[EAAPL-WRK015] Iterative Constraint Satisfaction
Category: Agentic Workflows
Sub-category: Constraint Enforcement Architecture
Version: 1.0
Maturity: Proven
Tags: constraint-satisfaction, schema-validation, hard-constraints, regulatory-constraints, safety-rules, iterative-refinement
Regulatory Relevance: EU AI Act Art. 15, APRA CPS 234, ISO 42001 §8.4
1. Executive Summary
The Iterative Constraint Satisfaction Pattern defines an architecture in which an agent iteratively refines its output until it satisfies a defined set of HARD constraints — binary pass/fail rules such as schema compliance, regulatory requirements, safety rules, and structural requirements — rather than quality criteria. This pattern is fundamentally different from the Reflexive Agent (EAAPL-AGT006), which evaluates qualitative output quality through a critic LLM; Iterative Constraint Satisfaction evaluates objective, mechanically-verifiable constraints through a deterministic constraint checker. The agent refines output until all constraints pass or the maximum iteration limit is reached.
For CIO/CTO audiences: quality evaluation asks "how good is this output?" — a subjective question answered by an AI reviewer. Constraint satisfaction asks "does this output comply with these mandatory rules?" — an objective question answered by deterministic code. For regulated outputs — financial disclosures that must not exceed a risk threshold, contracts that must contain mandatory clauses, communications that must not reference competitor prices — the question is not "is this good enough?" but "does it comply?" This pattern enforces compliance mechanically, not subjectively. The constraint checker does not have opinions; it evaluates rules. An output either passes all constraints or it doesn't, and if it doesn't, the agent must revise until it does.
2. Problem Statement
Business Problem
Regulated and safety-critical outputs must meet hard requirements that are not matters of quality but of compliance: a financial product disclosure statement must contain specific mandatory disclosures; a clinical summary must not recommend contraindicated medications; a generated contract must include specific clauses required by law. These requirements cannot be enforced through qualitative review — they require deterministic, rule-based checking.
Technical Problem
LLMs do not reliably self-enforce hard constraints. A model instructed to "include mandatory disclosure X" may omit it, include a paraphrase that technically satisfies the spirit but not the letter of the requirement, or include it in one section but contradict it in another. Soft quality review (Reflexive Agent) may not detect these failures because the model critic has the same systematic omissions as the generator.
Symptoms of Absence
- Generated outputs occasionally omit mandatory content that is required for regulatory compliance
- No systematic checking that generated outputs satisfy structural requirements (schema, word count, required sections)
- Compliance review identifies the same categories of missing requirements repeatedly, suggesting they are not being enforced at generation time
- Each output requires manual compliance review because there is no automated constraint gate
Cost of Inaction
- Regulatory Risk: Outputs with missing mandatory disclosures or non-compliant content create regulatory liability
- Manual Review Cost: Every output requires compliance review because there is no automated constraint gate
- Incident Cost: Discovering constraint violations post-delivery is more costly than preventing them at generation time
3. Context
When to Apply
- Output must satisfy binary (pass/fail) hard constraints that can be expressed as mechanical rules
- Constraints are stable, articulable, and can be implemented as deterministic code or structured queries
- Non-compliance with a constraint makes the output categorically unacceptable regardless of quality
- The organisation has a compliance obligation to demonstrate that outputs meet defined standards
When NOT to Apply
- Requirements are qualitative and subjective (use Reflexive Agent, EAAPL-AGT006)
- Constraints cannot be mechanically verified (require expert judgment)
- Constraints are so numerous or complex that the constraint checker becomes unmaintainable
- Output generation cannot feasibly satisfy all constraints even with iterative refinement (architectural issue)
Prerequisites
- Defined constraint set (each constraint: name, rule, machine-verifiable check)
- Constraint checker implementation (deterministic code, not LLM-based)
- Revision prompt that provides specific constraint failure context
- Maximum iteration limit and behaviour on exhaustion
Industry Applicability
| Industry |
Constraint Set |
Representative Constraint |
| Financial Services |
Product disclosure requirements |
Must contain ASIC-required risk warning verbatim |
| Healthcare |
Clinical documentation safety |
Must not recommend dosage exceeding guideline maximum |
| Legal |
Contract completeness |
Must contain governing law clause; must name both parties in recitals |
| Insurance |
Policy document requirements |
Must include 14-day cooling-off period notice |
| Government |
Regulatory correspondence |
Must not contain personal information of third parties |
4. Architecture Overview
The Iterative Constraint Satisfaction architecture separates the generation of output from the deterministic checking of constraints and the targeted revision of non-compliant content.
