An audit compliance processing method, apparatus, device, and medium

By performing decision impact attribution calculations and structured encapsulation on AI decision-making results, the problem of low audit traceability in AI decision auditing is solved, achieving efficient decision traceability and automated semantic consistency verification of compliance strategies, thereby improving the transparency and traceability of audits.

CN122287643APending Publication Date: 2026-06-26PING AN TECH (SHENZHEN) CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
PING AN TECH (SHENZHEN) CO LTD
Filing Date
2026-05-21
Publication Date
2026-06-26

AI Technical Summary

Technical Problem

The lack of an integrated audit processing solution in existing AI decision-making audit scenarios leads to low efficiency in auditing and tracing the decision-making process, an inability to effectively quantify the impact of each input data on the decision outcome, and an inability to achieve automated semantic correlation verification between the decision outcome and compliance policies.

Method used

By performing decision impact attribution calculations on decision results, quantifying the contribution of each input data, and then encapsulating the decision results and decision impact attribution reports in a structured manner into a trusted audit graph, a structured and traceable audit record storage system is established. Graph queries and decision tracing are performed based on audit graph data, and semantic consistency verification is performed between the decision tracing results and the compliance ontology.

Benefits of technology

It effectively improves the efficiency and accuracy of AI-driven decision auditing and traceability, and realizes automated semantic consistency verification between decision results and compliance strategies, ensuring the transparency, traceability and fairness of the decision-making process.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122287643A_ABST
    Figure CN122287643A_ABST
Patent Text Reader

Abstract

This invention relates to the field of artificial intelligence technology, and discloses an audit compliance processing method, apparatus, device, and medium. The method includes performing decision reasoning and impact attribution on decision request data, encapsulating it in a structured manner and writing it into a trusted audit graph, and performing semantic consistency verification based on the graph's tracing results and the compliance ontology. This invention addresses the problem of low efficiency in audit tracing of the decision-making process due to the lack of an integrated audit processing solution in existing AI decision audit scenarios. It constructs a trusted audit graph through decision impact attribution and structured encapsulation, and achieves semantic consistency verification between decisions and compliance strategies based on graph tracing. This can be applied to the financial field, effectively improving the efficiency and accuracy of AI decision audit tracing and achieving automated semantic consistency verification between decision results and compliance strategies.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of artificial intelligence technology, and in particular to an audit compliance processing method, apparatus, equipment, and medium. Background Technology

[0002] With the widespread application of artificial intelligence (AI) technology in the financial sector, AI decision-making models have penetrated core business processes such as credit approval, risk control, and intelligent claims processing, undertaking the crucial function of automating decision-making and reasoning for business requests. At the same time, regulatory compliance requirements in the financial industry are becoming increasingly stringent. Every decision made by the AI ​​model must undergo dual review by internal audits and external regulators to ensure the transparency, traceability, and fairness of the decision-making process.

[0003] In existing technical solutions, audit evidence generated during the AI ​​decision-making process is typically stored in multiple independent log systems, such as model feature logs, knowledge retrieval logs, model prediction result logs, and final business conclusion records. There is a lack of a unified, structured correlation mechanism between these logs. When auditors need to conduct a retrospective review of a specific decision, they often have to manually collect and piece together fragmented decision information across multiple systems, and it is impossible to quantify the actual impact of each input data point on the decision outcome. Summary of the Invention

[0004] This invention provides an audit compliance processing method, apparatus, equipment, and medium to address the technical problem of low audit traceability efficiency in the decision-making process due to the lack of an integrated audit processing solution in existing AI decision-making audit scenarios.

[0005] Firstly, it provides an audit compliance processing method, including: Obtain decision request data in the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results; The decision results are processed by decision impact attribution calculation to obtain a decision impact attribution report; The decision results and the decision impact attribution report are structured and encapsulated to obtain audit record data; The audit record data is written into the trusted audit graph according to the preset graph storage rules to obtain audit graph data; Based on the audit graph data, the received audit query requests are processed by graph query and decision tracing to obtain the decision tracing results; The decision tracing results are semantically consistent with the preset compliance ontology, and the audit compliance processing results are output.

[0006] Secondly, an audit compliance processing device is provided, including: The data acquisition module is used to acquire decision request data in the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results; The decision calculation module is used to perform decision impact attribution calculation on the decision results and obtain a decision impact attribution report; The data encapsulation module is used to perform structured encapsulation processing on the decision results and the decision impact attribution report to obtain audit record data; The graph construction module is used to write the audit record data into a trusted audit graph according to a preset graph storage rule to obtain audit graph data; The decision tracing module is used to perform graph query and decision tracing processing on the received audit query requests based on the audit graph data, and obtain the decision tracing results. The verification output module is used to perform semantic consistency verification processing on the decision tracing results and the preset compliance ontology, and output the audit compliance processing results.

[0007] Thirdly, a computer device is provided, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the steps of the above-described audit compliance processing method.

[0008] Fourthly, a computer-readable storage medium is provided, which stores a computer program that, when executed by a processor, implements the steps of the above-described audit compliance processing method.

[0009] The above-mentioned audit compliance processing method, apparatus, equipment, and medium can acquire decision request data in the target business scenario, perform decision reasoning processing on the decision request data to obtain decision results; perform decision impact attribution calculation processing on the decision results to obtain a decision impact attribution report; perform structured encapsulation processing on the decision results and the decision impact attribution report to obtain audit record data; write the audit record data into a trusted audit graph according to preset graph storage rules to obtain audit graph data; perform graph query and decision tracing processing on the received audit query requests based on the audit graph data to obtain decision tracing results; perform semantic consistency verification processing on the decision tracing results and preset compliance ontology, and output audit compliance processing results. This invention addresses the problem of low efficiency in auditing and tracing decision-making processes due to the lack of integrated audit processing solutions in existing AI decision-making auditing scenarios. It quantifies the contribution of each input data point to the decision by calculating the decision impact attribution. The decision results and decision impact attribution reports are then structured and encapsulated into a trusted audit graph, establishing a structured and traceable audit record storage system. Based on this, graph queries and decision tracing are performed on audit query requests using audit graph data. The decision tracing results are then semantically consistent with the compliance ontology, achieving automated semantic association verification between decision results and compliance policies. This effectively improves the efficiency and accuracy of AI decision-making audit tracing and enables automated semantic consistency verification between decision results and compliance policies. Attached Figure Description

[0010] To more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments of the present invention will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0011] Figure 1 This is a schematic diagram of an application environment for an audit compliance processing method according to an embodiment of the present invention; Figure 2 This is a flowchart illustrating an audit compliance processing method according to an embodiment of the present invention; Figure 3 yes Figure 2 A detailed implementation flow diagram of step S10 Figure 1 ; Figure 4 yes Figure 2 A detailed implementation flow diagram of step S20 Figure 2 ; Figure 5 yes Figure 2A detailed implementation flow diagram of step S30 Figure 3 ; Figure 6 yes Figure 2 A detailed implementation flow diagram of step S40 Figure 4 ; Figure 7 yes Figure 2 A detailed implementation flow diagram of step S50 Figure 5 ; Figure 8 yes Figure 2 A detailed implementation flow diagram of step S60 Figure 6 ; Figure 9 This is a schematic diagram of an audit compliance processing device according to an embodiment of the present invention; Figure 10 This is a schematic diagram of the structure of a computer device according to an embodiment of the present invention; Figure 11 This is another structural schematic diagram of a computer device according to one embodiment of the present invention. Detailed Implementation

[0012] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0013] The audit compliance processing method provided in this embodiment of the invention can be applied to, for example... Figure 1In this application environment, the client communicates with the server via a network. The server can obtain input conditions from the client, namely, decision request data under the target business scenario, perform decision reasoning processing on the decision request data to obtain a decision result; perform decision impact attribution calculation processing on the decision result to obtain a decision impact attribution report; perform structured encapsulation processing on the decision result and the decision impact attribution report to obtain audit record data; write the audit record data into a trusted audit graph according to preset graph storage rules to obtain audit graph data; perform graph query and decision tracing processing on the received audit query requests based on the audit graph data to obtain decision tracing results; perform semantic consistency verification processing on the decision tracing results and preset compliance ontology, and output audit compliance processing results. This invention addresses the problem of low efficiency in auditing and tracing decision-making processes due to the lack of integrated audit processing solutions in existing AI decision-making auditing scenarios. It quantifies the contribution of each input data point to the decision by calculating the decision impact attribution, and then encapsulates the decision results and decision impact attribution reports in a structured manner before writing them into a trusted audit graph, thereby establishing a structured and traceable audit record storage system. Based on this, graph queries and decision tracing are performed on audit query requests using audit graph data, and the decision tracing results are semantically consistent with the compliance ontology, achieving automated semantic association verification between decision results and compliance policies. This effectively improves the efficiency and accuracy of AI decision-making audit tracing and achieves automated semantic consistency verification between decision results and compliance policies. The client can be, but is not limited to, various personal computers, laptops, smartphones, tablets, and portable wearable devices. The server can be implemented using a standalone server or a server cluster consisting of multiple servers. The invention will be described in detail below through specific embodiments.

[0014] Please see Figure 2 As shown, Figure 2 A flowchart illustrating an audit compliance processing method provided in an embodiment of the present invention includes the following steps: S10: Obtain decision request data under the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results.

[0015] This step first involves acquiring decision request data from the target business scenario. This data can include business requests and related input data submitted by users in financial business scenarios such as credit approval, risk control, or intelligent claims processing, such as customer income information and address information. Next, the acquired decision request data undergoes decision reasoning processing. That is, an AI decision model performs reasoning calculations on the input data to obtain a decision result. This decision result represents the final judgment made by the model for the current business request.

[0016] Combination Figure 3 As shown, step S10 specifically includes: S101: Collect user request data and business input data in the target business scenario, and perform fusion preprocessing on the user request data and the business input data to obtain standardized decision request data.

