Sphere Architecture Pack

Introduction ยท platform, capability, integration, and deployment architecture
Architecture pack Governed finance runtime Cloud-portable intelligence layer

bp Sphere Architecture Pack

bp Sphere is a governed finance decision runtime that sits above source systems, data platforms, collaboration tools, models, and cloud infrastructure. It does not replace those platforms; it coordinates context, evidence, policy, agents, human actions, replay, learning, and controlled execution.

Architecture view
Platform, capability, component, integration, deployment
Operating model
Context -> evidence -> policy -> action -> replay -> learning
BP context
SAP, WIM, FIM/FIL, UDP, Databricks, Foundry, OneData
Control posture
Sensitive writes remain policy and human approval gated
Architecture at a glance
BP users and missionsAnalyst, supervisor, tower leader, FB&T, CFO
Finance source systemsSAP, WIM, Ariba, FSCM, Databricks, UDP
Collaboration channelsServiceNow, Teams, Outlook, workflow
bp Sphere decision runtime
Context, evidence, policy, agents, human actions, replay, learning, and controlled execution.
Governed decisionsRecommendation, authority, approval, action
Trusted proofLineage, freshness, truth tier, audit pack
Reusable learningOutcomes, patterns, memory, evaluation

Architect demo path: 20-minute story

Use this section when the audience is evaluating architecture rather than buying a polished demo. The goal is to explain where bp Sphere sits, how it connects to BP systems, how agents interact with systems of record, and how human-centric work evolves into governed agentic operations.

Current enterprise pattern

1
Users
Analysts, requesters, buyers, approvers, supervisors.
2
Applications and workflows
Portal forms, WIM, Ariba workflow, SAP screens, ServiceNow, email, Teams.
3
Systems of record
SAP, Ariba, ServiceNow, data platforms, document repositories.

Future enterprise pattern

1
Users
Humans state intent, review exceptions, approve controlled actions, and govern outcomes.
2
bp Sphere decision runtime
Context, agents, policies, evidence, authority, collaboration, replay, learning.
3
Systems of record
SAP and Ariba remain the operational systems; Sphere prepares and governs the decision path around them.
SlideArchitect messageWhat to prove
1. What Sphere isA decision and orchestration runtime above systems of recordNot another ERP, chatbot, or point workflow tool.
2. Where it connectsSAP ECC, CFIN, S/4, Ariba, ServiceNow, UDP, Databricks, Foundry, OneData, Entra ID, Teams, OutlookSphere consumes context and orchestrates governed actions; it does not own the source data.
3. How agents workEvents or conversations create context; agents gather evidence, validate policy, assess risk, and recommend next actionAgents coordinate the work before human approval or source-system write-back.
4. What changes operationallyHumans move from manual coordination and transaction processing to exception approval and outcome governanceThe enterprise gains speed without removing accountability.
5. How to evaluate itReview event availability, deployment boundary, allowed write-backs, source lineage, policy gates, and replay evidenceThis is the architecture review agenda for BP architects.
PR / PO conversational flow as architecture illustration
Employee conversationNeed, supplier, amount, timing
Sphere agentClarifies missing information
Context and policySupplier, budget, contract, DoA
Human approvalException and authority gate
SAP / Ariba PO createdControlled write-back and replay
PR / PO stepHow Sphere supports itArchitectural boundary
Employee requestConversation or request form captures need, supplier, cost object, amount, timing, and business justificationSphere asks clarifying questions instead of pushing incomplete PRs into workflow.
Context assemblySupplier, contract, catalog, budget owner, cost center, company code, DoA threshold, and similar PR history are loadedContext comes from SAP, Ariba, HR/identity, data platforms, and policy stores.
Policy validationDoA, budget, supplier risk, catalog/contract, SoD, country, and procurement policy are evaluatedPolicy output is deterministic and replayable; LLM output explains it but does not replace it.
Human approvalIf value, risk, or evidence gaps exceed authority, the approver receives an evidence-backed askHuman remains the approval boundary for controlled procurement actions.
Controlled write-backApproved action creates or updates the PR/PO route in SAP or Ariba and records replay/audit evidenceThe agent replaces coordination work, not the source system of record.

