Evolve a basic prompt into a production-grade, reusable template for generating merchant risk assessments โ through iterative prompt engineering.
โฑ 35 minutes
Exercise Overview
GrabFin's risk teams assess thousands of merchants across Southeast Asia. Each assessment requires analyzing transaction data, chargeback rates, complaint history, and compliance status โ then writing a clear narrative that non-technical stakeholders can act on.
Currently, analysts spend 30-45 minutes per merchant writing these manually. In this exercise, you'll build a prompt template that produces consistent, high-quality assessments in seconds.
๐ฏ What makes this "advanced"?
Unlike the basic modules where Kiro writes code for you, here you are the engineer. You'll iteratively refine a prompt through 6 steps, each applying a specific technique from the Advanced Prompting curriculum. The final deliverable is a reusable prompt template โ not code โ that your team can deploy at scale.
Zero-shot means giving the model a task with no examples, no role, and minimal instruction. This establishes a baseline โ you'll see what the model produces with almost no guidance, then improve from there.
Open Amazon Bedrock Chat Playground (or your preferred LLM tool). Paste the merchant data above, then add this simple instruction:
PROMPT โ Step 1: Zero-Shot
Assess the risk of this merchant based on the data below.
[PASTE MERCHANT DATA HERE]
๐ Observe the output: The response is likely generic, unstructured, and missing key analysis. It may hallucinate details not in the data. Note what's missing โ this is your improvement baseline.
๐ฌ Discussion point: What's wrong with this output? Common issues:
No clear structure โ hard to scan quickly
May include assumptions not supported by the data
No risk rating or actionable recommendation
Inconsistent depth โ some areas over-analyzed, others ignored
Would look different every time you run it โ not repeatable
Step 2: Add Role & Persona
๐ Technique: Role & Persona Prompting (Module 3)
Assigning a specific role shapes the model's vocabulary, reasoning depth, and what it considers important. A "risk analyst" will focus on different signals than a "customer support agent" looking at the same data.
Start a new conversation. This time, add a persona before the task:
PROMPT โ Step 2: Persona
You are a Senior Merchant Risk Analyst at a Southeast Asian fintech company. You have 8 years of experience assessing payment merchants for fraud risk, operational risk, and compliance risk. You are known for being thorough, data-driven, and fair โ you always distinguish between genuine business growth and suspicious patterns.
Assess the risk of this merchant based on the data below.
[PASTE MERCHANT DATA HERE]
๐ Compare with Step 1: The vocabulary should be more professional. The analysis should be deeper โ the model now "thinks like" a risk analyst. But the output is still unstructured and the format varies each time.
๐ฌ Why does persona work? The model has been trained on millions of documents written by risk analysts. When you say "You are a Senior Merchant Risk Analyst," you're activating that specific knowledge cluster โ the model draws on risk assessment frameworks, industry terminology, and analytical patterns it learned from real analyst writing.
Step 3: Add Few-Shot Examples
๐ Technique: Few-Shot Prompting (Module 1)
Providing 1-2 examples of the desired output teaches the model your exact format, tone, and level of detail. This is the single most effective technique for getting consistent, repeatable outputs.
Start a new conversation. Now include two short example assessments before the actual task:
PROMPT โ Step 3: Few-Shot
You are a Senior Merchant Risk Analyst at a Southeast Asian fintech company. You have 8 years of experience assessing payment merchants for fraud risk, operational risk, and compliance risk.
Here are two examples of how merchant risk assessments should be written:
---
EXAMPLE 1 (LOW RISK):
Merchant: FreshDaily Grocers (MRC-1102) | Market: Malaysia | Category: Grocery
Assessment: FreshDaily Grocers demonstrates a healthy, stable transaction profile. Monthly volumes have grown steadily at 8-10% month-over-month, consistent with organic business expansion. Chargeback rate of 0.4% is well within the industry benchmark of 0.5-1.0%. Customer complaints are minimal (2-3/month) and resolved within SLA. KYC documentation is current and no compliance flags exist.
Risk Rating: ๐ข GREEN โ No action required. Next review in 6 months.
---
EXAMPLE 2 (HIGH RISK):
Merchant: LuxeDeals Online (MRC-3391) | Market: Indonesia | Category: E-Commerce
Assessment: LuxeDeals Online presents significant risk indicators requiring immediate attention. Transaction volume spiked 400% in one month with no corresponding business explanation. Chargeback rate has reached 6.2%, far exceeding the 1.0% industry benchmark. 70% of chargebacks cite "unauthorized transaction," suggesting potential card-testing or account takeover fraud. The merchant has not responded to two compliance review requests.
