AI 底层逻辑 / 经典论文

AI Wealth Advice：投顾边界与最佳利益架构

以下官方来源作为学习锚点。本文只把公开材料转成产品、流程、架构和证据设计语言, 不得被解读为法律意见、合规结论或适用性判断。正式项目的准确适用范围由 Legal / Compliance / Risk / Supervision 结合机构注册类型、产品类型、渠道、司法辖区和内部政策确认。

719 行ai-foundations/papers/140-ai-wealth-advice-robo-advisor-best-interest-boundary-architecture.md

AI Wealth Advice / Robo-Advisor / Best Interest Boundary Architecture 解读

面向对象: AI Product Architect / Wealth PM / Robo-Advisor Product Lead / Senior BA / Solution Architect / Model Risk Partner / Conduct Risk Owner。核心问题: AI 财富建议系统的难点不是“能不能讲清投资概念”, 而是能否把 education、recommendation/advice、portfolio construction、execution、human escalation、disclosure、evidence 和 supervision 做成可控边界。学习目标: 建立 AI wealth advice boundary architecture, 把客户画像、风险承受能力、approved investment universe、组合推荐、best-interest style controls、幻觉控制、投诉监督和模型风险连接成一套可审计产品架构。

Source Anchors

Source	Link	本文使用方式
SEC Regulation Best Interest	https://www.sec.gov/regulation-best-interest	作为 broker-dealer 客户推荐场景的 best-interest 风格控制锚点, 用于抽象 disclosure、care、conflict、compliance/supervision 语言
SEC Robo-Advisers Investor Bulletin	https://www.sec.gov/oiea/investor-alerts-bulletins/ib_robo-advisers	作为 robo-adviser 客户体验、算法提问、费用、限制、人工参与和客户理解风险的投资者教育锚点
SEC Investment Adviser Fiduciary Interpretation	https://www.sec.gov/rules-regulations/2019/06/ia-5248	作为 investment adviser fiduciary duty 学习锚点, 用于提醒 AI advice 系统必须区分业务角色和法律身份
FINRA AI Key Topic	https://www.finra.org/rules-guidance/key-topics/artificial-intelligence-ai	作为成员机构使用 AI 时治理、监督、客户沟通、模型与数据风险的官方主题锚点
Investor.gov Automated Investment Tools	https://www.investor.gov/introduction-investing/getting-started/working-investment-professional/automated-investment	作为客户理解 automated investment tool、问题清单、费用、限制和人工服务边界的教育锚点
NIST AI RMF	https://www.nist.gov/itl/ai-risk-management-framework	用 Govern / Map / Measure / Manage 组织 AI wealth 系统的风险管理闭环
ISO/IEC 42001	https://www.iso.org/standard/42001	用 AI management system 视角组织责任、运行控制、持续改进和管理评审

一句话:

AI wealth advice is an advice-boundary control architecture, not an investment chatbot with nicer language.

1. 为什么财富 AI 是边界架构问题

财富管理场景天然包含四类张力:

客户想要明确答案
  + 投资结果不确定
  + 机构有产品、费用、激励和监督义务
  + AI 擅长生成流畅语言但不天然理解法律/适当性边界
  = 必须把建议边界产品化、策略化、证据化

普通金融客服 AI 的主要风险是回答错误、阻断人工或泄露信息。财富 AI 额外面临:

客户可能把一般教育理解成个人建议。
AI 可能把客户一句话里的目标、资金、期限和风险偏好拼成具体推荐。
推荐排序可能受费用、campaign、proprietary product 或模型偏差影响。
投资组合建议需要同时考虑目标、期限、风险承受能力、风险承受能力外的风险承受能力、流动性、经验、税务敏感度、集中度和现有持仓。
交易执行把 conversational output 变成真实资金动作, 需要比普通问答更强的确认、披露、记录和监督。
出错后不能只说“AI 回答不准确”, 必须能重建当时的客户画像、产品宇宙、算法版本、规则评估、披露和人工参与。

PM / 架构师的高级表达:

