Salesforce / Use Cases / 09 · Bank treasury attests a wire instruction before it leaves th…

09 STANDARD Financial Services / Treasury

Bank treasury attests a wire instruction before it leaves the building

A correspondent bank refuses to release a wire unless a signed agent attestation lives on the originating Opportunity.

Install in 5 minutes Build a variant in the Factory

01Scenario

A regional bank uses Salesforce Financial Services Cloud to manage client treasury. A relationship manager's agent prepares a $9.2M outgoing wire. The correspondent bank's policy: no wire releases without a counterparty-verifiable attestation on the originating Opportunity, signed by an agent the correspondent trusts.

When the RM fires wire.outgoing.attest, HiveForce mints an Ed25519-signed receipt with the wire amount, beneficiary, sanctions screen result, and the OFAC-list version hash used. The receipt lands on Opportunity, replicates to the correspondent's org as INBOUND, and the After-Insert trigger blocks the wire if JCS verification fails on either side.

Both the bank's BSA officer and the correspondent's compliance team verify the same receipt from a JSONL line. No screen-share. No PDF chain. No phone call to confirm authenticity.

02Handles

action_type: wire.outgoing.attest
handle: HiveReceiptMinter.mint(Id, Map<String,Object>)
lands on: Opportunity (Financial Services Cloud)
rail: STANDARD $0.50/receipt, Hive-billed

03APEX

Opportunity wire = [SELECT Id, Amount, AccountId, Wire_Beneficiary__c,
                            Sanctions_Screen_Result__c, OFAC_List_Hash__c
                     FROM Opportunity WHERE Id = :wireId];

Map<String, Object> payload = new Map<String, Object>{
  'opportunity_id'      => wire.Id,
  'amount_usd'          => wire.Amount,
  'beneficiary'         => wire.Wire_Beneficiary__c,
  'sanctions_result'    => wire.Sanctions_Screen_Result__c,
  'ofac_list_hash'      => wire.OFAC_List_Hash__c,
  'rm_agent_did'        => UserInfo.getUserId(),
  'attest_timestamp_ms' => System.currentTimeMillis()
};

HiveReceiptMinter.MintResult r = HiveReceiptMinter.mint(
  wire.Id,                  // sourceRecordId
  'wire.outgoing.attest',   // action_type
  payload
);

// Receipt lands on Opportunity.
// INBOUND replica lands in correspondent bank's org.
// If JCS verify fails on either side, After-Insert trigger
// flips Opportunity.Wire_Status__c = 'BLOCKED' and the
// correspondent refuses the wire.

04Flow XML

<Flow xmlns="http://soap.sforce.com/2006/04/metadata">
    <processType>AutoLaunchedFlow</processType>
    <start>
        <object>Opportunity</object>
        <recordTriggerType>UpdatedAndConditionMet</recordTriggerType>
        <triggerType>RecordAfterSave</triggerType>
        <filters>
            <field>StageName</field>
            <operator>EqualTo</operator>
            <value><stringValue>WireReady</stringValue></value>
        </filters>
        <connector><targetReference>attest_wire</targetReference></connector>
    </start>
    <actionCalls>
        <name>attest_wire</name>
        <actionName>HiveReceiptMinter</actionName>
        <actionType>apex</actionType>
    </actionCalls>
    <status>Active</status>
</Flow>

05The receipt that lands in Hive_Receipt__c

{
  "agent_id": "did:hive:0xRegionalBankRM",
  "counterparty_did": "did:hive:0xCorrespondentBank",
  "action_type": "wire.outgoing.attest",
  "scope": "salesforce:opportunity:006xx0000000W1R",
  "amount_usd": 9200000,
  "beneficiary": "ACME Holdings LLC",
  "sanctions_result": "CLEAR",
  "ofac_list_hash": "sha256:7c11...e3a4",
  "signed_by_pubkey": "fd9d10abe60de7510c61ef649c8da598a519468dd2a2b827106d76487a899444",
  "verification_status": "VERIFIED"
}

06Verification

Verify the wire attestation receipt against the Hive backend

# Re-verify the signed receipt from a JSONL line alone
curl -sS https://hivemorph.onrender.com/v1/verify \
  -H "Content-Type: application/json" \
  -d @receipt.json | jq

# expected:
#   {"verification_status":"VERIFIED",
#    "signed_by":"fd9d10abe60de7510c61ef649c8da598a519468dd2a2b827106d76487a899444",
#    "jcs_canonical":true,
#    "signature_alg":"Ed25519"}

07Economics

Per-receipt cost	$0.50 (Standard rail)
Free tier	100 receipts/month
Monthly cap	$499
Billing	Square invoice or monthly ACH — buyer picks
Counterparty cost	Zero — they verify against the public key
Replaces	Phone-call wire confirmation, PDF chain, screen-share approval

08Compliance and audit shape

BSA/AML: the OFAC list hash and sanctions screen result are inside the signed envelope — auditors don't need to trust the bank's word for which list version was used.
Correspondent banking: receipt is the artifact for SWIFT/Fedwire pre-release attestation.
FFIEC IT exam: signed audit trail per wire, verifiable without a Salesforce login.
Section 314(b) information sharing: receipts are portable to peer institutions for cooperative investigations.
SOC-2 CC7.2 (system monitoring): one canonical event per wire, no log reconciliation.

09Trust anchors

Every claim on this page is verifiable against these public constants. No login. No NDA.

Rail	STANDARD — $0.50/receipt, Hive-billed
Hive Ed25519 pubkey	`fd9d10abe60de7510c61ef649c8da598a519468dd2a2b827106d76487a899444`
Canonicalization	RFC 8785 JCS over the JSON receipt body
Signature algorithm	Ed25519 (RFC 8032)
Backend root	https://hivemorph.onrender.com
Verify any receipt	thehiveryiq.com/verify
MIT starter	thehiveryiq.com/salesforce/install
Billing	$0.50/receipt, 100/mo free, $499/mo cap. Square invoice or monthly ACH — buyer picks.
Pricing	thehiveryiq.com/pricing