Constraint Set Definition
The constraint set is a machine-readable specification of all hard requirements. Each constraint has: (a) a unique identifier (e.g., "DISC-001"), (b) a human-readable description, (c) a machine-checkable rule implementation (regex, XPath, schema validation, keyword presence, numerical threshold, structural check), (d) the constraint category (schema, regulatory, safety, structural), (e) the severity (blocking vs. warning), and (f) a remediation hint used in the revision prompt. The constraint set is owned by compliance/domain SMEs and version-controlled.
Initial Generation
The agent generates the initial output using its standard generation workflow (sequential chain, ReAct loop, or direct generation). The initial generation is not constrained to satisfy all requirements — it focuses on producing a high-quality draft. Constraint satisfaction is a post-generation refinement phase.
Constraint Checker
The Constraint Checker evaluates the generated output against every constraint in the constraint set. The checker is implemented as deterministic code — it does not use an LLM. Each constraint check is independent and produces a binary result (PASS/FAIL) and, for failures, a specific failure message identifying the exact nature of the violation. The checker produces a structured report: {constraints_total: N, passed: K, failed: N-K, failures: [{constraint_id, description, failure_detail}]}.
Targeted Revision
When the constraint checker reports failures, the Revision Engine is invoked with: the current output, the full constraint failure report, and a revision prompt that instructs the agent to address each specific failure without introducing new violations. The revision prompt is targeted: "Revise the following draft to address these specific constraint violations: [failure list]. Do not change content that has already passed constraints. For each violation, explain the change you made."
Iteration Until Compliance or Max Iterations
After revision, the Constraint Checker is re-applied to the revised output. If all constraints pass, the output is accepted. If failures remain, another revision cycle is triggered. The maximum iteration count is enforced; if maximum iterations are reached without full compliance, the output is escalated to human review (never silently delivered as compliant).
Difference from Reflexive Agent
The Reflexive Agent (EAAPL-AGT006) uses an LLM critic to evaluate qualitative output quality. The Iterative Constraint Satisfaction pattern uses deterministic code to check objective compliance requirements. Both use an iterative refinement loop, but the quality criterion, the checker, and the failure mode (quality score vs. constraint pass/fail) are fundamentally different. They are complementary, not alternatives: a high-quality output (Reflexive Agent) that fails hard constraints (Constraint Satisfaction) is still non-deliverable.
