GBP-Audit Safety-First Bias Correction for AI Models

GBP-Audit introduces a single diagnostic quantity — geometric coherence (κ) — that determines whether bias correction is safe before any intervention is applied.

Calibration Data + Frozen Model
         |
    [1. Compute Directions]  →  Task direction (t) and bias direction (b)
         |
    [2. Measure Coherence]   →  κ = |cos(t, b)| — are they aligned?
         |
    [3. Decision Gate]       →  κ > 0.7: ABSTAIN
         |                       κ < 0.3: Full correction range
         |                       0.3–0.7: Limited correction
    [4. Orthogonalize]       →  b_perp = b - proj(b onto t)
         |
    [5. Grid Search τ]       →  Find minimal correction passing 5 guardrails
         |
    ADJUST / ABSTAIN / REVIEW + Governance Packet

•Step 1: Compute Task and Bias Directions

From the frozen model's penultimate layer representations on a calibration split:

• Task direction (t): Average representation of positive-class samples minus average of negative-class samples. This is the direction the model uses to separate outcomes.
• Bias direction (b): Average representation of group A minus group B (within positive-class samples). This is the direction along which protected groups differ.

•Step 2: Geometric Coherence (κ)

κ = |⟨t, b⟩| / (||t|| × ||b||)

This is the absolute cosine similarity between the task and bias directions. It measures how much they point in the same direction:

• κ ≈ 0 — Bias is perpendicular to task. Safe to remove.
• κ ≈ 1 — Bias is aligned with task. Removing it destroys predictions.

•Step 3: Decision Gate

Based on κ, the system gates the intervention:

•Step 4: Orthogonalization

Even when bias is mostly perpendicular to the task, it may have a small parallel component. Orthogonalization removes this:

b_perp = b - (b · t / ||t||²) × t

After orthogonalization, the correction vector b_perp is guaranteed to be perpendicular to the task direction — removing it cannot affect the task signal.

•Step 5: Five Guardrails

Before any correction ships, it must pass all five guardrails:

If any guardrail fails at every τ value tried, the system outputs ABSTAIN — even if coherence suggested correction was possible.

•The τ Grid Search

For each candidate severity level τ from 0 to max_τ (in steps of 0.02):

h_corrected = h - τ × (P_perp × h)

The system selects the smallest τ where all five guardrails pass. Minimal intervention principle: never remove more bias than necessary.

Overview

Across 7 real-world datasets, GBP-Audit correctly identified which datasets had removable (proxy) bias and which had entangled (task-aligned) bias. In every case, the system made the right call: correct when safe, abstain when not.

Datasets Corrected (3 of 7) — ADJUST

These datasets had low coherence (κ < 0.3), indicating proxy bias that was safe to remove:

Key observations:

• Disparity reduction up to 73% (Bank Marketing: 8.7% → 2.3%)
• Zero meaningful AUROC degradation — all changes within ±0.002
• All five guardrails passed at the selected τ values
• Corrections were conservative — τ values well below maximum

Datasets Abstained (4 of 7) — ABSTAIN

These datasets had high coherence (κ > 0.5), indicating task-aligned bias that was dangerous to remove:

Key observations:

• Coherence correctly identified entanglement in every case
• Attempting correction on these datasets would have degraded AUROC by 2–8%
• Abstention prevented harm — no silent accuracy degradation shipped

The Safety Record

The system's safety record is perfect: it never shipped a correction that harmed accuracy, and it never failed to flag a dataset where correction would have been dangerous.

Attribute-Free Inference

A critical design constraint: GBP-Audit does not require the protected attribute at inference time.

The calibration phase uses protected attributes (from a held-out calibration set) to compute the bias direction and optimal τ. But the resulting correction — the projection matrix P_perp and severity τ — operates purely on the model's internal representations.

