Financial Retail AI Case Portfolio

目标: 为 AI BA / AI PM / 架构师学习, 面试, storytelling 和作品集建设提供一组可复用的金融零售 AI 深度案例。 使用方式: 每个案例都可以单独扩展成一个 1-2 页业务案例, 一个 BPMN 流程图, 一个 requirements-to-eval matrix, 一个 control pack, 一个 architecture ADR, 一个 adoption dashboard。

0. Portfolio 使用原则

• 这是新增学习资产, 不替代既有 Web3, 架构, ABPA 学习计划。
• 每个案例都用同一套结构表达: business problem -> workflow -> AI pattern -> data -> architecture -> requirements -> eval -> controls -> ROI -> adoption -> interview story。
• 面试表达时不要说 "我会接 AI", 要说 "我如何识别可被 AI 改善的业务瓶颈, 如何把需求转换成 eval, 如何把风险控制嵌入流程"。
• 作品集表达时优先展示证据: baseline metric, process map, requirements matrix, eval result, risk/control register, adoption metric。
• 所有案例默认 human-in-the-loop, 关键金融决策不让模型单独闭环执行。
• 所有案例默认遵守数据最小化, PII/financial data 分级, 审计日志, 权限隔离, retention policy。
• 所有案例默认需要 legal/compliance/risk/security/data governance 参与。

1. Source Anchors And Standards References

这些锚点用于建立语言体系, 不等同于法律意见。具体落地应结合所在国家/地区监管, 公司内部政策和模型供应商合同。

2. ABPA Template Reuse Map

3. Case Selection Matrix

Scoring: H = high, M = medium, L = low. Implementation priority 1 表示最适合先做作品集 MVP。

| # | Case | Business value | Risk level | Data readiness | Implementation complexity | Priority | Primary templates | |---|---|---|---|---|---|---| | 1 | AML investigation copilot | H | H | M | H | 5 | 03, 04, 05, 08 | | 2 | KYC remediation | H | H | H | M | 2 | 01, 03, 07, 05 | | 3 | Lending underwriting assistant | H | H | M | H | 8 | 04, 05, 07, 11 | | 4 | Fraud operations copilot | H | H | H | H | 6 | 03, 04, 05, 10 | | 5 | Customer service copilot | H | M | H | M | 1 | 01, 04, 08, 10 | | 6 | Payments exception handling | H | M | H | M | 3 | 03, 04, 08, 11 | | 7 | Wealth advisory compliance guardrail | M | H | M | M | 9 | 04, 05, 08, 09 | | 8 | Collections next-best-action | H | H | M | M | 7 | 01, 04, 05, 10 | | 9 | Merchant risk monitoring | H | H | M | H | 10 | 07, 08, 05, 11 | | 10 | Branch / relationship manager copilot | M | M | H | M | 4 | 02, 04, 08, 10 | | 11 | Product knowledge RAG | M | L | H | L | 0 | 01, 04, 07, 10 | | 12 | Regulatory change impact analysis | H | H | M | H | 11 | 02, 05, 08, 06 |

4. Deep Case Studies

Case 01: AML Investigation Copilot

• Business problem: AML analyst 要在大量 alert 中查证客户, 账户, 交易, 关联方和历史 SAR/STR 线索, 时间花在证据收集和叙述草稿上, 真正风险判断被压缩。
• Users/stakeholders: AML investigator, AML QA, MLRO/BSA officer, transaction monitoring team, sanctions team, compliance, audit, legal, data platform, model risk management。
• Baseline workflow: alert generated -> analyst 拉取 KYC profile -> 查交易明细 -> 查负面新闻和 sanctions hit -> 整理 case narrative -> supervisor QA -> decide close/escalate/file SAR。
• AI pattern: RAG + workflow automation + rules+LLM + human-in-the-loop。LLM 只做 evidence retrieval, summarization, hypothesis checklist, narrative draft, 不自动决定 SAR filing。
• Data sources: transaction monitoring alerts, core banking transactions, customer profile, KYC documents, relationship graph, sanctions/PEP/adverse media feeds, historical cases, SAR/STR typology library, investigation SOP。
• System architecture sketch in text: Case UI -> investigation orchestration service -> policy/rules engine -> retrieval layer over case docs and SOP -> graph/transaction feature service -> LLM summarizer -> evidence citation store -> QA workflow -> audit log。
• Requirements: 支持 alert summary, timeline, counterparty clustering, red-flag checklist, citation-backed narrative, missing evidence prompt, supervisor review queue, full audit trail, role-based access。
• Eval design: gold set 使用历史已 QA cases; measure evidence recall, citation precision, narrative factuality, missing-control detection, time-to-first-draft, false escalation risk; red-team prompt injection from adverse media snippets。
• Risk/control design: NIST AI RMF Govern/Map/Measure/Manage; OWASP LLM prompt injection and sensitive data controls; maker-checker approval; no autonomous SAR decision; immutable prompt/output logs; model output watermark in case notes。
• ROI metrics: alert handling time reduction, case backlog reduction, QA rework rate, SAR narrative defect rate, investigator throughput, audit finding reduction。
• Adoption plan: 先在低风险 post-alert research 阶段 pilot; 选择 10-20 名 senior analysts; 每周 review output defect; 逐步加入 narrative draft; 不接入 final decision automation。
• Interview talking point: "我会把 AML AI 定位为 investigation evidence copilot, 不是 decision engine, 这样可以同时提升效率并保留合规责任链。"
• Portfolio artifact to create: AS-IS/TO-BE BPMN, AML requirements-to-eval matrix, AI control pack, sample redacted case narrative before/after。
• Template reuse: primary docs/abpa/templates/03-bpmn-pain-metrics.md; supporting 04-requirements-to-eval-matrix.md, 05-ai-control-pack.md, 08-ai-architecture-adr-set.md, 12-portfolio-evidence-map.md。