Human-centric process

Human reviews, validates, gathers evidence, approves, and executes across disconnected tools.

Agentic process

Agent gathers evidence, validates policy, assesses risk, prepares action, and routes the exception to the right human.

Future state

Agent executes only inside approved boundaries; humans govern exceptions, thresholds, controls, and outcomes.

Question for BP architectsWhy it mattersWhat it decides
EventsWhich PR, PO, invoice, payment, supplier, approval, and exception events are available today?Defines whether Sphere runs event-driven, batch-triggered, or hybrid.
DeploymentShould the runtime land in Azure, AWS, private compute, or a hybrid cell model?Defines network, identity, data residency, model routing, and operations constraints.
Write-backWhich systems can receive human-approved write-backs from Sphere?Defines the first safe automation boundary.
Data trustWhich fields are live SOR, curated snapshot, cached, or scenario-only?Defines credibility, attestation, and demo safety.
AuthorityWhich roles can approve, escalate, override, or block actions?Defines human-in-the-loop controls and separation of duties.
Presenter rule: do not spend 20 minutes on screens. Spend the time explaining the runtime boundary, source-system interaction, policy and write-back gates, and how the PR/PO example illustrates the architecture.

North star

bp Sphere is not another dashboard, chatbot, or automation tool. It is a source-grounded finance intelligence platform that connects data, processes, controls, policies, people, source systems, models, and outcomes into a governed decision runtime.

Context

Understands finance objects, roles, policies, source systems, business events, and case state.

Orchestration

Coordinates agents, skills, evidence, models, workflows, collaboration, and human actions.

Assurance

Enforces source lineage, policy, authority, replay, audit, security, and controlled execution.

1. Platform architecture

The platform is layered so finance intelligence remains enterprise-owned while infrastructure and model providers stay replaceable.

Users and roles
Experience layer
Analyst workbench
Supervisor control plane
Tower leader view
FB&T leader view
CFO command center
โ†“
Business missions
Mission runtime layer
Case intelligence
Prioritization
Recommendations
Human action layer
Evidence viewer
Decision replay
โ†“
Core platform
Enterprise decision runtime
Agent orchestration
Skill fabric
Policy runtime
Authority runtime
Evidence fabric
Learning memory
โ†“
Connected foundation
Model, integration, and operations fabric
Model gateway
SAP and procurement
Data platforms
Collaboration tools
Governance and resilience
LayerPurposeCore servicesWhy it matters
Experience layerRole-based decision workspacesAnalyst workbench, supervisor plane, tower leader, CFOEach role sees the right decision, evidence, action, and accountability level.
Mission runtimeTurns finance missions into actionable casesCase intelligence, triage, recommendations, action drawersKeeps the system focused on business outcomes instead of generic chat.
Decision runtimeCore governed decision brainAgents, skills, policy, authority, evidence, replay, learningMakes recommendations explainable, repeatable, auditable, and bounded.
Evidence fabricCreates trusted evidence packsLineage, freshness, source records, scoring, immutable packsBuilds credibility with finance, controls, audit, and executives.
Policy and authorityEnforces human and system boundariesPolicy checks, approval thresholds, SoD, write authorityKeeps sensitive finance actions approval-gated.
Model and compute fabricRoutes work to the right intelligenceFrontier LLMs, local models, small models, deterministic solversAllows model choice without platform lock-in.
Integration fabricConnects source systems and collaboration channelsSAP, Ariba, FSCM, ServiceNow, Databricks, UDP, Foundry, TeamsMakes recommendations live, sourced, and operationally useful.
Governance and operationsRuns the platform safelyObservability, FinOps, model governance, cyber, resilienceTurns a demo surface into an enterprise operating platform.

2. Capability architecture

Do not build pages plus agents. Build reusable decision capabilities, then expose them through mission-specific workbenches.