Risk Rating: ๐ด RED โ Recommend immediate PayLater suspension and enhanced monitoring. Escalate to Fraud Investigation team.
---
Now assess this merchant using the same format and depth:
[PASTE MERCHANT DATA HERE]
๐ Compare with Step 2: The output should now match the format of your examples โ same structure, similar length, consistent tone. The model learned your "house style" from just 2 examples.
๐ฌ Key insight: Few-shot examples are like showing a new analyst "here's how we write these reports." The model mimics the pattern. Notice how 2 examples (one GREEN, one RED) are enough โ the model interpolates for AMBER cases on its own.
Step 4: Add Structured Output Requirements
๐ Technique: Structured Output (Module 4)
Defining exact sections and format ensures every assessment covers the same areas. This makes outputs comparable across merchants and scannable by busy stakeholders.
Start a new conversation. Now add explicit section requirements:
PROMPT โ Step 4: Structured Output
You are a Senior Merchant Risk Analyst at a Southeast Asian fintech company with 8 years of experience in payment merchant risk assessment.
Produce a Merchant Risk Assessment Report with EXACTLY these sections:
1. MERCHANT SUMMARY
- One paragraph: who they are, what they do, how long on platform
2. TRANSACTION ANALYSIS
- Volume and GMV trends (highlight any anomalies)
- Average transaction size analysis
- PayLater adoption trends and risk implications
3. CHARGEBACK & DISPUTE ANALYSIS
- Current rate vs. industry benchmark
- Trend direction (improving/worsening)
- Root cause breakdown
- Dispute resolution effectiveness
4. CUSTOMER COMPLAINT ANALYSIS
- Volume trend and top categories
- SLA compliance
- Correlation with chargeback patterns
5. RISK FACTORS
- List each identified risk factor
- For each: severity (HIGH/MEDIUM/LOW) and supporting data point
6. MITIGATING FACTORS
- Any legitimate business explanations for the patterns observed
7. RISK RATING
- ๐ข GREEN (low risk) | ๐ก AMBER (elevated, monitor) | ๐ด RED (high, action required)
- One-sentence justification
8. RECOMMENDED ACTIONS
- Numbered list of specific, actionable next steps with owners and timelines
[PASTE MERCHANT DATA HERE]
๐ Compare with Step 3: Every assessment now has the same 8 sections. You can compare Merchant A vs Merchant B side by side. Stakeholders know exactly where to look for the information they need.
Grounding instructions prevent the model from hallucinating facts not in the data. Self-critique makes the model review its own output for errors, bias, or unsupported claims โ like having a second analyst review the report.
Start a new conversation. Add grounding rules and a self-review step:
PROMPT โ Step 5: Grounding + Self-Critique
You are a Senior Merchant Risk Analyst at a Southeast Asian fintech company with 8 years of experience in payment merchant risk assessment.
CRITICAL GROUNDING RULES:
- Base your assessment ONLY on the data provided below. Do not infer, assume, or add information not present in the data.
- Every claim must reference a specific data point. Example: "Chargeback rate increased from 0.3% to 4.1% over 6 months" โ not "chargebacks are high."
- If data is insufficient to assess an area, explicitly state: "[INSUFFICIENT DATA: need X to assess Y]"
- Do not speculate on intent or motivation. State patterns, not judgments about the merchant's character.
- Distinguish between correlation and causation. If two trends coincide, note the correlation but do not claim one caused the other.
Produce a Merchant Risk Assessment Report with these sections:
1. MERCHANT SUMMARY
2. TRANSACTION ANALYSIS
3. CHARGEBACK & DISPUTE ANALYSIS
4. CUSTOMER COMPLAINT ANALYSIS
5. RISK FACTORS (each with severity and supporting data point)
6. MITIGATING FACTORS
7. RISK RATING (GREEN / AMBER / RED with justification)
8. RECOMMENDED ACTIONS (numbered, with owners and timelines)
After completing the report, perform a SELF-REVIEW:
- Re-read your assessment and check: Is every claim supported by a specific data point from the input?
- Are there any assumptions or inferences that go beyond the data?
- Is the risk rating consistent with the evidence presented?
- Would a different analyst reading the same data reach the same conclusion?
If you find any issues, correct them before presenting the final report.
[PASTE MERCHANT DATA HERE]
๐ Compare with Step 4: The output should now cite specific numbers for every claim. The self-review section catches errors the model might have made. This is production-safe โ auditable and defensible.
๐ฌ Why self-critique matters for risk assessments: In regulated environments, every assessment may be audited. A report that says "chargebacks are concerning" is useless. A report that says "chargeback rate increased from 0.3% to 4.1% over 6 months, exceeding the 1.0% industry benchmark by 4x" is auditable. The grounding rules + self-critique ensure this level of rigor automatically.