Case 02: KYC Remediation

• Business problem: 银行在周期性 review, regulatory remediation 或 data quality campaign 中需要补齐客户身份, beneficial owner, tax, source-of-funds 等信息, 人工追踪成本高且客户体验差。
• Users/stakeholders: KYC operations, relationship manager, customer service, compliance, data quality team, customer, document verification vendor, CRM owner, onboarding product manager。
• Baseline workflow: data quality rule 发现缺口 -> ops 创建 remediation task -> RM 联系客户 -> 客户提交材料 -> ops 校验 -> compliance approve -> customer master 更新。
• AI pattern: classifier + RAG + workflow automation + human-in-the-loop。模型识别缺口, 推荐 outreach wording, 提取文档字段, 但高风险客户和 UBO 变更必须人工审批。
• Data sources: customer master, CRM, KYC questionnaire, document images/OCR, UBO registry, tax forms, risk rating, policy manuals, previous remediation outcomes, contact history。
• System architecture sketch in text: KYC data quality engine -> gap classifier -> task prioritization queue -> customer/RM communication generator -> document intake OCR -> policy RAG -> reviewer workbench -> golden source update API -> audit ledger。
• Requirements: 自动识别缺失字段, 按风险和监管 deadline 排序, 生成客户友好解释, 文档字段抽取, policy-based validation checklist, SLA dashboard, exception escalation。
• Eval design: field extraction accuracy, missing-field detection recall, invalid-document false accept rate, remediation cycle time, customer response conversion, reviewer override rate, language tone QA。
• Risk/control design: customer messaging approval template; PII masking in model context; jurisdiction-specific policy retrieval; four-eyes review for high-risk entity; lineage from source document to customer master update。
• ROI metrics: remediation backlog burn-down, average days to complete, outreach success rate, manual touches per case, regulatory deadline hit rate, customer complaint rate。
• Adoption plan: 从 non-material data gaps 开始, 例如 expired ID reminder; 再扩展到 entity ownership evidence; 每阶段设 false accept threshold 和 compliance sign-off gate。
• Interview talking point: "KYC remediation 的核心不是生成文字, 而是把 data quality, policy interpretation, customer outreach 和 source-of-truth update 串成可审计闭环。"
• Portfolio artifact to create: KYC opportunity canvas, data readiness pack, customer outreach sample, remediation control register。
• Template reuse: primary docs/abpa/templates/01-ai-opportunity-canvas.md; supporting 03-bpmn-pain-metrics.md, 07-data-readiness-pack.md, 05-ai-control-pack.md, 10-adoption-dashboard.md。

Case 03: Lending Underwriting Assistant

• Business problem: 贷款审批需要整合收入, 负债, 现金流, 抵押品, 信用报告, 政策例外和 explainability, 传统流程慢且 reviewer 风格不一致。
• Users/stakeholders: underwriter, credit officer, relationship manager, borrower, fair lending/compliance, model risk management, credit policy, audit, data science, loan origination system owner。
• Baseline workflow: application intake -> document verification -> credit bureau pull -> income/debt calculation -> policy rules check -> underwriter memo -> approval committee -> offer/decline -> adverse action notice。
• AI pattern: rules+LLM + RAG + classifier + human-in-the-loop。AI 做 document summarization, policy checklist, affordability narrative, exception explanation; credit decision remains underwriter/committee owned。
• Data sources: loan application, payslips, bank statements, tax documents, credit bureau, debt service data, collateral valuation, credit policy, historical underwriting memos, adverse action reason codes。
• System architecture sketch in text: LOS -> document processing -> financial feature extraction -> deterministic credit rules -> policy RAG -> underwriting assistant -> explainability and reason-code service -> underwriter review -> decision record store。
• Requirements: income normalization, debt-to-income calculation support, policy exception detection, cited policy references, memo draft, adverse action reason suggestion, bias/fair lending review queue, override logging。
• Eval design: compare against approved historical files; test financial extraction accuracy, policy citation correctness, missing-risk detection, memo completeness, reason-code consistency, subgroup performance metrics。
• Risk/control design: EU AI Act high-risk lens for creditworthiness where applicable; fair lending controls; no protected-class proxy use; deterministic calculations separated from LLM prose; adverse action wording reviewed by compliance。
• ROI metrics: time from application complete to decision, underwriter cases per day, exception leakage rate, rework, approval committee preparation time, consistency of reason codes。
• Adoption plan: start with underwriter memo drafting for already decisioned files; then shadow mode on live pipeline; then assisted policy checklist with mandatory attestation。
• Interview talking point: "在贷款 AI 中, 我会把 calculation, policy eligibility, narrative generation 和 decision authority 分层, 防止黑盒模型替代受监管信用判断。"
• Portfolio artifact to create: underwriting requirements-to-eval matrix, fair lending control pack, architecture ADR, ROI business case。
• Template reuse: primary docs/abpa/templates/04-requirements-to-eval-matrix.md; supporting 05-ai-control-pack.md, 07-data-readiness-pack.md, 11-business-case.md, 08-ai-architecture-adr-set.md。