[0017] In this step, two types of raw data are first collected for the target business scenario: user request data and business input data. User request data refers to information actively submitted by users during the business process. For example, in a credit approval scenario, user request data may include loan application form information submitted by the user; in an intelligent claims scenario, user request data may include claims application forms and accident description information submitted by the user. Business input data refers to auxiliary data obtained by the system from the business operation environment that is related to the current decision request. For example, in a credit approval scenario, business input data may include customer income information, asset information, credit records, and historical repayment records; in a risk control scenario, business input data may include customer transaction data, account behavior data, and external risk rating data.

[0018] After data collection, the user request data and the business input data are fused and preprocessed to obtain standardized decision request data. This fusion and preprocessing refers to the process of unifying and standardizing user request data and business input data from different sources and with varying formats. Specifically, the system performs data cleaning, missing value imputation, and format conversion on both user request data and business input data to eliminate differences in field naming, data types, and numerical units. The processed data is then fused and concatenated according to a unified field structure to obtain standardized decision request data. This standardized decision request data, in a unified data format, completely carries all the input information involved in the current decision request, providing a standardized data foundation for subsequent feature extraction and decision reasoning.

[0019] S102: Perform multi-dimensional feature extraction processing on the standardized decision request data to obtain a decision feature vector.

[0020] In this step, multi-dimensional feature extraction is performed on the standardized decision request data to obtain a decision feature vector. The multi-dimensional feature extraction process refers to extracting feature information with decision-making significance from the standardized decision request data along multiple dimensions and converting it into a numerical vector representation. The decision feature vector is a numerical vector generated after multi-dimensional feature extraction that can represent the core features of the current decision request in vector space.

[0021] Specifically, the system extracts and encodes various fields from different feature dimensions for each type of field in the standardized decision request data. For example, in a credit approval scenario, the system can extract features such as age, occupation, and income level from the customer's basic attributes dimension; features such as historical delinquency count and credit score from the credit history dimension; features such as recent transaction frequency and the proportion of large transactions from the transaction behavior dimension; and features such as loan amount and income ratio from the application information dimension. For numerical fields, the system normalizes or standardizes them to eliminate dimensional differences; for categorical fields, the system converts them into numerical representations through encoding. The system then concatenates and combines the feature values ​​extracted from each dimension according to a preset feature arrangement order to generate a unified decision feature vector. This decision feature vector fully represents the multidimensional feature information of the current decision request in a high-dimensional numerical form.

[0022] S103: Input the decision feature vector into a preset decision reasoning model for reasoning and calculation to obtain the decision confidence distribution.

[0023] In this step, the decision feature vector is input into a pre-defined decision reasoning model for inference calculation to obtain the decision confidence distribution. The decision reasoning model refers to a pre-trained and deployed AI model used to perform inference calculations on the decision feature vector to output decision results. This model can be a deep learning-based classification model, an ensemble learning model, or a large language model agent, etc. The decision confidence distribution refers to the confidence probability distribution of each candidate decision category output by the decision reasoning model for the current decision feature vector. This distribution characterizes the model's degree of confidence in predicting each candidate decision category.

[0024] Specifically, the decision feature vector is input into the decision reasoning model. Based on its internally learned decision rules and knowledge representations, the model performs forward reasoning calculations on the feature vector and outputs the confidence probability value of the current decision request for each candidate decision category. For example, in a credit approval scenario, the model can output the confidence probability values ​​for the two candidate categories, "approved" and "rejected." In a risk control scenario, the model can output the confidence probability values ​​for multiple candidate categories, such as "low risk," "medium risk," and "high risk." The confidence probability values ​​of all these candidate decision categories together constitute the decision confidence distribution.

[0025] S104: The decision confidence distribution is classified and judged according to a preset decision threshold to obtain decision category labels.

[0026] In this step, the decision confidence distribution is classified according to a preset decision threshold to obtain decision category labels. The decision threshold is a pre-set probability threshold used to classify the decision confidence distribution; this threshold can be configured according to different business scenarios and risk preferences. The decision category label is the identifier information determined after classification, representing the final decision category to which the current decision request belongs. The confidence probability values ​​of each candidate decision category in the decision confidence distribution are compared with the preset decision threshold, and the decision category to which the current decision request belongs is determined based on the comparison result. For example, in a credit approval scenario, when the confidence probability value of the "approved" category exceeds the preset decision threshold, the system classifies the current decision request as the "approved" category and generates a corresponding decision category label; when the confidence probability values ​​of all candidate categories do not reach the decision threshold, the system can classify the current decision request as a pending category requiring manual review. Through the above classification process, the system transforms the continuous confidence probability distribution into discrete decision category labels, providing a clear category determination basis for subsequent decision result encapsulation.

[0027] S105: Combine and encapsulate the decision category label with the decision confidence distribution to obtain the decision result.

[0028] In this step, the decision category labels and the decision confidence distribution are combined and encapsulated to obtain the decision result. The system associates and combines the decision category labels determined by the classification judgment with the complete decision confidence distribution output by the decision inference model, encapsulating the two into a unified decision result data structure. This decision result contains both the final decision category determination information and retains the model's confidence probability distribution information for each candidate category. Therefore, the decision result not only represents the final decision conclusion but also reflects the model's confidence in the decision conclusion and its evaluation of other candidate categories. Retaining the complete decision confidence distribution information facilitates more refined decision impact attribution calculations and audit traceability analysis of the decision result in subsequent steps.

[0029] S20: Perform decision impact attribution calculation on the decision results to obtain a decision impact attribution report.

[0030] In this step, based on the obtained decision results, the system performs decision impact attribution calculations. The system quantifies the contribution of each input data point to the decision result, i.e., calculates the data impact weight, to identify which input data has the greatest impact on the current decision. Simultaneously, the system assesses the sensitivity of the decision result to sensitive features, i.e., calculates feature bias sensitivity. Furthermore, the system analyzes the strength of citations to compliance policy clauses during the decision reasoning process, i.e., calculates compliance dependence. After integrating the above multi-dimensional attribution information, a decision impact attribution report is generated.

[0031] Combination Figure 4 As shown, step S20 specifically includes: S201: Perform feature contribution quantification calculation on each input data point corresponding to the decision result to obtain a set of data influence weights.

[0032] In this step, the feature contribution metric calculation is performed on each input data point corresponding to the decision result to obtain a data influence weight set. The input data points refer to the independent data fields or feature items in the standardized decision request data participating in the decision reasoning process in step S10. For example, in a credit approval scenario, input data points may include customer income information, address information, credit score, historical repayment records, etc. The data influence weight set (i.e....) A set of quantitative representations of the contribution of each input data point to the decision outcome is used to characterize which input data points have the greatest impact on the current decision outcome.

[0033] Specifically, for all input data points corresponding to the decision result, the feature contribution of each input data point to the decision result is calculated one by one. The feature contribution quantification calculation process refers to the process of analyzing the reasoning process of the decision reasoning model and quantifying the contribution of each input data point to the final decision output during the model's reasoning process. The system can use methods such as gradient backpropagation analysis, feature ablation experiments, or marginal contribution allocation in game theory to calculate the contribution value of each input data point in the decision reasoning process. For example, in a credit approval scenario, after the above quantification calculation process, the system can determine that the customer's income information contributes 0.35 to the "approval rejection" decision, the credit score contributes 0.28, the historical repayment record contributes 0.22, and the address information contributes 0.15. The system associates and combines each input data point and its corresponding contribution value to generate a data influence weight set. This data affects the weight set. It can be represented as a set of key-value pairs consisting of each input data point and its contribution value. Each key-value pair contains the identifier of the input data point and its corresponding contribution value, which clearly shows the ranking of the degree of influence of each input data point on the decision result.

[0034] S202: Based on the data influence weight set, perform deviation sensitivity evaluation processing on the preset sensitive feature dimensions to obtain the feature deviation sensitivity index.

[0035] In this step, based on the data influence weight set, a bias sensitivity assessment is performed on the preset sensitive feature dimensions to obtain a feature bias sensitivity index. The sensitive feature dimensions refer to feature categories that require key attention in decision fairness assessments and may trigger discrimination or bias risks, such as gender, ethnicity, age, and region. The feature bias sensitivity index (i.e....) This refers to a quantitative indicator that measures the sensitivity of decision outcomes to the aforementioned sensitive feature dimensions, revealing the extent to which decision outcomes are influenced by sensitive features. A list of sensitive feature dimensions to be evaluated is obtained from a pre-configured sensitive feature set. These dimensions are pre-configured based on business scenarios and regulatory requirements. For example, in a credit approval scenario in financial business, pre-configured sensitive feature dimensions might include the applicant's gender, ethnicity, age, marital status, and place of residence. Then, the data influence weight set is used... The system locates the input data points corresponding to the sensitive feature dimensions and their contribution values, and then performs a bias sensitivity assessment on these contribution values. The bias sensitivity assessment process refers to evaluating the dependence of the decision result on the sensitive features and the level of bias risk by analyzing the contribution ratio and fluctuation of the sensitive feature dimensions in the data influence weight set. The system can obtain a bias sensitivity score for each sensitive feature dimension by calculating the deviation of the contribution value of the sensitive feature dimension from the average contribution of all input data points, or by observing the change in the decision result after applying micro-perturbations to the sensitive features. The system then summarizes and integrates the bias sensitivity scores of each sensitive feature dimension to obtain a feature bias sensitivity index. This characteristic deviation sensitivity index It can quantify the sensitivity of decision results to sensitive features. When the deviation sensitivity score of a certain sensitive feature dimension is high, it indicates that the decision results are more sensitive to changes in that sensitive feature, and there is a potential risk of fairness bias.

