AI 底层逻辑 / 经典论文

AI Customer Vulnerability：可访问与包容性架构

512 行ai-foundations/papers/130-ai-customer-vulnerability-accessibility-inclusive-ai-architecture.md

AI Customer Vulnerability / Accessibility / Inclusive AI Architecture 解读

面向对象: Advanced AI PM / Senior BA / Product Architect / Customer Experience Architect / Enterprise Architect / Model Risk / Conduct Risk / Complaint Operations / Accessibility Lead / Frontline Transformation Lead。核心问题: 金融零售 AI 系统如何识别、支持并安全升级 vulnerable-customer situations, 同时保护客户尊严、公平、隐私、可访问性和自主权? 学习目标: 建立 vulnerable situation taxonomy、inclusive AI interaction architecture、WCAG/accessibility control plane、dignified intervention pattern、agent-assist guardrails、human handoff、complaints linkage、QA/eval/model risk evidence 和 senior PM/architect decision framework。

0. Disclaimer

重要说明: 本文是学习、架构训练和作品集材料, 不构成法律意见、监管意见、合规结论、ADA/WCAG 合规认证、消费者保护意见、医疗判断、心理健康判断、能力评估、信贷/保险/投资建议或客户通知建议。正式项目必须由 Legal、Compliance、Accessibility、Customer Experience、Conduct Risk、Privacy、Model Risk、Operational Risk、Frontline Operations、Complaint Operations、Fraud/Scam Risk、Product Owner、Data Governance、Information Security 和必要的外部顾问共同判断。适用性取决于 jurisdiction、产品类型、客户群体、渠道、AI use case、数据来源、模型能力、人工介入方式、投诉/补救政策和机构内部风险偏好。

Source Anchors

Source	Link	用途
WCAG 2.2	https://www.w3.org/TR/WCAG22/	用 Perceivable / Operable / Understandable / Robust 及 success criteria 建立数字渠道和 AI interface 的 accessibility baseline
DOJ ADA web guidance	https://www.ada.gov/resources/web-guidance/	用 ADA web accessibility guidance 训练 web/mobile/AI self-service 渠道的可访问性治理语言
CFPB compliance circulars landing page	https://www.consumerfinance.gov/compliance/circulars/	用 consumer financial protection、unfair/deceptive/abusive conduct、servicing、complaints 和市场行为风险的监管语言组织 conduct-risk thinking；具体 circular 适用性须由合规/法律判断
FTC advertising and marketing guidance	https://www.ftc.gov/business-guidance/advertising-marketing	用 truthful marketing、substantiation、dark patterns、endorsement/claim control 的思想约束 AI-generated advice、sales script、hardship offer 和 vulnerability-sensitive messaging
NIST AI RMF	https://www.nist.gov/itl/ai-risk-management-framework	用 Govern / Map / Measure / Manage 组织 vulnerable-customer AI risk、harm taxonomy、control effectiveness、monitoring 和 continuous improvement
ISO/IEC 42001 overview	https://www.iso.org/standard/42001	用 AI management system、policy、roles、operation、performance evaluation、audit 和 improvement 建立 inclusive AI operating model

一句话:

Inclusive AI architecture is not an empathy feature. It is a regulated customer-outcome control system that detects vulnerability signals carefully, offers dignified support, preserves customer autonomy, and escalates risk with evidence.

1. Thesis

金融零售 AI 面对 vulnerable-customer situations 时, 最大风险不是“没识别出来”这么简单。更常见的系统性风险是:

过度推断: 把客户短暂停顿、年龄、设备、语言、语速或交易模式当成 disability、capacity 或 mental health 结论。
过度干预: 因为模型认为客户“脆弱”, 就阻断交易、限制服务、改变报价、隐藏选项或降低客户自主权。
低质量帮助: 用同一套 chatbot flow 处理丧亲、诈骗、还款困难、无障碍障碍和投诉升级。
证据缺口: 无法证明 AI 看到什么信号、给了什么建议、员工如何使用、客户最终看到什么、投诉如何闭环。
尊严损害: 客户被贴标签、被迫重复解释、被公开暴露个人困难, 或被引导到 paternalistic journey。

高级 PM / Architect 的目标不是让 AI “判断客户是不是 vulnerable”。更成熟的问题是:

What situation signals indicate elevated support or harm risk,
what is the least intrusive helpful response,
what choices remain with the customer,
what must be escalated to humans,
what data is necessary,
and what evidence proves the institution treated the customer fairly?