Case 04: Fraud Operations Copilot

• Business problem: Fraud ops 面对 card-not-present, account takeover, mule account, scam reimbursement 等高压工单, 需要快速判断交易上下文并与客户沟通。
• Users/stakeholders: fraud analyst, fraud strategy, contact center, customer, dispute operations, card operations, payments, cyber security, compliance, model monitoring team。
• Baseline workflow: fraud alert -> analyst 查看 transaction/session/device -> 联系客户或等待 claim -> 冻结/放行/升级 -> case note -> reimbursement/dispute path -> strategy feedback。
• AI pattern: agent-assisted workflow automation + classifier + RAG + human-in-the-loop。AI 拉取证据, 生成问询脚本, 推荐 next step, 但冻结账户/拒赔等动作需要 analyst confirm。
• Data sources: transaction stream, device fingerprint, login/session data, customer profile, prior claims, fraud rules, case notes, scam typologies, chargeback/dispute data, call transcripts。
• System architecture sketch in text: Fraud case console -> entity resolution -> feature store -> rules/model score -> LLM case explainer -> action recommendation service -> customer communication templates -> analyst approval -> action API -> feedback loop。
• Requirements: alert triage, risk factors explanation, similar-case retrieval, customer script, action recommendation with confidence, one-click evidence packet, feedback capture to strategy team。
• Eval design: analyst agreement rate, missed fraud rate in shadow mode, false positive customer friction, action recommendation precision, explanation usefulness score, prompt-injection resilience from customer notes。
• Risk/control design: least-privilege action scope; step-up approval for account freeze, reimbursement denial, law enforcement referral; sensitive data redaction; monitoring for hallucinated fraud rationale; incident escalation playbook。
• ROI metrics: mean time to resolve alert, fraud loss prevented, false positive release time, customer contact handle time, analyst training time, strategy feedback cycle time。
• Adoption plan: start as "case explainer" with no action capability; add scripted next-step recommendations; add limited action pre-fill after control review。
• Interview talking point: "Fraud AI 的产品难点是速度和控制并存, 所以我会把 action agency 拆成 suggestion, pre-fill, human approve 三档。"
• Portfolio artifact to create: fraud TO-BE workflow, eval matrix, control pack, adoption dashboard。
• Template reuse: primary docs/abpa/templates/03-bpmn-pain-metrics.md; supporting 04-requirements-to-eval-matrix.md, 05-ai-control-pack.md, 10-adoption-dashboard.md, 09-operating-model-raci.md。

Case 05: Customer Service Copilot

• Business problem: Contact center agent 需要在多个系统和知识库之间切换, 处理账户, 卡, 贷款, 投诉, 费用, 支付等问题, AHT 高且答复不一致。
• Users/stakeholders: customer service agent, team lead, QA, customer, product operations, compliance, knowledge management, speech analytics, contact center technology owner。
• Baseline workflow: customer intent identification -> authentication -> knowledge search -> account lookup -> answer/action -> after-call note -> QA sampling -> knowledge update。
• AI pattern: RAG + workflow automation + summarization + human-in-the-loop。AI 检索政策和产品知识, 生成建议答复和 call summary, agent 负责确认和执行。
• Data sources: product knowledge base, fee schedule, account servicing procedures, CRM, call/chat transcript, authentication result, complaint policy, historical QA scorecards。
• System architecture sketch in text: Agent desktop -> intent detector -> authenticated customer context -> knowledge RAG -> response composer -> policy guardrail -> after-call summarizer -> QA analytics -> knowledge feedback queue。
• Requirements: grounded answer with citation, prohibited advice guardrails, empathy/tone support, account-specific next step, after-call summary, escalation detection, knowledge gap feedback。
• Eval design: answer correctness, citation coverage, policy violation rate, AHT, after-call work reduction, customer CSAT, agent trust rating, QA defect categories。
• Risk/control design: no disclosure before authentication; PII minimized in prompts; regulated advice blocks; hallucination monitoring; sampled QA review; knowledge article versioning。
• ROI metrics: AHT, first contact resolution, transfer rate, after-call work, QA score, agent ramp time, customer complaint rate。
• Adoption plan: pilot with internal agent assist only; begin with high-volume low-risk intents; build feedback button; tune knowledge base governance before expanding to customer-facing chat。
• Interview talking point: "客服 copilot 的关键不是让 AI 替代客服, 而是让客服在受控知识和客户上下文之间更快完成准确答复。"
• Portfolio artifact to create: product knowledge RAG prototype spec, agent assist eval matrix, adoption dashboard, executive memo。
• Template reuse: primary docs/abpa/templates/01-ai-opportunity-canvas.md; supporting 04-requirements-to-eval-matrix.md, 08-ai-architecture-adr-set.md, 10-adoption-dashboard.md, 07-data-readiness-pack.md。

Case 06: Payments Exception Handling

• Business problem: 支付异常包括 failed payment, repair queue, duplicate payment, missing reference, chargeback, return, reconciliation break, 需要跨系统和跨团队定位责任。
• Users/stakeholders: payments operations, reconciliation team, treasury operations, customer service, relationship manager, merchant operations, finance, risk, payment rail owner。
• Baseline workflow: exception detected -> ops 查询 payment rail status -> 核对 ledger/accounting -> 联系客户或对手方 -> repair/return/retry -> close case -> root cause report。
• AI pattern: workflow automation + RAG + rules+LLM + human-in-the-loop。AI 解释 exception type, 汇总 rail rules, 推荐 repair path, 生成客户/内部沟通草稿。
• Data sources: payment messages, ISO 20022 fields, core ledger, reconciliation records, payment rail rulebook, return codes, customer profile, case notes, SLA matrix。
• System architecture sketch in text: Exception queue -> payment message parser -> reconciliation match service -> rail rule RAG -> repair recommendation engine -> ops workbench -> approval workflow -> payment action connector -> audit report。
• Requirements: exception classification, payment timeline, root-cause hypothesis, rail rule citation, repair checklist, SLA timer, customer message draft, accounting impact view。
• Eval design: classification accuracy, repair path precision, rule citation correctness, false repair prevention, cycle time, exception recurrence, reconciliation break aging。
• Risk/control design: payment action segregation of duties; value-based approval thresholds; rail compliance guardrails; immutable payment message evidence; sensitive beneficiary data masking。
• ROI metrics: exception resolution time, aged breaks, payment rework, SLA breach rate, customer inquiry volume, manual touches per exception。
• Adoption plan: start with read-only exception explanation; add repair checklist; only later pre-fill repair forms under maker-checker approval。
• Interview talking point: "支付异常 AI 很适合做 operations workflow copilot, 因为高价值来自把 payment message, ledger, rulebook 和 case action 串起来。"
• Portfolio artifact to create: BPMN exception flow, architecture ADR, repair eval matrix, business case。
• Template reuse: primary docs/abpa/templates/03-bpmn-pain-metrics.md; supporting 04-requirements-to-eval-matrix.md, 08-ai-architecture-adr-set.md, 11-business-case.md, 05-ai-control-pack.md。