我不会把 robo-advisor 设计成一个“推荐基金的聊天机器人”。我会把它拆成 investor profile、approved investment universe、portfolio engine、advice boundary policy、disclosure library、execution gateway、human escalation、evidence graph 和 supervision loop。LLM 只负责解释、澄清和生成受控文本, 不拥有适当性判断或交易权限。

2. Advice Boundary Taxonomy

AI 财富产品必须先定义“系统此刻在做什么”, 再决定能说什么、能展示什么、能不能进入交易。

Layer	客户意图	AI 可做	AI 不应做	核心控制
L0 Public education	“ETF 和 mutual fund 有什么区别?”	解释概念、费用、风险、流动性、税务一般影响	暗示某产品适合客户	Approved educational content + source grounding
L1 General product information	“你们有哪些 IRA / managed portfolio?”	展示公开产品类别、费用区间、最低投资额、风险说明	根据客户资料排序为“最适合你”	Product master + approved claims
L2 Neutral comparison	“这两个组合有什么差异?”	比较公开属性、费用、资产配置、历史波动、限制	下结论“你应该选 A”	Comparison method + disclosure
L3 Needs-based guidance	“我 3 年后买房, 该怎么放钱?”	识别目标、期限、流动性、风险承受能力缺口, 引导正式评估或人工	推荐具体证券或模型组合	Profile completeness gate
L4 Personalized recommendation/advice	“根据我的情况推荐组合”	在正式画像、approved universe、策略规则、披露和监督下生成推荐	跳过画像、忽略限制、隐藏冲突	Suitability / best-interest style policy engine
L5 Portfolio management	“帮我自动再平衡”	在客户授权、投资策略、阈值和执行控制内管理组合	自行扩大授权或改变策略	Investment policy contract + monitoring
L6 Trade execution	“买入这个基金”	跳转正式交易、展示风险费用、获取确认、留证据	用生成式文本直接替代 order ticket	Execution gateway + multi-step confirmation

边界判断不是一次性。一个对话可能从 L0 进入 L4, 再进入 L6。每次边界提升都要重新触发:

identity / entitlement。
customer profile completeness。
product universe eligibility。
role / channel permission。
disclosure。
human escalation requirement。
evidence capture。

3. Reference Architecture

Client channel
  -> identity / consent / entitlement
  -> intent and advice-boundary classifier
  -> profile completeness service
  -> approved investment universe service
  -> portfolio recommendation engine
  -> suitability / best-interest style policy engine
  -> LLM response composer with approved claims and citations
  -> disclosure and consent workflow
  -> human escalation / advisor desktop
  -> execution gateway
  -> evidence graph, supervision, complaints, model risk monitoring

3.1 关键组件

Component	职责	不应承担的职责
Intent classifier	判断 education、comparison、recommendation、execution、complaint、human request	不能自己决定可交易或可建议
Advice boundary policy	把客户意图映射到允许动作、需要披露、升级和拒答	不能依赖 prompt 里的软约束
Investor profile service	管理风险承受能力、目标、期限、财务状况、经验、流动性、限制和 freshness	不能让 LLM 从聊天中随意推断正式画像
Approved investment universe	管理可推荐产品、模型组合、风险标签、费用、限制、冲突和有效期	不能把未批准证券通过检索漏进推荐
Portfolio engine	做资产配置、约束优化、模型组合匹配、再平衡、税务和集中度检查	不负责写自然语言披露
Policy engine	执行 eligibility、suitability、best-interest style、conflict、disclosure、human gate	不由 LLM 解释性回答替代
LLM composer	解释概念、澄清问题、生成受控摘要和 advisor draft	不做最终建议、产品准入、交易决策
Execution gateway	处理 order preview、确认、签名、交易限制、撤销和审计	不接受未结构化自然语言直接下单
Evidence graph	记录 profile snapshot、universe version、规则结果、输出、披露、确认、人工动作	不能只保存对话文本
Supervision console	抽样复核、例外处理、投诉联动、趋势监控和 remediation	不能只在事故后手工查日志