因此, inclusive AI architecture 的核心是 situation-aware support, not person-labeling。

2. Why It Matters

金融零售客户脆弱性经常发生在高压力、高后果、高不确定性的时刻:

客户发现账户疑似被诈骗, 需要快速冻结、申诉、转账拦截和解释。
客户失业或现金流断裂, 需要 hardship options, 但不能被诱导选择更差方案。
客户丧亲后处理账户、贷款、保险、受益人、债务和身份文件。
老年客户面对大额转账、远程控制软件、陌生人指导、亲属胁迫或认知负荷。
残障客户使用屏幕阅读器、语音输入、字幕、辅助开关或替代渠道时遇到 AI widget barrier。
英语非母语客户收到复杂费用、拒绝、欺诈、信用或投诉说明。
客户在投诉中表达 distress、self-harm language、domestic abuse、scam pressure 或 inability to understand。

这些情境会把 AI 产品风险从 normal UX risk 放大为 conduct risk:

Risk	典型表现	架构含义
Autonomy harm	AI 以“保护”为名替客户做选择	需要 consent、choice architecture、appeal 和 human review
Accessibility harm	AI interface 无法被 assistive technology 使用	WCAG baseline 必须进入 release gate 和 QA
Comprehension harm	AI 解释过长、复杂、含糊或前后矛盾	Plain-language、reading level、chunking 和 confirmation checks
Financial harm	客户因错误建议、延迟升级或误解选项产生费用、损失或拒付	remediation、complaints linkage、audit trail
Privacy harm	为识别脆弱性收集过多健康、家庭、年龄、行为或语音数据	data minimization、purpose limitation、retention control
Fairness harm	某些群体被更多 friction、更多拒绝、更多人工审查	bias testing、outcome monitoring、threshold governance
Dignity harm	客户被贴标签、重复陈述创伤或被暴露给不必要员工	role-based access、sensitive note control、language policy

AI 在这里不是普通 automation。它会生成话术、排序选项、提示员工、总结客户状态、决定是否升级、建议风险动作, 甚至触发 account hold 或 complaint route。每个动作都可能影响客户权利、情绪、经济状态和机构可辩护性。

3. Vulnerability Is a Context Signal, Not a Customer Label

高级架构的第一条原则: 不把“vulnerable customer”设计成永久客户标签。更好的模型是 vulnerable situation / support need / elevated harm risk。

Situation domain	Signal examples	Support intent	Architecture guardrail
Accessibility / disability accommodation	客户选择大字体、屏幕阅读器模式、字幕、relay call、纸质替代格式、辅助人沟通	提供等效访问和替代格式	以客户偏好和 accommodation request 为主, 不推断 disability diagnosis
Cognitive load / comprehension	多次要求解释、放弃流程、长时间停留、重复错误、明确说“看不懂”	降低复杂度, 提供 plain-language 和分步确认	不降低服务等级, 不隐藏产品选项
Financial hardship	missed payment、overdraft、income shock、explicit hardship statement、collections distress	提供 hardship pathway、fee review、payment options	不用 hardship signal 做不利营销或惩罚性定价
Scam / coercion / fraud pressure	大额异常转账、远程指导、客户紧张、拒绝解释、known scam script、third-party pressure	pause, warn, verify, escalate to fraud/scam specialist	防止 paternalism: 记录 reason, 提供复核和客户解释
Bereavement / life event	death notification、estate documents、funeral expense、beneficiary claim	compassionate service, document simplification, channel continuity	减少重复叙述, 控制敏感信息访问
Elder risk / diminished capacity concern	unusual transaction pattern、trusted contact concern、self-disclosed confusion、branch observation	additional verification, trusted contact protocol where authorized	不以年龄本身作为不利决策理由
Language / literacy barrier	preferred language、translation request、misunderstanding fee/term/adverse action explanation	multilingual/plain-language support	翻译质量、解释一致性和 final-channel capture
Complaint / distress escalation	complaint keywords、threatened regulator contact、distress language、service breakdown	complaint capture, priority routing, remediation review	不把投诉视为“麻烦客户”或降低服务

