious wire actually do?

A pre-settlement hold pauses a suspicious payment before it settles, so it can be reviewed and released or denied instead of being final and gone. Every intent resolves to one of three states, each recorded with a signed reason, so the outcome is auditable rather than a black-box score.

VerdictWhat it means for a wireWhat happens next
ReleasedSigned intent, approving identity, liveness, and any agent authority all check out.The wire may settle on its rail.
HeldA signature, liveness, vendor, or authority check is missing or ambiguous.Paused for review or a stricter quorum rather than settled.
DeniedThe intent violates an explicit rule and should not proceed.Stopped, with a signed record of why.

The point of three states rather than a single fraud score is that a held wire is recoverable — it can be reviewed and released or denied — while a settled fraudulent wire is not. RankShield defaults to holding when proof is absent, so the burden is on the payment to demonstrate it was authorized, not on the treasury team to demonstrate it wasn’t after the money has already left.

05 // Anchor
Where it fits in treasury

Where does RankShield sit in a treasury and AP stack?

RankShield sits in the authorization path, alongside your treasury workstation, ERP, and bank, not in the custody path. It is not a wallet, custodian, or payment processor, and it never takes custody of funds. It returns a released, held, or denied verdict and a signed attestation of why, which your existing systems enforce on their own rails. Your bank still moves the money; RankShield proves the payment was meant to happen and seals that decision to a tamper-evident record on the RankShield Network. Because it normalizes RTP, FedNow, stablecoin, tokenized-deposit, CBDC, and on-chain transfers into one canonical intent, the same verification applies across every rail your treasury touches, so you are not re-implementing controls per bank or per payment type. The output is evidence — signed attestations and reconciliation records — that produces evidence to support compliance, rather than replacing the systems you already run.

Authorization path

verdict, not custody

RankShield issues a released, held, or denied decision and a signed record of why — it does not hold or move treasury funds.

Your bank settles

enforced by your systems

Your bank, TMS, or ERP enforces the verdict on its own rails. RankShield never becomes the money-movement layer.

Evidence out

support compliance

Signed attestations and reconciliation records produce evidence to support compliance — not a compliance guarantee.

Approval logs vs signed proof

Why is a signed attestation stronger than an approval log?

An approval workflow records that someone clicked approve; a signed attestation proves who approved this exact payment and binds the payee, amount, and purpose to that identity. On irreversible rails, the difference is the difference between documenting fraud and stopping it.

ControlApproval log in a TMS/ERPRankShield-verified payment
Who approved itA username in a log you must trustA signed identity bound to the intent
Payee integrityBank details can be swapped upstreamPayee bound into the seal; a change breaks it
Executive impersonationUrgent call or email is taken at face valueLiveness challenge in the app’s own channel
AP automationTrusts the agent to behaveSigned constitution, held if out of authority
Decision timingReviewed after money movesVerified before settlement
EvidenceLogs you have to trustSigned attestation you can verify
Durable evidence

Why does the signing on a wire need to be quantum-safe?

A treasury attestation is evidence you may need to stand behind for years, so the signature that binds it has to outlast the threat. RankShield signs every intent and every AP constitution with composite ML-DSA-65 — the NIST FIPS 204 post-quantum signature — hybridized with a classical signature in a crypto-agile design that can rotate to ML-DSA-87 or SLH-DSA. That protects your authorization records against harvest-now-decrypt-later collection today, where an adversary stores signed records now to attack later, and against a future quantum computer. Transport uses hybrid post-quantum TLS where available. To be precise: RankShield is quantum-safe by construction, not quantum-proof. A cryptographically-relevant quantum computer does not exist yet; the point is that your evidence is signed to the current standard and the scheme can move as the standard moves.

Why verifiable, agent-aware, quantum-safe together
FAQ

Corporate treasury payment security — questions, answered.

