AI 底层逻辑 / 经典论文
AI Closed-Loop Learning:纠正行动架构
一句话:
197 行ai-foundations/papers/110-ai-closed-loop-learning-corrective-action-architecture.md
AI Closed-Loop Learning / Corrective Action Architecture 解读
面向对象: AI PM / AI BA / AI Architect / Model Risk Partner / Customer Operations Lead / 金融零售 AI 治理负责人。 核心问题: 生产反馈、人工覆盖、投诉、专家审核、eval 失败、漂移信号、事件和审计发现如果只进入 dashboard 或 backlog, AI 系统不会真正变好。 学习目标: 区分 active learning 与 CAPA-like corrective action loop, 掌握 issue taxonomy、root cause、change linkage、更新治理和 effectiveness verification。
Source Anchors
| Source | Link | 用途 |
|---|---|---|
| NIST AI Risk Management Framework | https://www.nist.gov/itl/ai-risk-management-framework | 用 Govern / Map / Measure / Manage 组织风险、测量、处置、责任和持续改进证据 |
| ISO/IEC 42001 AI management system | https://www.iso.org/standard/42001 | 把 AI 改进闭环放进管理体系、目标、控制、记录、内审和持续改进 |
| Federal Reserve SR 26-2 | https://www.federalreserve.gov/supervisionreg/srletters/SR2602.htm | 2026 年模型风险管理锚点。Nuance: SR 26-2 替代 SR 11-7 / SR 21-8, 采用更风险导向和机构规模分层的模型风险框架; 但正式 scope 聚焦 banking organization 的 model risk management, 生成式 / agentic AI 仍需结合更广 AI governance、消费者合规、隐私、安全、第三方和业务控制。 |
| CFPB Consumer Complaint Database | https://www.consumerfinance.gov/data-research/consumer-complaints/ | 把投诉主题、客户叙述、公司响应和趋势作为外部 customer harm / corrective action 信号 |
| 一句话: |
Closed-loop learning 是把 AI 失败和弱信号从“可观察”推进到“已纠正、已验证、可审计、可防复发”。
1. Thesis
Active learning 问的是:
Which samples should humans label next to improve the model?
Closed-loop corrective action 问的是:
Which production issue harmed quality, customers, controls or risk assumptions?
What was the root cause?
Which data, model, prompt, RAG, tool, workflow or policy changed?
What evidence proves the fix worked and did not create new risk?
两者可以连接, 但不能混同。Active learning 是学习样本选择机制; corrective action architecture 是治理过的生产改进机制。它覆盖:
| 层 | 可能修复对象 |
|---|---|
| Data | 标签定义、样本覆盖、数据质量、lineage、privacy filter |
| Model | 重训、重校准、阈值、segment policy、fallback |
| Prompt | system instruction、rubric、refusal、handoff、format contract |
| RAG | source authority、freshness、chunking、retriever、citation gate |
| Tool / agent | permission、tool schema、approval gate、state machine |
| Workflow / policy | human review、case SLA、reason code、risk appetite |
| Control | monitoring threshold、release gate、audit evidence、owner cadence |
2. Why It Matters
金融零售 AI 的生产失败往往不是单一模型错误:
- 客服 RAG 引用旧费用政策, 客户错过申诉窗口。
- 欺诈模型误拦截上升, 员工大量 override, 但没有结构化原因。
- 信贷解释生成器使用不完整 reason code, 客户投诉“原因不对”。
- 审计发现模型更新后没有证明旧缺陷已被关闭。
- 漂移 dashboard 报警, 但没有 owner、SLA、修复证据和复发监控。 高成熟度组织会把这些信号汇聚成 corrective action ledger:
signal -> issue classification -> severity and customer impact
-> root cause analysis -> corrective and preventive action
-> linked change artifacts -> release gate
-> effectiveness verification -> recurrence monitoring -> closure evidence
3. Core Concepts
3.1 Feedback Is Not Automatically Truth
| Feedback | 价值 | 不能直接做什么 |
|---|---|---|
| Human override | 暴露模型、政策或 UI 信任问题 | 不等于 ground truth |
| Customer complaint | 暴露可感知伤害和旅程断点 | 不等于最终责任认定 |
| Expert review | 可形成标签、eval 或 policy interpretation | 需要 calibration 和证据 |
| Eval failure | 暴露 release gate 缺口 | 不等于只改 prompt |
| Drift signal | 暴露上线假设变化 | 不等于自动重训 |
| Audit finding | 暴露控制缺口 | 需要 root cause 和整改验证 |
3.2 CAPA-like Loop
| Step | 高级问题 |
|---|---|
| Detect | 信号是否覆盖投诉、override、eval、drift、incident 和 audit |
| Classify | 这是模型、数据、RAG、prompt、tool、流程、政策还是治理问题 |
| Contain | 是否需要暂停自动化、提高人工复核或客户补救 |
| Root cause | 是直接缺陷、控制缺口、owner 缺失还是风险假设错误 |
| Change | 哪个 artifact 被修改, 版本和审批是什么 |
| Verify | 用什么 eval、回放、shadow、QA 或生产 KRI 证明有效 |
| Close | 谁接受残余风险, 复发监控窗口多久 |
3.3 Change Linkage