设计 vocabulary 很重要。系统字段应倾向:

support_need_type
vulnerability_context
elevated_harm_risk
requested_accommodation
customer_preference
handoff_reason
agent_assist_recommendation

避免把客户写成:

is_vulnerable = true
mentally_unfit
elderly_risky
low_capability
problem_customer

这些字段会形成长期污名、模型偏差、访问权限风险和不当决策风险。

4. Architecture Model

参考架构:

customer interaction
  -> accessibility and preference layer
  -> consent / purpose / data minimization gate
  -> situation signal detection
  -> risk tiering and confidence governance
  -> inclusive UX adaptation
  -> agent-assist recommendation
  -> human handoff / specialist escalation
  -> complaint / remediation / fraud / hardship linkage
  -> evidence ledger and QA sampling
  -> model risk, conduct risk and accessibility governance

核心组件:

Component	Responsibility	Senior design question
Accessibility baseline	确保 AI UI、chat、voice、forms、notifications、document upload 满足可访问性设计和测试要求	是否把 WCAG/accessibility 作为 release gate, 而不是最后的 visual QA?
Preference and accommodation service	保存客户明确选择的 channel、language、format、contact、assistive preference	是否区分 customer-stated preference 和 inferred signal?
Signal detection layer	从 customer statement、journey behavior、transaction context、complaint text、frontline observation 中识别 support need	哪些信号可以用, 哪些需要 consent, 哪些禁止用于自动不利决策?
Risk tiering engine	把 situation 分成 informational / support / high-harm / urgent escalation	阈值如何验证 false positive and false negative harm?
Inclusive interaction orchestrator	调整内容长度、plain-language、step-by-step、channel switch、human option	是否保留客户选择, 避免把帮助变成强制路径?
Agent-assist guardrail	给员工提示风险、脚本、下一步和禁止动作	模型是否只 assist, 不替代员工判断?
Specialist handoff	连接 hardship、bereavement、fraud/scam、accessibility、complaints、vulnerable customer support teams	handoff packet 是否避免客户重复讲述?
Evidence ledger	捕获 signal、prompt、model、source、recommendation、human decision、final message、complaint outcome	事后能否重放“为什么这么处理客户”?
Governance and QA	accessibility audit、conduct QA、model validation、complaint RCA、control monitoring	控制是否覆盖 customer outcome, 不只覆盖 model accuracy?

这套架构的关键不是一个 “vulnerability model”。关键是把信号、客户选择、风险升级、无障碍、人工判断和投诉补救放进同一条 evidence chain。

5. Signal and Data Architecture

Vulnerability-related signals 分为五类, 风险等级不同:

Signal class	Examples	Use pattern	Risk
Explicit customer statement	“我失业了”, “我看不懂”, “我丈夫刚去世”, “有人让我转钱”	最强 support trigger, 仍需确认客户目标	过度记录敏感细节
Customer-selected preference	large print、screen reader compatible document、language、call-back、branch appointment	可用于个性化和 accessibility continuity	把 preference 误用为能力标签
Interaction friction	abandonments、repeated errors、long dwell time、failed authentication、chat confusion	用作 soft support offer	误判设备问题或普通犹豫
Account/event context	missed payments、overdraft、unusual transfer、chargeback、death notification、complaint	用于 routing and support offer	与 protected/fairness 风险交织
Frontline observation	branch/call-center employee notes, scam script recognition, coercion concern	specialist review trigger	主观偏差、记录语言不当