3.2 LLM 的正确位置

在财富建议架构中, LLM 应被限制为:

education narrator。
clarification assistant。
approved content composer。
rationale explainer。
advisor meeting note drafter。
customer question triage。
complaint and escalation detector。

LLM 不应作为:

risk tolerance scoring authority。
product approval authority。
portfolio optimizer。
suitability engine。
conflict evaluator。
order execution authority。
legal/compliance applicability decider。

这不是低估 LLM, 而是承认财富建议的关键风险来自可审计决策边界, 不是语言能力。

4. Investor Profile Architecture

财富 AI 的核心输入不是“客户问了什么”, 而是“系统是否拥有足够、有效、可追溯的客户画像来支持当前动作”。

4.1 Profile Data Contract

Field	Architecture role	Freshness / trigger
Investment objective	判断增长、收入、保本、退休、教育、购房等目标	新目标、新账户或重大生命周期事件时确认
Time horizon	判断资产配置、锁定期、波动承受周期	目标变化、临近用款时更新
Risk tolerance	客户心理和偏好层面的波动承受	定期复核, 市场压力或异常行为时重新确认
Risk capacity	财务能力层面的亏损承受	收入、资产、负债、年龄、现金流变化时更新
Liquidity need	判断短期现金需求和退出限制	大额支出、退休、失业、疾病、hardship signal 时更新
Financial situation	收入、资产、负债、税务敏感度	账户开立、建议前、重大变更时更新
Investment knowledge	判断复杂产品理解能力	复杂产品或自助交易开启前检查
Existing holdings	避免集中、重复风险和不必要替换	每次推荐前读取或声明外部资产限制
Constraints	ESG、宗教、行业排除、雇主股票限制、税务偏好	每次 portfolio proposal 前应用
Vulnerability signals	识别认知、语言、年龄、诈骗、压力销售风险	实时对话和 case-level 信号
Complaint / dispute history	识别未解决伤害、重复问题和销售后悔	互动前和推荐前检查
Consent and channel preference	控制个性化、营销、通信和数据使用	每次触达和渠道切换时检查

4.2 风险承受能力不是一个分数

低成熟度做法:

5 个问卷问题 -> risk score = 7 -> 推荐 aggressive portfolio

高成熟度做法:

risk tolerance
  + risk capacity
  + investment horizon
  + liquidity need
  + objective priority
  + experience and knowledge
  + concentration and external holdings
  + vulnerability and behavioral signals
  = profile suitability envelope

维度	问题	失败模式
Tolerance	客户主观能接受多大波动	牛市中高估、熊市中后悔
Capacity	客户财务上能承受多大损失	高收入但短期现金需求被忽略
Need	目标是否需要承担风险	为了不必要收益承担过高风险
Horizon	资金何时使用	短期目标被分配到高波动资产
Behavior	客户压力下会如何行动	市场下跌时 panic sell
Knowledge	客户是否理解复杂性	把结构性产品当普通存款

架构上应输出 profile envelope, 而不是单一 risk score:

profile_envelope:
  objective: retirement_income
  horizon_bucket: long_term
  risk_tolerance_band: moderate
  risk_capacity_band: medium_high
  liquidity_constraint: medium
  knowledge_level: intermediate
  concentration_limit:
    single_security: 10_percent
    illiquid_assets: 15_percent
  allowed_complexity: medium
  advice_status: complete_for_model_portfolio
  profile_snapshot_id: ips_2026_06_30_001

5. Approved Investment Universe

AI wealth advice 不能从“全市场知识”里自由挑产品。它必须使用 approved investment universe。

5.1 Universe Metadata

Metadata	用途
product_id / cusip / ticker / model_portfolio_id	稳定标识和证据重放
product type	ETF、mutual fund、model portfolio、cash sweep、bond ladder、managed account
risk rating	与 profile envelope 匹配
complexity	限制复杂产品进入自助渠道
liquidity	判断短期目标和紧急资金需求
costs and fees	费用披露、替代方案比较、conflict 分析
minimum investment	资格和组合可执行性
target investor / constraints	目标客户、限制、地域、账户类型
eligible channels	digital self-service、advisor-assisted、branch、call center
required role/license	human advisor、registered representative、RIA channel
conflict metadata	proprietary product、revenue share、campaign、commission
approved claims	允许描述的收益、风险、费用和限制文本
prohibited claims	禁止暗示保证、最优、无风险、适合所有人
effective date / expiry	防止过期产品和过期话术
performance data source	历史表现来源和更新时间
disclosure package	prospectus、fee schedule、risk disclosure、conflict disclosure