[0036] S203: Based on the feature deviation sensitivity index, perform compliance clause citation strength analysis on the reasoning path of the decision result to obtain the compliance dependency index.

[0037] In this step, the inference path of the decision result is analyzed for compliance clause citation strength based on the feature bias sensitivity index to obtain a compliance dependency index. The inference path refers to the internal inference chain experienced by the decision inference model during the inference calculation of the decision feature vector, including RAG (Retrieval Augmented Generation) knowledge fragments or internal policy clauses referenced by the model during the inference process. The compliance dependency index (i.e. This refers to an indicator that quantifies the degree and strength of reliance on various compliance policy clauses by a decision-making reasoning model during the decision-making process. It analyzes the reasoning path of the decision outcome, extracting information on the compliance policy clauses actually referenced by the model during the reasoning process, including the specific policy clause identifiers and the frequency and weight of each clause's reference. In financial business scenarios, these compliance clauses can be internal corporate policy clauses, specific sections of Standard Operating Procedures (SOPs) for credit approval, or fair credit-related regulations issued by regulatory agencies. The system incorporates a feature bias sensitivity indicator. The system focuses on analyzing the citation of compliance clauses associated with sensitive features in the reasoning path, assessing whether the decision-making process adequately references corresponding fairness compliance clauses in decision-making stages involving sensitive features. The system quantifies the citation strength of each compliance clause in the reasoning path, whereby the citation strength characterizes the degree of influence of a specific compliance clause on the final decision outcome during the overall reasoning process. The system summarizes the citation strength values ​​of each compliance clause to obtain a compliance dependency index. .

[0038] S204: Perform multi-dimensional attribution integration processing on the compliance dependency index, the data influence weight set, and the feature deviation sensitivity index to obtain a multi-dimensional attribution feature vector.

[0039] In this step, the compliance dependency index is... The data influence weight set The characteristic deviation sensitivity index Multidimensional attribution integration processing is performed to obtain multidimensional attribution feature vectors. This multidimensional attribution integration processing refers to the process of uniformly integrating and fusing the attribution information from the three different dimensions, enabling the attribution information from the three dimensions to be jointly represented in the same vector space. The data influence weight set is then applied separately. Characteristic bias sensitivity index Compliance Dependency Indicators Numerical encoding is performed to transform the attribution information from each dimension into a unified format of numerical vector representation. These three numerical vectors are then concatenated and merged according to a pre-defined dimensional order to obtain a multi-dimensional attribution feature vector. This multi-dimensional attribution feature vector, in a unified vector form, simultaneously carries quantitative information from three dimensions: data impact attribution, bias sensitivity attribution, and compliance dependence attribution. It comprehensively reflects the attribution of decision results at the data, fairness, and compliance levels.

[0040] S205: The multidimensional attribution feature vector is processed in a structured manner according to a preset attribution report template to obtain a decision impact attribution report.

[0041] In this step, the multidimensional attribution feature vector is processed according to a preset attribution report template to generate a structured attribution report on the impact of decisions. The attribution report template refers to a predefined, standardized template used to regulate the content structure and field format of the attribution report on the impact of decisions. The attribution report on the impact of decisions (i.e....) Attribution report refers to a report document generated according to an attribution report template, which records multidimensional attribution information of decision results in a structured manner.

[0042] Specifically, the attribution numerical information of each dimension in the multidimensional attribution feature vector is mapped, filled, and structured according to the field structure and arrangement format defined in the preset attribution report template. The fields defined in the attribution report template include at least: a data influence weight field, used to record the set of data influence weights. Each input data point and its corresponding contribution value; the feature bias sensitivity field, used to record the feature bias sensitivity index. Each sensitive feature dimension and its corresponding deviation sensitivity score; compliance dependency field, used to record compliance dependency indicators. The system displays each compliance clause and its corresponding citation strength value. After the system completes the structured generation of all fields, it produces a decision impact attribution report. The impact of this decision on the attribution report. This can be represented by the following functional relationship: in, Indicates the decision result, This indicates the data's influence on the weight set. Indicators representing sensitivity to feature bias. Indicators representing compliance dependence This represents a mapping function generated by structurally integrating the attribution information from the aforementioned dimensions according to a preset attribution report template. Through this structured generation process, the decision impact attribution report... The system fully records the quantitative attribution information of decision results in three dimensions: data impact, bias sensitivity, and compliance dependence in a machine-readable structured form, providing multi-dimensional attribution basis for the structured encapsulation of audit record data and audit traceability analysis in subsequent steps.

[0043] S30: The decision results and the decision impact attribution report are structured and encapsulated to obtain audit record data.

[0044] In this step, the decision results and the decision impact attribution report are structured and encapsulated to generate audit log data. During the encapsulation process, the system assembles the decision results, the decision impact attribution report, and related auxiliary information (such as hash digests of all input data, model version identifiers, etc.) into a complete and tamper-proof structured audit log, thereby ensuring the integrity and reliability of the audit log data.

[0045] Combination Figure 5 As shown, step S30 specifically includes: S301: Perform hash digest calculation on all input data corresponding to the decision result to obtain the hash value of the input data.

[0046] In this step, a hash digest calculation is performed on all input data corresponding to the decision result to obtain the input data hash value. The "all input data" refers to all data field information contained in the standardized decision request data participating in the decision reasoning process in step S10. For example, in a credit approval scenario, the all input data may include a complete set of data such as the customer's income information, address information, credit score, and historical repayment records. The hash digest calculation process refers to the process of using a preset hash function to perform a one-way irreversible digest operation on the input data to generate a fixed-length hash digest value. The input data hash value is a fixed-length digest value obtained after hash digest calculation that can uniquely identify the content of all input data.

[0047] First, all input data corresponding to the decision result are serialized and concatenated according to a preset field arrangement order to obtain a complete input data sequence. Then, a preset hash function is used to calculate a hash digest of this input data sequence, generating an input data hash value. This input data hash value has the following characteristics: when the content of all input data remains unchanged, the hash value obtained after hash digest calculation is always the same; when the content of any field in all input data changes, the resulting hash value will change significantly. By performing hash digest calculation on all input data, the system can uniquely identify all input data content on which the current decision is based with a fixed-length hash value, providing a basis for input data integrity verification in the subsequent audit and traceability process. In financial business scenarios, this mechanism ensures that when auditors retrospectively trace a credit approval decision or risk control decision, they can verify whether the input data involved in the decision-making process has been tampered with by comparing the input data hash value, thereby ensuring the reliability of audit evidence at the data level.

[0048] S302: Obtain the model version identifier corresponding to the decision result, and associate and bind the model version identifier with the input data hash value to obtain the decision traceability identifier.

[0049] In this step, the model version identifier corresponding to the decision result is obtained, and the model version identifier is associated and bound with the input data hash value to obtain the decision tracing identifier. The model version identifier refers to the version number information of the decision reasoning model that made the current decision result, used to uniquely identify the model version used in the current decision. For example, the model version identifier can be represented as M1.0, M2.3, etc. The decision tracing identifier is a composite identifier generated by associating and binding the model version identifier with the input data hash value. This composite identifier can simultaneously lock the input data content on which the current decision is based and the model version used.

[0050] Specifically, the system first obtains the model version identifier currently loaded and executing inference from the runtime environment of the decision-making inference model. In financial business practice, AI decision-making models typically undergo multiple iterations and updates, and different versions of the model may differ in inference logic, training data, and decision performance. For example, in a credit approval scenario, the old model M1.0 and the new model M2.0 may perform inference based on different credit assessment strategies. Therefore, recording the model version identifier used in the decision is crucial for audit traceability. After obtaining the model version identifier, the system associates and binds it with the input data hash value obtained in step S301, combining the model version identifier and the input data hash value into a unified decision traceability identifier. This decision traceability identifier enables auditors to simultaneously locate the model version used in the current decision and the fingerprint information of all input data on which it is based through a single identifier during subsequent audits, achieving bidirectional traceability from the decision result to the model version and input data.

[0051] S303: Perform field-level assembly processing on the decision tracing identifier, the decision result, and the decision impact attribution report to obtain a structured audit record.

[0052] In this step, the decision source identification, the decision result, and the decision impact attribution report are processed at the field level to obtain a structured audit record. The field-level assembly process refers to the orderly assembly and integration of multiple independent data items according to a preset field structure definition, ensuring that the assembled record has a standardized structure and clear field semantics. The structured audit record refers to the standardized record generated after field-level assembly, containing key information about the entire decision-making process.

[0053] Specifically, the system assembles the decision tracing identifier, decision result, and decision impact attribution report by mapping them to their respective record fields according to the preset audit record field structure definition. The decision tracing identifier field carries the association between the model version identifier and the input data hash value, supporting subsequent model version tracing and input data integrity verification. The decision result field carries the decision category label and decision confidence distribution information, recording the final judgment conclusion of the current decision and the model's degree of confidence. The decision impact attribution report field carries multi-dimensional attribution information such as the data impact weight set, feature bias sensitivity index, and compliance dependency index, recording the quantitative attribution basis of the decision result in terms of data impact, fairness, and compliance. The system assembles these fields in a preset field order to generate a complete structured audit record. This structured audit record encapsulates the input data fingerprint, model version, decision conclusion, and multi-dimensional attribution information of the current decision in a machine-readable structured form within a single record.

[0054] S304: Perform timestamp injection and digital signature processing on the structured audit records to obtain signed audit records.

