Back to TOC

Kyndryl Agentic Framework

Non-Functional Requirements (NFR) for UC1 Implementation
Use Case: Unstructured Data Extraction & Quality Improvement
Framework: Kyndryl Agentic Framework (KAF) v1.0
Governance Layer: 17 Core Capability Dimensions
Insurance Client
Use Case 1
Confidential

Kyndryl Agentic Framework Overview

Governance Foundation

The Kyndryl Agentic Framework (KAF) provides a comprehensive governance layer for enterprise AI applications. For Insurance Client's Use Case 1 (Unstructured Data Extraction & Quality Improvement), KAF ensures compliance, safety, observability, and operational excellence across the entire extraction pipeline.

KAF Purpose for UC1: Ensure the document extraction agent operates with full transparency, auditability, responsible AI practices, and seamless integration with enterprise governance requirements.

Why Enterprises Need More Than a Cluster

KAF vs Kubernetes

KAF is the Enterprise Control Plane for Agentic AI

addressing trust, safety, cost, and compliance gaps that Kubernetes does not natively solve.

KAF provides:

  • Can we trust it
  • control it
  • explain it
  • and run it safely at scale?

Every regulated or enterprise AI deployment needs KAF-level controls on top of Kubernetes.

Dimension Kubernetes (Baseline) KAF – Agentic AI Platform
Primary Role Container orchestration Full agent runtime & governance layer
Agent Identity & Trust Not native Agent identity, certificates, mutual trust
Agent Lifecycle Pods/services only Register, version, retire, hot-swap agents
Agent-to-Agent (A2A) DIY messaging A2A protocol, routing, guarantees
Tool Governance (MCP) None Tool catalog, permissions, audit
LLM Management External scripts Model routing, versioning, A/B testing
Token Economics No cost visibility Token budgets, attribution, alerts
Prompt Security Not addressed Injection & jailbreak protection
Output Guardrails Not addressed PII reduction, hallucination checks
Memory & State Stateless by default Short & long-term agent memory
RAG Infrastructure DIY components Governed embeddings & retrieval
Human-in-Loop Custom build Approval & escalation workflows
Explainability & Audit Logs only Decision traces & audit trails
Agent Observability Infra-level metrics Per-agent traces, cost & DAGs
Multi-Tenancy Namespace-based Tenant-isolated agents & policies
Graceful AI Degradation Silent failures Explicit AI failure handling
Responsible AI Out of scope Bias, fairness, policy enforcement
Testing & Simulation Manual Synthetic data & agent regression

17 Core Capability Dimensions

Requirements Mapping
Capability Dimension UC1 Requirement Implementation Status
1. Agent Identity & Metadata Document Extraction Agent card (/.well-known/agent.json) with capability declarations, versioning, owner info Required
2. Agent Lifecycle Management Agent deployment, versioning, hot-swap capability for pipeline stages, graceful shutdown Required
3. Agent-to-Agent (A2A) Protocol JSON-RPC 2.0 communication between upstream (Claims) and downstream (Underwriting, DW) systems Required
4. Tool Governance & Catalog MCP-compliant tool discovery for Azure Document Intelligence, OpenAI, data validation tools Required
5. LLM Management & Routing Multi-model support (GPT-4, GPT-3.5, Azure OpenAI), cost-aware routing, fallback strategies Required
6. Token Economics & Cost Control Token usage tracking, cost per extraction, budget alerts, optimization recommendations Required
7. Prompt Management & Security Versioned prompts, prompt injection protection, audit trail, role-based access to prompt changes Required
8. Output Validation & Guardrails Schema validation, confidence scoring, automated escalation for low-confidence extractions, human-in-loop escalation Required
9. Memory & Context Management Short-term context within a document, long-term patterns across policy corpus, conversation history Required
10. Retrieval-Augmented Generation (RAG) Vector DB integration with Clause Indexer (Step 8) and Embedding (Step 9) for policy clause retrieval Required
11. Human-in-Loop Orchestration Escalation workflows for ambiguous clauses, compliance reviewer sign-off, quality auditor validation Required
12. Explainability & Transparency Decision audit trail showing extraction reasoning, clause citations, confidence scores Required
13. Observability & Monitoring Azure Monitor integrations, Application Insights, real-time dashboards (95%, 60%, 80% KPIs), alert thresholds Required
14. Multi-Tenancy & Data Isolation Insurance Client tenant isolation, policy data segregation, compliance with data residency requirements Required
15. Graceful Degradation Fallback to manual extraction if agent fails, queue-based retry logic, exponential backoff Required
16. Responsible AI & Bias Detection Policy fairness audits, extraction bias detection across document types, mitigation strategies Required
17. Testing & Simulation Test coverage (unit/integration/e2e), synthetic document generation, chaos engineering for resilience Required

Detailed Capability Specifications

Implementation Guidance

1. Agent Identity & Metadata

Requirement: Document Extraction Agent must expose /.well-known/agent.json endpoint with complete capability declarations.