5.2 Product Universe Gate

candidate product
  -> active and approved?
  -> allowed for customer jurisdiction/account/channel?
  -> allowed for customer profile envelope?
  -> within complexity and liquidity limits?
  -> conflict disclosure available?
  -> approved claim available?
  -> supervision policy satisfied?
  = eligible_for_recommendation | compare_only | education_only | blocked

5.3 Universe Failure Modes

Failure mode	Example	Control
Open-market hallucination	AI 推荐机构未批准基金	Universe allowlist only
Stale product	已关闭或费用变更的产品仍被推荐	Effective-date filter
Channel leakage	只允许 advisor channel 的产品出现在 self-service chatbot	Channel gate
Conflict blindness	Proprietary product 被排第一但无披露	Conflict-aware ranking
Unsupported performance claim	AI 说“过去十年稳定跑赢”	Performance source contract
Missing cost comparison	推荐高费产品但不呈现费用影响	Fee and alternative disclosure

6. Portfolio Recommendation Pipeline

组合推荐不应由 LLM 在对话里“想出来”。推荐流程应是结构化管道。

goal intake
  -> profile completeness check
  -> account and restriction check
  -> approved universe filter
  -> strategic asset allocation / model portfolio matching
  -> constraints and concentration check
  -> suitability / best-interest style policy check
  -> rationale and alternatives
  -> disclosure and customer confirmation
  -> execution workflow
  -> ongoing monitoring and rebalancing

6.1 Recommendation Objects

Object	示例
goal	retirement income, emergency reserve, college savings
recommended allocation	60% equity ETF, 35% bond ETF, 5% cash
instrument mapping	approved ETFs / model portfolios
constraints applied	no sector funds, liquidity reserve, tax-sensitive account
excluded alternatives	higher risk model excluded due to liquidity need
rationale	objective / horizon / risk / cost / diversification match
disclosures	market risk, fees, conflicts, no guarantee, rebalancing rules
action path	save plan, discuss with advisor, open account, trade preview
evidence id	recommendation_trace_id

6.2 Decision Table

Customer / profile signal	Candidate	AI action	Policy decision
Emergency fund goal, 6-month horizon	Aggressive equity model	Recommend	Block, explain horizon/liquidity mismatch
Retirement, 20-year horizon, moderate profile	Balanced model portfolio	Recommend	Allow with standard risk/fee disclosure
Profile incomplete	Any personalized portfolio	Recommend	Ask structured questions or advisor handoff
High concentration in employer stock	Equity-heavy model	Recommend	Require concentration warning and advisor review
Customer asks “highest return”	Leveraged ETF	Recommend	Education only, no specific product recommendation
Customer mentions complaint about prior advice	Any product	Continue sales flow	Pause recommendation, complaint workflow
Vulnerability signal + complex product	Structured note	Compare	Licensed / trained human escalation
Outside approved universe request	Meme stock	Buy	Education or execution-only boundary, no recommendation

6.3 推荐理由要有证据, 不是营销文案

弱理由:

这个组合很适合你, 因为它收益潜力高, 风险也比较平衡。

强理由:

系统选择 balanced model 的原因是: 你的目标期限为 10 年以上, 风险档位为 moderate, 已预留现金储备, 且组合费用低于同类上限。higher-growth model 被排除, 因为它超过了当前 risk envelope 的权益暴露上限。该解释不保证收益, 也不替代正式投资顾问审查。

架构要保存:

匹配规则。
被排除方案。
profile snapshot。
product universe version。
fee/cost basis。
disclosure set。
AI output hash。