Reusable mission equation: Mission = context + cases + signals + agents + evidence + policy + actions + replay + learning + impact.
Reusable capability model
P2P duplicate paymentInvoice, PO, supplier, payment, policy
O2C collections riskCustomer, dispute, promise, exposure
R2R close controlJournal, reconciliation, evidence, SOX
reuse
Shared platform servicesOntology, policy, evidence, action, replay
Shared agent servicesRegistry, skills, model gateway, tool router
Shared governance servicesCredibility, learning, observability, FinOps
CapabilityPlatform functionUsed byCredibility rule
Finance ontologyCommon objects and relationshipsAll missionsSupplier, invoice, PO, customer, journal, forecast, policy, control, evidence.
Policy runtimeRules, thresholds, approvals, controlsP2P, O2C, R2R, Treasury, TaxPolicy interpretation is owned by the enterprise, not by a model.
Agent and skill registryCatalogs agent purpose, risk, owner, model, tools, write authorityPlatform governancePrevents uncontrolled agent sprawl.
Human action layerStandardizes controlled actionsAnalysts and supervisorsHold, escalate, request evidence, approve, reject, open source record.
Collaboration layerRoutes asks and handoffsAll rolesTeams, Outlook, ServiceNow, tasks, approvals, SLA, response ingestion.
Decision replayReconstructs decision pathsAudit, controls, leadersInputs, prompts, tools, policies, evidence, human choices, outcome.
Learning runtimeConverts outcomes into improvementContinuous improvementCaptures feedback, root causes, override patterns, automation candidates.
Live data credibilityShows source and truth basisEvery KPI, drawer, and answerTruth tier, freshness, lineage, fallback, attestation, owner.

Finance domain capability map

The same platform capabilities should support P2P, O2C, R2R, FP&A, Treasury, Tax, Close, and executive views rather than creating disconnected tower products.

DomainRepresentative capabilitiesBusiness outcome
P2PDuplicate risk, GRIR, non-PO triage, payment blocks, supplier asksLeakage prevented, cycle-time reduction, stronger payment controls.
O2CCollections priority, disputes, cash application, credit riskWorking capital recovery and customer risk visibility.
R2RContinuous close, journal controls, reconciliations, intercompanyClose confidence, SOX evidence, fewer late surprises.
FP&AVariance intelligence, forecast quality, narrative, scenariosBetter management insight and faster explanation cycles.
TreasuryLiquidity, bank connectivity, payment status, FX exposureCash visibility, funding risk control, payment reliability.
TaxJurisdiction checks, indirect tax, filing readiness, evidenceCompliance readiness and audit support.

Component architecture

The platform should show concrete technical components so BP architects see more than a generic layered diagram.

Component plane
Experience APIsWorkbenches, drawers, command centers
Case runtimeQueue, priority, SLA, owner, state
Context engineCanonical objects and selected-case payload
Evidence fabricLineage, documents, freshness, proof pack
Policy runtimeRules, controls, DoA, SoD, authority
Agent runtimeSkills, prompts, tools, confidence
Action runtimeAsk, hold, escalate, approve, write-back
Replay and learningAudit, outcome, memory, evaluation
ComponentRoleTechnical capabilitiesWhy it matters
API and event engineReceives source events, case actions, and system callbacksAPI gateway, event bus, queue consumersKeeps integration explicit rather than hidden inside page logic.
Document intelligenceReads invoices, attachments, contracts, and support documentsOCR, PDF parsing, extraction confidence, evidence referencesSeparates document understanding from workflow routing.
Context engineBuilds selected-case context across supplier, company code, country, history, and ownerCanonical objects, data contracts, context graphPrevents drawers and agents from inventing missing context.
Policy engineEvaluates authority, thresholds, controls, country rules, tax rules, and SoDPolicy registry, authority matrix, control checksMakes AI recommendations governed, not autonomous guesses.
Knowledge graphConnects finance objects, policies, people, systems, evidence, and outcomesEnterprise graph plus domain graph projectionsSupports similarity, lineage, expert discovery, and reusable learning.
Copilot and agent runtimeExplains, researches, drafts, and recommends inside boundariesAsk workspace, mission agents, skill registry, model gatewayShows where LLM/RAG/agents add value beyond workflow automation.
Replay and audit engineReconstructs each decision from source facts to human actionReplay store, evidence hashes, tool traces, policy versionsCreates auditability and recovery of business decisions.
Operations planeMonitors cost, latency, failures, fallback, RTO/RPO, and source coverageObservability, FinOps, resilience, data credibilityLets platform teams run the system as production infrastructure.