[0055] In this step, the structured audit records undergo timestamp injection and digital signature processing to obtain signed audit records. Timestamp injection refers to embedding the precise time information of the current decision-making moment into the structured audit record, giving the audit record clear time-based location information. Digital signature processing refers to using a preset signature key to perform a signature operation on the content of the structured audit record, generating digital signature information that can verify the authenticity and integrity of the record content. The signed audit record refers to the audit record obtained after timestamp injection and digital signature processing, possessing time stamping and tamper-proof protection. The precise time information of the current decision-making moment is obtained and injected into the structured audit record as a timestamp field. Timestamp injection gives the audit record clear time-series location capabilities, allowing auditors to determine the decision-making time corresponding to each audit record and to retrieve and sort audit records according to the time dimension. In financial business scenarios, accurate timestamp information is particularly important for audit traceability of credit approval decisions, risk control decisions, and claims decisions, because financial business decisions often need to be correlated with policies and regulations, market environment, and customer status at specific time points. Subsequently, the system uses a preset signature key to digitally sign the structured audit record after the timestamp is injected, generating digital signature information, which is then appended to the structured audit record to obtain the signed audit record. The introduction of digital signatures gives the signed audit record tamper-proof properties; any subsequent modification to the record content will cause the digital signature verification to fail, thus ensuring that the audit record content cannot be tampered with after its generation.

[0056] S305: Perform integrity verification and encapsulation processing on the signature audit record to obtain audit record data.

[0057] In this step, the signature audit record undergoes integrity verification and encapsulation processing to obtain audit record data. The integrity verification and encapsulation processing refers to the final integrity verification and encapsulation of the signature audit record to ensure that the audit record data can be independently verified for integrity during subsequent transmission and storage. The audit record data refers to the final audit record generated after integrity verification and encapsulation, possessing self-verification capabilities. Integrity verification is performed on each field of the signature audit record to verify whether each field is fully filled and whether the digital signature is valid, ensuring that the data content of the signature audit record before encapsulation is complete and has not been tampered with. After successful verification, the system encapsulates the signature audit record, packaging all its contents (including decision tracing identifier, decision result, decision impact attribution report, timestamp, and digital signature information) into a single, tamper-proof, complete audit record data unit. This encapsulation process may include generating an integrity verification code for the audit record data and attaching this code to the encapsulated audit record data, allowing any subsequent receiver or storage system to independently verify the integrity of the audit record data using this verification code. Through the above integrity verification and encapsulation processing, the system obtains the audit record data. The audit log data, in an immutable and encapsulated form, fully contains all the audit evidence information for the current decision, including input data fingerprints, model version, decision conclusions, multidimensional attribution information, timestamps, and digital signatures. This provides a data foundation with integrity and reliability for writing the audit log data into the trusted audit graph in subsequent steps.

[0058] S40: Write the audit record data into the trusted audit graph according to the preset graph storage rules to obtain audit graph data.

[0059] In this step, the audit record data is written into the trusted audit graph according to preset graph storage rules. The trusted audit graph is a graph-based storage system where graph nodes carry key information such as decision identifiers, customer identifiers, and model versions, while graph edges express attribution relationships such as input data-driven relationships, strategy dependencies, and influence weight associations. By persistently storing the audit record data in the trusted audit graph, the system obtains audit graph data, providing a structured data foundation for subsequent audit queries and decision tracing.

[0060] Combination Figure 6 As shown, step S40 specifically includes: S401: Perform graph node parsing processing on the audit record data to extract decision identifiers and customer identifiers, and obtain an audit graph node set.

[0061] In this step, the audit record data undergoes graph node parsing to extract decision identifiers and customer identifiers, resulting in an audit graph node set. The graph node parsing process refers to the process of parsing and extracting key identifier information from the audit record data that can serve as Trusted Audit Graph (TAG) nodes. The audit graph node set refers to the set of nodes obtained after parsing and extraction, consisting of multiple graph nodes, each carrying a specific type of identifier information.

[0062] Furthermore, the audit record data generated in step S30 is subjected to structured parsing to extract key identifier fields related to the graph nodes. According to the node definition of the Trusted Audit Graph (TAG), a TAG node includes: a decision identifier (i.e., decision ID). Customer identifier (i.e., customer ID) ) and model version identifier ( The decision identifier is a unique identifier for the current decision instance, used to locate a specific decision record in the trusted audit graph; the customer identifier is a unique identifier for the business customer involved in the current decision, used to link the decision history of a specific customer during the audit process; and the model version identifier is the version number of the decision reasoning model that made the current decision result, which has been obtained and encapsulated in the decision tracing identifier in step S302. In financial business scenarios, such as in credit approval, the decision identifier can correspond to a specific approval serial number, the customer identifier can correspond to the applicant's customer number, and the model version identifier can correspond to the version number of the currently deployed credit assessment model (e.g., ...). (etc.). The system constructs the above three types of identification information into corresponding graph nodes, and summarizes all graph nodes into an audit graph node set.

[0063] S402: Based on the audit graph node set, perform relation edge generation processing on the attribution association information in the audit record data to obtain the audit graph relation edge set.

[0064] In this step, relationship edge generation processing is performed on the attribution association information in the audit record data based on the audit graph node set to obtain the audit graph relationship edge set. The attribution association information refers to the attribution information recorded in the audit record data that reflects the causal or correlation relationships between various graph nodes, primarily derived from decision impact attribution reports. The data included influence weight set Compliance Dependency Indicators Multidimensional attribution data. The relation edge generation process refers to the process of establishing directed relation edges between graph nodes based on attribution association information. The audit graph relation edge set refers to the set of edges composed of multiple graph relation edges obtained after the relation edge generation process. According to the edge definition of Trusted Audit Graph (TAG), TAG edges include three types of relation edges: the first type is input data driven relation edges (i.e., by...). (Driver), used to express specific input data points The driving relationship of the decision outcome, the weight information of the edges of this relationship comes from the set of data influence weights. The first type is the contribution value of each input data point; the second type is the policy dependency edge (i.e., policy-based edge). ), used to express specific compliance policy clauses during the decision-making reasoning process. The dependency relationships, and the reference strength information of the edges in these relationships, are derived from compliance dependency metrics. The numerical value of the citation strength of each compliance clause; the third is the influence weight associated edge (i.e., the factor that generates influence weight). This is used to express the relationship between the influence weight information generated during the decision-making process and the decision nodes.

[0065] Exploring decision impact attribution reports from audit log data From the data influence weight set Extract each input data point and its corresponding contribution value, generate an input data-driven relationship edge between each input data point and the decision identifier node, and use the contribution value as the attribute information of this relationship edge; from compliance dependency indicators Extract each compliance clause and its corresponding reference strength value, generate a policy dependency edge between each compliance clause and the decision identifier node, and use the reference strength value as the attribute information of this edge; at the same time, the system sets the data influence weights. An influence weight association edge is generated between each contribution value and its corresponding decision node to record the influence weight generated by each input data point. The system aggregates all the relationship edges of the above three types into an audit graph relationship edge set. Through the above relationship edge generation process, the Trusted Audit Graph (TAG) not only stores the key identification information of the decision, but also records the attribution relationship between each input data point, compliance policy clause and decision result in a complete graph structure.

[0066] S403: The audit graph node set and the audit graph relation edge set are topologically assembled according to the preset graph storage rules to obtain the graph subgraph to be written.

[0067] In this step, the audit graph node set and the audit graph relation edge set are topologically assembled according to preset graph storage rules to obtain a graph subgraph to be written. The graph storage rules refer to a predefined set of rules used to standardize the topological structure, attribute format, and storage constraints of nodes and relation edges in a Trusted Audit Graph (TAG). The topological assembly refers to the process of orderly connecting and structurally assembling the graph node set and the graph relation edge set according to the topological relationships defined by the graph storage rules. The graph subgraph to be written refers to the local graph structure obtained after topological assembly, representing the complete audit information of the current single decision. According to the preset graph storage rules, each node (including the decision identifier node) in the audit graph node set obtained in step S401 is... Customer identification node Model version identifier node The system uses the nodes and edges obtained in step S402 as vertices of the subgraph. Each relation edge (including input data-driven, policy-dependent, and influence-weight-related edges) from the audit graph relation edge set is used as a directed edge connecting the vertices in the subgraph. These edges are assembled and connected according to the topological relationships between nodes and relation edges. During assembly, the system verifies whether the attribute format of each node conforms to the specifications, whether the start and end nodes of each relation edge are correctly matched, and whether the overall topological structure of the subgraph meets the preset graph structure constraints, based on the graph storage rules. After successful verification, the system assembles each node and relation edge into a complete subgraph to be written. This subgraph to be written fully represents all audit information for the current single decision in the form of a graph structure, including decision identifier, customer identifier, model version, and various attribution relationships, providing structured graph data input for subsequent distributed consensus verification and persistent storage.

[0068] S404: Perform distributed consensus verification processing on the subgraph to be written to obtain a consensus-confirmed subgraph.

[0069] In this step, the graph subgraph to be written undergoes distributed consensus verification to obtain a consensus-confirmed graph subgraph. The distributed consensus verification process refers to submitting the graph subgraph to be written to multiple nodes in the distributed ledger network for consensus verification. This ensures that the content of the graph subgraph is confirmed by multiple parties before being written into the Trusted Audit Graph (TAG), thereby guaranteeing the immutability and trustworthiness of audit records. The consensus-confirmed graph subgraph refers to the graph subgraph that has obtained multi-party confirmation after distributed consensus verification. Since the Trusted Audit Graph (TAG) is a structured storage system based on distributed ledger technology, its data writing process requires verification and confirmation through a distributed consensus mechanism. The system broadcasts the graph subgraph to be written, assembled in step S403, to multiple participating nodes in the distributed ledger network. Each participating node independently verifies the content of the graph subgraph, including verifying the data integrity of each node and relation edge in the graph subgraph, the validity of the digital signature in the audit record data, and the legality of the timestamp. When a predetermined proportion of participating nodes in a distributed ledger network consistently pass the verification of a subgraph, the system determines that the subgraph has passed consensus verification, resulting in a consensus-confirmed subgraph. In financial business scenarios, the introduction of a distributed consensus verification mechanism can effectively prevent audit records from being tampered with or deleted by a single party, ensuring that audit records for financial business decisions such as credit approval, risk control, and intelligent claims processing possess legal non-repudiation and evidentiary validity, meeting the stringent requirements of financial regulatory agencies for the completeness and reliability of audit evidence.