5. Architecture Diagram
flowchart TD
subgraph Input["Task Input"]
A[Task + Constraints]
end
subgraph Generation["Initial Generation"]
B[Agent Generation]
end
subgraph Checking["Constraint Checking Loop"]
C[Constraint Checker]
D{All Constraints Pass?}
E[Iteration Guard]
end
subgraph Revision["Targeted Revision"]
F[Revision Engine]
G[Revision Prompt]
end
subgraph Output["Output"]
H[Compliant Output]
I[Escalate to Human]
end
subgraph Registry["Constraint Registry"]
J[(Constraint Set)]
K[(Constraint Audit Log)]
end
A --> B
B --> C
C --> J
J --> C
C --> D
D -->|all pass| H
D -->|failures exist| E
E -->|within limit| G
E -->|max reached| I
G --> F
F --> C
H --> K
I --> K
6. Components
| Component |
Type |
Responsibility |
Technology Options |
Criticality |
| Constraint Registry |
Configuration |
Version-controlled machine-readable constraint set |
YAML/JSON constraint files; database |
Critical |
| Constraint Checker |
Logic Component |
Deterministic evaluation of each constraint; produces failure report |
Custom Python; JSON Schema validator; regex engine; XPath |
Critical |
| Initial Generator |
AI Component |
Produces initial draft output |
Any generation workflow |
Critical |
| Revision Engine |
AI Component |
Revises output to address specific constraint failures |
LLM with targeted revision prompt; constraint failure context |
Critical |
| Iteration Guard |
Safety |
Enforces maximum revision iterations |
Counter in loop state; configurable max per constraint set |
Critical |
| Constraint Audit Logger |
Governance |
Records per-iteration constraint checker results |
Append-only log; PostgreSQL; CloudWatch Logs |
Critical |
| Human Escalation Handler |
Integration |
Receives non-compliant outputs after max iterations; routes to human review |
EAAPL-HITL001 implementation |
High |
| Constraint Coverage Reporter |
Quality |
Reports which constraints fire most frequently |
Analytics on constraint audit log |
Medium |
7. Data Flow
| Step |
Actor |
Action |
Output |
| 1 |
Caller |
Submits task: "Generate product disclosure statement for Fund ABC" |
Task with constraint set: "PDS_REQUIREMENTS_v3.4" |
| 2 |
Initial Generator |
Generates PDS draft |
800-word PDS draft |
| 3 |
Constraint Checker |
Evaluates 12 constraints |
{passed: 9, failed: 3, failures: [{id: "PDS-003", detail: "Missing ASIC risk warning"}, {id: "PDS-007", detail: "Management fee not disclosed"}, {id: "PDS-011", detail: "Cooling-off period not mentioned"}]} |
| 4 |
Iteration Guard |
Iteration 1 of 3; failures exist |
Continue |
| 5 |
Revision Engine |
Receives draft + 3 failures; generates targeted revision |
Revised PDS with ASIC risk warning, fee disclosure, and cooling-off period added |
| 6 |
Constraint Checker |
Re-evaluates 12 constraints on revised output |
{passed: 12, failed: 0} |
| 7 |
Iteration Guard |
All pass — exit loop |
Accept |
| 8 |
Constraint Audit Logger |
Logs: 2 iterations, 3→0 failures, constraint set v3.4 |
Audit record |
| 9 |
Caller |
Receives compliant output + {constraint_set: "PDS_REQUIREMENTS_v3.4", iterations: 2, all_passed: true} |
Final PDS |
Error Flow
| Error |
Detection |
Recovery |
| Constraint checker code error |
Exception in checker |
Return checker error; halt; alert — do not deliver unchecked output |
| Revision introduces new violations |
Constraint checker catches regression |
Continue iterating; log regression pattern |
| Max iterations reached with failures |
Iteration Guard |
Escalate to human review; never deliver non-compliant output |
| Constraint set unavailable (registry down) |
Constraint Registry unavailable |
Halt generation; do not deliver unchecked output; alert |
8. Security Considerations
Constraint Checker as Tamper-Proof Gate
- The constraint checker must not be modifiable by the LLM generation or revision steps
- Mitigation: Constraint checker is implemented as separate code, not injected into the LLM context; LLM cannot modify the rules; constraint set changes require authorised deployment
OWASP LLM Top 10
| OWASP LLM Risk |
Constraint Satisfaction Applicability |
Mitigation |
| LLM01 Prompt Injection |
Malicious input could attempt to generate content that claims to have passed constraints |
Constraint checker is deterministic code, not an LLM; injection cannot affect checker results |
| LLM08 Excessive Agency |
Agent could attempt to generate content that technically passes constraints while circumventing their intent |
Constraints must check for spirit, not just letter; constraint set review by compliance experts |
| LLM09 Overreliance |
Constraint pass does not guarantee correctness — only compliance with defined rules |
