D-AI — Disciplinary Action Automation

Phase A: Intake → Phase B: Investigation → Phase C: Resolution → Phase D: Post-Action

1. Analyze
Phase A
2. Investigation
Phase B
3. Warning
Phase C
4. Verdict
Phase C
5. Final Outcome
Phase D
Config
Setup
Phase A — Intake & Validation Phase B — Investigation Phase C — Resolution (Warnings / Hearing) Phase D — Post-Action

POST  /disciplinaryai/analyze

Phase A — Intake & Validation

Manager sends a breach email. The system reads the email, finds which of the 29 breach scenarios it matches, pulls the employee's history, and saves everything to Qdrant for the next steps.

Step-by-step workflow: Fill Subject → Paste Email Body → Select Attachment → Click "Encode to Base64" → Click "Analyze Incident"
Don't have an email? Load a sample:
This will encode Subject, Email Body, and optional Attachment into MailBase64Content
Response
Request Body — application/json
FieldTypeRequired?What to put here
SubjectstringRequiredThe email subject line. Usually starts with [Breach].
MailBase64ContentstringRequiredThe email body encoded in Base64. Use btoa() in JavaScript or the encoder helper on the Try It tab.
AttachmentstringRequiredSupporting document (PDF, DOCX, TXT, EML, MSG, JPG, PNG) encoded in Base64 format. Must include filename and file type.
Example
{ "Subject": "[Breach] Alanna Richards – Clean Desk Breach", "MailBase64Content": "RGVhciBUZWFtLC4uLg==", "Attachment": { "filename": "investigation_report.pdf", "file_type": "pdf", "content": "JVBERi0xLjQKJeLjz9MNCjEgMCBvYmoNCjw8L1R5cGUgL0NhdGFsb2cuLi4=" } }
JavaScript Example
const emailBody = "Employee Name: Alanna Richards\nEmployee ID: 99215\n..."; const base64Email = btoa(unescape(encodeURIComponent(emailBody))); // For file attachment const fileInput = document.getElementById('aAttachment'); const file = fileInput.files[0]; const reader = new FileReader(); reader.onload = function(e) { const base64File = e.target.result.split(',')[1]; // Remove data:application/pdf;base64, prefix fetch('/disciplinaryai/analyze', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ Subject: "[Breach] Alanna Richards – Clean Desk Breach", MailBase64Content: base64Email, Attachment: { filename: file.name, file_type: file.name.split('.').pop(), content: base64File } }) }); }; reader.readAsDataURL(file);
Response — HTTP 200
{ "employee_id": "99215", "employee_name": "Alanna Richards", "designation_dept": "Operations Associate – Amazon LOB", "incident_date": "2026-04-08", "detailed_description": "During a scheduled floor audit...", "witnesses": ["David Chen"], "supporting_evidence": "Floor audit photos, IT Audit Log...", "prior_history_flag": true, "total_scenarios_detected": 1, "breach_scenarios": [ { "case_number": "HRC-2026-99215-001", "scenario_id": 12, "scenario": "Clean Desk Breach", "category": "Data Security", "severity": 4, "severity_description": "Serious breach involving customer PII", "policy_violation": "Section 3.7A – Clean Desk Policy", "recommended_action": "Final Written Warning", "workflow_steps": ["Investigation","Verbal Warning","FWW","Hearing","Termination"], "reason": "Employee left handwritten PII visible at unattended workstation", "policy_reference": "Section 3.7A", "confidence": 0.95, "zero_tolerance_flag": false } ], "employee_history": [], "missing_employee_data": [], "analysis_timestamp": "2026-04-09T10:30:00" }
Error Response — HTTP 400 / 500
{ "detail": "Error message here" }

POST  /disciplinaryai/investigation-document-review

Phase B — Investigation

Upload an investigation document (Word, PDF, TXT) or a Webex meeting transcript. The system fixes spelling errors, then summarizes it into the standard 6-section investigation report. Missing fields are flagged automatically.

