Available via license: CC BY 4.0
Content may be subject to copyright.
Breaking the Cycle of Recurring Failures: Applying Generative AI
to Root Cause Analysis in Legacy Banking Systems
Siyuan Jin∗
HKUST
Hong Kong, China
Zhendong Bei∗
HSBC
Guangzhou, China
Bichao Chen∗
HSBC
Guangzhou, China
Yong Xia†
HSBC
Guangzhou, China
Abstract
Traditional banks face signicant challenges in digital transforma-
tion, primarily due to legacy system constraints and fragmented
ownership. Recent incidents show that such fragmentation often
results in supercial incident resolutions, leaving root causes un-
addressed and causing recurring failures. We introduce a novel
approach to post-incident analysis, integrating knowledge-based
GenAI agents with the "Five Whys" technique to examine problem
descriptions and change request data. This method uncovered that
approximately 70% of the incidents previously attributed to man-
agement or vendor failures were due to underlying internal code
issues. We present a case study to show the impact of our method.
By scanning over 5,000 projects, we identied over 400 les with a
similar root cause. Overall, we leverage the knowledge-based agents
to automate and elevate root cause analysis, transforming it into a
more proactive process. These agents can be applied across other
phases of the software development lifecycle, further improving
development processes.
CCS Concepts
•Software and its engineering
→
Software creation and man-
agement.
Keywords
Generative AI, Fragmented Ownership, Root Cause Analysis
1 Introduction
Traditional banks face challenges in their digital transformation,
driven by existing legacy systems and their strict regulations [
2
].
Legacy systems are not exible to adapt to market changes, and risk-
averse cultures further hinder innovation [
9
,
12
]. As a result, some
legacy systems generate repeated incidents, signicantly impacting
bank operations. For example, the Monetary Authority of Singapore
(MAS) imposed a six-month pause on DBS Bank’s non-essential
activities due to operational failures
1
. To remain competitive in a
fast-changing, customer-focused nancial market, traditional banks
need to adopt more exible and integrated technology strategies [
2
].
In legacy systems, incident management often requires cross-
team collaboration. Teams may spend much time debating who is
∗Three authors contributed equally to this research.
†Corresponding Author.
1
https://www.mas.gov.sg/news/media-releases/2023/mas-imposes-six-month-
pause-on- dbs
responsible for an incident, focusing on surface-level symptoms
instead of the actual root causes. While incidents eventually get
xed, the failure to address the core issues leads to recurring prob-
lems over time. This raises the key research question of our study:
How can post-incident analysis methods be improved to identify root
causes and prevent similar problems from happening again?
As systems become more complex and interconnected, nding
the root cause of failures becomes harder. Traditional Root Cause
Analysis (RCA) methods, like the "Five Whys" [
11
], often miss the
multi-layered nature of these systems. These methods rely heavily
on human judgment, which introduces bias and variability. In large
IT operations, particularly those using legacy systems, the focus
is often on addressing symptoms rather than the deeper, systemic
problems. This results in incomplete xes and recurring incidents.
Also, the large volume of incident data in complex environments
overwhelms traditional RCA methods, limiting their scalability. As
a result, incidents are often treated in isolation, leading to reactive
problem-solving and increasing technical debt.
To address this, we integrate the traditional "Five Whys" RCA
with GenAI. We use a knowledge graph to capture knowledge
from the entire software development lifecycle, providing a knowl-
edge base for GenAI agents. By leveraging GenAI, we analyze both
problem description data and evidence sources (i.e., actions taken),
enabling a thorough exploration of not only what teams have doc-
umented but also the actions they have implemented.
We nd that over 70% of issues previously attributed to exter-
nal factors—such as management—were caused by internal code
deciencies or gaps in automation. We demonstrate how our root
cause can avoid recurring failures via a case example and how sim-
ilar code patterns exist in other legacy systems, which facilitates
proactive code quality improvement. Our knowledge-based agents
provide implications for other processes as well. They can aid in
tasks such as code generation, and documentation validation. These
models led to a 45% reduction in major incidents over a year, a 45.5%
reduction in change failure rate, and a 46.3% decrease in lead time
to deployment within a global nance company.