Data minimization 设计:

只收集完成 support purpose 所需的最少字段。
将 sensitive context 与 general CRM note 分离, 用 role-based access 和 retention policy 控制。
明确哪些字段可用于实时服务、哪些可用于 QA、哪些可用于 model training、哪些只能用于投诉/合规证据。
对 self-disclosed health、bereavement、domestic abuse、scam/coercion、disability accommodation 采用 purpose-bound usage。
设计客户可见的 preference management: 客户可以查看、修改、撤回某些偏好或授权。
不把 vulnerability signal 用于 cross-sell targeting、price discrimination、product suppression 或 covert friction。

Signal confidence 不能只看 model score。它必须包括:

signal source
customer confirmation status
business consequence
potential harm if wrong
potential harm if ignored
human review requirement
data sensitivity
retention and access rule

6. Inclusive UX / Accessibility Architecture

WCAG 2.2 和 DOJ ADA web guidance 的架构价值, 不只是“让页面可读”。在 AI 系统中, accessibility 必须覆盖 dynamic content、chat state、voice flow、document upload、error recovery、authentication、decision explanation 和 channel switching。

UX layer	Architecture requirement	Evidence
Perceivable	AI-generated content、warnings、errors、loading state、recommendations 可被 screen reader、caption、contrast、zoom、alternate text 支持	accessibility test report, screen reader transcript, design token evidence
Operable	chatbot、forms、modals、handoff、file upload、session timeout 支持 keyboard、focus order、pause/stop、no trap	automated and manual QA, keyboard path recording
Understandable	Plain-language、stable navigation、clear labels、consistent terms、error prevention、review before submission	content standard, readability review, comprehension test
Robust	与 assistive technology、browser、mobile OS、voice/relay service 兼容	compatibility matrix, regression suite

AI-specific accessibility risks:

Streaming answer 对 screen reader 造成重复朗读或焦点混乱。
Chatbot modal 阻挡页面但不支持 keyboard escape。
AI “typing...” 状态没有 aria-live 语义或过度触发。
语音机器人不支持 pause、repeat、slower speech、representative handoff。
上传死亡证明、授权书、医疗或 hardship 文件时错误信息模糊。
Session timeout 在客户填写复杂 hardship/bereavement form 时导致重填。
AI 把客户问题改写成内部摘要时丢失 accommodation request。

Plain-language 不是把内容变短。高级 content architecture 要支持:

One decision per screen。
Amount、date、fee、risk、deadline 显性化。
分层说明: short answer + details + official document link。
关键选择前的 recap。
No shame language: 不把客户描述为 delinquent、confused、non-compliant。
Multilingual consistency: 翻译不能改变金融含义、权利、期限或风险。
Confirmation without interrogation: 验证理解, 不让客户像考试一样被测试。

7. Dignified Intervention Patterns

Vulnerability-sensitive AI 的核心不是“更温柔的话术”, 而是把干预强度和客户自主权做成可治理的 design pattern。

Pattern	When to use	Good design	Bad design
Soft support offer	低置信度 friction 或客户表达困惑	“我可以把选项分成几步, 或帮你转给专员。”	“你似乎无法理解这个流程。”
Plain-language toggle	复杂费用、拒绝、hardship、fraud、投诉说明	客户可切换 simple / detailed, 两版含义一致	简化版隐藏重要限制
Channel switch	客户请求电话、branch、relay、large print、paper、secure message	保留上下文, 不让客户重填	强制客户回到 chatbot 起点
Safe pause	Scam/coercion 高风险, 大额不可逆动作	暂停并解释原因, 提供复核和专员	无解释地冻结或羞辱客户
Specialist handoff	bereavement、hardship、scam、accessibility complaint、复杂争议	handoff packet 减少重复陈述	客户在多个部门重复讲述创伤
Customer-controlled disclosure	客户愿意记录 preference/accommodation	明确用途、访问、保留、修改方式	把 disclosure 扩散到所有 CRM notes
Appeal / reconsideration path	AI 或员工建议导致 friction、hold、拒绝或限制	提供人工复核和投诉入口	“系统判断无法继续”

设计判断:

Intervention strength should increase with harm risk,
not with model curiosity.

