Banks were among the first organizations to use AI at scale. In the early days, its main role was to discover patterns in historical data and help extract meaningful insights for decision-making. With access to massive amounts of information, it was only natural for banks to turn to algorithms to make sense of it all.
Today, we are witnessing a new wave: Generative AI. And once again, banks — as data-driven organizations — have joined the race.
But this time, things are different.
Traditional software development is based on deterministic logic: we define what we want to achieve, write rules, and expect predictable outcomes. Generative AI — especially Large Language Models (LLMs) — is non-deterministic by nature. The same input (prompt) can return different results each time. And that’s acceptable. In fact, we even expect creativity from these models.
However, banks must operate in a deterministic way. Their decisions must be explainable, auditable, and consistent. That’s why we need guardrails.
Think of guardrails like the safety barriers on a road. They won’t prevent every accident, but they reduce the chance of a car leaving the road entirely — which can have serious consequences.
This is how we should approach guardrails in LLMs:
They are predefined and enforced rules, deterministically designed to keep our creative LLMs under control.
These may include:
- Input and output filtering: To prevent harmful, biased, or confidential information from entering or leaving the model.
- Protection against prompt injection: Safeguarding against malicious attempts to manipulate the model’s behavior.
- Privacy safeguards: Ensuring sensitive customer data is never exposed or misused.
- Topic or domain restrictions. Confining the model’s responses to relevant and approved financial topics.
Broadly, guardrails can be categorized into two main types:
- Pre-prompt filtering – checking the prompt before it is sent to the model.
- Post-response filtering – checking the model’s response before it is shown to the user or used in business processes.
The diagram attached is just one example of how this can be implemented. Every business environment is different, so guardrails should be tailored to each organization’s specific context and risk profile.
At eSourcing, we’ve been building software for banks for years — one of the most regulated sectors in the market. That’s why we wanted to share our deterministic perspective on non-deterministic generative AI systems.