Case 07: Wealth Advisory Compliance Guardrail

• Business problem: Wealth advisor 在客户沟通中需要避免不适当投资建议, 误导性收益表述, 未披露风险, suitability mismatch, 但合规审核通常滞后。
• Users/stakeholders: wealth advisor, compliance supervision, investment product team, client, legal, suitability team, surveillance, branch manager, recordkeeping team。
• Baseline workflow: advisor 准备建议 -> 查询客户目标和风险承受能力 -> 发送邮件/会议纪要/投资建议 -> 事后抽样 surveillance -> 发现问题后 remediation。
• AI pattern: rules+LLM guardrail + RAG + classifier + human-in-the-loop。AI 在草稿阶段做 compliance check, suitability reminder, risk disclosure suggestion, 不生成未经审查的个性化推荐。
• Data sources: client risk profile, investment policy, product risk rating, approved marketing materials, regulatory guidance, communications archive, suitability rules, advisor notes。
• System architecture sketch in text: Advisor desktop -> draft capture -> client/product suitability context -> compliance rules engine -> approved-content RAG -> LLM risk reviewer -> disclosure suggestion -> advisor revise -> supervisory archive。
• Requirements: detect promissory language, missing risk disclosure, unsuitable product mismatch, off-policy claim, unapproved product mention, required disclaimer, escalation to supervisor。
• Eval design: compliance issue recall, false positive advisor burden, citation correctness, suitability rule coverage, surveillance defect reduction, advisor acceptance rate。
• Risk/control design: no hidden client profiling beyond approved suitability data; preserve original and revised communication; supervisor override logging; advisor training on AI limitation; model drift review by compliance。
• ROI metrics: pre-send defect reduction, surveillance review efficiency, compliance incident rate, advisor rework, time to approve client communication。
• Adoption plan: begin with draft checking for generic communications; expand to client-specific suitability guardrails; integrate with supervision dashboard after policy validation。
• Interview talking point: "财富管理场景里 AI 最好的切入点是 pre-trade/pre-send guardrail, 不是让模型当投资顾问。"
• Portfolio artifact to create: compliance guardrail matrix, control pack, operating model RACI, sample before/after advisor email。
• Template reuse: primary docs/abpa/templates/04-requirements-to-eval-matrix.md; supporting 05-ai-control-pack.md, 08-ai-architecture-adr-set.md, 09-operating-model-raci.md, 12-portfolio-evidence-map.md。

Case 08: Collections Next-Best-Action

• Business problem: Collections 团队需要在合规边界内选择合适触达渠道, 还款安排, hardship support, escalation path, 传统规则粗糙且客户体验差。
• Users/stakeholders: collections agent, collections strategy, customer, credit risk, compliance, hardship team, legal recovery, call center QA, analytics team。
• Baseline workflow: delinquency bucket -> dialer/contact -> verify customer -> discuss hardship/payment -> record promise-to-pay -> follow-up -> escalate to recovery/legal if needed。
• AI pattern: classifier + rules+LLM + workflow automation + human-in-the-loop。AI 推荐 next-best-action, 生成同理心脚本, 检测 vulnerable customer, 但 agent 负责执行和确认。
• Data sources: delinquency status, payment history, customer communication preferences, hardship flags, product terms, regulatory contact rules, call outcomes, prior arrangements。
• System architecture sketch in text: Collections platform -> eligibility/rules engine -> customer context feature service -> NBA recommender -> script generator with compliance guardrails -> agent desktop -> outcome capture -> strategy analytics。
• Requirements: contact rule compliance, vulnerable customer detection, repayment option eligibility, promise-to-pay tracking, hardship referral, call script, reason capture, treatment fairness report。
• Eval design: promise-to-pay conversion, cure rate, complaint rate, prohibited contact violation rate, vulnerable customer detection recall, agent override reasons, subgroup outcome monitoring。
• Risk/control design: strict rule engine for contact frequency and wording; no harassment or deception; fairness testing; supervisor review for legal escalation; clear customer assistance pathways。
• ROI metrics: cure rate, roll-rate reduction, cost per dollar collected, complaint reduction, agent handle time, broken promise rate, hardship referral quality。
• Adoption plan: pilot on early delinquency with low-risk accounts; use shadow recommendations; expand only after compliance validates scripts and treatment fairness。
• Interview talking point: "Collections AI 不能只追收回率, 必须把合规 contact rules, vulnerable customer treatment 和 fairness metrics 放在同一张 dashboard。"
• Portfolio artifact to create: NBA opportunity canvas, eval/control matrix, adoption dashboard, business case。
• Template reuse: primary docs/abpa/templates/01-ai-opportunity-canvas.md; supporting 04-requirements-to-eval-matrix.md, 05-ai-control-pack.md, 10-adoption-dashboard.md, 11-business-case.md。