7. Best-Interest Style Control Model

本文不判断某个产品或渠道是否适用 SEC Reg BI、investment adviser fiduciary duty、FINRA 规则或其他义务。准确适用性由 Legal / Compliance 拥有。架构师要做的是把 best-interest 风格问题转成控制对象。

7.1 Control Translation

Best-interest style question	Architecture translation
客户是否获得足够重要信息	Disclosure library, timing, comprehension, evidence
推荐是否基于客户具体情况	Profile completeness and suitability envelope
产品风险、费用、替代方案是否考虑	Product metadata, cost comparison, alternative rationale
机构或员工冲突是否被识别和披露	Conflict metadata, ranking constraints, approved disclosure
推荐是否被监督	Supervision sampling, exception queue, advisor review
机构能否证明当时怎么做的	Evidence graph with versions and decision trace

7.2 Care / Conflict / Disclosure / Supervision 四层

Layer	控制目标	设计实现
Care-style	推荐要和客户画像、目标、期限、风险、成本、限制匹配	Suitability policy engine + portfolio rationale + alternatives
Conflict-style	排序和话术不能隐藏机构激励	Conflict-aware ranking + disclosure + compensation metadata
Disclosure-style	重要信息要在正确时点出现	Contextual disclosure service + click/acknowledgement evidence
Supervision-style	推荐、例外、投诉、员工采纳和 AI 输出要可监督	Surveillance dashboard + sampled review + issue remediation

7.3 Ranking Policy

财富 AI 的排序不是单纯 recommender system。

ranking_score =
  customer_goal_fit
  + risk_profile_fit
  + cost_reasonableness
  + diversification_benefit
  + liquidity_fit
  - conflict_penalty
  - complexity_penalty
  - concentration_penalty

PM 要求不能只写“推荐最匹配产品”。要写:

允许哪些特征进入排序。
禁止哪些特征进入排序。
如何处理 proprietary product。
如何展示 alternatives。
如何记录被排除原因。
如何在投诉、监管问询或客户争议时重放。

8. Education vs Advice vs Execution: Runtime Boundary

8.1 Boundary Decision Tree

客户是否只问一般概念?
  是 -> education answer with source and no product push
  否 -> 是否问具体产品公开信息?
    是 -> product info / neutral comparison
    否 -> 是否提供个人资金、目标、期限、风险或账户信息并要求建议?
      是 -> profile and advice-boundary gate
      否 -> 是否要求下单、调仓、卖出或再平衡?
        是 -> execution gateway, not free-form chat execution
        否 -> clarify intent

8.2 对话中常见越界信号

Customer utterance	Boundary risk	Default handling
“我该买哪个?”	Personalized recommendation	Ask profile / route to controlled advice
“哪个收益最高?”	Return-chasing and risk understatement	Explain risk-return tradeoff, no product push
“帮我把退休金都换成股票”	Execution + suitability risk	Strong warning, advisor/human review
“这个是不是稳赚?”	Guarantee risk	Reject guarantee, explain market risk
“我看不懂, 你替我决定”	Delegation / authority risk	Clarify AI cannot make unsupported decision
“上次你们建议我亏了, 我要投诉”	Complaint	Pause sales, create complaint workflow
“我急需用钱还债”	Vulnerability / liquidity	Stop investment recommendation, route support

8.3 Channel and Role Boundaries

Channel / role	Allowed baseline	Restricted baseline
Public web AI	Education and product information	Personalized recommendation, account-specific execution
Logged-in self-service	Profile-driven planning and model proposal if permitted	Complex product advice without required workflow
Advisor copilot	Draft notes, compare products, prepare rationale	Send recommendation without advisor approval
Call center agent assist	Education scripts and escalation cues	Investment advice scripts beyond role
Robo-advisor engine	Model portfolio recommendation within program	Open-ended securities picking outside program
Execution-only flow	Customer-directed trading with required controls	AI saying a trade is best for the customer