What is corporate treasury payment security?
Corporate treasury payment security is the practice of proving that each outbound payment — a wire, an ACH batch, an instant-rail transfer — was genuinely authorized before it settles, rather than reviewing it afterward. RankShield Financial reduces each payment to a canonical intent (payer, payee, amount, purpose), signs it, verifies that a real person or an authorized AP agent approved it, and returns a released, held, or denied verdict before the money leaves. On instant rails that settle with finality in seconds, that pre-settlement moment is the only place a treasury team can still change the outcome, so verification has to precede release, not follow it.
How does it stop CEO fraud and business email compromise?
CEO fraud and business email compromise work by manufacturing a convincing but false authorization — a spoofed executive email, a cloned voice, a hijacked vendor thread — to push an urgent wire. RankShield Financial breaks that by requiring cryptographic proof of who approved this exact payment, not a plausible-looking instruction. High-value or unusual intents are held for a liveness challenge in the company’s own verified channel, and the payee, amount, and purpose are bound into a signed record. A payment that cannot produce that proof is held rather than released, so an urgent-sounding wire to a new account does not settle on pressure alone.
Can it govern autonomous AP automation agents?
Yes. Each AP automation or agentic payables system is issued a signed identity and a constitution that bounds what it may do — a maximum per transaction, a rolling aggregate limit within a window, an allow-list of vendors, an allow-list of purposes, an expiry, and a dead-man heartbeat. Before any agent-initiated payment settles, RankShield checks that the intent falls inside that authority and that the agent is still alive. An agent that exceeds a limit, pays an un-permitted vendor, or goes silent has its payments held automatically, so AP automation fraud prevention becomes structural rather than a human catching an anomaly late.
Where does the deepfake liveness check actually run?
The liveness check runs inside the application’s own verified channel, bound one-to-one to the specific payment intent being approved. It uses a one-time anti-replay challenge nonce and a detector verdict that must be cryptographically signed by an enrolled detector identity; replayed media is treated as synthetic. To be honest about the boundary: this works only inside RankShield’s own channel. It does not and cannot analyze a live carrier phone call or a FaceTime call. It raises the bar on approvals that pass through the app, not on every conversation a treasury team has.
Does RankShield take custody of our funds?
No. RankShield Financial is not a wallet, custodian, or payment processor and never takes custody of funds. It sits in the authorization path, not the custody path: it returns a released, held, or denied verdict and a signed record of why, which your bank, treasury workstation, or ERP enforces on its own rails. Your existing systems still move the money. RankShield proves the payment was meant to happen and produces evidence to support compliance, without inserting itself into the flow of funds.
How is this different from the controls already in our TMS or ERP?
Most treasury and ERP controls are approval workflows and logs: they record that someone clicked approve, and you have to trust the log. RankShield adds a cryptographic layer on top — a signed attestation that binds the exact payer, payee, amount, and purpose to a specific approving identity, verified before settlement and sealed to a tamper-evident record. It does not replace your dual-approval or segregation-of-duties rules; it makes them provable. The difference is verifiable, independently checkable evidence versus an internal log you are asked to take on faith.
Is the signing quantum-safe?
Every intent and every agent constitution is signed with post-quantum cryptography — composite ML-DSA-65 from NIST FIPS 204 — hybridized with a classical signature in a crypto-agile design that can rotate to ML-DSA-87 or SLH-DSA as standards evolve. That protects the integrity of your authorization records against harvest-now-decrypt-later collection today and a future quantum computer. RankShield is quantum-safe by construction, not quantum-proof: a cryptographically-relevant quantum computer does not exist yet, and the signing layer is built to the current standard.
What happens after a wire is released?
Release is not the end of the check. After a payment is released, an enrolled settlement oracle returns a signed receipt that RankShield compares against the attested intent. The comparison resolves to settled_as_attested when the receipt matches, divergence when the settled amount or details changed after release, or unauthorized_settlement when a payment settled with no matching attestation at all. For a treasury team this catches the after-approval amount change and the rail that was bypassed entirely, so reconciliation becomes a verifiable two-sided check rather than a manual month-end hunt.
Verify, then settle

Prove every wire and AP payment before it settles.

RankShield Financial is rolling out corporate treasury payment security with design partners on instant and tokenized rails. Request access and we’ll map the constitution and liveness checks to your AP flow.

Request accessWhy RankShield Financial