3. Integration architecture

The integration model should be governed: canonical finance objects, source adapters, event contracts, evidence contracts, data freshness, lineage, and human-approved write-back paths.

Canonical object layer

Supplier, customer, invoice, PO, receipt, payment, journal, dispute, forecast, control, policy, evidence pack, and decision record.

source mappedlineage trackedpolicy aware

Controlled output layer

Recommendations, tasks, approvals, ServiceNow cases, Teams and Outlook requests, source-system write-back, audit records, and replay packages.

approval gatedaudit loggedreplay ready
Source-to-decision integration flow
Source adaptersSAP, WIM, Ariba, FSCM
Canonical finance objectsInvoice, supplier, PO, payment
Event and evidence servicesEvent store, evidence store, replay store
Decision runtimeAgent, policy, authority, action
Controlled outputsTask, approval, write-back, audit
PatternUse caseExampleRule
Read from data platformHigh-volume analytics and triageHistory, behavior, trendsPrefer curated data platforms for scalable reads.
Read from source of recordFinal evidence validationLive invoice, payment, approval statusUse when freshness or audit confidence requires source confirmation.
Event subscriptionCase creation and state changesInvoice posted, payment run pending, dispute createdUse for near-real-time mission triggers.
Controlled write-backOperational actionPayment hold, ServiceNow ticket, workflow updateMust pass policy, authority, evidence, and human approval gates.
Collaboration integrationHuman follow-upTeams, Outlook, approvals, owner requestsRequired for analyst and supervisor workflows.
Evidence integrationAudit and assuranceInvoice, PO, receipt, policy, approval, lineageCreates immutable evidence pack and replay record.
Model integrationReasoning, classification, explanationLLMs, local models, deterministic solversRoute by risk, cost, sensitivity, and latency.

BP-specific systems and data foundations

The architecture must be contextual to BP's existing finance, data, workflow, collaboration, and controls estate.

System / platformIntegration roleRecommended pattern
SAP ECC / CFIN / S/4Finance source systems and migration coexistenceLive validation and controlled write-back only after approval.
SAP WIMInvoice workflow, exception handling, document status, approval routingPrimary operational context for invoice intake and non-PO exceptions.
AribaProcurement, supplier, PO, contract signalsP2P evidence and contract compliance context.
SAP FSCMCollections, credit, disputesO2C workflow and risk integration.
FIM / FILFinance information model and finance data foundationData readiness, finance semantics, coverage, and model alignment dependency.
Databricks / UDP / OneData / FoundryCurated data, history, features, operational data productsPrimary read layer for scale, pattern mining, and AI-ready data products.
ServiceNowWorkflow, evidence requests, incidents, escalationsCreate and track governed operational tasks.
Outlook / TeamsHuman collaborationNeutral, evidence-backed asks and approval handoffs.
HR / Identity / Controls repositoriesRole, authority, delegation, policy and audit evidenceAuthority runtime and assurance linkage.

Knowledge graph and ontology treatment

The clean architecture is one enterprise finance ontology with domain graph projections. That keeps semantics consistent while allowing AP, GL, tax, assets, and reporting to have deeper local structures.