Case 09: Merchant Risk Monitoring

• Business problem: 收单机构和支付平台需要持续监控商户欺诈, 洗钱, 违禁品, 高退单率, bust-out, 交易异常, 传统周期性 review 滞后。
• Users/stakeholders: merchant risk analyst, acquiring operations, underwriting, sales, compliance, payment network liaison, dispute team, fraud strategy, merchant support。
• Baseline workflow: merchant onboarding -> risk tiering -> transaction monitoring -> chargeback/dispute review -> periodic review -> reserve/limit/termination decision -> network reporting。
• AI pattern: classifier + anomaly detection + RAG + human-in-the-loop。AI 汇总商户风险画像, 解释异常, 推荐 review priority, 不自动终止商户。
• Data sources: merchant application, MCC, processing volume, chargeback ratio, refund pattern, website/app content, sanctions/adverse media, network rules, dispute cases, reserve history。
• System architecture sketch in text: Merchant risk platform -> streaming transaction features -> anomaly detector -> web/content classifier -> network rule RAG -> risk narrative generator -> analyst queue -> action governance -> monitoring dashboard。
• Requirements: merchant risk score explanation, abnormal volume detection, refund/chargeback trend, prohibited content flag, related merchant graph, reserve recommendation support, network rule citation。
• Eval design: historical bad merchant detection recall, false positive burden on legitimate merchants, explanation completeness, rule citation accuracy, analyst prioritization lift, drift by MCC。
• Risk/control design: merchant adverse action governance; evidence packet required before reserve/termination; appeal path; website content model bias check; network rule version control; audit log。
• ROI metrics: loss avoided, chargeback ratio improvement, high-risk merchant review coverage, analyst productivity, network fine reduction, reserve adequacy。
• Adoption plan: start as risk monitoring dashboard; then add narrative generator; action recommendations require credit/risk committee approval。
• Interview talking point: "Merchant risk AI 的关键是把 transaction anomaly, content risk 和 network rule 结合, 同时保留商户申诉和证据链。"
• Portfolio artifact to create: data readiness pack, architecture ADR, merchant risk control pack, ROI business case。
• Template reuse: primary docs/abpa/templates/07-data-readiness-pack.md; supporting 08-ai-architecture-adr-set.md, 05-ai-control-pack.md, 11-business-case.md, 03-bpmn-pain-metrics.md。

Case 10: Branch / Relationship Manager Copilot

• Business problem: Branch staff 和 relationship manager 需要准备客户会议, 跟进服务请求, 识别 cross-sell / retention / complaint 风险, 但客户信息分散在 CRM, core, servicing 和文档中。
• Users/stakeholders: branch banker, relationship manager, branch manager, customer, sales operations, product team, compliance, CRM owner, customer analytics。
• Baseline workflow: banker 查看客户资料 -> 查账户/贷款/投资/服务历史 -> 准备谈话 -> 记录 meeting note -> 创建 follow-up task -> 手工更新 CRM。
• AI pattern: RAG + summarization + workflow automation + human-in-the-loop。AI 做 meeting brief, next-step draft, product eligibility reminder, service issue summary, 不自动销售或承诺。
• Data sources: CRM, account holdings, service tickets, branch appointment notes, product catalog, campaign eligibility, complaint history, customer consent/preference, policy rules。
• System architecture sketch in text: CRM workspace -> customer 360 API -> consent and eligibility service -> product/policy RAG -> meeting brief generator -> task creation -> note summarizer -> sales/service dashboard。
• Requirements: customer brief, relationship timeline, unresolved service issue highlight, eligibility-based conversation prompts, compliant note summary, follow-up task, consent-aware data display。
• Eval design: banker prep time reduction, note quality, policy violation rate, next-step completion, customer meeting satisfaction, RM adoption, unsupported sales prompt detection。
• Risk/control design: consent and suitability gates; no sensitive inference display; compliant sales language; manager QA sampling; role-based access for household/business accounts。
• ROI metrics: meeting prep time, CRM note completion, follow-up conversion, unresolved issue aging, customer retention, branch productivity。
• Adoption plan: start with meeting summary and prep brief; add task automation; only later add product prompts after compliance and product eligibility review。
• Interview talking point: "RM copilot 的价值来自 service and relationship continuity, 不是简单推销; 我会把 customer trust 作为核心指标。"
• Portfolio artifact to create: stakeholder evidence map, customer 360 architecture ADR, adoption dashboard, interview story proof pack。
• Template reuse: primary docs/abpa/templates/02-stakeholder-evidence-map.md; supporting 04-requirements-to-eval-matrix.md, 08-ai-architecture-adr-set.md, 10-adoption-dashboard.md, 12-portfolio-evidence-map.md。