8. Human Handoff and Escalation

Human handoff 不是 chatbot 失败兜底, 而是 regulated customer protection control。

Tier	Trigger	AI action	Human action	Evidence
Tier 0: Accessibility preference	客户选择格式、语言、字体、字幕、assistive path	应用 preference, 确认是否保存	普通服务团队可处理	preference event, consent status
Tier 1: Support need	客户困惑、流程摩擦、plain-language 请求	提供简化解释、分步选项、channel switch	员工可继续服务	AI output, final message, customer choice
Tier 2: Vulnerability context	hardship、bereavement、complaint distress、language barrier	推荐专员路径, 限制 sales pressure	trained specialist review	handoff packet, note classification
Tier 3: High harm risk	scam/coercion、elder risk concern、self-disclosed inability、重大 financial loss risk	safe pause, fraud/scam/hardship/complaint escalation	specialist decision, supervisor oversight	reason code, review decision, customer explanation
Tier 4: Urgent safety / legal-sensitive	threat of self-harm、abuse/coercion immediate risk、regulator/litigation complaint	显示 approved emergency/escalation script, stop automation	crisis/legal/compliance path per policy	escalation log, communication version

handoff packet 最少应包含:

customer-stated issue, not model diagnosis。
requested accommodation or preference。
current product/process step。
key deadlines、fees、transactions、case IDs。
AI summary with confidence and uncertainty。
exact customer-visible messages already sent。
recommended next action and prohibited actions。
complaint/fraud/hardship/bereavement/accessibility linkage。

9. Agent-Assist Guardrails

Agent-assist 是 vulnerable-customer architecture 的高杠杆点, 因为员工可能把 AI 建议当成权威。设计上要把模型限制在 assistive role。

Guardrail	Requirement
No diagnosis	不生成 medical、mental capacity、disability diagnosis 或 character judgment
No unsupported eligibility promise	不承诺 hardship approval、fee waiver、refund、fraud recovery、credit outcome
No coercive script	不用恐吓、羞辱、紧迫营销或暗黑模式促使客户选择
No hidden cross-sell	vulnerability context 不能触发机会销售或高压 retention
Reasoned handoff	每个 escalation recommendation 必须有 signal、policy basis、uncertainty
Final-channel capture	客户最终听到/看到的内容必须保存, 不只保存 AI draft
Human accountability	员工确认、修改或拒绝 AI 建议必须留下 reason code
Sensitive note hygiene	AI 摘要不得扩散不必要的健康、家庭、丧亲、诈骗细节

Agent prompt 应要求:

Summarize only customer-stated facts and observable workflow facts.
Do not label the customer.
Offer least-intrusive support options.
State uncertainty.
Escalate when policy requires.
Preserve customer choice and complaint rights.

10. Financial Retail Scenarios

Scenario	AI risk	Inclusive architecture response
Collections hardship chatbot	AI 追求收款率, 忽略客户失业、医疗费用、照护负担	hardship signal, plain-language options, no shame language, specialist handoff, complaint/remediation linkage
Scam transfer warning	AI 发现大额异常转账和 known scam pattern	safe pause, explainable warning, fraud specialist, customer autonomy with documented override policy
Bereavement servicing	AI 要求客户重复上传死亡证明并多次解释关系	bereavement journey, document reuse, sensitive note control, channel continuity
Elder-risk branch assist	员工输入“老人很糊涂”, AI 建议冻结账户	controlled vocabulary, evidence-based concern, supervisor review, no age-only decision
Credit adverse action explanation	AI 用复杂语言解释拒绝原因, 客户无法理解	plain-language explanation aligned with official reason, human review, final-channel capture
Accessibility complaint	客户用屏幕阅读器无法完成 fraud dispute	accessibility incident route, alternative channel, remediation, product defect backlog
Insurance claim support	AI 总结事故材料时暗示客户夸大损失	truthful claim guidance, no coaching to misrepresent, compliance review
Wealth suitability call	AI 建议员工对 grieving customer 推销复杂产品	vulnerability-aware sales suppression, suitability review, conduct QA