issue_id -> root_cause_id -> corrective_action_id -> change_request_id
-> dataset_version / prompt_version / model_version / retriever_version / tool_policy_version
-> eval_run_id -> approval_record -> post_fix_monitoring_window
没有 change linkage 的“已修复”通常只是口头关闭。
4. Architecture Diagram
Feedback and risk signals
complaints | appeals | overrides | expert QA | eval failures | drift alerts | incidents | audit findings
|
v
Signal normalization and AI contribution matching
system id | model/prompt/RAG/tool version | journey step | customer impact | segment
|
v
Issue taxonomy and severity engine
model | data | policy | prompt | retrieval | tool | workflow | governance | vendor
|
v
CAPA ledger
containment | RCA | corrective action | preventive action | owner | SLA | evidence status
|
v
Change linkage layer
dataset registry | eval registry | prompt repo | model registry | vector index | tool policy | SOP
|
v
Release and approval gate
risk review | model validation | compliance | operations readiness | rollback plan
|
v
Effectiveness verification and closure
regression eval | replay | segment metrics | complaint trend | override rate | recurrence
5. Financial Retail Case
Case: Credit card servicing RAG gives stale fee-waiver guidance
Signals: complaint says chatbot gave wrong fee waiver condition; internal “fee explanation wrong” complaints rise; agent override rate increases; RAG eval shows policy effective-date failures; drift monitor finds a new annual-fee cluster after campaign launch.
| Root cause layer | Finding |
|---|---|
| Retrieval | Old policy summary ranked above current policy |
| Prompt | Citation required, but effective-date priority missing |
| Knowledge governance | Superseded source was not inactive |
| Monitoring | Unsupported claim KRI had no complaint linkage threshold |
| Workflow | Conflicting citation answers did not force handoff |
| Corrective actions: |
- Deactivate superseded source and rebuild vector index.
- Add effective-date filter and source authority ranking.
- Update prompt to require current policy citation for fee claims.
- Add eval cases for fee waiver, annual fee, refund and dispute intents.
- Route conflicting citation answers to human review. Effectiveness evidence:
- Unsupported fee-policy claim rate drops from 14% to 3% on locked eval set.
- Human QA confirms 50 sampled production answers cite current policy.
- Fee explanation complaints return to baseline for two consecutive weeks.
- Agent override rate for fee answers drops below pre-incident average.
- No repeat H2+ harm cases in 30-day post-fix window.
6. PM / BA / Architect Checklist
| Area | Questions |
|---|---|
| Intake | Does every feedback source capture AI system, version, journey, segment and customer impact |
| Taxonomy | Can the team distinguish data, model, prompt, retrieval, tool, workflow, policy and governance issues |
| RCA | Is root cause deeper than “model hallucinated” or “user asked unusual question” |
| Containment | Can Product or Risk pause the harmful path before the permanent fix ships |
| Change linkage | Is each issue linked to exact dataset, prompt, model, RAG, tool, policy or SOP version |
| Verification | Is fix effectiveness tested on locked evals, replay, segment metrics and production KRIs |
| Governance | Do Model Risk, Compliance, Operations and Business Owner have clear challenge and approval roles |
| Evidence | Can an auditor reconstruct signal, decision, change, approval, rollout, monitoring and closure |
7. Code-lite Experiment
Goal: show that closed-loop learning needs traceability, not just a better model score.