Constraint pass report is explicit: "passed defined constraints" not "output is correct" |
9. Governance Considerations
Constraint Set Ownership
- Each constraint in the constraint set must have a named business owner responsible for its accuracy, currency, and relevance
- Constraint additions and removals are change-controlled events requiring compliance review and regression testing
- The constraint set is as important a governance artefact as the output schema
Governance Artefacts
| Artefact |
Owner |
Frequency |
Purpose |
| Constraint Set Registry |
Compliance + Domain SMEs |
On change; quarterly review |
Versioned constraints with owner, rationale, and implementation |
| Constraint Audit Log |
Compliance |
Per execution; retained per policy |
Per-iteration constraint results for every output |
| Constraint Coverage Report |
Compliance |
Monthly |
Which constraints fire most; identifies common generation failures |
| Constraint Regression Test Suite |
QA |
On constraint set change |
Tests that all constraints detect known violations |
| Human Escalation Log |
Compliance |
Per escalation |
Tracks outputs that failed to satisfy constraints within iteration limit |
10. Operational Considerations
SLOs
| SLO |
Target |
Window |
Alert |
| First-iteration pass rate (no revision needed) |
≥ 70% |
24-hour rolling |
< 50% triggers P3; review generation quality |
| Compliance rate (all constraints pass within max iterations) |
100% of delivered outputs |
24-hour rolling |
Any non-compliant output delivered triggers P0 |
| Average iterations to compliance |
≤ 1.5 |
24-hour rolling |
> 2.5 triggers P3; review constraint complexity |
| Human escalation rate (max iterations reached) |
≤ 2% |
24-hour rolling |
> 5% triggers P2; review constraint achievability |
11. Cost Considerations
| Scenario |
Iterations |
Approx. Additional Cost (vs. no constraint checking) |
Compliance Benefit |
| 70% first-pass, 30% need 1 revision |
1.3 avg |
+30% generation cost |
Full compliance on all constraints |
| 50% first-pass, 40% need 1 revision, 10% need 2 |
1.6 avg |
+60% generation cost |
Full compliance with escalation safety net |
| High-complexity constraint set (many structural rules) |
2.0 avg |
+100% generation cost |
Justified by compliance risk avoided |
Constraint Checker Cost
- Deterministic constraint checking is negligible vs. LLM inference cost
- The primary cost is revision LLM inference; minimise by: (a) improving initial generation to pass more constraints on first attempt, (b) identifying the most commonly violated constraints and strengthening the generation prompt for those specifically
12. Trade-Off Analysis
| Option |
Compliance Enforcement |
Quality |
Cost |
Explainability |
Best For |
| A: Iterative Constraint Satisfaction (Recommended) |
Deterministic |
Medium |
Medium |
Very High |
Regulated, hard-constraint outputs |
| B: Reflexive Agent (EAAPL-AGT006) |
Soft (quality only) |
High |
Medium |
High |
Quality-focused, non-mandatory requirements |
| C: A + B (Constraint then Quality) |
Deterministic + High Quality |
Very High |
High |
High |
Highest-stakes regulated outputs |
| D: Manual compliance review |
Deterministic |
High |
Very High |
Very High |
Fallback only; does not scale |
13. Failure Modes
| Failure Mode |
Likelihood |
Impact |
Detection |
Recovery |
| Constraint definition error (constraint too strict, rejects valid output) |
Medium |
Medium — high escalation rate; output quality degraded |
Escalation rate monitoring; constraint owner review |
Constraint regression test; constraint owner periodic review |
| Revision introduces new violations while fixing others |
Medium |
Medium — iteration count increases |
Regression detection in constraint checker |
Add regression check to revision prompt; track constraint pass/fail per iteration |
| Constraint checker silently fails to detect violation |
Low |
Critical — non-compliant output delivered |
Constraint checker unit tests; external audit |
Constraint checker has test suite with known violations for each constraint |
| Max iterations reached (constraints unachievable for input) |
Low–Medium |
Medium — human escalation required |
Escalation rate monitoring |
Review constraint achievability for input type; improve generation prompt; adjust constraints |
14. Regulatory Considerations
EU AI Act
- Art. 15 (Accuracy and Robustness): For high-risk AI systems producing regulated outputs, the constraint satisfaction pattern directly implements the requirement for accuracy and robustness by ensuring outputs meet mandatory requirements before delivery.
