Experiment Preferences quick-fin

Three independent audit personas (CPA, CFO, Data Engineer) will find different categories of control failures in a 244-tool MCP server

auditmulti-perspectivearchitecturedata-eng
Hypothesis

Three independent audit personas (CPA, CFO, Data Engineer) will find different categories of control failures in a 244-tool MCP server

Result: confirmed
Key Findings

CPA found 5+ critical control failures (audit trail immutability, no approval workflows, no pre-submission validation, no idempotency, batch control bypass). CFO found governance gaps. DE found data pipeline issues. Minimal overlap between personas validates the multi-perspective approach.

Changelog

DateSummary
2026-04-06Audited: added Changelog, domain tag data-eng, expanded all sections, stamped last_audited
2026-03-15Initial creation

Hypothesis

We bet that auditing the quick-fin 244-tool MCP server through three independent personas : a CPA, a CFO, and a Data Engineer : would surface different categories of control failure with minimal overlap between them. A single-reviewer audit of a financial system finds what the reviewer’s domain primes them to see. A CPA looks for audit trails. A CFO looks for approval workflows. A Data Engineer looks for idempotency. The hypothesis: three independent perspectives find three non-overlapping failure classes, together covering the full risk surface.

Method

30-iteration multi-persona audit. Each persona reviewed the architecture independently, applying domain-specific heuristics before being shown the other personas’ findings. Each persona produced a full audit document:

  • CPA persona: focused on financial controls : audit trail immutability, approval workflows, pre-submission validation, idempotency guarantees, batch control bypass risks.
  • CFO persona: focused on governance : spending approval hierarchies, real-time visibility into transactions in flight, override controls, reporting accuracy.
  • Data Engineer persona: focused on pipeline integrity : event ordering, deduplication, schema validation, error recovery, data lineage.

Results documented in docs/AUDIT_CPA.md, docs/AUDIT_CFO.md, docs/AUDIT_DATA_ENGINEER.md within the quick-fin project.

Results

Confirmed. Each persona found distinct, critical failures:

CPA findings (5+ critical):

  • No audit trail immutability : journal entries could be modified after posting
  • No approval workflow for transactions above threshold
  • No pre-submission validation (amounts could be negative)
  • No idempotency guarantees (duplicate submissions not detected)
  • Batch control bypass: the batch total check was implemented but not enforced before commit

CFO findings (governance gaps):

  • No real-time visibility dashboard for transactions in flight
  • Override controls missing : any user could override an approval
  • Reports generated from mutable data sources, not immutable snapshots

Data Engineer findings (pipeline issues):

  • Event ordering not guaranteed across concurrent writes
  • Schema validation missing at ingestion boundaries
  • No data lineage for enrichment transforms

Overlap between persona findings: 2 issues out of 14 total (14% overlap). The multi-perspective approach produced 86% non-overlapping findings : exactly what the hypothesis predicted.

See topics/multi-perspective-audit.

Findings

  1. Domain expertise determines what you see. The CPA saw idempotency as a compliance risk (duplicate transactions = regulatory exposure). The Data Engineer saw it as a data integrity problem (duplicate events = inflated metrics). The CFO did not flag it at all. The same system looks different through different lenses : and all three views are real.

  2. 14% overlap is healthy, not wasteful. The 2 overlapping findings were the highest-severity issues: audit trail immutability (all three personas flagged different aspects of it) and approval workflow absence (CPA flagged compliance, CFO flagged governance). Overlap on critical issues is a signal that those issues are genuinely severe.

  3. The multi-persona pattern is most valuable for systems at domain intersections. A financial MCP server lives at the intersection of finance, software engineering, and business operations. Systems at a single domain level (a pure ETL pipeline, a pure accounting ledger) benefit less : there is less cross-domain blind spot to reveal.

Next Steps

Apply the multi-persona audit pattern to other complex systems. The pattern has been generalized in the vault as topics/multi-perspective-audit. The immediate next step for quick-fin is wiring the audit findings to remediation tasks: 14 findings, each needs an owner, a fix, and a validation test.