From Analyze — Case: | Employee:
Tip: You can upload the Webex meeting transcript from the hearing investigation. The AI will fix typos, translate any non-English text, and create a proper 6-section investigation report from it.
Response
Request — multipart/form-data
FieldTypeRequired?What to put here
fileFileRequiredPDF, DOCX, DOC, or TXT file. Can be a Webex transcript or investigation notes.
case_idstring (Form)OptionalCase reference number e.g. HRC-2026-001
employee_idstring (Form)OptionalEmployee ID from the /analyze response
cURL Example
curl -X POST "http://localhost:5000/disciplinaryai/investigation-document-review" \ -F "file=@investigation_notes.txt" \ -F "case_id=HRC-2026-001" \ -F "employee_id=99215"
Response — HTTP 200
{ "status": "success", "case_id": "HRC-2026-001", "employee_id": "99215", "file_info": { "filename": "investigation_notes.txt", "file_type": "txt", "file_size": 2048 }, "correction": { "original_text": "raw extracted text from the file...", "corrected_text": "spell-checked and cleaned text...", "corrections_summary": { "total_lines": 42, "lines_corrected": 3, "corrections_made": [ "line 5: 'recieved' → 'received'", "line 18: 'unauthorzied' → 'unauthorized'" ], "irrelevant_lines": [] } }, "investigation_summary": { "employee_name": "Alanna Richards", "employee_id": "99215", "incident_date": "2026-04-08", "breach_scenario": "Clean Desk Breach", "investigation_report": { "section_1_metadata": "Employee: Alanna Richards | ID: 99215 | Dept: Amazon-LOB | Location: Mandeville", "section_2_background": "Incident identified during scheduled floor audit on April 8 2026...", "section_3_process": "Floor audit by Jennifer Loke and David Chen. IT logs reviewed...", "section_4_findings": "Three handwritten sheets found under keyboard. Aggravating: deliberate concealment. Mitigating: no prior record.", "section_5_conclusion": "Based on balance of probabilities the allegation is substantiated. Violates Section 3.7A.", "section_6_signatures": "Investigator: [Placeholder] | HRBP Reviewer: [Placeholder]" }, "missing_fields": ["Employee job title not stated", "Exact time of incident not recorded"], "data_quality_score": "Medium", "flags": ["Conduct allegation is informal – needs witness statement before proceeding"], "summary": "Alanna Richards was found to have left customer PII visible at her workstation during a floor audit on April 8 2026." } }

POST  /disciplinaryai/warning-outcome

Phase C — Progressive Discipline

Used for lower severity breaches. You only send the employee ID and the warning type. The system fetches the latest incident data and policy from Qdrant automatically and generates a complete formal warning letter.

From Investigation — Employee: | Breach:
BRD Rule — Document Upload:
Counselling, Verbal Warning, Final Warning → No document upload needed. AI generates content directly.
Written Warning, Final Written Warning → HRBP must upload a signed document using the defined template.
If empty → all breaches sent automatically
Empty → all breaches from Qdrant used automatically
Response
Request Body — application/json
FieldTypeRequired?What to put here
employee_idstringRequiredThe employee's ID. System fetches all incident data from Qdrant automatically using this ID.
warning_typestringRequiredOne of: counselling | verbal_warning | written_warning | final_written_warning | final_warning
Example
{ "employee_id": "99215", "warning_type": "written_warning" }
Response — HTTP 200
{ "status": "success", "data": { "employee_id": "99215", "employee_name": "Alanna Richards", "warning_type": "written_warning", "stage_label": "Written Warning", "outcome_document": "SUTHERLAND JAMAICA\nDate: 08 April 2026\n\nEmployee Name : Alanna Richards\n...\nDear Ms. Richards,\n\nThis letter serves as a formal Written Warning...", "key_points": [ "Violation of Clean Desk Policy Section 3.7A", "Corrective action required immediately", "Warning valid for 12 months from date of issue" ], "validity_period": "12 months from date of issue", "policy_sections_cited": ["Section 3.7A – Clean Desk Policy"], "next_stage_if_repeated": "Final Written Warning", "requires_employee_signature": true, "requires_document_upload": true } }
Error Response
{ "status": "error", "message": "No incident analysis found for employee 99215. Please run incident analysis first." }

POST  /disciplinaryai/verdict

Phase C Path 1 — Hearing & Verdict

The AI fetches the incident from Qdrant, reviews the evidence and history, and produces a verdict using the Balance of Probabilities standard. The Hearing Chair can Accept or Reject the recommendation.