2 Background
2.1 Fragmented Ownership of Incidents
Fragmented ownership in legacy systems impedes eective root
cause identication during incident management. Figure 1 illus-
trates a typical awed workow where incidents are logged and cat-
egorized without thoroughly investigating their underlying causes.
Under Review
Write
Initial Reported to
Call Center Automatic ProcessIncident Description Determined Configuration Item,
Impacts, Category, Priority, etc.
Team A Team B Team N
Team Deliberation for
Ownership
Description Updated (lack true
information for root cause) Change Request
Resolution
Problem
To Solve
Root Cause
Identification Tool
Figure 1: Flawed Incident Management Process
Table 1: Repeated Symptom Issues Example
Issue Category Incident IDs Recurring Issue Description
Long-running SQL Queries INC10, INC11
Inecient query optimization, leading to repeated performance degradation
and resource exhaustion.
Database Deadlocks INC1, INC2
Ineective deadlock detection, resulting in unresolved locks and system delays.
Storage Capacity Exhaustion INC5, INC6, INC7
Inadequate capacity monitoring, leading to space exhaustion and service dis-
ruptions.
Backup Failures INC8, INC9 Systemic failures in backup processes, aecting disaster recovery.
Responsibility is dispersed across multiple teams, each focusing on
isolated components of the system. This siloed approach prevents
a holistic understanding of the problem, leading to supercial xes
rather than addressing systemic issues, even when formal RCA
methods are applied. Teams often implement temporary solutions
to restore service, but no single team is accountable for resolving the
deeper issues. As a result, technical debt increases, and operational
costs rise due to repeated failures.
Table 1 presents key recurring issues from our dataset. These
problems highlight the ineciency of current incident management
processes, where fragmented ownership limits the scope of anal-
ysis to immediate symptoms (i.e., the focus is on short-term xes
rather than long-term solutions). This escalates operational risks
and perpetuates ineciencies, making future system failures more
likely. To address these, Generative AI (GenAI) oer a promising
solution. By integrating insights across the fragmented software
development components, GenAI can provide a more comprehen-
sive understanding of the system’s behavior, enabling scalable and
more accurate incident resolution.
2.2 GenAI in Software Development
Figure 2 shows how knowledge is generated during the Software
Development Life Cycle (SDLC) and utilized by agents. Each SDLC
phase produces artifacts that contain valuable entity information
and relationships. We developed a procedure to automatically ex-
tract and map this data, constructing a knowledge graph that
supplies accurate, real-time information to analytical agents. This
knowledge graph enhances downstream processes by providing a
structured, integrated view of the system. As an illustration, we
apply this approach to root cause analysis, highlighting its eec-
tiveness in improving analysis precision and response time.
The phases of the SDLC are interdependent, with decisions in
one phase inuencing outcomes in subsequent phases. For instance,
inadequate planning can result in unrealistic timelines and resource
constraints, which in turn compress development time, limit testing,
and lead to incomplete requirements gathering. Problems in early
phases, such as planning or requirements, propagate through the
lifecycle, increasing both the complexity and cost of remediation.
GenAI-based agents, which can sense their environment, make
decisions, and take action, have shown strong performance across
various domains [
1
]. In the SDLC, GenAI enhances each phase
by automating tasks, improving decision quality, and facilitating
knowledge transfer between phases [4].
In the requirements gathering phase, GenAI can reduce ambi-
guity in user stories, improving clarity and alignment between
Breaking the Cycle of Recurring Failures: Applying Generative AI to Root Cause Analysis in Legacy Banking Systems
Data
Relational Knowledge
Knowledge Graph
Architecture
Business
Personnel
Specification
Journey
Assets
Source Code
Quality Control
Test Evidence
Change Record
Configuration
Resource
APM
Log
Alert
Incident Record
Requirement
Engineering Design Development &
Testing Deployment Maintenance
Software Development Life Cycle
Knowledge Automated Knowledge Generation
Incident
Data
Symptom
Identification Agent 5 Whys Analysis Agent
Root Cause Analysis
Root Cause
Classification Agent
Figure 2: Knowledge-Enabled Agents in Software Development Life Cycle (SDLC)
Table 2: Comparison of Root Cause Analysis (RCA) Methods in IT
Method Description Strengths Limitations
Five Whys [11]
Repeatedly asks "Why?" to trace root
causes.