Step 6: Extract the Reusable Template
๐ Technique: Meta-Prompting (Module 5.2)
Meta-prompting asks the AI to analyze your conversation and produce a reusable artifact. Instead of manually extracting the template, you ask the model to do it โ turning your iterative work into a production-ready template with variables.
In the same conversation from Step 5, paste this follow-up:
PROMPT โ Step 6: Template Extraction
Excellent work. Now I want to turn this into a reusable template that any analyst on my team can use for ANY merchant โ not just QuickMart Express.
Please create a PROMPT TEMPLATE with the following requirements:
1. Replace all merchant-specific data with clearly labeled variables using {{double_braces}} syntax
Example: {{merchant_name}}, {{merchant_id}}, {{market}}, {{transaction_data}}, etc.
2. Keep the persona, grounding rules, structured sections, and self-critique instructions exactly as we refined them
3. Add a "TEMPLATE USAGE GUIDE" section at the top that explains:
- What each variable should contain
- What data format is expected
- Any prerequisites before using the template
4. Add a "CUSTOMIZATION NOTES" section at the bottom that explains:
- Which parts of the template can be modified for different markets
- How to adjust risk thresholds for different merchant categories
- How to add market-specific regulatory requirements (e.g., MAS for Singapore, BNM for Malaysia)
5. Format the template so it can be copy-pasted directly into any LLM chat interface
The template should be self-contained โ a new team member should be able to use it without any additional context.
โ Final deliverable: You now have a production-ready prompt template with {{variables}} that any analyst can use. Save this template โ it's the reusable artifact from this exercise.
What Your Template Should Look Like
The AI will produce a template similar to this structure (your version will be more detailed based on the conversation):
EXPECTED TEMPLATE STRUCTURE (reference only)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
MERCHANT RISK ASSESSMENT โ PROMPT TEMPLATE v1.0
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
TEMPLATE USAGE GUIDE:
- {{merchant_name}}: Full legal business name
- {{merchant_id}}: Internal merchant ID (MRC-XXXX)
- {{market}}: Operating market (SG/MY/ID/TH/VN/PH)
- {{category}}: Business category
- {{transaction_data}}: Last 6 months of transaction metrics
- {{chargeback_data}}: Chargeback rates, reasons, resolution rates
- {{complaint_data}}: Customer complaint volumes and categories
- {{compliance_status}}: KYC, registration, beneficial owner info
- {{additional_context}}: Any relevant business changes or events
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
You are a Senior Merchant Risk Analyst at a Southeast Asian
fintech company with 8 years of experience...
[Full persona + grounding rules + structured sections
+ self-critique โ all with {{variables}}]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
CUSTOMIZATION NOTES:
- For e-commerce merchants: Add "Delivery Fulfillment Rate" section
- For Singapore (MAS): Include PSA compliance check
- For Malaysia (BNM): Include e-money license verification
- Risk thresholds by category:
โข Grocery/Convenience: Chargeback alert at >1.5%
โข E-Commerce: Chargeback alert at >2.0%
โข Digital Services: Chargeback alert at >3.0%
Reflection & Discussion
What You Built
Through 6 iterative steps, you evolved a 10-word prompt into a production-grade template that:
Produces consistent, structured assessments every time
Cites specific data points (auditable and defensible)
Includes self-review to catch errors before human review
Works for any merchant โ just swap the variables
Can be customized per market and merchant category
Technique Recap
Step
Technique
What It Fixed
1. Zero-Shot
Baseline
Established what "bad" looks like
2. Persona
Role assignment
Better vocabulary, deeper analysis
3. Few-Shot
Example-driven
Consistent format and tone
4. Structured
Section requirements
Comparable, scannable outputs
5. Grounding
RAG + Self-Critique
No hallucination, auditable claims
6. Meta-Prompt
Template extraction
Reusable at scale
๐ก Key takeaway: The prompt IS the product. In many business workflows, you don't need to build software โ you need to build a great prompt template. A well-engineered template that takes 35 minutes to create can save your team hundreds of hours per month when deployed across thousands of merchant assessments.
Try It Yourself
To validate your template, try it with a completely different merchant profile โ a high-volume e-commerce merchant in Indonesia, or a small food stall in Thailand. Does the template still produce a useful assessment? If not, what needs adjusting?
What You Accomplished
๐ Applied 6 advanced prompting techniques in a real business context
๐ Experienced iterative prompt refinement โ the core skill of prompt engineering
๐ Produced a reusable, production-grade prompt template with variables
๐ Learned to ground AI outputs in data and add self-critique for quality assurance
๐๏ธ Built an artifact your team can deploy immediately for merchant risk assessments