From Investigation — Employee: | Breach:
How it works: You only send employee_id, breach_scenario, and chair_action. The system automatically fetches the incident data, policy text, and prior history from Qdrant — no need to re-enter them. Chair Actions: Accept = approve | Reject = reject with notes.
System auto-fetches all incident data from Qdrant using this ID
If empty → system automatically sends ALL breaches for this employee
Empty + no case number → all breaches sent automatically  |  Empty + case number → all breaches sent automatically  |  Add specific breaches → only those are sent
Response
Request Body — application/json
FieldTypeRequired?What to put here
employee_idstringRequiredEmployee ID. System fetches incident + history from Qdrant automatically.
breach_scenariostringRequiredThe breach type e.g. "Clean Desk Breach". System fetches policy from Qdrant using this.
locationstringOptionalOffice location. Default: Jamaica
Example
{ "employee_id": "99215", "breach_scenario": "Clean Desk Breach", "location": "Jamaica" }
Response — HTTP 200
{ "status": "success", "data": { "case_id": "HRC-2026-99215-001", "employee_id": "99215", "employee_name": "Alanna Richards", "hearing_overview": { "date_of_hearing": "2026-04-12", "attendees": ["Jennifer Loke (Manager)", "Alanna Richards (Employee)", "HR Representative"], "charges": "Scenario #12 – Clean Desk Breach (Repeated Offense)" }, "key_findings": { "management_case": "Three handwritten sheets with customer PII found under keyboard. IT logs show no system lag contradicting employee's claim.", "employee_defense": "Employee claimed system latency forced her to write notes manually to meet KPI targets.", "witness_testimony": "HR confirmed employee was previously counselled for same breach in February 2026." }, "evidence_evaluation": { "supporting_evidence": ["IT Audit Log shows 0ms lag", "Floor audit photos", "Signed counselling form Feb 2026"], "inconsistencies": ["Employee claimed system lag – directly contradicted by IT Audit Log showing normal performance"] }, "verdict": { "decision": "Guilty", "infraction_level": "Gross Misconduct", "rationale": "Physical evidence confirmed. Employee defense contradicted by IT logs. Repeat offense aggravates the case.", "policy_sections_cited": ["Section 3.7A – Clean Desk Policy"], "recommended_action": "Termination" }, "prior_history_applied": true, "chair_action_applied": "Accept", "approval_status": "Approved – Pending HRBP Sign-off", "requires_hrbp_sign_off": true }, "metadata": { "case_id": "HRC-2026-99215-001", "timestamp": "2026-04-12T11:30:00", "chair_action": "Accept" } }

POST  /disciplinaryai/final-outcome

Phase D — Post-Action

Generates the formal Termination or Suspension letter after the hearing verdict. System auto-fetches incident data and policy from Qdrant. Letter includes legal references, appeal rights, and a 7-day deadline link.

From Verdict — Employee: | Action:
What happens after this letter is issued:
• If Termination → System pings SuccessFactors every 4 hours. If not actioned in 24hrs → alerts Manager, HRBP, AM → after 3 alerts escalates to Geo HR Leader.
• Employee has 7 days to appeal via secure link (personal email + OTP, no SSO needed).
• Case archived to 7-year secure storage.
System auto-fetches incident data using this ID
If empty → all breaches sent automatically
Empty → all breaches from Qdrant used automatically
Response
Post-action: System will ping SuccessFactors every 4 hours. Employee has 7 days to appeal via secure link.
Request Body — application/json
FieldTypeRequired?What to put here
case_idstringRequiredUnique case reference e.g. HRC-2026-001
employee_idstringRequiredEmployee ID. System auto-fetches incident from Qdrant using this.
breach_scenariostringRequiredBreach type e.g. "Clean Desk Breach". System auto-fetches policy and history using this.
verdict_decisionstringRequiredGuilty or Partially Substantiated
recommended_actionstringRequiredTermination or Suspension
issued_bystringRequiredName of the HR officer issuing the letter
locationstringOptionalDefault: Jamaica
Example
{ "case_id": "HRC-2026-001", "employee_id": "99215", "breach_scenario": "Clean Desk Breach", "verdict_decision": "Guilty", "recommended_action": "Termination", "issued_by": "Jennifer Loke", "location": "Jamaica" }
Response — HTTP 200
{ "status": "success", "data": { "case_id": "HRC-2026-001", "employee_id": "99215", "employee_name": "Alanna Richards", "recommended_action": "Termination", "outcome_letter": "SUTHERLAND JAMAICA\nDate: 09 April 2026\n\nEmployee Name : Alanna Richards\nEmployee ID : 99215\nDepartment : Amazon-LOB\n\nSubject: Notice of Termination of Employment\n\nDear Ms. Richards,\n\nFollowing a formal disciplinary hearing held on April 12 2026...", "key_points": [ "Employment terminated effective April 9 2026", "Violation of Section 3.7A Clean Desk Policy", "Appeal must be submitted within 7 days via secure link" ], "effective_date": "2026-04-09", "appeal_deadline": "7 days from date of letter", "policy_sections_cited": ["Section 3.7A – Clean Desk Policy"], "requires_employee_signature": true, "requires_sf_update": true, "sf_status_to_update": "Terminated" }, "metadata": { "case_id": "HRC-2026-001", "timestamp": "2026-04-09T09:00:00", "recommended_action": "Termination", "sf_ping_schedule": "Every 4 hours for 24 hours", "escalation_path": "Manager → HRBP → AM → Geo HR Leader", "archive_after": "Case closure – 7 year retention" } }