Implementation:

  • Publish agent card with name, version, description, capabilities, owner, support contact
  • Include tool discovery metadata (Azure Document Intelligence, OpenAI APIs)
  • Versioning schema for API compatibility tracking
  • Integration with Agent Registry for discoverability

2. Agent Lifecycle Management

Requirement: Support full lifecycle from deployment through retirement with zero-downtime updates.

Implementation:

  • Containerized deployment (Docker) in Azure Kubernetes Service (AKS)
  • Blue-green deployment for pipeline stage updates
  • Graceful shutdown with in-flight request completion
  • Version pinning for reproducibility across environments

3. Agent-to-Agent (A2A) Protocol

Requirement: Implement Google's A2A Open Protocol using JSON-RPC 2.0 for downstream integrations.

Implementation:

  • HTTP/REST endpoints for Claims, Underwriting, Data Warehouse systems
  • JSON-RPC 2.0 message format for method invocations
  • Server-Sent Events (SSE) for streaming extraction results
  • Request/response logging for audit trails

4. Tool Governance & Catalog

Requirement: Centralized tool discovery and governance for all extraction dependencies.

Implementation:

  • Model Context Protocol (MCP) server for tool publication
  • Tool versioning and deprecation policies
  • Usage tracking and quota management
  • Security scanning of tool implementations

5. LLM Management & Routing

Requirement: Intelligent routing across multiple LLMs with cost and latency optimization.

Implementation:

  • Support for GPT-4, GPT-3.5, Azure OpenAI with dynamic model selection
  • Cost-aware routing based on token estimates
  • Latency-sensitive fallback chains
  • Model performance benchmarking and A/B testing

6. Token Economics & Cost Control

Requirement: Full visibility into token usage and cost implications for every extraction.

Implementation:

  • Per-document token tracking with cost attribution
  • Budget alerts and spend forecasting
  • Optimization recommendations for high-cost documents
  • Financial reporting for chargeback models

7. Prompt Management & Security

Requirement: Secure, versioned prompt management with injection protection.

Implementation:

  • Prompt version control with change history and rollback capability
  • Injection attack detection and prevention
  • Role-based access control for prompt modifications
  • Compliance audit trail for regulatory requirements

8. Output Validation & Guardrails

Requirement: Automated validation with human escalation for low-confidence extractions.

Implementation:

  • JSON schema validation against policy data model
  • Confidence scoring (0-100%) for each extracted clause
  • Automatic escalation for confidence < 85%
  • Quality Checker (Step 6) integration with manual review queues

9. Memory & Context Management

Requirement: Short-term and long-term context to improve extraction accuracy.

Implementation:

  • In-document context window for clause relationships
  • Cross-document pattern learning from processed corpus
  • Conversation history for refinement requests
  • Redis cache for frequently accessed policy patterns

10. Retrieval-Augmented Generation (RAG)

Requirement: Vector DB integration for semantic clause retrieval and cross-policy similarity.

Implementation:

  • Steps 8-10 pipeline: Clause Indexer → Embedding → Vector Store
  • Azure Cognitive Search or Pinecone vector database
  • Semantic similarity search for ambiguous clauses
  • Policy precedent matching for decision support

11. Human-in-Loop Orchestration

Requirement: Workflow management for human review and approval gates.

Implementation:

  • Escalation workflows triggered by confidence thresholds
  • Compliance reviewer sign-off for sensitive clauses
  • Quality auditor final validation before production release
  • SLA-driven escalation (24-hour review cycle)

12. Explainability & Transparency

Requirement: Full audit trail showing extraction reasoning and confidence.

Implementation:

  • Decision logs capturing LLM prompts and responses
  • Source citation mapping extractions to original policy text
  • Confidence scoring per clause with reasoning notes
  • Audit interface for compliance teams to validate decisions

13. Observability & Monitoring

Requirement: Real-time dashboards tracking accuracy, speed, and error metrics.

Implementation:

  • Azure Monitor integration with custom metrics
  • Application Insights for end-to-end tracing
  • KPI dashboards: 95% accuracy, 60% speed improvement, 80% error reduction
  • Alerting thresholds for SLA violations
  • Performance bottleneck identification and reporting

14. Multi-Tenancy & Data Isolation

Requirement: Insurance Client tenant isolation with strict data boundaries.