11. Operating Model

Function	Accountability
AI Product Owner	定义 use case boundary、customer outcome、support journey、release gate
Customer Experience / Service Design	设计 plain-language、channel switch、handoff、dignified intervention
Accessibility Lead	WCAG/accessibility standard、manual testing、assistive technology validation
Conduct Risk / Compliance	unfair/deceptive/abusive risk、complaints、sales pressure、customer treatment controls
Privacy / Data Governance	data minimization、purpose limitation、sensitive data access、retention
Model Risk	model tiering、validation、bias/performance monitoring、change control
Fraud / Scam Risk	scam signal、safe pause、transaction intervention、specialist escalation
Frontline Operations	agent training、QA、capacity、handoff SLAs
Complaint Operations	complaint capture、root cause、remediation、regulator response evidence
Internal Audit / Assurance	independent review of control design and evidence completeness

Operating cadence:

Weekly: high-risk vulnerable interaction QA sample review。
Monthly: accessibility defects、complaint themes、handoff quality、false escalation analysis。
Quarterly: model risk and conduct risk review of thresholds, outcomes, demographic/accessibility fairness where permitted。
Semiannual: tabletop exercises for scam, bereavement, hardship, accessibility failure and complaint escalation。
Annual: AI management system review aligned to policy, training, evidence and improvement。

12. Product / Architecture Decisions

Decision	Weak answer	Strong architecture answer
Infer vulnerability or ask?	“模型自动识别脆弱客户”	优先使用 customer-stated preference and situation signals; inference 只用于 soft support 或 escalation review
What data to store?	“所有信号进 CRM”	Separate preference, support need, sensitive context and evidence; apply role and retention rules
When to block action?	“高分就阻断”	Block/pause only when harm is high, policy supports it, explanation and review path exist
How to simplify language?	“让 LLM 改写得更友好”	Approved content patterns, claim controls, readability QA, final-channel capture
How to measure success?	“automation rate 提高”	customer outcome, complaint reduction, accessibility completion, escalation quality, remediation timeliness
How to handle channel switch?	“提供电话号码”	Context-preserving handoff with case ID, transcript, accommodation and next best action
How to use agent-assist?	“给员工自动话术”	Guardrailed suggestions, prohibited actions, confidence, uncertainty, human decision logging
How to validate model?	“accuracy on labeled data”	scenario evals: hardship, scam, bereavement, disability accommodation, language, complaint, false intervention

13. Control Matrix

Control objective	Control activity	Evidence
Ensure accessible AI channel	WCAG/accessibility release gate for chat, forms, voice, documents, handoff	test report, defect closure, assistive tech transcript
Avoid customer labeling	Controlled vocabulary and schema separate situation signal from person label	data dictionary, field access rule, QA note audit
Minimize sensitive data	Purpose-based collection and retention for accommodation/vulnerability context	DPIA/privacy review, retention config, access logs
Preserve autonomy	Customer choice, explanation, review and complaint route for interventions	final message, override path, review decision
Reduce cognitive load	Plain-language content patterns and comprehension checks for complex decisions	content review, readability evidence, user test
Escalate high-risk situations	Tiered handoff rules for scam, hardship, bereavement, accessibility complaint, distress	handoff packet, SLA, specialist outcome
Control agent-assist	Prohibited outputs, human accountability, final-channel capture	prompt policy, employee confirmation, QA sample
Monitor fairness	False positive/negative, friction, completion, remediation by permitted segment/proxy governance	monitoring dashboard, model risk review
Link complaints	Complaint intake captures AI run, channel, content, support need and root cause	complaint record, RCA, CAPA
Improve system	CAPA backlog connects defects to release, training, policy and model changes	CAPA register, owner, closure evidence