Ontology plus domain graph projections
Supplier
Invoice
Policy
Evidence
Outcome
Enterprise finance ontologyCommon semantics across missions
AP graphP2P exceptions
AR graphCollections and disputes
GL graphClose and journals
Tax graphJurisdiction and compliance
Asset graphCapital and operations
Graph layerPurposeOutcome
Enterprise finance graphShared finance semantics across supplier, customer, invoice, payment, journal, company code, policy, and controlCommon memory and cross-mission similarity.
Domain graph projectionsAP, AR, GL, asset, tax, close, and reporting subgraphs tuned to local process needsDomain depth without fragmenting the enterprise ontology.
Temporal memoryWhat policy, data, owner, and evidence were true at the time of decisionAudit replay, historic explanation, and policy-change analysis.
Access and classificationPublic, internal, confidential, restricted, regulated graph nodes and edgesSecurity, Entra-aligned access, and data minimization.
Outcome-linked knowledgeDecisions connected to financial result, human override, learning artifact, and resolution patternTurns case work into reusable institutional memory.

Live data credibility layer

Every case, KPI, recommendation, evidence pack, and drawer should disclose its truth basis. This prevents source confusion and makes demos safe to mature into production.

Source

System, owner, object ID, and freshness are visible for every material value.

Truth tier

Scenario, snapshot, live source read, live lineage, or attested proof is explicit.

Fallback

Fallback is governed and labeled; hidden synthetic values are not allowed.

Attestation

Only source-grounded and lineage-backed values can be used as audit or executive proof.

Write-back architecture

Sensitive finance actions should not be autonomous by default. AI can inform, recommend, prepare, and execute only when policy, authority, evidence, and human approval gates permit it.

Controlled execution path
Agent recommendation
Policy check
Authority check
Evidence check
Human approval
Controlled write-back
Boundary outcomes
Approved: update SOR
Rejected: no write
Missing evidence: ask owner
Threshold exceeded: escalate
Authority levelMeaningExample
InformAI explains onlyExplain why an invoice is risky.
RecommendAI suggests next actionRecommend a payment hold.
PrepareAI drafts but does not submitDraft a supplier evidence request.
Execute with approvalHuman approves before executionApply a payment block.
Autonomous executionSystem executes only inside strict low-risk policyLow-risk reminder or data enrichment.

Detailed use-case walkthrough: non-PO invoice processing

Non-PO invoice processing is the right technical walkthrough because it requires document intelligence, supplier validation, GL coding, policy checks, approval routing, exception handling, and human judgment.

Non-PO invoice processing swimlane
Source systems
Email, EDI, portal, WIM
SAP supplier and company code
Contracts, SOPs, policy store
SAP / WIM / ServiceNow write-back
Decision runtime
Intake and OCR extraction
Context enrichment and graph link
Policy, tax, duplicate, DoA checks
Recommendation, action, replay
Human control
Review missing fields
Request owner or supplier evidence
Approve, hold, reject, or escalate
Rationale captured for audit
StepCapability in motionCredibility requirement
1. Invoice arrivesEmail, EDI, portal, WIM, or scanned document triggers intakeCreate case and preserve original document evidence.
2. Intake and extractionDocument intelligence extracts supplier, amount, tax, currency, lines, payment terms, and bank detailsShow extraction confidence and missing fields.
3. Source enrichmentContext engine pulls supplier master, company code, country, contract, GL history, prior invoices, and approval ownerHydrate from selected-case payload and source contracts.
4. Policy and control checksPolicy engine evaluates non-PO policy, authority, duplicate risk, tax rules, SoD, thresholds, and country constraintsSeparate rule outcome from AI explanation.
5. Graph reasoningKnowledge graph connects supplier, business unit, company code, approver, policy, history, and similar exceptionsSurface comparable cases and known risks.
6. Agent recommendationAgent recommends approve, hold, reject, GL coding, request clarification, or escalateExplain with evidence, confidence, uncertainty, and alternatives.
7. Human actionAnalyst or supervisor reviews evidence, edits draft, requests owner input, or approves controlled actionNo sensitive write without human authority.
8. System executionApproved action updates WIM, SAP, ServiceNow, Teams, Outlook, or evidence storeWrite-back is policy-gated and replay logged.
9. Replay and learningReplay captures facts, evidence, policy, model output, human rationale, action, and outcomeFeeds decision memory and future recommendation quality.
Why this proves agentic depth: the process uses OCR, source reads, RAG over SOP and policy, knowledge graph context, deterministic policy checks, LLM explanation and drafting, human approval, controlled write-back, replay, and learning. It is not simple RPA.