Implementation:

  • Separate database schemas per tenant
  • Azure Key Vault for tenant-specific credentials
  • Query filtering and row-level security (RLS)
  • Compliance with Australian data residency regulations

15. Graceful Degradation

Requirement: Fallback mechanisms for any pipeline stage failure.

Implementation:

  • Automatic fallback to manual extraction if extraction agent fails
  • Queue-based retry logic with exponential backoff
  • Dead-letter queue for problematic documents
  • Partial extraction capability (extract what's possible, flag what's not)

16. Responsible AI & Bias Detection

Requirement: Proactive detection and mitigation of extraction bias.

Implementation:

  • Fairness audits across policy types and document formats
  • Bias detection metrics for minority document categories
  • Retraining triggers for detected bias patterns
  • Compliance review for sensitive policy types (life, disability, etc.)

17. Testing & Simulation

Requirement: Comprehensive test coverage and resilience validation.

Implementation:

  • Unit tests for each of the 13 pipeline steps
  • Integration tests for A2A communication
  • End-to-end testing with synthetic policy documents
  • Chaos engineering for failure scenario validation
  • Performance testing under peak 50+ document loads

KAF Integration with 13-Step Pipeline

Architecture Alignment

The Kyndryl Agentic Framework sits as a cross-cutting governance layer across all 13 extraction pipeline steps:

Pipeline Step KAF Dimension Governance Focus
Step 1: Upload Handler Agent Identity, Tool Governance Request authentication, tool discovery, tenant isolation
Step 2: Document Identifier Observability, Memory Document classification logging, pattern learning
Step 3: OCR/Layout Extraction Tool Governance, Output Validation Azure Document Intelligence tool governance, confidence scoring
Step 4: Clause Parser LLM Management, Token Economics LLM routing, token tracking, cost attribution
Step 5: Policy Extractor Prompt Management, Output Validation Versioned extraction prompts, confidence scoring, escalation rules
Step 6: Quality Checker Human-in-Loop, Explainability Automated validation, escalation workflows, audit trails
Step 7: Data Normalizer Output Validation, Responsible AI Schema compliance, fairness checks, bias detection
Step 8: Clause Indexer Tool Governance, Observability Indexing tool governance, performance monitoring
Step 9: Embedding/Vectorization LLM Management, Token Economics Embedding model selection, cost tracking, usage quota
Step 10: Vector Store Multi-Tenancy, Data Isolation Tenant-specific vector indexes, access control
Step 11: Rules Transformer Lifecycle Management, A2A Protocol Rule versioning, downstream A2A communication prep
Step 12: Policy Store Data Isolation, Graceful Degradation Secure storage, failover mechanisms, backup/recovery
Step 13: Rule Evaluator/Decision Engine A2A Protocol, Observability, Explainability Downstream notifications, decision logging, audit trails

Compliance & Governance

Risk Management

Regulatory Compliance

Applicable Standards:

  • Australian Financial Services Licence (AFSL) requirements for Insurance Client
  • Privacy Act 1988 (Cth) for personal information handling
  • Consumer Law governance for policy terms clarity
  • Internal AI Governance Framework alignment

Change Management

KAF Governance Controls:

  • Prompt version control with peer review for changes
  • Model swaps require technical and compliance sign-off
  • Threshold changes (confidence limits, escalation rules) require business approval
  • Monthly KAF compliance audits

Incident Response

KAF Capability Support:

  • Explainability dimension provides rapid root-cause analysis
  • Observability dimension enables quick detection of anomalies
  • Graceful degradation ensures continuity during failures
  • 2-hour incident response SLA with detailed postmortems

KAF Success Metrics

Performance Indicators
KAF Dimension Success Metric Target Value
Observability Extraction accuracy tracking 95% target achieved
Observability Processing speed improvement 60% improvement vs. manual
Output Validation Error reduction downstream 80% reduction in claims/underwriting errors
Human-in-Loop Escalation rate < 5% of documents require manual review
Explainability Audit trail completeness 100% of decisions logged and traceable
LLM Management Cost per extraction < $0.50 per policy document
Testing Test coverage > 85% code coverage across 13 steps
Compliance Audit findings Zero critical findings in monthly audits

Implementation Roadmap

Phased Approach

Phase 4 (Sprint): Foundation Setup

Phase 5 (POC Execution): Full Integration

Phase 6 (Final Report): Optimization & Handover

View Related Documents

← Return to Table of Contents for Sprint Plan, POC Specification, Architecture Diagram, and other project materials.

Kyndryl Agentic Framework - Non Functional Requirements
Insurance Client UC1 | 17 Core Capability Dimensions
Document Owner: Kyndryl Architect | Contact: SIVA (AI Lead)
Latest Update: March 10, 2026 | Status: Active
CONFIDENTIAL — Internal Use Only