14. Metrics

Metrics must balance protection and autonomy. A system that escalates every customer is not inclusive; it is operationally paternalistic。

Metric family	Examples
Accessibility outcome	completion rate with assistive tech, keyboard-only success, screen reader defects, caption/relay support success, alternative format SLA
Customer dignity	repeat-story rate, unnecessary sensitive-note exposure, customer sentiment after handoff, complaint language about disrespect
Support effectiveness	hardship option uptake quality, scam prevented with customer understanding, bereavement case cycle time, successful channel switch
Autonomy and fairness	intervention override rate, false pause rate, human review reversal, friction by channel/language/age band where permitted
Conduct risk	complaints linked to AI, complaint uphold rate, remediation amount, sales suppression adherence, misleading script defects
Model risk	vulnerable-scenario eval pass rate, false negative high-harm signal, hallucinated policy rate, prohibited diagnosis rate
Operations	handoff SLA, specialist capacity, abandoned handoffs, first-contact resolution for accessibility/bereavement/hardship
Evidence	AI trace completeness, final-channel capture rate, handoff packet completeness, QA sampling coverage, CAPA aging

Good executive dashboard:

Protection: high-harm cases caught and resolved.
Autonomy: customers retained choice and review paths.
Access: customers using accommodations completed journeys.
Conduct: complaints and remediation show fair treatment.
Evidence: every escalated case is replayable.
Improvement: defects become funded CAPA.

15. Failure Modes

Failure mode	Why dangerous	Better control
Vulnerability as permanent label	Stigma, bias, unfair treatment, privacy risk	situation-based support_need with retention and access control
Age-only elder-risk rule	Discriminatory and inaccurate	behavior/context plus human review and policy basis
Accessibility tested only by automation	Automated tools miss keyboard, screen reader, cognitive and workflow issues	manual assistive technology QA and customer journey tests
AI over-simplifies regulated content	Customers miss fees, deadlines, rights or limitations	approved plain-language patterns and legal/compliance review
Scam protection becomes paternalism	Customers lose control without explanation	safe pause with reason, specialist review and appeal/override policy
Agent-assist diagnoses customer	Employee adopts unsupported conclusion	no-diagnosis prompt, QA, note hygiene training
Handoff loses context	Customer repeats traumatic details	handoff packet, sensitive summary standard
Vulnerability signals used for sales	Exploitation and conduct risk	suppression rules and marketing exclusion controls
Complaint not linked to AI trace	Root cause and remediation fail	complaint schema includes AI run, content, channel, support need
Metrics reward containment only	Teams hide or over-route vulnerable cases	balanced metrics: access, autonomy, harm, evidence, outcomes

16. Complaints and Conduct Linkage

Complaints are not downstream noise. In inclusive AI architecture, complaints are the feedback loop that reveals hidden harm:

AI explanation was technically correct but not understandable。
Fraud warning caused panic or was perceived as accusation。
Customer could not access chatbot with assistive technology。
Bereavement flow repeatedly asked for documents already submitted。
Agent-assist script pressured a hardship customer into an unaffordable plan。
Model summary omitted an accommodation request。

Complaint record should capture:

Field	Purpose
complaint_id	common reference
ai_run_id / content_id	links complaint to model and generated content
channel_event_id	proves what customer saw/heard
support_need_type	accessibility, hardship, scam, bereavement, language, complaint distress
customer-stated issue	customer voice, not model label
alleged harm	financial, access, dignity, privacy, confusion, delay
intervention applied	soft offer, channel switch, safe pause, handoff, sales suppression
human decision	specialist action and reason
remediation outcome	correction, apology, refund, fee waiver, document fix, product defect
RCA category	model, prompt, content, channel, employee, policy, vendor, data
CAPA link	backlog item, owner, due date, closure evidence

Complaint analytics should feed model evals and release gates, not just monthly reporting。

17. Interview-Ready Takeaways

Q1: AI 如何识别 vulnerable customer 才专业?