[0070] S405: Write the consensus-confirmed subgraph into the trusted audit graph for persistent storage to obtain audit graph data.

[0071] In this step, the consensus-confirmed graph subgraph is written into the Trusted Audit Graph for persistent storage to obtain audit graph data. The persistent storage process refers to the process of permanently writing the consensus-confirmed graph subgraph into the Trusted Audit Graph (TAG) storage system, making the graph subgraph a component of the Trusted Audit Graph and allowing for continuous access and querying. The audit graph data refers to the complete graph data formed after the consensus-confirmed graph subgraph is written into the Trusted Audit Graph, which is available for audit querying and decision tracing. The consensus-confirmed graph subgraph is written according to the Trusted Audit Graph (TAG) storage structure, persistently storing each node (decision identifier node, customer identifier node, model version identifier node) and each relation edge (input data driven relation edge, strategy dependency relation edge, influence weight relation edge) in the graph subgraph into the underlying storage system of the Trusted Audit Graph. After writing is complete, the audit information of the current decision becomes part of the Trusted Audit Graph (TAG), forming a complete audit graph data together with the audit information of historical decisions. As audit records of each AI decision are continuously written, the nodes and relationship edges accumulated in the Trusted Audit Graph (TAG) continue to grow, resulting in a large-scale audit knowledge graph covering the entire decision history. This audit graph data supports auditors in performing efficient graph query operations. For example, in financial business scenarios, auditors can use graph query statements to query decision records under the influence of specific time ranges, specific model versions, and specific compliance clauses. For example, "Query all decision records based on the old model in Q3 2024." And strategy "Reject decisions with an impact weight exceeding 50%". Through the above persistent storage process, the system obtains audit graph data, providing a complete and reliable structured data foundation for graph query and decision tracing processing based on the audit graph data in subsequent step S50.

[0072] S50: Based on the audit graph data, the received audit query requests are processed by graph query and decision tracing to obtain the decision tracing results.

[0073] In this step, when an auditor initiates an audit query request, the system performs graph query and decision tracing processing on the request based on the audit graph data. By performing graph query operations in the trusted audit graph, the system locates decision nodes that meet the query conditions and performs multi-level association tracing along the relation edges, thereby extracting the complete decision tracing path and obtaining the decision tracing result.

[0074] Combination Figure 7 As shown, step S50 specifically includes: S501: Receive an audit query request, perform semantic parsing on the audit query request, and obtain structured query conditions.

[0075] In this step, the audit query request refers to a query request initiated by auditors through the query interface provided by the Trusted Audit Graph (TAG) system, aimed at retrospectively reviewing AI decision records within a specific scope. This audit query request is typically submitted in natural language or semi-structured query statements, containing filtering information for the decision records the auditors wish to retrieve. The semantic parsing process refers to the process of semantic understanding and structural transformation of the natural language or semi-structured expression in the audit query request, extracting the filtering intent contained within into machine-executable structured query conditions. The structured query conditions refer to the set of query filtering conditions expressed in a standardized field and value format after semantic parsing. First, the audit query request submitted by the auditors is received through the query interface. Semantic parsing processing is performed on the audit query request to identify and extract filtering conditions of various dimensions; that is, lexical analysis and semantic understanding are performed on the natural language expression in the audit query request to identify time range conditions (e.g., "third quarter of 2024") and model version conditions (e.g., "old model"). Terms and conditions (such as "strategy") The system provides multi-dimensional filtering information, including criteria such as impact weight thresholds (e.g., "impact weight exceeds 50%)" and decision category conditions (e.g., "reject decision"). It transforms this filtering information into corresponding structured fields and values. For example, time range conditions are converted into start and end timestamp fields, model version conditions into model version identifier matching fields, policy clause conditions into clause identifier matching fields in compliance dependency indicators, impact weight threshold conditions into numerical comparison fields in the data impact weight set, and decision category conditions into decision category label matching fields. These fields and their corresponding values ​​together form structured query conditions. Through this semantic parsing process, the system accurately transforms the auditor's natural language query intent into structured query conditions that can be executed on the Trusted Audit Graph (TAG), providing standardized query input for subsequent graph query processing.

[0076] S502: Perform graph query processing on the audit graph data based on the structured query conditions to obtain a set of candidate decision nodes.

[0077] In this step, graph query processing is performed on the audit graph data based on the structured query conditions to obtain a set of candidate decision nodes. The graph query processing refers to the process of matching and retrieving nodes and relational edges in the Trusted Audit Graph (TAG) graph structure data according to the filtering conditions specified in the structured query conditions. The set of candidate decision nodes refers to the set of decision identifier nodes that satisfy all structured query conditions after graph query processing.

[0078] Specifically, the system transforms the structured query conditions obtained in step S501 into graph query statements that can be executed on the Trusted Audit Graph (TAG), and then executes these graph query statements on the audit graph data. During the graph query execution process, the system first filters out decision identifier nodes in the audit graph data whose timestamps fall within a specified range based on the time range condition in the structured query conditions. Then, based on the model version condition, the system further matches the association between model version identifier nodes and decision identifier nodes from the above filtering results, retaining decision identifier nodes that match the specified model version identifier. Next, based on the clause condition and the influence weight threshold condition, the system performs condition matching along the strategy dependency edge and influence weight association edge of the decision identifier node, filtering out decision identifier nodes whose reference strength of the specified strategy clause in the compliance dependency index or whose contribution value in the data influence weight set meets the threshold requirement. Finally, based on the decision category condition, the system performs decision category label matching on the filtering results, retaining decision identifier nodes consistent with the specified decision category. After the above multi-dimensional filtering and matching, the system obtains a set of candidate decision nodes that satisfy all structured query conditions.

[0079] S503: Perform multi-level association subgraph extraction processing on each decision node in the candidate decision node set along the relation edges to obtain a decision association subgraph set.

[0080] In this step, a multi-level association subgraph extraction process is performed on each decision node in the candidate decision node set along relational edges to obtain a decision association subgraph set. The multi-level association subgraph extraction process refers to starting from each decision node in the candidate decision node set, expanding outwards level by level along relational edges in the Trusted Audit Graph (TAG), extracting neighboring nodes and relational edges that have direct or indirect relationships with the decision node, thereby constructing a local subgraph structure centered on the decision node. The decision association subgraph set refers to the subgraph set obtained after performing multi-level association subgraph extraction on all decision nodes in the candidate decision node set. Each subgraph contains a decision node and its multi-level associated neighboring nodes and relational edges. The system traverses each decision identifier node in the candidate decision node set, and for each decision identifier node, performs multi-level expansion extraction along its relational edges in the Trusted Audit Graph (TAG). In the first-level expansion, the system extracts all neighboring nodes and relational edges directly connected to the decision identifier node, including relational edges driven by input data (i.e., "by..."). The input data nodes associated with the "driving" (or "driving"), and the policy dependency edges (i.e., "policy-based") The compliance policy clause nodes associated with ") and the influence weight associated edges (i.e., "generating influence weight") The system extracts the weight information nodes associated with the decision identifier node, as well as the customer identifier node and model version identifier node associated with it. In the second and deeper levels of expansion, the system uses the neighborhood nodes extracted in the first level of expansion as a new starting point and continues to expand outward along the relationship edges to extract the outermost associated nodes and relationship edges. For example, starting from the compliance policy clause node, the system can further extract other decision identifier nodes associated with the clause, thereby discovering the relationship between multiple decisions affected by the same policy clause; starting from the customer identifier node, the system can further extract other historical decision nodes of the customer, thereby constructing the complete historical decision association link of the customer. After the system completes the multi-level association subgraph extraction for each candidate decision node, it constructs the extraction results into a decision association subgraph, and summarizes the decision association subgraphs of all decision nodes in the candidate decision node set to form a decision association subgraph set.

[0081] S504: Perform layer-by-layer backtracking aggregation on the decision-related subgraph set according to the preset tracing depth to obtain a complete tracing path set.

[0082] In this step, the decision-related subgraph set is aggregated layer by layer according to a preset tracing depth to obtain a complete tracing path set. The tracing depth refers to a pre-set maximum number of levels used to control the tracing process along relational edges. This parameter can be configured according to audit requirements; a higher tracing depth results in a wider tracing range. The layer-by-layer tracing aggregation process refers to the process of backtracking layer by layer along relational edges in the decision-related subgraph, starting from the decision identifier node and proceeding from the nearest to the farthest level, and then aggregating the nodes and relational edges traversed at each level into a coherent tracing path. The complete tracing path set refers to the collection of tracing paths obtained after performing layer-by-layer tracing aggregation on all decision-related subgraphs in the decision-related subgraph set. Each tracing path completely records the entire chain of information from the decision result, tracing back layer by layer through each relational edge to the input data source, compliance policy clauses, or model version.

[0083] Specifically, the system traverses each decision-related subgraph in the decision-related subgraph set. For each subgraph, the system uses the decision identifier node as the starting point and performs a layer-by-layer backtracking operation according to a preset backtracking depth. In the first layer of backtracking, the system starts from the decision identifier node and backtracks along various relational edges to the directly related neighboring nodes, recording the node and relational edge information traversed in the first layer of backtracking. In the second layer of backtracking, the system uses the neighboring node reached in the first layer of backtracking as a new starting point and continues to backtrack along relational edges to the outermost nodes, recording the node and relational edge information traversed in the second layer of backtracking. This process continues, with the system performing backtracking operations in a progressive manner until the preset backtracking depth is reached. While performing layer-by-layer backtracking, the system aggregates the nodes and relational edges traversed at each level, sequentially connecting all the nodes and relational edges along the path from the decision identifier node to the terminal node at each level to obtain a complete backtracking path.