9. Human Escalation Architecture

财富 AI 的人工升级不是客服兜底, 而是 boundary control。

9.1 Escalation Triggers

Trigger	Why it matters	Action
Profile incomplete or stale	个性化建议依据不足	Ask structured questions or advisor review
Complex product request	理解、费用、流动性和风险更高	Licensed / trained human handoff
Vulnerability signal	更高 conduct risk	Slow down, simplify, human support
Complaint or regret	销售监督和补救入口	Pause recommendation, create case
Large trade / liquidation	客户伤害和后悔风险高	Additional confirmation and review
Concentrated position	单一证券或行业风险	Advisor review and concentration disclosure
Low confidence / missing source	幻觉风险	Refuse or handoff
Prompt-injection or adversarial instruction	安全和越权风险	Refuse, log, security review
Market stress event	客户情绪驱动交易	Cooling language, education, advisor option
Tax / legal / estate planning	跨专业边界	Route to appropriate professional process

9.2 Warm Handoff Package

人工接手时不能让客户重复全部信息。handoff package 应包含:

customer intent summary。
boundary tier。
profile completeness status。
known constraints。
products discussed。
recommendation candidates and excluded alternatives。
disclosures shown。
AI confidence and refusal reasons。
complaint / vulnerability flags。
full trace id and conversation excerpt。

10. Hallucination Control

在财富 AI 中, 幻觉不是“回答不准”这么简单。它可能变成虚假收益、错误费用、未批准产品、错误税务暗示、交易承诺或不当建议。

10.1 Control Stack

source authority
  -> retrieval permission filter
  -> approved claims library
  -> structured product/profile APIs
  -> constrained generation
  -> post-generation policy scanner
  -> source support check
  -> refusal / escalation
  -> evidence logging

10.2 Forbidden Wealth Claims

Category	Block pattern
Guarantee	保证收益、不会亏、一定跑赢、无风险
Suitability overclaim	“最适合你”, “唯一正确选择”, “不用再考虑”
Performance overclaim	选择性引用历史收益, 暗示未来结果
Fee omission	推荐高费或复杂产品但不披露费用
Liquidity omission	忽略锁定期、赎回限制、罚金
Conflict hiding	不披露 proprietary、commission、revenue share
Tax/legal overreach	给出个性化税务或法律结论
Execution ambiguity	把聊天里的“好”当成交易确认
Human impersonation	让客户以为 AI 是持牌顾问本人

10.3 Response Contract

高风险回答应遵守结构化输出:

response_type: education | compare | profile_required | recommendation_summary | execution_redirect | escalation
boundary_tier: L0-L6
source_ids: []
profile_snapshot_id: optional
universe_version: optional
policy_decision_id: optional
disclosures: []
human_escalation: true_or_false
customer_visible_text: string
blocked_claims_detected: []

这样做的目的不是让客户看到 YAML, 而是让系统在生成前后都能测试、拦截、记录和重放。

11. Evidence Graph

财富 AI 的证据不应只保存 chat transcript。真正有用的是 decision-time evidence graph。

11.1 Evidence Events

Event	Evidence
Identity / session	customer id, channel, auth level, consent
Intent classification	utterance, predicted intent, boundary tier, confidence
Profile check	profile snapshot, freshness, missing fields
Universe filter	universe version, included/excluded products, reason codes
Portfolio generation	engine version, constraints, allocation, alternatives
Policy decision	rule ids, pass/fail, disclosure and escalation requirements
LLM generation	prompt version, model route, source ids, output hash
Disclosure	disclosure ids, timing, customer acknowledgement
Human review	reviewer id, decision, changes, rationale
Execution	order preview, confirmations, trade id, cancellation path
Complaint / incident	case id, linkage to trace, remediation
Monitoring	KRI breach, alert, review outcome

11.2 重放能力

监管、审计、投诉和模型风险复盘会问:

当时客户画像是什么?
哪些产品被允许进入候选集?
哪些产品被排除, 原因是什么?
推荐算法和规则版本是什么?
客户看到哪些披露?
AI 是否使用了 approved claims?
人类是否参与, 做了什么修改?
交易是否由客户明确确认?
后续是否有投诉、撤销、补救或控制更新?