Configuration — Breach Scenarios Setup

One-time Setup

Upload the 29 breach scenarios and Sutherland policy documents into Qdrant. This needs to be done once during setup, or whenever the Employee Handbook is updated. All AI modules depend on this data.

Important: Run POST /disciplinaryai/breach-scenarios first (load scenarios into Qdrant), then POST /disciplinaryai/upload_policy (load policy documents). The /analyze endpoint will fail without this data.
All 29 Breach Scenarios — BRD Section 2.2
#Scenario NamePolicy SectionAI Workflow PathSeverity
1Timekeeping FraudSec 4.1Inv → FWW → Hearing → TermHigh
2Unauthorized OTSec 4.4Inv → Verbal → Written → Hearing → SuspMedium
3No Call / No ShowSec 5.4Inv → Written → Final → Hearing → TermMedium
4Excessive TardinessSec 2.1Inv → Counselling → Verbal → Hearing → TermLow
5HarassmentSec 8.10Inv → Hearing → TerminationCritical
6Data PrivacyCode 5.3 / JDPAInv → Hearing → TerminationCritical
7Cell Phone on FloorElectronic Comm.Inv → FWW → Hearing → TermHigh
8InsubordinationSec 9.3Inv → Hearing → Susp → TermHigh
9TheftSec 7.6 / 9.3Inv → Hearing → TerminationCritical
10Violence / ThreatsSec 7.2Inv → Hearing → TerminationCritical
11Alcohol / DrugsSec 7.1Inv → Hearing → TerminationCritical
12Clean Desk BreachSec 3.7AInv → Verbal → FWW → Hearing → TermHigh
13Internet MisuseSec 2.7Inv → Final Warning → Hearing → TermMedium
14SolicitationSec 8.8Inv → FWW → Hearing → Susp → TermMedium
15Dress CodeSec 2.6Inv → Counselling → Hearing → Susp → TermLow
16Sleeping on JobSec 9.3Inv → FWW → Hearing → TermMedium
17Falsifying RecordsSec 8.1Inv → Hearing → TerminationCritical
18Unauthorized Remote WorkSec 3.5Inv → Hearing → Susp → TermHigh
19Parking ViolationsSec 7.8Inv → Written → Hearing → SuspLow
20RetaliationSec 8.11Inv → Hearing → TerminationCritical
21GamblingSec 2.7Inv → Hearing → TerminationHigh
22Unauthorized Data AccessSec 2.7Inv → FWW → Hearing → TermHigh
23Confidentiality BreachSec 8.4Inv → Hearing → TerminationCritical
24KPI Failure (Performance)Sec 4.8Inv → Final Warning → TerminationMedium
25Ethical ViolationCode 6.6Inv → Hearing → Susp → TermHigh
26DiscriminationCode 4.1Inv → Hearing → TerminationCritical
27Conflict of InterestCode 6.5Final Warning → Inv → Hearing → TermHigh
28Safety ViolationSec 7Inv → Final Warning → Hearing → TermHigh
29Conduct DetrimentalSerial 16.20Inv → Hearing → TerminationCritical