Simple, scalable
Prone to oversimplication,
human bias.
FMEA [5]
Identies potential failure modes and
assesses their impacts.
Systematic, data-driven
Requires domain expertise,
resource-intensive.
Fault Tree Analysis [10]
Constructs a hierarchical model of fail-
ure causes.
Comprehensive, visualizes
dependencies
Complex, time-consuming,
requires expert judgment.
Pareto Analysis [7]
Prioritizes causes based on the 80/20
principle.
Focuses on key drivers
May overlook less obvious
or hidden root causes.
stakeholders [
8
]. By analyzing historical data, GenAI also auto-
mates project scoping and estimation, enhancing the accuracy of
timelines, resource allocation, and risk assessment. These rened
requirements enable early identication of potential design and
testing issues, minimizing rework.
In the design phase, GenAI can provide automated design sugges-
tions [
14
] such as architectural patterns or user interface designs,
ensuring that iterations are faster and that best practices are fol-
lowed. These improvements carry over into the development phase,
where GenAI can generate code, automate testing, and detect bugs
early in the process [
6
,
14
]. By speeding up development and ensur-
ing consistency, GenAI reduces testing cycles and the likelihood of
defects, leading to a more streamlined development process.
In the deployment phase, GenAI automates the deployment pro-
cess and continuously monitors system performance, which helps
minimize errors and ensures system stability. Real-time anomaly de-
tection during deployment further reduces the risk of failures. Data
collected during deployment is then fed back into planning and
design, helping to identify improvement areas in future projects.
During maintenance, GenAI leverages predictive analytics to
identify potential failures in advance, reducing downtime and proac-
tively addressing issues [
15
]. These insights ensure system avail-
ability is maintained and further reduce the need for reactive main-
tenance. Furthermore, lessons learned during maintenance, such
as recurring system issues, are used to guide improvements in
earlier phases, such as planning and design, leading to better risk
management and more resilient systems in future projects.
2.3 Post-Incident Analysis and Root Cause
Identication
Post-incident analysis is essential for keeping IT systems reliable,
especially in critical sectors like banking, where disruptions can
cause serious nancial and reputational damage [
13
]. A key part of
Under Review
this process is RCA, which goes beyond xing symptoms to nd
and address the underlying reasons for system failures [3].
These weaknesses are clear in environments where incidents
keep happening due to unresolved systemic problems. For example,
in large banking IT systems, issue resolution often focuses on im-
mediate xes like restarting services or patching software, rather
than addressing deeper root causes. This leads to repeated incidents,
higher operational risk, and reduced system resilience.
Table 2 compares the common RCA techniques in IT, such as the
"Five Whys". These methods trace incidents to their root causes,
identifying technical or procedural issues that need xing to pre-
vent future problems. However, these methods have limitations
in modern, large-scale systems. They depend on human expertise,
which can introduce bias and limit their scalability. Traditional
methods also struggle to handle the complex interactions between
technical and organizational factors common in IT systems [
13
].
Conversely, GenAI, by combining structured and unstructured data
(such as incident logs, system metrics, and user feedback), oers a
holistic approach to RCA [13].
3 Methodology
Our solution leverages GenAI to automate and enhance the post-
incident RCA process in IT environments. A key challenge in RCA
is the absence of ground truth for root causes, which often re-
quire actionable insights at the code level—far more granular than
high-level incident descriptions like "service down." LLMs serve
as powerful tools in this context, drawing on existing knowledge
from the whole SDLC phases to provide deeper insights into root
causes. By integrating AI agents into the traditional RCA work-
ow—specically augmenting the 5 Whys method, we introduce
the funnel model to identify underlying causes of incidents (g-
ure 3). The solution enables faster, more accurate, and scalable RCA
by utilizing LLMs and a dynamic knowledge graph that aggregates
system events, logs, and incident data.