如果系统只能回答“我们有聊天记录”, 证据能力不足。

12. Complaint, Supervision and Surveillance

财富 AI 需要把投诉、监督和模型风险接到同一条闭环。

12.1 Complaint Detection

AI 应识别:

“你们之前建议错了”。
“我亏钱了, 要投诉”。
“我没有理解费用”。
“这个不是我想买的”。
“顾问/系统误导了我”。
“我以为这是保本的”。

默认处理:

complaint signal
  -> pause recommendation and sales language
  -> create or route complaint case
  -> preserve trace and evidence
  -> provide customer confirmation
  -> notify supervision / conduct risk workflow

12.2 Supervision Signals

Signal	Interpretation
High override rate	AI recommendation or policy rules not aligned with advisor judgment
High customer abandonment after disclosure	Disclosure may be confusing or recommendations too aggressive
Complaint cluster by product	Product explanation, fees or suitability controls may be weak
Concentrated recommendations	Ranking model or campaign conflict may be oversteering
Frequent boundary refusals	UX may invite advice requests before profile completion
High manual correction of AI drafts	LLM generation or approved claims retrieval weak
Segment-specific failure	Risk of unequal customer experience or accessibility issue
Market-stress sell prompts	Behavioral risk and escalation policy need tightening

12.3 Supervision Operating Loop

sample interactions
  -> review recommendation traces
  -> classify finding
  -> determine customer impact
  -> update policy / prompt / universe / disclosure
  -> retrain reviewers and advisors
  -> test control effectiveness
  -> document closure evidence

13. Model Risk Management

AI wealth advice 是 AI system risk, 不是单一模型风险。

13.1 Validation Scope

Area	Validation question
Use case boundary	是否清楚区分 education、recommendation、execution
Profile data	画像是否完整、有效、可追溯
Universe data	产品、费用、风险、限制、披露是否准确
Portfolio algorithm	资产配置、约束和优化是否符合设计
Policy engine	是否拦截 profile 缺口、冲突、复杂产品和高风险场景
LLM output	是否 grounded, 是否避免 forbidden claims
Human oversight	升级是否真实、及时、可用
Execution workflow	交易确认、撤销、记录是否完整
Monitoring	投诉、override、drift、segment failure 是否可见

13.2 Eval Set Design

评估集应覆盖:

普通教育问答。
产品比较。
画像不足仍要求推荐。
高风险偏好但低风险承受能力。
短期目标却要求高收益。
vulnerable customer。
投诉和后悔。
市场剧烈下跌。
外部证券请求。
复杂产品请求。
prompt injection。
多语言和低金融素养表达。
advisor copilot copy-paste 风险。

13.3 Revalidation Triggers

base model 或 model route 变化。
prompt / system instruction 变化。
RAG source 或 product universe 变化。
risk questionnaire 或 profile scoring 变化。
portfolio optimizer 或 model portfolio 变化。
disclosure library 变化。
新产品、新渠道、新客户群。
投诉趋势、supervision finding、incident。
法规、监管 guidance 或内部 policy 更新。

14. PM / Architect Implications

PM / architecture decision	高级判断
是否做 customer-facing AI wealth assistant	先定义允许边界和人类升级, 再设计对话体验
是否允许个性化推荐	只有在 profile、universe、policy、disclosure、evidence 和 supervision 成熟后进入
是否用 LLM 做 portfolio recommendation	LLM 不应做优化和适当性判断, 只做解释和受控生成
是否开放自然语言交易	应通过 execution gateway 和多步确认, 不让聊天文本成为订单
如何衡量成功	不能只看 AUM conversion; 要看 recommendation quality、complaints、override、evidence completeness、boundary accuracy
如何处理客户体验	边界说明要清楚但不恐吓; 客户应知道何时需要画像、何时转人工、何时进入正式交易
如何处理业务增长压力	用 conflict-aware ranking 和 supervision 防止 AI 变成隐性销售推动器

15. Interview-Ready Language

15.1 30 秒版本

我会把 AI wealth advice 设计成 advice-boundary control architecture。教育、产品信息、个性化推荐、组合管理和交易执行要分层。风险承受能力、目标、期限、流动性、现有持仓和 approved investment universe 由结构化服务管理, 组合推荐由 portfolio engine 和 policy engine 控制, LLM 只做解释、澄清和受控文本生成。上线必须有披露、人工升级、证据图、投诉监督和模型风险验证。

