How to Build a policy Q&A Agent Using AutoGen in Python for wealth management
A policy Q&A agent for wealth management answers questions about investment policy statements, suitability rules, fee schedules, account restrictions, and internal operating procedures. It matters because advisors and operations teams need fast, consistent answers without guessing, while compliance needs every response grounded in approved policy and traceable to source.
Architecture
- •User interface layer
- •A chat API or internal portal where advisors ask questions like: “Can this discretionary model hold municipal bonds for this client profile?”
- •Policy retrieval layer
- •A document store or vector index with approved policy PDFs, compliance memos, product rules, and jurisdiction-specific guidance.
- •AutoGen agent layer
- •A
AssistantAgentthat drafts answers and aUserProxyAgentthat executes retrieval or tool calls.
- •A
- •Tooling layer
- •Python functions for document search, citation lookup, and policy version checks.
- •Guardrail layer
- •Rules that block advice outside policy scope, force citations, and escalate ambiguous cases to compliance.
- •Audit layer
- •Logging of prompts, retrieved passages, final answers, policy version IDs, and user identity for review.
Implementation
- •
Install AutoGen and define the agent pair
Use the current AutoGen Python package and create one assistant plus one user proxy. In wealth management, keep the assistant constrained to policy interpretation, not portfolio construction or personalized advice.
from autogen import AssistantAgent, UserProxyAgent llm_config = { "config_list": [ { "model": "gpt-4o-mini", "api_key": "YOUR_OPENAI_API_KEY", } ], "temperature": 0, } assistant = AssistantAgent( name="policy_assistant", llm_config=llm_config, system_message=( "You answer wealth management policy questions only. " "Use provided policy excerpts. If the answer is not in scope, say so. " "Always cite the policy section used." ), ) user_proxy = UserProxyAgent( name="policy_user", human_input_mode="NEVER", code_execution_config=False, ) - •
Add a retrieval tool for approved policy text
The assistant should not hallucinate from memory. Give it a callable tool that returns approved excerpts from your internal policy corpus with section IDs and effective dates.
from typing import List, Dict POLICY_STORE: Dict[str, str] = { "INV-3.2": "Discretionary accounts may hold investment-grade municipal bonds if consistent with IPS risk limits.", "CMP-1.4": "Any exception to suitability requires compliance approval before trade execution.", "OPS-2.1": "Client instructions must be recorded in the CRM within one business day.", } def search_policy(query: str) -> List[dict]: hits = [] q = query.lower() for section_id, text in POLICY_STORE.items(): if any(token in text.lower() for token in q.split()): hits.append({"section_id": section_id, "text": text}) return hits[:5] def retrieve_policy(query: str) -> str: hits = search_policy(query) if not hits: return "No matching approved policy found." return "\n".join( f"[{item['section_id']}] {item['text']}" for item in hits ) - •
Register the tool and run a grounded Q&A flow
This pattern keeps the model inside an approved workflow: retrieve first, answer second. The final response should reference exact sections so compliance can audit it later.
from autogen import register_function register_function( retrieve_policy, caller=assistant, executor=user_proxy, name="retrieve_policy", description="Retrieve approved wealth management policy excerpts by query.", ) question = ( "Can a discretionary account hold municipal bonds for a moderate-risk client?" ) chat_result = user_proxy.initiate_chat( assistant, message=( f"Use retrieve_policy to answer this question with citations only:\n{question}" ), ) print(chat_result) - •
Wrap responses with a compliance check
In production, do not trust raw model output. Post-process the answer to ensure it contains citations and no prohibited phrases like “guaranteed returns” or individualized investment advice beyond policy scope.
PROHIBITED_PHRASES = [ "guaranteed return", "certain profit", "best investment", ] def validate_answer(answer: str) -> bool: lower = answer.lower() if not any(section in lower for section in ["inv-", "cmp-", "ops-"]): return False if any(phrase in lower for phrase in PROHIBITED_PHRASES): return False return True
Production Considerations
- •
Deployment
- •Keep the policy corpus in-region if you have data residency constraints.
- •Separate advisor-facing traffic from compliance/admin traffic.
- •Pin model versions and log every prompt-response pair with tenant ID and document version.
- •
Monitoring
- •Track citation rate, fallback-to-compliance rate, and unanswered-question rate.
- •Alert when responses mention unsupported products or omit section references.
- •Store retrieval traces so reviewers can see exactly which policies informed an answer.
- •
Guardrails
- •Block personalized recommendations unless your workflow explicitly supports suitability analysis.
- •Require escalation when policies conflict across jurisdictions or account types.
- •Enforce “answer from source only” behavior; no free-form reasoning without retrieved text.
- •
Governance
- •Version policies by effective date and archive superseded guidance.
- •Maintain approval workflows for new documents before they enter retrieval.
- •Keep an immutable audit trail for regulators and internal review.
Common Pitfalls
- •
Letting the model answer from general knowledge
This is the fastest way to create inconsistent advice. Always retrieve approved text first and require citations tied to section IDs.
- •
Mixing advisory logic with compliance logic
Don’t bury suitability checks inside prompt text alone. Put hard rules in code so a bad model output cannot bypass them.
- •
Ignoring jurisdiction and product scope
Wealth management policies vary by region, entity, account type, and product shelf. Include metadata filters in retrieval so a U.S. private wealth rule does not answer a Swiss advisory question.
Keep learning
- •The complete AI Agents Roadmap — my full 8-step breakdown
- •Free: The AI Agent Starter Kit — PDF checklist + starter code
- •Work with me — I build AI for banks and insurance companies
By Cyprian Aarons, AI Consultant at Topiax.
Want the complete 8-step roadmap?
Grab the free AI Agent Starter Kit — architecture templates, compliance checklists, and a 7-email deep-dive course.
Get the Starter Kit