# Calibration (offline, one-time)
bias_direction = compute_bias_direction(calibration_data, protected_attr)
b_perp = orthogonalize(bias_direction, task_direction)
P_perp = outer(b_perp, b_perp) / norm(b_perp)²
tau = grid_search(P_perp, calibration_data, guardrails)

# Inference (online, per-request)
h = model.penultimate_layer(input)        # No protected attribute needed
h_corrected = h - tau * (P_perp @ h)       # Matrix multiply + subtract
prediction = model.final_layer(h_corrected)

This means:

• No demographic data collected at serving time — privacy-preserving by design
• No disparate treatment risk — the correction doesn't branch on protected attributes
• Regulatory compliance — satisfies requirements that prohibit using protected attributes in decisions

Sub-Millisecond Latency

The inference-time correction is a single matrix multiplication and vector subtraction:

For typical embedding dimensions (64–512), the correction adds negligible latency to the inference path.

Governance Packets

Every GBP-Audit decision produces a machine-readable governance packet — a complete audit trail that can be handed to regulators, compliance officers, or external auditors:

{
  "dataset": "bank_marketing",
  "protected_attribute": "age",
  "coherence_kappa": 0.08,
  "decision": "ADJUST",
  "tau": 0.65,
  "guardrails": {
    "tost_auroc": { "passed": true, "baseline": 0.912, "corrected": 0.910, "delta": 0.01 },
    "ece_cap": { "passed": true, "baseline": 0.034, "corrected": 0.032 },
    "fpr_drift": { "passed": true, "max_drift": 0.008 },
    "multi_seed": { "passed": true, "auroc_std": 0.002 },
    "fairness_improvement": { "passed": true, "eo_gap_before": 0.087, "eo_gap_after": 0.023 }
  },
  "hash": "sha256:9f3a..."
}

Regulatory Alignment

GBP-Audit's governance packets map directly to regulatory requirements:

The Situation

Amy is a Risk & Model Governance Manager at a mid-size bank. CFPB/OCC examiners have requested evidence that the bank's credit approval model is fair and that any post-hoc fixes don't secretly hurt model quality. She has 90 days.

The production model is frozen — retraining would take months and require cross-team approvals. Amy needs a solution that works post-hoc on the existing model.

Day 1: Discovery

The compliance team identifies a 12% age-based disparity in approval rates. Applicants over 55 are approved at significantly lower rates than younger applicants with similar credit profiles.

Traditional approach: retrain the model with age-blinded features. Timeline: 6+ months. Cost: significant engineering resources plus re-validation of the entire model.

Day 2: GBP-Audit Analysis

Amy runs GBP-Audit on a calibration split from the bank's validation data:

Step 1: Extract penultimate representations from frozen model
Step 2: Compute task direction (approved vs. rejected)
Step 3: Compute bias direction (over-55 vs. under-55)
Step 4: Measure coherence → κ = 0.11 (low — proxy bias)

Result: The age signal in the model's representations is largely orthogonal to the credit-risk signal. The model learned an age shortcut that doesn't contribute to accurate credit decisions. Safe to correct.

Day 3: Correction & Validation

GBP-Audit runs the full pipeline:

1. Orthogonalize bias direction against task direction → b_perp
2. Grid search τ from 0.0 to 1.0 in steps of 0.02
3. At τ = 0.58, all five guardrails pass:
   ✓ TOST AUROC: 0.891 → 0.889 (within δ = 0.01)
   ✓ ECE: 0.031 → 0.029 (improved)
   ✓ FPR drift: max 0.007 across age groups (< 0.03)
   ✓ Multi-seed: σ(AUROC) = 0.0018 (< 0.005)
   ✓ Fairness: EO gap 12.1% → 3.2% (improved)

Decision: ADJUST with τ = 0.58

Day 4: Regulatory Submission

Amy submits the governance packet to the CFPB/OCC examiners. It contains:

• Baseline metrics (pre-correction)
• Coherence analysis showing bias was proxy-driven
• All five guardrail results with confidence intervals
• Post-correction metrics showing 74% disparity reduction with negligible accuracy impact
• Reproducibility hash for exact replication

Outcome

The correction is a lightweight post-hoc layer that can be toggled on or off without touching the production model. If new data suggests the correction is no longer appropriate, it can be removed instantly.