APRA CPS 234
- For financial services organisations, generated outputs that interact with customer information assets must pass information security constraints (no PII leakage, no cross-customer data mixing) enforced by the constraint checker.
ISO 42001
- §8.4: The constraint set is an operational specification for the AI system; it must be version-controlled, tested, and managed as a change-controlled artefact.
Australian Context
- ASIC RG 263 (Digital financial product advice): Automated generation of financial product disclosures is subject to content requirements; the constraint satisfaction pattern is the appropriate architectural mechanism for enforcing these requirements at generation time.
- Privacy Act 1988 (APP 3, 6): For generated communications referencing personal information, constraints enforcing appropriate purpose limitation and disclosure minimisation can be mechanically checked.
15. Reference Implementations
AWS
| Component |
Service |
| Constraint Checker |
AWS Lambda (stateless, fast constraint evaluation) |
| Constraint Registry |
AWS DynamoDB or S3 (versioned YAML/JSON constraint files) |
| Generation + Revision |
Amazon Bedrock (Claude 3.5 Sonnet) |
| Iteration Control |
AWS Step Functions (state machine with retry count) |
| Constraint Audit Log |
CloudWatch Logs → S3 (append-only) |
Azure
| Component |
Service |
| Constraint Checker |
Azure Functions (Python) |
| Constraint Registry |
Azure Blob Storage (versioned constraint YAML) |
| Generation + Revision |
Azure OpenAI (GPT-4o) |
| Iteration Control |
Azure Durable Functions (sub-orchestration) |
| Audit Log |
Azure Monitor → Blob Storage |
On-Premises
| Component |
Technology |
| Constraint Checker |
Custom Python with jsonschema, regex, pdfminer for document constraints |
| Constraint Registry |
Git-versioned YAML files; loaded at runtime |
| Iteration Control |
LangGraph loop with conditional edges; custom loop |
| Audit Log |
PostgreSQL append-only table |
| Pattern |
ID |
Relationship Type |
Notes |
| Reflexive Agent |
EAAPL-AGT006 |
Complementary |
Reflexive Agent evaluates quality; this pattern enforces hard constraints; both can be used in sequence |
| ReAct Agent Loop |
EAAPL-WRK001 |
Integrates With |
Constraint checking wraps the ReAct generation output |
| Sequential Chain |
EAAPL-WRK002 |
Integrates With |
Constraint checker is a gate step in a sequential chain |
| Conditional Routing |
EAAPL-WRK011 |
Integrates With |
Loop-until from conditional routing implements the iteration primitive |
| Human Escalation |
EAAPL-HITL001 |
Integrates With |
Max-iteration escalation routes to human review |
| Workflow State Machine |
EAAPL-WRK012 |
Integrates With |
State machine governs the constraint checking loop states |
17. Maturity Assessment
Overall Maturity: Proven
| Dimension |
Score (1–5) |
Evidence |
| Research Foundation |
4 |
Constrained text generation literature; rule-based post-processing well-established |
| Production Deployment |
4 |
Deployed in financial disclosures, legal document generation, structured data output |
| Constraint Language Tooling |
4 |
JSON Schema, Pydantic, regex, XPath all mature; domain-specific constraint DSLs emerging |
| Framework Support |
3 |
LangGraph loop + constraint node; custom implementations common; no dominant framework |
| Regulatory Acceptance |
3 |
Accepted in early regulatory engagements; formal guidance developing |
18. Revision History
| Version |
Date |
Author |
Changes |
| 1.0 |
2025-06-13 |
Architecture Board |
Initial publication in Agentic Workflows category |