You're deployed at a customer in a regulated field (insurance). Their agent occasionally states coverage details that aren't in the source documents, which is a compliance risk. The answer-generation code is below: it retrieves documents but lets the model answer freely. AI tools are allowed. Add grounding and verification so the agent only states what the sources support, cites them, and refuses or escalates when unsure. Then brief the customer's compliance and legal lead on the residual risk.