Knowledge Graph. We use end-to-end automation throughout
the SDLC to build a knowledge graph that gathers evidence from
all phases. This graph is a rich source of information, helping AI
agents make better decisions across the software process.
Symptom Analysis Agent can collect incident data from IT
service management (ITSM) systems. This agent identies key
symptoms and possible problem areas by querying the knowledge
graph. It establishes a baseline for the incident, allowing the 5 Whys
analysis to focus on the most relevant parts.
Five Whys Analysis Agent automates the iterative question-
ing process to identify the root cause of incidents. It systematically
analyzes incident data, probing deeper with each subsequent ques-
tion. Real-time data from the knowledge graph serves as evidence,
supporting the investigation. We integrate the GPT-4o model with
a knowledge graph for evidence retrieval, enhancing traditional an-
alytical methods by automating workows to pinpoint underlying
issues. GPT-4o processes complex problem descriptions, guiding
the analysis, while the evidence retrieval system extracts and inte-
grates relevant data from the knowledge base, providing context
and reinforcing the analytical process.
The agent’s architecture leverages the React pattern, ensuring
modularity and exibility in managing state and handling eects,
which optimizes the integration of diverse data sources. This design
allows for consistent consolidation of datasets and facilitates the
retrieval of historical data to enhance analytical depth. The integra-
tion of AI with structured evidence retrieval signicantly improves
both the rigor and precision of root cause investigations.
Root Cause Classication Agent validates the root cause iden-
tied by the Five Whys Analysis Agent by comparing it against
historical patterns and classifying it into relevant categories. The
agent rst detects recurring patterns in historical incident data
where similar problems have frequently occurred. It then utilizes
advanced language models to categorize the root cause of each inci-
dent within these patterns. This approach helps uncover systemic
issues, enabling more ecient resolution in future operations. By
leveraging this process, the agent not only conrms the results of
the Five Whys Analysis but also plays a critical role in strategic
problem remediation eorts. In 95% of cases, the ndings were
validated by post-incident reviews, conrming its high level of
accuracy in pinpointing actionable root causes.
4 Results
Figure 4 demonstrates the application of this process in practice.
The case study outlines the step-by-step use of the AI-enhanced
"Five Whys" approach. Starting with a high-level issue, such as an
unreachable service, the system iterates through successive "Why?"
questions to uncover the root cause. Each step is informed by real-
time data from the knowledge graph, ensuring decisions are based
on objective evidence. In this example, the root cause—initially
attributed to service delays—was traced to a lack of automation. The
issue was ultimately resolved through a targeted change request,
ensuring a permanent x and minimizing the risk of recurrence.
This case study illustrates how the AI-enhanced "Five Whys" not
only identies root causes with greater accuracy but also facilitates
durable solutions, reducing future incidents.
We compare the "Five Whys" method, enhanced by generative
AI (GenAI), with traditional root cause analysis (RCA) techniques.
As shown in Figure 5, the AI-enhanced "Five Whys" method signi-
cantly shifts problem attribution. Our analysis found that over 70%
of issues previously attributed to external factors—such as man-
agement errors or vendor failures—were actually due to internal
code deciencies or automation gaps. Traditional approaches often
misattribute issues to external sources, whereas the AI-supported
"Five Whys" identies a higher percentage of internal causes, en-
abling more precise and eective resolutions. This shift highlights
the value of data-driven, AI-enhanced RCA in complex IT environ-
ments.
5 Discussion
This section outlines the impact of our model with one case study.
As shown in Table 3, before implementation, one request system
experienced signicant performance issues, such as response times
exceeding 1,200ms and frequent service failures. After implemen-
tation, these issues were resolved, with all requests consistently
completed in under 800ms and no failures reported. Scanning 5,535
projects and identifying recurring defects in 415 les, the AI has
showed its scalability and eectiveness across diverse environments.