Case 11: Product Knowledge RAG

• Business problem: 金融零售产品规则, 费用, eligibility, 操作 SOP, campaign terms 经常变化, 员工和客服难以确认最新版本, 导致错误答复和合规风险。
• Users/stakeholders: product manager, knowledge manager, customer service, branch staff, compliance, legal, training, content owner, IT knowledge platform owner。
• Baseline workflow: policy/product update -> knowledge article 发布 -> 员工搜索 -> 解释给客户 -> QA 发现错误 -> content owner 修订 -> 再培训。
• AI pattern: RAG + metadata filtering + answer guardrails。该案例最适合作品集 MVP, 因为风险相对低, 数据可控, 可快速演示 requirements-to-eval。
• Data sources: product catalog, fee schedules, FAQ, SOP, campaign terms, legal disclosures, change logs, knowledge article metadata, effective dates, retired versions。
• System architecture sketch in text: Knowledge ingestion pipeline -> chunking and metadata tagging -> vector and keyword index -> retrieval policy with effective date -> answer composer -> citation renderer -> feedback and content gap queue。
• Requirements: answer must cite source, respect effective date and jurisdiction, show confidence and "cannot answer" path, support synonym search, flag conflicting articles, collect feedback。
• Eval design: curated question set by product; answer correctness, citation precision, retrieval recall, stale content rejection, conflict detection, latency, feedback resolution time。
• Risk/control design: content owner approval before ingestion; no customer PII needed; prompt injection filtering from documents; access control by employee role; retired content quarantine。
• ROI metrics: search success rate, average lookup time, QA defect reduction, training time, knowledge gap closure, article reuse。
• Adoption plan: start with internal product knowledge for one product line; build eval set before launch; expand by domain after content ownership model is stable。
• Interview talking point: "Product knowledge RAG 是低风险高复用的起点, 但成败取决于 content governance, metadata 和 eval, 不是向量库本身。"
• Portfolio artifact to create: RAG data readiness pack, eval matrix, architecture ADR, adoption dashboard。
• Template reuse: primary docs/abpa/templates/01-ai-opportunity-canvas.md; supporting 07-data-readiness-pack.md, 04-requirements-to-eval-matrix.md, 08-ai-architecture-adr-set.md, 10-adoption-dashboard.md。

Case 12: Regulatory Change Impact Analysis

• Business problem: 金融机构收到新监管规则, enforcement action, regulator letter 或 internal policy change 后, 需要快速判断受影响流程, 系统, 控制, 客户沟通和产品条款。
• Users/stakeholders: compliance advisory, legal, policy owner, product manager, enterprise architect, process owner, risk/control owner, technology owner, internal audit, executive sponsor。
• Baseline workflow: legal/compliance 解读规则 -> 分发给业务线 -> 手工搜政策和流程 -> 召开工作坊 -> 建 change backlog -> 更新 controls/procedures/systems -> evidence for audit。
• AI pattern: RAG + workflow automation + agentic research with strict controls + human-in-the-loop。AI 做 clause extraction, obligation mapping, impacted process/system suggestion, 不输出最终法律结论。
• Data sources: regulation text, regulatory guidance, internal policies, control inventory, process maps, product catalog, system catalog/CMDB, issue management, audit findings, customer disclosures。
• System architecture sketch in text: Regulatory intake -> clause/obligation extractor -> policy/process/system RAG -> BIAN capability mapper -> impact heatmap -> action backlog generator -> owner review workflow -> executive decision memo -> evidence repository。
• Requirements: obligation extraction, impacted capability/process/system/control mapping, confidence and citation, owner assignment, due-date tracking, gap analysis, executive summary, audit-ready evidence。
• Eval design: compare against past regulatory change projects; obligation recall, false impact rate, owner assignment accuracy, citation quality, backlog completeness, reviewer time saved。
• Risk/control design: legal review mandatory; no autonomous interpretation as final advice; source hierarchy rules; versioned obligation register; change approval board; ISO/IEC 42001 style continual improvement。
• ROI metrics: time from rule intake to impact assessment, number of missed impacted assets, workshop hours reduced, remediation backlog quality, audit evidence completeness。
• Adoption plan: pilot on internal policy change before external regulation; create mapping taxonomy; then expand to regulatory notices with legal/compliance sign-off。
• Interview talking point: "监管变更 AI 是 BA/架构师能力展示的强案例, 因为它要求把法律文本转换成 capability, process, system, control 和 change backlog。"
• Portfolio artifact to create: regulatory impact executive memo, capability impact heatmap, architecture ADR, control pack。
• Template reuse: primary docs/abpa/templates/06-executive-decision-memo.md; supporting 02-stakeholder-evidence-map.md, 05-ai-control-pack.md, 08-ai-architecture-adr-set.md, 09-operating-model-raci.md。

5. Cross-Case Architecture Patterns

Pattern A: Grounded RAG For Policy And Product Knowledge

• Best cases: Product Knowledge RAG, Customer Service Copilot, KYC Remediation, Wealth Advisory Guardrail。
• Architecture: approved content -> ingestion -> metadata and effective-date tagging -> hybrid retrieval -> answer with citation -> feedback queue -> content owner workflow。
• Controls: source allowlist, stale content block, citation required, no answer when source confidence is low, role-based retrieval。
• Eval: question set, expected source, expected answer, stale document trap, conflicting policy trap。

Pattern B: Case Investigation Copilot

• Best cases: AML, Fraud Ops, Merchant Risk, Payments Exception。
• Architecture: case queue -> entity context -> evidence retrieval -> timeline and graph -> hypothesis/checklist -> narrative draft -> human decision。
• Controls: no autonomous adverse action, evidence packet, reviewer approval, immutable audit log, action threshold。
• Eval: evidence recall, factuality, missed red flag, false rationale, analyst agreement, QA rework。

Pattern C: Regulated Decision Support

• Best cases: Lending Underwriting, Collections NBA, Wealth Advisory, Merchant Risk。
• Architecture: deterministic rule/calculation layer -> model-assisted explanation/recommendation -> policy guardrail -> human approval -> decision record。
• Controls: protected-class and proxy checks, reason-code consistency, human oversight, appeal/remediation process, monitoring by segment。
• Eval: decision support quality, fairness metrics, override rate, policy exception leakage, complaint and adverse-action quality。

Pattern D: Regulatory And Architecture Impact Mapping

• Best cases: Regulatory Change Impact Analysis, KYC remediation, Payments Exception。
• Architecture: external/internal change source -> obligation or rule extraction -> capability/process/system/control mapping -> owner workflow -> evidence repository。
• Controls: legal/compliance approval, source hierarchy, traceability matrix, change governance board。
• Eval: obligation recall, impacted asset precision, backlog completeness, reviewer acceptance, audit evidence quality。

6. Requirements-To-Eval Canonical Matrix

7. 90-Day Case Portfolio Building Roadmap

Phase 1: Foundation And Low-Risk Demonstration, Day 1-21

Phase 2: Operations Copilot Cases, Day 22-45

Phase 3: High-Risk Regulated Decision Support, Day 46-69

Phase 4: Architecture And Executive Storytelling, Day 70-90

8. Weekly Cadence

Use this cadence for each case. The same weekly loop makes the portfolio consistent and interview-ready.