15.2 2 分钟版本

Robo-advisor 的关键不是回答“买什么”, 而是证明推荐是在当时客户画像、产品宇宙和控制规则下生成的。我会先做 advice boundary taxonomy: education、neutral comparison、personalized recommendation、portfolio management、execution。然后建立 investor profile service, 包括 risk tolerance、risk capacity、horizon、liquidity、knowledge、constraints 和 freshness。产品侧建立 approved investment universe, 带 risk、fee、liquidity、complexity、conflict、channel 和 approved claims metadata。推荐由组合引擎生成候选, 再经过 suitability / best-interest style policy engine, 输出 rationale、alternatives、disclosures 和 evidence。LLM 不能绕过这些服务, 只负责解释和摘要。高风险、画像不足、复杂产品、投诉、vulnerable signal 和低置信都升级人工。最后用 evidence graph 保存 profile snapshot、universe version、rule results、disclosure、human review 和 execution confirmations, 并通过 complaints、supervision、override、drift 和 model validation 持续监控。

15.3 面试追问

追问	答法要点
AI 能不能直接推荐基金?	不用一句话回答能或不能。先问机构角色、渠道、客户画像完整度、产品宇宙、监督和法律适用。架构上只有在正式受控 advice workflow 内才允许个性化推荐。
怎么防止 hallucination?	把投资事实、产品、费用、风险和披露从权威服务取出; LLM 只用 approved claims 和 citations 生成; post-generation scanner 拦截保证收益、最适合、费用遗漏等 forbidden claims。
怎么证明推荐合理?	保存 profile snapshot、universe version、algorithm version、rules fired、excluded alternatives、fee/risk rationale、disclosures、customer confirmation 和 human review。
robo-advisor 和 advisor copilot 的边界差异?	Robo-advisor 是客户程序化建议和组合执行流程; advisor copilot 是员工辅助。copilot 输出仍需 advisor 复核, 不能让员工把 AI draft 当最终建议。
业务想提高 conversion 怎么办?	优化 profile completion、explanation clarity 和 handoff, 不能用隐藏冲突、弱化风险或 push high-fee product 提高转化。用 conduct KRIs 平衡 AUM growth。

16. 与已有学习资产的连接

已有文档	连接方式
`docs/AI_CONDUCT_RISK_SUITABILITY_SALES_GUARDRAILS_PLAYBOOK.md`	本文把 suitability / sales guardrails 聚焦到财富建议、组合推荐和交易边界
`docs/AI_CUSTOMER_FACING_REGULATED_PRODUCT_PLAYBOOK.md`	本文扩展其中的 customer-facing AI 边界到 wealth-specific advice workflow
`docs/AI_MODEL_RISK_MANAGEMENT_PLAYBOOK.md`	本文把 MRM 具体化为 robo-advisor 的 profile、universe、portfolio engine、LLM 和 supervision validation
`docs/AI_MODEL_VALIDATION_INDEPENDENT_CHALLENGE_PLAYBOOK.md`	本文提供财富 advice 系统的 independent challenge 问题清单
`docs/AI_CONTROL_LIBRARY_ASSURANCE_EVIDENCE_GRAPH_PLAYBOOK.md`	本文的 evidence graph 可作为财富建议场景的 control-evidence slice

17. 核心结论

AI 财富建议的高级架构判断是:

先定义 advice boundary, 再做对话体验。
客户画像是正式数据资产, 不是聊天中随手推断。
推荐只能来自 approved investment universe。
组合推荐由 portfolio engine 和 policy engine 生成, LLM 负责解释。
Best-interest 风格控制要落成 disclosure、care、conflict、supervision 和 evidence。
人工升级是产品能力, 不是异常客服。
投诉和监督要能反向更新 prompt、policy、universe、questionnaire 和模型评估。
证据必须能重放每一次客户影响型建议。