Breaking the Cycle of Recurring Failures: Applying Generative AI to Root Cause Analysis in Legacy Banking Systems
Incident Description
Identified Symptom
Why symptom occurs? Reason A, Evidence A
Why A happens? Reason B, Evidence B
Why B happens? Reason C, Evidence C
Why C happens? Reason D,
Evidence D
Why D happens? Reason
E, Evidence E
Symptom Agent
Five Whys Analysis Agent
Root Cause Classification Agent Root Cause
Classification
Root Cause Analysis Funnel
Figure 3: Our Proposed Funnel Model
Figure 4: Case Study
This capacity to handle large volumes of data with precision en-
sures its applicability in enterprise-scale operations, reducing the
need for manual oversight in defect management.
Overall, the success of this GenAI-driven system highlights the
broader potential of using AI to automate defect management. By
integrating AI into the SDLC, organizations can ensure continuous
code improvement while reducing manual eort and minimizing
Under Review
Figure 5: Comparison of Classication Results
Table 3: Case Summary
Aspect Details
Total Projects 5,535
Same-Defect Projects
226
Same-Defect Files 415
Pre-Fix Performance
- Response times > 800ms, peaking at
1,200ms.
- Frequent failures.
Post-Fix Perfor-
mance
- All requests < 800ms.
- No failures.
human error. The system’s ability to scale, adapt, and enhance risk
management sets a strong precedent for future AI-driven software
development practices. As AI technology evolves, its role in predic-
tive maintenance and real-time security will likely grow, further
improving software reliability and resilience.
6 Conclusion
The interconnected nature of software management means that
disruptions in one phase can have cascading eects throughout
the entire lifecycle. Our study has demonstrated that integrating
knowledge-based agents into this process can signicantly improve
eciency and reliability. The models we introduced led to measur-
able improvements, including a 45% reduction in major incidents, a
45.5% drop in change failure rate, and a 46.3% decrease in lead time
to deployment within a global nance company.
Beyond these quantitative gains, our approach oers broader
benets for operational eciency and software management. By
automating the detection and resolution of code defects, the system
reduces the manual workload on developers, allowing them to
focus on higher-value tasks. This automation accelerates the defect
resolution process and enhances the consistency and reliability
of patches, leading to higher overall code quality. As a result, the
system not only boosts immediate performance but also supports
sustainable software development practices, reinforcing long-term
resilience and reducing technical debt.
While our model has demonstrated signicant success, future
research should explore its scalability across dierent industries
and system architectures. Additionally, addressing potential limita-
tions, such as AI biases or edge cases where the model may be less
eective, will be critical for ensuring its broader applicability. Nev-
ertheless, the integration of Generative AI into root cause analysis
oers a promising direction for improving software management,
ensuring that organizations can adapt to increasingly complex and
dynamic IT environments.
References
[1]
Olivia Brown, Robert M. Davison, Stephanie Decker, David A. Ellis, James
Faulconbridge, Julie Gore, Michelle Greenwood, Gazi Islam, Christina Lubin-
ski, Niall G. MacKenzie, Renate Meyer, Daniel Muzio, Paolo Quattrone, M. N.
Ravishankar, Tammar Zilber, Shuang Ren, Riikka M. Sarala, and Paul Hibbert.
2024. Theory-Driven Perspectives on Generative Articial Intelligence in Busi-
ness and Management. British Journal of Management 35, 1 (Jan. 2024), 3–23.
https://doi.org/10.1111/1467-8551.12788
[2]
Tom Butler. 2020. What’s Next in the Digital Transformation of Financial Indus-
try? IT Professional 22, 1 (Jan. 2020), 29–33. https://doi.org/10.1109/MITP.2019.