[0084] S505: Perform result sorting and summary generation processing on the complete traceability path set to obtain the decision traceability result.

[0085] In this step, the complete set of tracing paths undergoes result sorting and summary generation processes to obtain the decision tracing result. The result sorting process prioritizes each tracing path in the complete set according to a preset sorting rule, allowing auditors to review each path sequentially based on importance or relevance. The summary generation process extracts and summarizes key node information and relational attributes from each tracing path, generating concise tracing summary text to help auditors quickly understand the core content of each tracing path. The decision tracing result refers to the final output of the tracing paths and their corresponding summary information, presented as a sorted list after result sorting and summary generation. The complete set of tracing paths undergoes result sorting. The sorting rules can be flexibly configured according to audit needs. For example, they can be sorted from high to low based on the citation strength of compliance policy clauses involved in the tracing path, placing the decision tracing path most significantly affected by compliance policies first; or sorted from high to low based on the sensitivity index of sensitive feature deviations involved in the tracing path, prioritizing the decision tracing path with the highest risk of fairness deviation; or sorted from high to low based on the maximum contribution value of the data influence weight involved in the tracing path, placing the decision tracing path with the most significant data-driven impact first. After the system completes the sorting, it performs summary generation processing for each tracing path in the sorted results. During the summary generation process, the system extracts key node identification information (such as decision identifier, customer identifier, model version identifier), core attribute information of relationship edges (such as policy clause identifier and citation strength, input data point identifier and contribution value), and key information such as decision category label and decision confidence level from each tracing path, and refines and organizes the above information to generate a concise tracing summary text. For example, a traceability summary could be summarized as: "Decision ID-20240815-003, Customer ID-C1024, Model Used". Credit approval rejection decision, strategy The citation strength is 52%, and the contribution of customer address information is 45%. The system combines and encapsulates the sorted tracing paths and their corresponding tracing summary texts to obtain the decision tracing results. These results are presented to auditors in a structured and highly readable sorted list, enabling auditors to efficiently review the core information of each decision tracing path and to conduct in-depth reviews of high-risk or high-concern decision records according to their sorting priority. This provides clear and orderly tracing evidence for the semantic consistency verification process in subsequent step S60.

[0086] S60: Perform semantic consistency verification processing on the decision tracing result and the preset compliance ontology, and output the audit compliance processing result.

[0087] In this step, the decision tracing results are semantically consistent with a pre-defined compliance ontology. The compliance ontology is a structured knowledge representation constructed after semantic parsing of the enterprise's compliance policy documents. The system verifies whether the decision results are semantically consistent with the compliance policy by semantically matching and measuring the consistency between the compliance reference information in the decision tracing results and the corresponding clauses in the compliance ontology, and outputs the audit compliance processing results accordingly.

[0088] Combination Figure 8 As shown, step S60 specifically includes: S601: Obtain a preset set of compliance documents, perform semantic parsing and ontology construction on the set of compliance documents, and obtain a compliance ontology.

[0089] In this step, a pre-defined compliance document set is acquired, and semantic parsing and ontology construction are performed on this document set to obtain a compliance ontology. The compliance document set refers to a pre-configured collection of documents covering all applicable compliance policies and business process specifications, including internally developed compliance policy documents, standard operating procedures (SOPs), and regulations issued by external regulatory agencies. The semantic parsing and ontology construction process involves performing deep semantic analysis on the document content in the compliance document set, extracting the compliance concepts, clauses, rules, and their semantic relationships, and organizing the extracted results into a structured ontology knowledge representation. The compliance ontology (i.e., policy ontology) is an ontology model obtained after semantic parsing and ontology construction, which fully describes the enterprise's compliance policy system in a structured knowledge representation. This ontology model includes the semantic representation of each compliance policy clause, the hierarchical relationships and logical connections between clauses, and the applicable business scenarios and compliance constraints for each clause.

[0090] Specifically, the system retrieves a set of compliance documents from a pre-defined document management system. In financial business scenarios, this set of compliance documents may include, but is not limited to: fair credit strategy documents and customer information protection standards in the credit approval field; risk assessment business process documents (SOPs) and risk classification management systems in the risk control field; and claims compliance review rules and anti-fraud strategies in the intelligent claims field. The system performs semantic analysis on each document in the compliance document set. The analysis process includes natural language processing operations such as chapter structure identification, clause sentence segmentation, compliance keyword extraction, and semantic role labeling. From this, the system extracts the core semantic content, clause number identifier, applicable conditions, and reference relationships and hierarchical relationships between clauses for each compliance clause. After completing the semantic analysis, the system organizes and constructs the extracted semantic representations of each compliance clause, the relationships between clauses, and the applicable conditions according to ontology modeling specifications, resulting in a hierarchical and structured compliance ontology. This compliance ontology represents each compliance clause and its interrelationships in the form of a knowledge graph, ensuring that each specific clause in the compliance strategy system has a semantic representation that can be understood and queried by machines, providing a structured compliance knowledge foundation for subsequent semantic association mapping and consistency verification.

[0091] S602: Extract the corresponding compliance reference information from each decision node in the decision tracing result, and perform semantic association mapping with the compliance ontology to obtain a compliance semantic matching pair.

[0092] In this step, compliance reference information is extracted from each decision node in the decision tracing results, and semantic association mapping is performed with the compliance ontology to obtain compliance semantic matching pairs. The compliance reference information refers to the information associated with each decision node in the decision tracing results, recording the identifiers and reference strengths of the compliance policy clauses actually referenced during the decision reasoning process. This information originates from the decision impact attribution report. Compliance Dependency Metrics The semantic association mapping process refers to the process of matching and associating the compliance reference information extracted from the decision tracing results with the corresponding clause semantic representations in the compliance ontology, establishing a mapping relationship between compliance references at the decision level and clause semantics at the compliance ontology level. The compliance semantic matching pair refers to the set of matching pairs obtained after semantic association mapping, consisting of the compliance reference information of the decision node and the corresponding clause semantic representations in the compliance ontology. Iterate through each decision node in the decision tracing results obtained in step S50, and retrieve the decision impact attribution report associated with each decision node. Extract compliance dependency metrics The recorded compliance citation information includes the identifiers of each compliance policy clause actually cited during the decision-making reasoning process, as well as the citation strength values ​​of each clause. The extracted compliance clause identifiers are used as search keys for semantic retrieval and association mapping operations within the compliance ontology constructed in step S601. The system locates the clause node corresponding to each compliance clause identifier in the compliance ontology and extracts the complete semantic representation information of that clause node, including the specific semantic content of the clause, applicable conditions, the policy section to which it belongs, and its logical connections with other clauses. The system pairs and associates the compliance citation information of the decision node (including clause identifiers and citation strength) with the semantic representation information of the corresponding clause in the compliance ontology to obtain a set of compliance semantic matching pairs. For example, in the credit approval audit scenario of financial business, if the compliance dependency index of a certain decision node... The document records "Strategy Clause 3.1, reference strength 52%". The system then locates the semantic representation of the clause corresponding to "Strategy Clause 3.1" in the compliance ontology, and pairs the compliance reference information of the decision node with the complete semantic representation of the clause to form a compliance semantic matching pair. After performing the above semantic association mapping operation on all compliance reference information of all decision nodes in the decision tracing results, the system obtains a complete set of compliance semantic matching pairs. This set of compliance semantic matching pairs establishes a two-way association bridge from the decision level to the semantic level of the compliance strategy, enabling subsequent semantic consistency verification to accurately compare the actual compliance reference of the decision with the normative semantics of the compliance strategy.

[0093] S603: Perform semantic consistency measurement calculation on the compliant semantic matching pair to obtain a semantic consistency score.

[0094] In this step, the compliance semantic matching pairs are subjected to semantic consistency measurement calculation to obtain a semantic consistency score. The semantic consistency measurement calculation refers to the process of quantifying the semantic similarity between the decision compliance reference semantics and the compliance ontology clause semantics in the compliance semantic matching pair. This is used to assess whether the actual reference to the compliance strategy clause during decision reasoning is consistent with the normative semantics of that clause. The semantic consistency score is a numerical score obtained after semantic consistency measurement calculation, which quantifies the degree of semantic consistency between the decision compliance reference and the compliance ontology clause. Each compliance semantic matching pair in the compliance semantic matching pair set obtained in step S602 is traversed. For each pair, the semantic representation of the decision compliance reference information and the normative semantic representation of the corresponding clause in the compliance ontology are extracted. The system performs semantic consistency measurement calculation on both, which includes calculating the similarity between the semantic vector of the decision compliance reference and the semantic vector of the compliance ontology clause to assess their distance in the semantic space. When the actual semantics of a compliance clause referenced during decision-making reasoning closely match the normative semantics of that clause within the compliance ontology, the semantic consistency score approaches full marks, indicating that the decision's reference to the clause is accurate and compliant. Conversely, when there is a semantic deviation, the semantic consistency score decreases, suggesting potential bias or misunderstanding in the decision's reference to the clause. Furthermore, the system also incorporates decision impact attribution reports. The data in the set of influence weights Sensitivity index for characteristic deviation The system performs a semantic consistency assessment on the fairness dimension for compliance references involving sensitive features during the decision-making process, verifying whether the impact data points listed in the decision impact attribution report comply with the principles stipulated in the fairness-related clauses of the compliance ontology. After calculating the semantic consistency score for each matching pair in the compliance semantic matching pair set, the system summarizes the scores of each matching pair to obtain a complete semantic consistency score result set. This semantic consistency score result set provides a quantitative metric for subsequent compliance deviation detection.

[0095] S604: Based on the semantic consistency score, perform compliance deviation detection processing on the decision tracing results to obtain compliance deviation detection results.

