Rask AI can change a lot of your data, but it can’t change everything — by design. The boundaries below are the trade-off between “useful conversational interface to your financial life” and “safe enough we’d let it loose with no human in the loop”.
The principle: Rask AI is a different way to arrive at the Save click — not a new privileged path. Anywhere the regular forms have a guardrail, the chat does too.
What Rask AI will never do
Hard-delete anything
Removals on the Rask AI rail are always soft — items go to an archived state where you (or your adviser) can restore them. Hard deletes — emptying the trash, removing all of one type of data, deleting your account — never appear as chat proposals. If you actually need to permanently delete something, you do it through the dedicated UI, with the appropriate “are you sure” steps.
Touch anything that affects authentication
- Date of birth — Rask AI won’t propose changes to your DOB. It’s used for things like preservation-age and age-pension calculations, and in some flows for identity verification. Mistakes here are hard to back out, and there’s no realistic conversational reason you’d update DOB. Edit it on the form.
- Email address — your account login. Edit it in Settings.
- Password / MFA — never. These belong in Settings → Security.
Touch your medical history
Sensitive enough that the chat doesn’t even read it as context, let alone propose changes. Update your medical history on /form/medical.
Change your partner’s data
The chat is scoped to your own data. Partner-side proposals (CLIENT_2) are deferred until our cross-partner data model is ready. If you and your partner manage your finances jointly, your partner can use Rask AI on their own account.
Touch your insurance policies
Rask AI can update what you spend on insurance per month (the cashflow lens — Health Insurance, Income protection, etc.). It cannot change the policies themselves (insurer, policy holder, cover amount, expiry). Update those through the Insurance form when it ships, or through your adviser today.
Edit SMSF ownership
If your super is in your own SMSF, the structure of that SMSF (trustees, members, fund deed) lives on the Tax Structures surface — and even there, with stricter ownership checks. Rask AI on /forms and /form/fact-find can update the balance of an SMSF account (it’s just a number you entered) but won’t propose ownership / trustee changes.
Delete or move documents in your vault
Vault edits are deliberate, audited member actions. Rask AI can surface documents (“your latest payslip is in Rask docs / Career”), but won’t propose to delete or reorganise them.
Publish anything publicly
- Journal notes can be published to the community feed — but that’s a deliberate click on the journal card. The chat won’t propose publication.
- Profile / public bio changes go through Settings.
Make changes “in bulk”
Every Rask AI proposal touches exactly one field or one list item. There’s no “clear my entire fact-find” or “archive all my goals”. Bulk edits stay in the regular UI where the impact is more visible.
Make trades, payments, or investment decisions
Rask AI helps you shape your data. It doesn’t place trades, transfer funds, change account access, or initiate any payment. Investment, tax, and retirement advice is your financial planner’s job.
Send anything to your adviser without you knowing
Rask AI doesn’t auto-message your adviser, auto-book meetings, or auto-share documents. If a proposal involves your adviser (e.g. “book a call”), it always shows up as a card you confirm, with the action visible.
Three independent guardrails (for the curious)
Even when Rask AI proposes a change you confirm, there’s still a chain of checks before any data moves:
- Vertex schema — the LLM can only propose changes inside a strict schema. Off-allowlist fields are simply unavailable to it.
- Server-side validator — even if the LLM produces something nonsensical (the wrong type, an out-of-range number, an unknown enum value), the server rejects it before it reaches your data.
- Server-side permission check — every change runs through the same authentication and ownership checks a manual form save does.
Plus the proposal card itself — the visible diff (current → new) is your own check before clicking Save.