2963490 Conference Name: IT Professional.
[3]
Sandeep Dalal and Rajender Singh Chhillar. 2013. Empirical study of root cause
analysis of software failure. ACM SIGSOFT Software Engineering Notes 38, 4 (July
2013), 1–7. https://doi.org/10.1145/2492248.2492263
[4]
Angela Fan, Beliz Gokkaya, Mark Harman, Mitya Lyubarskiy, Shubho Sengupta,
Shin Yoo, and Jie M. Zhang. 2023. Large Language Models for Software Engi-
neering: Survey and Open Problems. In 2023 IEEE/ACM International Confer-
ence on Software Engineering: Future of Software Engineering (ICSE-FoSE). 31–53.
https://doi.org/10.1109/ICSE-FoSE59343.2023.00008
[5]
P.L. Goddard. 2000. Software FMEA techniques. In Annual Reliability and Main-
tainability Symposium. 2000 Proceedings. International Symposium on Product
Quality and Integrity (Cat. No.00CH37055). 118–123. https://doi.org/10.1109/
RAMS.2000.816294 ISSN: 0149-144X.
[6]
Siyuan Jin, Ziyuan Li, Bichao Chen, Bing Zhu, and Yong Xia. 2023. Software Code
Quality Measurement: Implications from Metric Distributions. In 2023 IEEE 23rd
International Conference on Software Quality, Reliability, and Security (QRS). IEEE,
Chiang Mai, Thailand, 488–496. https://doi.org/10.1109/QRS60937.2023.00054
[7]
G. Karuppusami and R. Gandhinathan. 2006. Pareto analysis of critical success
factors of total quality management. The TQM Magazine 18, 4 (Jan. 2006), 372–385.
https://doi.org/10.1108/09544780610671048 Publisher: Emerald Group Publishing
Limited.
[8]
Sebastian Lubos, Alexander Felfernig, Thi Ngoc Trang Tran, Damian Garber,
Merfat El Mansi, Seda Polat Erdeniz, and Viet-Man Le. 2024. Leveraging LLMs for
the Quality Assurance of Software Requirements. In 2024 IEEE 32nd International
Requirements Engineering Conference (RE). 389–397. https://doi.org/10.1109/
RE59067.2024.00046 ISSN: 2332-6441.
[9]
Valerie McTaggart and John Loonam. 2024. Exploring Top Management Support
for Digital Transformation: A Case Study of a European Financial Services
Organization. IEEE Transactions on Engineering Management 71 (2024), 13787–
13801. https://doi.org/10.1109/TEM.2023.3299033 Conference Name: IEEE
Transactions on Engineering Management.
[10]
Enno Ruijters and Mariëlle Stoelinga. 2015. Fault tree analysis: A survey of the
state-of-the-art in modeling, analysis and tools. Computer Science Review 15-16
(Feb. 2015), 29–62. https://doi.org/10.1016/j.cosrev.2015.03.001
[11]
Olivier Serrat. 2017. The Five Whys Technique. In Knowledge Solutions. Springer
Singapore, Singapore, 307–310. https://doi.org/10.1007/978-981- 10-0983- 9_32
[12]
Evangelia Siachou, Demetris Vrontis, and Eleni Trichina. 2021. Can traditional
organizations be digitally transformed by themselves? The moderating role of
absorptive capacity and strategic interdependence. Journal of Business Research
124 (Jan. 2021), 408–421. https://doi.org/10.1016/j.jbusres.2020.11.011
[13]
Vrije Universiteit Amsterdam, Mohammad H. Rezazade Mehrizi, Davide Nicolini,
University of Warwick, Joan Rodon, and Universitat Ramon Llull. 2022. How
Do Organizations Learn from Information System Incidents? A Synthesis of
the Past, Present, and Future. MIS Quarterly 46, 1 (Feb. 2022), 531–590. https:
//doi.org/10.25300/MISQ/2022/14305
[14]
Tom Yaacov, AchiyaElyasaf, and Gera Weiss. 2024. Boosting LLM-Based Software
Generation by Aligning Code with Requirements. In 2024 IEEE 32nd International
Requirements Engineering Conference Workshops (REW). 301–305. https://doi.
org/10.1109/REW61692.2024.00045 ISSN: 2770-6834.
[15]
Xin Yin, Chao Ni, and Shaohua Wang. 2024. Multitask-based Evaluation of
Open-Source LLM on Software Vulnerability. IEEE Transactions on Software
Engineering (2024), 1–16. https://doi.org/10.1109/TSE.2024.3470333 Conference
Name: IEEE Transactions on Software Engineering.