[0096] In this step, compliance deviation detection processing is performed on the decision tracing results based on the semantic consistency score to obtain compliance deviation detection results. The compliance deviation detection processing refers to the process of identifying and classifying compliance deviations of each decision node in the decision tracing results according to the semantic consistency score and preset compliance deviation judgment criteria, in order to detect whether there are deviations inconsistent with the compliance strategy during the decision reasoning process. The compliance deviation detection result refers to the detection result obtained after compliance deviation detection processing, which identifies the compliance deviation status and deviation type of each decision node. For each decision node in the decision tracing results, the semantic consistency score of each compliance semantic matching pair corresponding to that decision node is obtained, and each score is compared with a preset compliance deviation judgment threshold. When the semantic consistency score of a compliance semantic matching pair is lower than the preset compliance deviation judgment threshold, the system determines that the decision node has a compliance deviation in the reference of the corresponding compliance clause, and further classifies and labels the deviation. Deviation types can include: clause citation deviation, where compliance clauses that are not applicable to the current business scenario are cited during the decision-making reasoning process, or there is a deviation in the semantic understanding of the applicable clauses; fairness deviation, where the decision result's dependence on sensitive features is abnormal, posing a potential risk of discrimination or unfair decision-making; and missing citation deviation, where applicable compliance clauses are not cited during the decision-making reasoning process, resulting in a lack of necessary compliance basis for the decision. In financial business scenarios, such as in the credit approval audit process, if a rejection decision's compliance citation does not involve the latest applicable policy clauses, but instead cites an expired old clause, the system will detect clause citation deviation; if a decision's feature deviation sensitivity index... The system indicates that the decision is highly sensitive to the applicant's regional characteristics, and the semantic consistency score shows that the decision did not fully reference the fair credit policy terms, thus the system will detect a fairness bias. The system will summarize and integrate the compliance bias status identifier (compliance / bias), bias type label, and corresponding semantic consistency score of each decision node to obtain the compliance bias detection result.

[0097] S605: Generate a compliance report or deviation warning signal based on the compliance deviation detection results, so as to output the audit compliance processing results.

[0098] In this step, a compliance report or deviation warning signal is generated based on the compliance deviation detection results to output the audit compliance processing results. The compliance report refers to a formal audit report generated based on the compliance deviation detection results, which fully presents the compliance status, deviation details, and audit conclusions of each decision node in a structured document format. The deviation warning signal refers to a warning notification signal proactively issued by the system to auditors or business managers when there are compliance deviations requiring timely attention in the compliance deviation detection results. The audit compliance processing results refer to the final complete audit compliance processing output of the system, including the compliance report and deviation warning signal. The compliance deviation detection results obtained in step S604 are analyzed and processed. The system first generates a compliance report based on the compliance deviation status and deviation type of each decision node in the compliance deviation detection results. The compliance report should include at least the following components: an audit overview section, recording the total number of decision records involved in the audit, the number of decision records with detected compliance deviations, and the percentage of deviations; a compliance decision details section, listing key information summaries for each decision node with a compliance deviation status, indicating that these decisions are semantically consistent with the corresponding clauses in the compliance ontology; and a deviation decision details section, listing detailed deviation information for each decision node with a deviation status, including the decision identifier, customer identifier, associated compliance clause identifier, semantic consistency score, deviation type, and specific description of the deviation. In financial business scenarios, compliance reports can be further refined into specialized audit reports for different business areas, such as credit approval compliance audit reports, compliance review reports, or claims decision fairness audit reports, to meet the differentiated audit requirements of financial regulatory agencies for different business lines.

[0099] Simultaneously with the generation of the compliance report, the system determines whether to generate a deviation warning signal based on the severity and urgency of the deviations detected in the compliance deviation detection results. When high-risk deviations are detected, such as systemic fairness deviations involving a large number of decision-making records or serious violations of core compliance policy clauses in the decision-making reasoning process, the system proactively generates a deviation warning signal and sends a warning notification to auditors or business managers through preset notification channels, prompting relevant personnel to pay attention to and address the detected compliance deviation issues in a timely manner. The system combines and encapsulates the compliance report and the deviation warning signal to output the audit compliance processing result. This audit compliance processing result presents the full-link audit conclusions from decision tracing to compliance verification in a structured and traceable form, enabling auditors to fully understand the compliance status of each decision and to carry out targeted follow-up processing and rectification of decisions with deviations. This achieves an integrated closed loop of decision impact attribution, structured audit record storage, and compliance semantic verification in the AI ​​decision audit process.

[0100] As can be seen, this application obtains decision results by acquiring decision request data in the target business scenario, performing decision reasoning processing, obtaining decision impact attribution reports by performing decision impact attribution calculation on the decision results, obtaining audit record data by performing structured encapsulation of the decision results and decision impact attribution reports, writing the audit record data into a trusted audit graph according to preset graph storage rules to obtain audit graph data, performing graph query and decision tracing processing on audit query requests based on audit graph data to obtain decision tracing results, and performing semantic consistency verification processing on the decision tracing results and compliance ontology to output audit compliance processing results. This can significantly improve the transparency, auditability, and compliance accountability of AI decision-making in the financial field.

[0101] Furthermore, this application writes audit log data into a trusted audit graph based on distributed ledger technology, and performs graph query and decision tracing processing on audit query requests based on the audit graph data. This enables auditors to quickly locate and trace decision records that meet specific conditions through structured graph query operations, transforming the work that originally required manually linking fragmented audit information across multiple log systems into efficient graph query operations. This significantly shortens compliance audit time and effectively reduces the company's manpower costs in compliance audits. By performing decision impact attribution calculations on decision results, the application quantifies in real time the data impact weight of each input data point on the decision result, the sensitivity of the decision to feature biases of sensitive features, and the compliance dependence of the decision reasoning process on compliance clauses. This allows operations personnel to promptly identify abnormal dependencies of decisions on sensitive features and proactively correct and calibrate the model for fairness before bias risks are discovered by regulatory agencies, thereby effectively mitigating the model's fairness bias risk. Furthermore, through the tamper-proof audit evidence chain provided by the Trusted Audit Graph and the clear multi-dimensional attribution information provided by the Decision Impact Attribution Report, combined with the semantic consistency verification between the decision tracing results and the compliance ontology, enterprises can transparently explain the reasoning logic and compliance basis of each important decision to regulatory agencies and customers, thereby improving the credibility of AI decision-making and enhancing stakeholders' trust in the AI ​​system.

[0102] It should be understood that the sequence number of each step in the above embodiments does not imply the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.

[0103] In one embodiment, an audit compliance processing apparatus is provided, which corresponds one-to-one with the audit compliance processing methods described in the above embodiments. For example... Figure 9 As shown, the audit compliance processing device includes: a data acquisition module 100, a decision calculation module 200, a data encapsulation module 300, a graph construction module 400, a decision tracing module 500, and a verification output module 600.

[0104] Detailed descriptions of each functional module are as follows: The data acquisition module 100 is used to acquire decision request data in the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results; The decision calculation module 200 is used to perform decision impact attribution calculation on the decision results and obtain a decision impact attribution report. The data encapsulation module 300 is used to perform structured encapsulation processing on the decision results and the decision impact attribution report to obtain audit record data; The graph construction module 400 is used to write the audit record data into a trusted audit graph according to a preset graph storage rule to obtain audit graph data; The decision tracing module 500 is used to perform graph query and decision tracing processing on the received audit query requests based on the audit graph data to obtain the decision tracing results; The verification output module 600 is used to perform semantic consistency verification processing on the decision tracing result and the preset compliance ontology, and output the audit compliance processing result.

[0105] In one embodiment, the data acquisition module 100 is specifically used for: Collect user request data and business input data in the target business scenario, and fuse and preprocess the user request data and business input data to obtain standardized decision request data; The standardized decision request data is subjected to multi-dimensional feature extraction processing to obtain a decision feature vector; The decision feature vector is input into a preset decision reasoning model for reasoning and calculation to obtain the decision confidence distribution; The decision confidence distribution is classified and judged according to a preset decision threshold to obtain decision category labels; The decision category labels and the decision confidence distribution are combined and encapsulated to obtain the decision result.

[0106] In one embodiment, the decision calculation module 200 is specifically used for: The feature contribution metric calculation is performed on each input data point corresponding to the decision result to obtain a set of data influence weights. Based on the data influence weight set, a bias sensitivity assessment is performed on the preset sensitive feature dimensions to obtain a feature bias sensitivity index. Based on the aforementioned feature deviation sensitivity index, the reasoning path of the decision result is analyzed for compliance clause citation strength to obtain a compliance dependency index. The compliance dependency index, the data influence weight set, and the feature deviation sensitivity index are subjected to multi-dimensional attribution integration processing to obtain a multi-dimensional attribution feature vector; The multidimensional attribution feature vector is processed in a structured manner according to a preset attribution report template to obtain a decision impact attribution report.

[0107] In one embodiment, the data encapsulation module 300 is specifically used for: Perform hash digest calculation on all input data corresponding to the decision result to obtain the hash value of the input data; Obtain the model version identifier corresponding to the decision result, and associate and bind the model version identifier with the input data hash value to obtain the decision tracing identifier; The decision source identification, the decision result, and the decision impact attribution report are assembled at the field level to obtain structured audit records; The structured audit records are subjected to timestamp injection and digital signature processing to obtain signed audit records; The signature audit record is subjected to integrity verification and encapsulation processing to obtain audit record data.

[0108] In one embodiment, the map construction module 400 is specifically used for: The audit record data is parsed using graph nodes to extract decision identifiers and customer identifiers, resulting in an audit graph node set. Based on the audit graph node set, the attribution association information in the audit record data is processed to generate relation edges, resulting in an audit graph relation edge set; The audit graph node set and the audit graph relation edge set are topologically assembled according to the preset graph storage rules to obtain the graph subgraph to be written. Distributed consensus verification processing is performed on the subgraph to be written to obtain a consensus-confirmed subgraph. The consensus-confirmed subgraph is written into the trusted audit graph for persistent storage to obtain audit graph data.