issues = [
{"id": "I-101", "signal": "complaint", "theme": "wrong_fee_policy", "severity": "H2"},
{"id": "I-102", "signal": "agent_override", "theme": "wrong_fee_policy", "severity": "H1"},
]
changes = [
{"id": "CR-77", "artifact": "retriever_config", "version": "v5.3", "root_cause": "superseded_source_ranked_first"},
{"id": "CR-78", "artifact": "rag_eval_set", "version": "fee_policy_gold_v2", "root_cause": "missing_effective_date_filter"},
]
verification = [
{"change": "CR-77", "metric": "unsupported_claim_rate", "before": 0.14, "after": 0.03, "pass": True},
{"change": "CR-78", "metric": "fee_policy_eval_pass_rate", "before": 0.82, "after": 0.97, "pass": True},
]
closed = all(v["pass"] for v in verification)
讨论: 如果 issues 没有 link 到 changes, 就无法证明问题被修; 如果只有 eval 变好, 但投诉和 override 没下降, 不能关闭 CAPA; 如果 change 只改 retriever, 但 root cause 包含 governance, 还需要 source owner SOP。
8. Interview Questions
Q1: Closed-loop learning 和 active learning 的区别?
30 秒回答: Active learning 关注选择哪些样本让专家标注来提升模型。Closed-loop learning 关注生产问题如何被分类、找根因、链接到具体变更并验证有效。它更像 AI 版 CAPA, 覆盖数据、模型、prompt、RAG、tool、流程、政策和控制。
Q2: 如何证明一个 AI 修复真的有效?
30 秒回答: 我会要求四类证据: locked regression eval 通过, 生产 replay 或 shadow 结果改善, 相关投诉 / override / QA defect / drift KRI 回到阈值内, 且在定义好的 post-fix monitoring window 没有复发。只说“prompt 已更新”不够。
Q3: SR 26-2 对闭环学习有什么启发?
30 秒回答: SR 26-2 是 2026 年银行模型风险管理的重要锚点, 强调风险导向、生命周期治理、独立挑战和问题整改。Nuance 是它的正式 scope 是模型风险管理, 生成式和 agentic AI 的闭环学习还要叠加 AI 管理体系、消费者保护、隐私、安全、第三方和运营控制。
9. Pitfalls
| Pitfall | 表现 | 修正 |
|---|---|---|
| Feedback swamp | 投诉、override、QA 都进表, 没有 taxonomy 和 owner | 建 CAPA ledger 和 severity routing |
| Prompt-only fix | 所有 RAG 问题都改 prompt | 同时检查 source、retrieval、policy、handoff 和 eval |
| No effectiveness test | 变更完成即关闭 issue | 增加 before / after、locked eval、生产 KRI 和复发窗口 |
| Eval leakage | 把失败样本反复调到通过 | 使用 locked eval、near-duplicate control 和新样本验证 |
| Root cause too shallow | “模型不准确”成为 RCA | 追到数据、政策、workflow、control 或 owner 缺口 |
| Customer harm ignored | 只看模型指标, 不看投诉和补救 | 把 complaint / appeal / recourse 指标纳入 closure gate |
| Audit gap | 无法证明谁改了什么、为什么改、谁批准 | 维护 issue-to-change-to-evidence traceability |
10. Portfolio Task
做一个 “AI Corrective Action Control Pack”:
| Artifact | 内容 |
|---|---|
| Feedback taxonomy | complaints、appeals、overrides、eval failures、drift、audit findings 的分类 |
| CAPA workflow | detect、classify、contain、RCA、change、verify、close |
| Root cause taxonomy | data、model、prompt、retrieval、tool、workflow、policy、governance、vendor |
| Change linkage map | issue 到 dataset / prompt / model / RAG / tool / SOP 的 traceability |
| Effectiveness dashboard | before / after、locked eval、production KRI、recurrence window |
| Executive memo | 哪些高风险 issue 已关闭, 哪些 residual risk 被接受 |
| 最终要能讲清楚: 真正的闭环不是“模型持续学习”, 而是组织持续证明 AI 系统从失败中学到、修到、验证到、并防止复发。 |