4. Deployment architecture

The deployment model should support local compact runtime, tenant sandbox, UAT / parallel run, and production hybrid operation across cloud and private compute.

Runtime cells

Experience, mission, decision, agent, integration, evidence, replay, model gateway, observability, and governance cells scale independently.

Hybrid model routing

Frontier models for reasoning, local or small models for routine classification, deterministic engines for control checks.

Recovery by decision

RTO/RPO is measured on decisions, evidence, policy, agent state, human actions, and outcomes, not just servers.

Production runtime cells
Experience cellRole-based UI and workbenches
Mission cellP2P, O2C, R2R, FP&A
Decision cellPolicy, evidence, authority
Agent cellSkills, tools, model gateway
Integration cellSAP, data, collaboration
Evidence cellDocuments and source lineage
Replay cellAudit and recovery history
Learning cellOutcomes and memory
Observability cellHealth, latency, FinOps
Governance cellAccess, approvals, model policy
EnvironmentPurposeData modeWrite-back
Local compact runtimeEngineering, demo, offline testingSelected non-attested extractsNo production write-back; clearly non-attested.
Dev tenantFeature and integration testingMasked or non-production dataWrite-back disabled by default.
System integration testEnd-to-end adapter validationTest source systemsControlled test writes.
UAT / parallel runBusiness validation against live processRead-only production mirror or governed live readHuman-approved limited writes.
ProductionOperational useProduction data and governed source readsControlled write-back with policy and authority gates.

End-to-end runtime flow

1
Source event or data change
A business event or source refresh creates or updates a finance case.
2
Context and evidence assembly
The runtime loads canonical objects, source facts, lineage, freshness, documents, and prior outcomes.
3
Agent, policy, and authority evaluation
Agents and deterministic checks produce recommendations bounded by policy, approval, SoD, and write authority.
4
Human decision and controlled execution
Analysts or supervisors approve, reject, escalate, request evidence, or execute controlled write-back.
5
Replay, audit, outcome, and learning
The full path is captured for audit, recovery, learning, value attribution, and future decision improvement.

Platform capabilities to prioritize

These should be implemented once as platform services, not separately inside each mission page.

Priority capabilityWhy criticalWhere to point reviewers
Evidence Intelligence FabricBuilds source-grounded trustProof route: Evidence Vault and case evidence drawers.
Policy and Authority RuntimeKeeps finance actions governedProof route: policy registry, authority gates, human approvals.
Decision ReplayMakes every recommendation auditableProof route: Decision Replay Studio and replay records.
Finance OntologyEnables reusable semantics across towersProof route: context graph and canonical registry.
Human Action LayerStandardizes governed executionProof route: case actions, collaboration asks, escalation drawers.
Live Data Credibility LayerPrevents hidden scenario or fallback leakageProof route: provenance labels, truth tiers, value attribution.
Model GatewayKeeps models swappable and risk-awareProof route: model comparison and AI cost usage surfaces.
Resilience & Recovery RuntimeRecovers decisions, evidence, policy, agent state, and outcomesProof route: Recovery Command Center.
Learning RuntimeTurns outcomes into institutional memoryProof route: learning fabric and decision memory surfaces.
Architecture principle: build a platform of reusable decision capabilities, then expose those capabilities through mission-specific workbenches.
Positioning summary. bp Sphere is a hybrid, governed, source-grounded, multi-cloud-capable finance decision runtime operating across source systems, data platforms, policies, controls, people, models, and outcomes.