我不会把目标定义为识别“这个人是不是 vulnerable”。我会定义为识别 vulnerable situation 或 support need, 优先使用客户明确表达和偏好, 对行为信号只做 least-intrusive support offer, 对高伤害场景做人工升级。所有字段都要有 purpose、access、retention 和 evidence control。

Q2: Accessibility 在 AI 架构里为什么不是 UI checklist?

因为 AI interface 包含 dynamic chat、voice、streaming content、document upload、handoff、generated explanation 和 decision review。WCAG/accessibility 要进入 design system、content lifecycle、QA、release gate、complaint RCA 和 vendor requirements, 否则客户可能无法完成关键金融任务。

Q3: 如何避免 AI 保护客户变成 paternalism?

干预强度必须和可证明的 harm risk 对齐。低风险用 soft offer, 中风险用 specialist option, 高风险用 safe pause 加解释、复核和客户选择。系统不能因为模型好奇就限制客户, 也不能用年龄、残障或困难状态做不利处理。

Q4: Agent-assist 在 vulnerable-customer 场景的最大风险是什么?

员工会把 AI 摘要当事实或诊断。控制上要禁止 diagnosis 和 unsupported promise, 要求 AI 只总结客户陈述和可观察事实, 显示 uncertainty, 给出 policy-based handoff reason, 并保存员工最终决定和客户最终收到的内容。

Q5: 你如何把投诉接入 inclusive AI architecture?

投诉记录必须链接 ai_run_id、content_id、final_channel_event、support_need_type、alleged harm、human decision、remediation 和 RCA。投诉不是事后客服指标, 而是 conduct risk、model risk、accessibility defect 和 product backlog 的证据来源。

18. Practical Templates

18.1 Vulnerability Signal Card

Field	Example
signal_id	VULN-SCAM-TRANSFER-001
support_need_type	scam_pressure
source	customer statement + transaction context
customer-stated fact	“有人在电话里指导我现在转账”
inferred conclusion allowed?	No diagnosis; only elevated scam-risk support
permitted action	warning, safe pause, fraud specialist handoff
prohibited action	age-based denial, unsupported accusation, sales offer
data retention	case evidence per fraud/complaint retention policy
human review	required before irreversible restriction
customer explanation	required in plain language

18.2 Accommodation Preference Schema

Field	Design rule
preference_type	language, large_print, screen_reader, relay_call, paper_statement, trusted_channel
source	customer selected / employee recorded with consent / prior service request
purpose	service accessibility only
visibility	least-privilege roles
expiry_review	customer can review or update
training_use	excluded unless explicitly approved and de-identified under governance
final_channel_effect	format and channel applied to outbound content

18.3 Human Handoff Packet

Case ID:
Customer goal:
Customer-stated support need:
Requested accommodation or preference:
Current journey step:
Key financial deadline or transaction:
AI interaction summary:
Model uncertainty:
Customer-visible messages already sent:
Recommended specialist queue:
Actions not allowed without review:
Complaint/fraud/hardship/bereavement/accessibility links:
Evidence IDs:

18.4 Inclusive AI QA Checklist

Check	Passing evidence
Screen reader can complete journey	manual transcript and defect closure
Keyboard-only path works	focus order recording
Plain-language content preserves legal/financial meaning	content review
Customer can switch channel without losing context	handoff test
AI does not label or diagnose customer	red-team result
Scam/hardship/bereavement scenarios route correctly	scenario eval
Agent-assist shows uncertainty and prohibited actions	prompt/eval evidence
Complaint creates RCA and CAPA link	complaint test record

19. Final Operating Principle

成熟的 AI customer vulnerability / accessibility architecture 可以用一句话检验:

Can the institution recognize support needs without labeling customers,
offer help without coercion,
make every AI channel accessible,
escalate high-harm situations with dignity,
preserve privacy and autonomy,
and prove fair treatment through evidence?

如果答案不清楚, 企业不是缺一个“vulnerable customer flag”。它缺的是把 accessibility、customer experience、conduct risk、privacy、model risk、frontline operations 和 complaint learning 连接起来的 inclusive AI architecture。