[0109] In one embodiment, the decision tracing module 500 is specifically used for: Receive audit query requests, perform semantic parsing on the audit query requests, and obtain structured query conditions; Based on the structured query conditions, graph query processing is performed on the audit graph data to obtain a set of candidate decision nodes; A multi-level association subgraph extraction process is performed on each decision node in the candidate decision node set along the relation edges to obtain a decision association subgraph set; The decision-related sub-graphet is aggregated layer by layer according to a preset tracing depth to obtain a complete tracing path set; The complete tracing path set is sorted and a summary is generated to obtain the decision tracing result.

[0110] In one embodiment, the verification output module 600 is specifically used for: Obtain a preset set of compliance documents, perform semantic parsing and ontology construction on the set of compliance documents, and obtain the compliance ontology; Based on each decision node in the decision tracing results, extract the corresponding compliance reference information and perform semantic association mapping with the compliance ontology to obtain compliance semantic matching pairs. The semantic consistency metric is calculated on the compliant semantic matching pairs to obtain a semantic consistency score; Based on the semantic consistency score, the decision tracing results are processed for compliance deviation detection to obtain compliance deviation detection results. Based on the compliance deviation detection results, a compliance report or deviation warning signal is generated to output the audit compliance processing results.

[0111] Specific limitations regarding the audit compliance processing device can be found in the limitations of the audit compliance processing methods described above, and will not be repeated here. Each module in the aforementioned audit compliance processing device can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in or independent of the processor in a computer device in hardware form, or stored in the memory of a computer device in software form, so that the processor can call and execute the operations corresponding to each module.

[0112] In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as follows: Figure 10 As shown, the computer device includes a processor, memory, network interface, and database connected via a system bus. The processor provides computing and control capabilities. The memory includes non-volatile and / or volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface is used to communicate with external clients via a network connection. When the computer program is executed by the processor, it implements the functions or steps of an audit compliance processing method on the server side.

[0113] In one embodiment, a computer device is provided, which may be a client, and its internal structure diagram may be as follows: Figure 11As shown, the computer device includes a processor, memory, network interface, display screen, and input devices connected via a system bus. The processor provides computing and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system and computer programs. The internal memory provides an environment for the operation of the operating system and computer programs stored in the non-volatile storage media. The network interface is used to communicate with an external server via a network connection. When executed by the processor, the computer program implements the functions or steps of an audit compliance processing method on the client side.

[0114] In one embodiment, a computer-readable storage medium is provided having a computer program stored thereon, which, when executed, can perform the steps provided in the above embodiments.

[0115] It should be noted that the functions or steps that can be implemented by the computer-readable storage medium or computer device described above can be referred to the relevant descriptions on the server side and client side in the foregoing method embodiments. To avoid repetition, they will not be described one by one here.

[0116] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium. When executed, the computer program can include the processes of the embodiments of the above methods. Any references to memory, storage, databases, or other media used in the embodiments provided in this application can include non-volatile and / or volatile memory. Non-volatile memory may include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory may include random access memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link DRAM (SLDRAM), RAMbus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

[0117] Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the above-described division of functional units and modules is used as an example. In practical applications, the above functions can be assigned to different functional units and modules as needed, that is, the internal structure of the device can be divided into different functional units or modules to complete all or part of the functions described above.

[0118] It should be noted that any AI models, software tools, or components not belonging to this company appearing in the embodiments of this application are merely illustrative examples and do not represent actual use. All user personal information involved in the embodiments of this application has been authorized (with the knowledge and consent) by the relevant parties or has been fully authorized by all parties, and the executing entity may obtain it through various legal and compliant means. The collection, storage, use, processing, transmission, provision, and disclosure of the information, data, and signals involved all comply with relevant laws and regulations and do not violate public order and good morals.

[0119] The above-described embodiments are only used to illustrate the technical solutions of the present invention, and are not intended to limit it. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features. Such modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention, and should all be included within the protection scope of the present invention.

Claims

1. An audit compliance processing method characterized by, include: Obtain decision request data in the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results; The decision results are processed by decision impact attribution calculation to obtain a decision impact attribution report; The decision results and the decision impact attribution report are structured and encapsulated to obtain audit record data; The audit record data is written into the trusted audit graph according to the preset graph storage rules to obtain audit graph data; Based on the audit graph data, the received audit query requests are processed by graph query and decision tracing to obtain the decision tracing results; The decision tracing results are semantically consistent with the preset compliance ontology, and the audit compliance processing results are output.

2. The audit compliance process method of claim 1, wherein, The process of acquiring decision request data under the target business scenario, performing decision reasoning processing on the decision request data, and obtaining decision results includes: Collect user request data and business input data in the target business scenario, and fuse and preprocess the user request data and business input data to obtain standardized decision request data; The standardized decision request data is subjected to multi-dimensional feature extraction processing to obtain a decision feature vector; The decision feature vector is input into a preset decision reasoning model for reasoning and calculation to obtain the decision confidence distribution; The decision confidence distribution is classified and judged according to a preset decision threshold to obtain decision category labels; The decision category labels and the decision confidence distribution are combined and encapsulated to obtain the decision result.

3. The audit compliance process method of claim 1, wherein, The step of performing decision impact attribution calculation on the decision results to obtain a decision impact attribution report includes: The feature contribution metric calculation is performed on each input data point corresponding to the decision result to obtain a set of data influence weights. Based on the data influence weight set, a bias sensitivity assessment is performed on the preset sensitive feature dimensions to obtain a feature bias sensitivity index. Based on the aforementioned feature deviation sensitivity index, the reasoning path of the decision result is analyzed for compliance clause citation strength to obtain a compliance dependency index. The compliance dependency index, the data influence weight set, and the feature deviation sensitivity index are subjected to multi-dimensional attribution integration processing to obtain a multi-dimensional attribution feature vector; The multidimensional attribution feature vector is processed in a structured manner according to a preset attribution report template to obtain a decision impact attribution report.

4. The audit compliance process method of claim 1, wherein, The step of structurally encapsulating the decision results and the decision impact attribution report to obtain audit record data includes: Perform hash digest calculation on all input data corresponding to the decision result to obtain the hash value of the input data; Obtain the model version identifier corresponding to the decision result, and associate and bind the model version identifier with the input data hash value to obtain the decision tracing identifier; The decision source identification, the decision result, and the decision impact attribution report are assembled at the field level to obtain structured audit records; The structured audit records are subjected to timestamp injection and digital signature processing to obtain signed audit records; The signature audit record is subjected to integrity verification and encapsulation processing to obtain audit record data.

5. The audit compliance process method of claim 1, wherein, The step of writing the audit record data into a trusted audit graph according to a preset graph storage rule to obtain audit graph data includes: The audit record data is parsed using graph nodes to extract decision identifiers and customer identifiers, resulting in an audit graph node set. Based on the audit graph node set, the attribution association information in the audit record data is processed to generate relation edges, resulting in an audit graph relation edge set; The audit graph node set and the audit graph relation edge set are topologically assembled according to the preset graph storage rules to obtain the graph subgraph to be written. Distributed consensus verification processing is performed on the subgraph to be written to obtain a consensus-confirmed subgraph. The consensus-confirmed subgraph is written into the trusted audit graph for persistent storage to obtain audit graph data.

6. The audit compliance process method of claim 1, wherein, The received audit query requests are processed using graph query and decision tracing based on the audit graph data to obtain decision tracing results, including: Receive audit query requests, perform semantic parsing on the audit query requests, and obtain structured query conditions; Based on the structured query conditions, graph query processing is performed on the audit graph data to obtain a set of candidate decision nodes; A multi-level association subgraph extraction process is performed on each decision node in the candidate decision node set along the relation edges to obtain a decision association subgraph set; The decision-related sub-graphet is aggregated layer by layer according to a preset tracing depth to obtain a complete tracing path set; The complete tracing path set is sorted and a summary is generated to obtain the decision tracing result.

7. The audit compliance processing method according to claim 1, characterized in that, The step of performing semantic consistency verification processing on the decision tracing results and the preset compliance ontology, and outputting the audit compliance processing results, includes: Obtain a preset set of compliance documents, perform semantic parsing and ontology construction on the set of compliance documents, and obtain the compliance ontology; Based on each decision node in the decision tracing results, extract the corresponding compliance reference information and perform semantic association mapping with the compliance ontology to obtain compliance semantic matching pairs. The semantic consistency metric is calculated on the compliant semantic matching pairs to obtain a semantic consistency score; Based on the semantic consistency score, the decision tracing results are processed for compliance deviation detection to obtain compliance deviation detection results. Based on the compliance deviation detection results, a compliance report or deviation warning signal is generated to output the audit compliance processing results.

8. An audit compliance processing device, characterized in that, include: The data acquisition module is used to acquire decision request data in the target business scenario, perform decision reasoning processing on the decision request data, and obtain decision results; The decision calculation module is used to perform decision impact attribution calculation on the decision results and obtain a decision impact attribution report; The data encapsulation module is used to perform structured encapsulation processing on the decision results and the decision impact attribution report to obtain audit record data; The graph construction module is used to write the audit record data into a trusted audit graph according to a preset graph storage rule to obtain audit graph data; The decision tracing module is used to perform graph query and decision tracing processing on the received audit query requests based on the audit graph data, and obtain the decision tracing results. The verification output module is used to perform semantic consistency verification processing on the decision tracing results and the preset compliance ontology, and output the audit compliance processing results.

9. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the computer program, it implements the steps of the audit compliance processing method as described in any one of claims 1 to 7.

10. A computer-readable storage medium storing a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the audit compliance processing method as described in any one of claims 1 to 7.