Incoming complaint — formal email. Customer: Mario B., credit card. Unrecognised charge €840. Customer states they already contacted customer service with no response and threatens a formal complaint to the Data Protection Authority. Classification: high severity, product credit card, competent regulators: Data Protection Authority + national banking supervisor. Escalation activated. Timer: substantive response within 5 business days.
AGENT · COMPLAINT TRIAGE
Complaints arrive classified with structured escalation.
Complaint Triage receives incoming complaints (via native channels or email/formal channels via adapters built in delivery), classifies them by severity, product, and competent regulator, and activates structured escalation with contractual response timers. Banking, insurance, and public sector typically face formal response deadlines; the agent monitors them with full traceability.
Complaint Triage at work.
Received. Taking the case. Contacting the customer today.
Status updated. Timer running. Recorded in audit registry.
Why it exists.
Complaints in regulated sectors (banking, insurance, public sector, utilities) are subject to formal requirements on response timers and traceability. Sector regulation — national banking supervisory circulars for banking, IVASS Regulation 24 for insurance in Italy and equivalent frameworks in other EU jurisdictions, EU consumer code — requires severity classification, competence assignment, response within defined timelines, and recorded decisions.
How it classifies and activates escalation.
The agent activates on receipt of a complaint. It extracts structured data (sender, product, content), classifies by severity based on the customer's declarative rules, identifies the competent regulator, and activates escalation to the right role with the deadline timer. The complaint owner receives the notification with the context ready and the deadline already visible.
Handling stays with the owner.
For complaints with a standard automatic response, the agent can propose the reply for the owner to confirm. For complex complaints, the agent prepares the context and escalation; handling stays with the owner. Regulator complaint threats never pass through automatically.
The functions that manage complaints and regulator compliance.
Complaints manager
Recovers time from manual triage. All complaints arrive classified with structured escalation, without a preliminary manual filter. The daily summary is one: what came in, who it's assigned to, which timer is running.
Claim type Auto liability
Severity Medium
Adjuster Dr. Ferrari · Northeast
Initial reserve € 4,200
Routed ✓
Compliance officer
Has the inspectable trace of every complaint for regulatory inspection (national banking supervisor, IVASS, sector regulators). Compliance with contractual response timers shifts from a diffuse risk to documented evidence.
Proposal no. 2024-081 In review
Missing disclosure
MiFID II art. · regulated financial instrument
Alt. 1 …in compliance with MiFID II and applicable supervisory provisions.
Alt. 2 …with full disclosure attached to the offer document.
Audit trace recorded · 14:31
Operations director
Sees aggregated complaint patterns by product, geography, and severity. Decisions on fixing the underlying processes are grounded in structured evidence, not impressions from individual owners.
WhatsApp «I had an accident, this is Rossi»
Type Auto liability · medium
Policyholder Rossi Marco
Policy #IT-2024-04471
Case opened · CRM updated
Four seconds between the incoming formal email and structured escalation to the manager.
Complaint with regulator threat arriving.
For a bank with around eighty complaints per day, the agent is integrated with company channels (Telegram, Slack, WhatsApp, HTTP native; corporate email and formal certified channels via adapters built in delivery). A customer sends a formal email: they report an unrecognised charge on their credit card, state they have already contacted customer service without a satisfactory response, and threaten a formal complaint to the Data Protection Authority if not resolved within fifteen days.
Extraction, classification, regulator identification.
In four seconds the agent completes its analysis. It extracts the data: customer identified in the CRM, product credit card, unrecognised amount, explicit regulator complaint threat. Classification: high severity (regulator complaint threat, customer already in conflict), product credit card (payments owner), competent regulators: Data Protection Authority and national banking supervisor.
Notification to the manager, timer running.
Escalation to the complaints manager with response timer set according to the internal procedure (substantive response within five business days for high severity). The manager receives the notification on the work channel with the original email, customer context, classification, remaining timer, and CRM link. The full event stays in the audit registry for regulatory inspection.
Declarative rules from the customer's complaints and compliance team.
Complaint Triage's rules are declarative. The complaints team and compliance officer define in readable format the severity categories, the product-owner-timer mapping, the rules for identifying the competent regulator, and the escalation procedures. Rules live in the customer's repository, versioned, and validated at agent startup. Native channels (Telegram, Slack, WhatsApp, HTTP) are live from day one. Integration with corporate email and formal certified mail channels is built via adapters during delivery. Integration with the customer's complaint management system is also built during delivery.
- Language
- TypeScript (Node.js)
- LLM model
- customer's choice: Anthropic, OpenAI, Mistral, open source models hosted internally, AWS Bedrock for a private model
- Built-in controls used
- pii-detector, credential-detector, topic-guardrail, tool-param-validator
- Native reception channels
- Telegram, Slack, WhatsApp, OpenAI-compatible HTTP (ticket webhook, form)
- Corporate email and formal certified mail
- integration built during delivery by the Exelab team
- Complaint management system integration
- dedicated adapter built during delivery
- Sector compliance rules
- declarative, versioned, written by the complaints and compliance team
- Memory
- persistent per instance, pgvector + PostgreSQL FTS on customer context
- Registry
- append-only, queryable with a standard SQL client (banking supervisor, IVASS, ARERA audit-ready)
Frequently asked questions about the agent.
Inbound Triage routes generic customer service requests (support, information, confirmations). Complaint Triage is specialised in complaints with specific regulatory obligations (banking, insurance, public bodies, utilities). The two agents can coexist: Inbound Triage routes the incoming flow, and when a request is classified as a complaint it escalates to Complaint Triage for regulated handling.
For standard complaints with a pre-configured response from the compliance team (refund requests below a configured amount threshold, issues on standardised services with a known procedure), the agent can propose a response that the complaints manager confirms. For complex or high-severity complaints, the response stays with the manager following the customer's procedure.
Timers activate automatically at classification, based on the rules configured by the compliance team (e.g. substantive response within five days for high severity, fifteen for medium, thirty for low). The complaints manager sees the remaining timer for each open complaint on the work channel. Exceeding the timer triggers automatic escalation to the next level.
The typical pattern for Complaint Triage in a regulated sector is 10-14 weeks. Discovery 2-3 weeks, rules configuration with the compliance team 4-5 weeks, reception channel integration (including formal certified mail) and complaint management system 3-4 weeks, hand-off to the complaints team 1-2 weeks.
From a 30-minute conversation to the squad in production.
A 30-45 minute conversation to understand how Complaint Triage would configure to the customer's complaint process. Which reception channels, which severity categories, which response timers.