9. Interview Storytelling Playbook

30-Second Structure

• Situation: "在金融零售场景中, 某流程的主要瓶颈是..."
• Task: "我的目标不是用 AI 替代判断, 而是把 evidence, policy, workflow 和 control 做成可审计的 decision support。"
• Action: "我会先画 AS-IS BPMN, 定义 AI fit 和 no-AI boundary, 再把需求转成 eval, 最后设计 human-in-the-loop 和 monitoring。"
• Result: "可度量结果包括处理时长, rework, defect, compliance finding, adoption, user trust。"

2-Minute Structure

• Business context: 行业, 用户, 监管敏感点, 当前 pain metrics。
• Workflow insight: 当前流程哪一步最耗时, 哪一步风险最高, 哪一步最适合 AI。
• AI architecture: RAG / classifier / rules+LLM / workflow automation / agent 的边界。
• Eval and controls: gold set, red-team, citation, fairness, privacy, human approval。
• ROI and adoption: pilot scope, success metric, training, feedback, scale gate。
• Strategic view: 这个案例如何证明 AI BA / AI PM / architect 的跨职能能力。

10. Portfolio Artifact Checklist

For each case, aim to create these artifacts. Lightweight is acceptable, but every artifact should be specific enough to show practical judgment.

• One-page case brief: problem, users, baseline, AI fit, success metrics。
• BPMN AS-IS / TO-BE workflow: include exception paths and human approvals。
• Data readiness pack: source of truth, quality issues, labels, privacy, access。
• Requirements-to-eval matrix: at least 10 requirements and 10 eval cases。
• AI control pack: risks, controls, monitoring, owner, review cadence。
• Architecture sketch: systems, model boundary, retrieval, action layer, audit。
• Business case: baseline, benefit model, cost model, risk-adjusted view。
• Adoption dashboard: activation, usage, trust, quality, business outcome。
• Interview proof pack: 30-second answer, 2-minute answer, artifact screenshots。

11. Flagship Case Recommendations

If only three cases can be polished deeply for interviews, choose:

1. Product Knowledge RAG: fastest low-risk MVP, easy to show eval and governance。
2. AML Investigation Copilot: strong compliance and human-in-the-loop story。
3. Regulatory Change Impact Analysis: strongest BA/architect storytelling, connects policy, process, capability, system and control。

If targeting AI PM roles:

• Lead with Customer Service Copilot, Product Knowledge RAG, Collections NBA。
• Emphasize adoption, agent workflow, UX, feedback loop, measurable business value。

If targeting AI BA roles:

• Lead with KYC Remediation, Payments Exception, Regulatory Change Impact。
• Emphasize process mapping, requirements, stakeholder conflict, controls, traceability。

If targeting AI architect roles:

• Lead with AML, Lending Underwriting, Merchant Risk, Regulatory Change Impact。
• Emphasize architecture boundary, data readiness, governance, observability, integration。

12. Reusable Case Scoring Rubric

Use this rubric before deciding whether to build a case artifact.

13. Next Asset Backlog

13. Standards Traceability Checklist

Use this checklist when turning any case into a formal portfolio artifact or interview story.

NIST AI RMF Mapping

• Govern: name accountable owner, risk owner, model owner, business process owner, compliance approver。
• Govern: define AI use policy, no-AI boundary, escalation authority, change approval cadence。
• Map: describe users, affected customers, business context, data sensitivity, third-party dependencies。
• Map: identify foreseeable misuse, automation bias, data leakage, discriminatory outcome, operational failure。
• Measure: build eval set before pilot, including normal cases, edge cases, adversarial prompts, stale source tests。
• Measure: track factuality, citation quality, safety violation, privacy leakage, latency, user trust。
• Manage: define launch gates, rollback criteria, incident response, monitoring dashboard, post-launch review。
• Manage: document residual risk and get explicit risk acceptance before scaling。

EU AI Act Lens

• Identify whether the use case touches creditworthiness, essential services, employment-like assessment, law enforcement, biometric or other high-risk categories。
• For potential high-risk use cases, prepare technical documentation, data governance evidence, logging, transparency, human oversight and accuracy monitoring。
• For customer-facing AI interaction, provide clear disclosure where required and avoid misleading users about AI involvement。
• Do not rely on this portfolio as legal advice; use it to structure questions for legal/compliance review。

OWASP LLM Top 10 Lens

• Prompt injection: test malicious content inside customer messages, web pages, documents, case notes and knowledge articles。
• Sensitive information disclosure: minimize prompt context, mask PII, scan output, enforce role-based retrieval。
• Supply chain: validate model provider, embedding model, vector database, plugins, document connectors and monitoring tools。
• Excessive agency: separate suggestion, pre-fill and execution; require human approval for regulated or financial actions。
• Insecure output handling: never pass raw model output directly into payment, account, case or policy systems without validation。

ISO/IEC 42001 Lens

• Define AI management objectives: value, risk, compliance, transparency, accountability, continual improvement。
• Maintain an AI system inventory with owner, purpose, users, model/provider, data sources, risk rating and controls。
• Keep evidence of competence and training for users, reviewers, product owners and support teams。
• Run periodic management review: incident trends, eval drift, policy changes, vendor changes, adoption blockers。

Architecture And Process Lens

• BIAN: map case to banking capability/service domains before proposing systems or APIs。
• TOGAF: separate business architecture, data/application architecture, technology architecture and governance。
• BPMN: include human task, service task, gateway, exception path, handoff and SLA boundary。
• Enterprise architecture: record every major AI design choice as an ADR, especially model boundary, RAG boundary, action boundary and audit boundary。

14. Case-Specific Artifact Bundle

Each case should produce a small but concrete evidence pack. The goal is to show thinking quality, not to fabricate production data.

Bundle 01: AML Investigation Copilot

• Artifact A: BPMN with alert intake, evidence gathering, QA and SAR escalation。
• Artifact B: eval table with 10 red-flag cases and 5 prompt-injection cases。
• Artifact C: control register covering citation, SAR decision boundary, audit log and supervisor approval。
• Artifact D: sample redacted case narrative with evidence citations。

Bundle 02: KYC Remediation

• Artifact A: opportunity canvas showing remediation backlog, deadline risk and customer friction。
• Artifact B: data readiness pack for customer master, document source and UBO data。
• Artifact C: outreach journey with customer-friendly language and escalation path。
• Artifact D: adoption dashboard with backlog burn-down and false accept monitoring。

Bundle 03: Lending Underwriting Assistant

• Artifact A: requirements-to-eval matrix for income extraction, policy checklist and reason-code support。
• Artifact B: fair lending and adverse-action control pack。
• Artifact C: architecture ADR separating deterministic calculations from LLM narrative。
• Artifact D: business case with underwriting cycle-time and rework assumptions。

Bundle 04: Fraud Operations Copilot

• Artifact A: fraud case console storyboard with evidence timeline and action recommendation。
• Artifact B: action-agency model: explain, recommend, pre-fill, approve, execute。
• Artifact C: eval matrix for missed fraud, false positive release and customer friction。
• Artifact D: adoption dashboard for analyst trust, override reasons and loss prevented。

Bundle 05: Customer Service Copilot

• Artifact A: top 20 service intents with approved knowledge sources and prohibited advice。
• Artifact B: RAG eval set for correctness, citation and escalation detection。
• Artifact C: agent desktop flow for answer, action, summary and feedback。
• Artifact D: adoption dashboard with AHT, FCR, QA defect and agent trust。

Bundle 06: Payments Exception Handling

• Artifact A: BPMN for repair, return, retry, reconciliation and customer communication。
• Artifact B: exception taxonomy with root cause, owner, SLA and action path。
• Artifact C: architecture ADR for rail rule retrieval and payment action approval。
• Artifact D: ROI model for aged breaks, SLA breaches and manual touch reduction。

Bundle 07: Wealth Advisory Compliance Guardrail

• Artifact A: guardrail taxonomy for promissory language, suitability, disclosure and unapproved content。
• Artifact B: before/after advisor message with compliance citations。
• Artifact C: control pack for supervision, archive, override and policy update。
• Artifact D: RACI showing advisor, supervisor, compliance, legal and product roles。

Bundle 08: Collections Next-Best-Action

• Artifact A: customer journey for early delinquency, hardship and recovery escalation。
• Artifact B: contact-rule guardrail matrix with channel, timing, wording and vulnerability controls。
• Artifact C: eval design for cure rate, complaint, fairness and vulnerable customer detection。
• Artifact D: adoption dashboard with agent override, PTP conversion and complaint trend。

Bundle 09: Merchant Risk Monitoring

• Artifact A: merchant risk feature inventory for volume, refund, chargeback, content and graph signals。
• Artifact B: anomaly monitoring architecture with evidence packet and analyst queue。
• Artifact C: control pack for reserve, limit, termination and merchant appeal。
• Artifact D: business case for loss avoided, network fine reduction and review coverage。

Bundle 10: Branch / Relationship Manager Copilot

• Artifact A: stakeholder evidence map from RM, branch, customer, compliance and CRM owner。
• Artifact B: meeting brief prototype with consent-aware customer 360 and unresolved service issues。
• Artifact C: requirements-to-eval matrix for sales language, note quality and follow-up tasks。
• Artifact D: adoption dashboard with prep time, note completion and customer retention signals。

Bundle 11: Product Knowledge RAG

• Artifact A: source inventory with effective date, owner, jurisdiction, product and retired-version status。
• Artifact B: eval set with known answer, expected citation, stale article trap and conflict trap。
• Artifact C: architecture ADR for hybrid retrieval, metadata filter, answer refusal and feedback queue。
• Artifact D: adoption dashboard with search success, article gaps and QA defect reduction。

Bundle 12: Regulatory Change Impact Analysis

• Artifact A: executive memo summarizing obligation, affected capability and decision requested。
• Artifact B: impact heatmap across policy, process, system, control, customer communication and training。
• Artifact C: operating model RACI for legal, compliance, product, architecture, tech and audit。
• Artifact D: control pack for source hierarchy, legal approval, obligation register and evidence repository。

15. Next Asset Backlog

• Create a generic financial-retail-ai-case-brief outline using the fields in this document。
• Build one sample requirements-to-eval matrix for Product Knowledge RAG。
• Build one sample AI control pack for AML Investigation Copilot。
• Build one sample executive decision memo for Regulatory Change Impact Analysis。
• Create a 5-slide portfolio deck: context, case matrix, flagship case, controls/eval, 90-day roadmap。
• Convert three cases into STAR interview answers。