ADM
The Autonomous HR/Page 06/TOGAF ADM

TOGAF ADM.
Phases A through D.

The architecture of The Autonomous HR is not improvised from a technology wish-list. It is derived from business requirements, expressed through the TOGAF Architecture Development Method, and constrained at every layer by the specific realities of the Rathi Textiles deployment context.

Phase A · Vision Phase B · Business Phase C · IS Architecture Phase D · Technology Phase E · Migration
TOGAF ADM — Phase A
Architecture Vision.
Phase A defines the scope, constraints, and measurable target state before any design work begins. It answers one question: what does success look like, and how will we know when we've achieved it?
Architecture Vision Statement
"By Q4 2026, 90% of all HR interactions at Rathi Textiles — leave applications, balance queries, policy questions, and payslip delivery — will be handled autonomously without human intervention, in under 60 seconds per interaction, across all six languages spoken by the workforce, at a total infrastructure cost below ₹2,000 per month."
I
The channel meets the worker, not the other way around
No new app. No new login. No training required. Every employee interaction happens on WhatsApp or a voice call — channels already embedded in daily life. Any solution that requires onboarding has already failed.
↳ Architecture constraint: Zero new client-side software
II
Policy governs. Code executes. Humans override.
All HR decision logic derives from the HR Policy PDF. No business rules are hardcoded. When the policy changes, the behaviour changes — without a developer, without a deployment, without a ticket.
↳ Architecture constraint: RAG-governed decision engine
III
Human oversight is designed in, not bolted on
HITL is not a fallback. It is a first-class architectural state with defined entry conditions, a presentation contract, a timeout behaviour, and an immutable audit record. Every escalation is a designed mechanism.
↳ Architecture constraint: HITL on confidence < 0.8
IV
Immutable audit trail before any state mutation
Every agent action writes to an append-only audit log before any downstream effect. The audit trail is a by-product of normal operations — not a separate compliance process. It is the defence in a labour dispute.
↳ Architecture constraint: Firestore append-only rules
V
Serverless by default — zero idle cost
A 52-person textile business does not generate HR interactions at 3am. Every service scales to zero when idle. Cost aligns with actual usage. An always-on server is an architectural failure for this customer segment.
↳ Architecture constraint: Cloud Run scale-to-zero
VI
OSS at the inference edge — GCP at the control plane
The customer already has GCP. The architecture keeps GCP for what it does best: managed identity, eventing, and LLM inference. OSS (Whisper, IndicTrans2, pgvector) replaces managed AI services only where accuracy and latency guarantees hold.
↳ Architecture constraint: Strategic hybrid — not wholesale replacement
Stakeholder concern → Architecture response mapping
StakeholderPrimary concernArchitecture response
Priya RathiCost below ₹2,000/month, Sunday payroll reclaimedServerless scale-to-zero. Payroll automation in Phase 3. Total infra: ~₹550/month.
Floor workersConfirmation in their language in < 60 secondsWhisper STT + NLLB-200 translation. Multi-language response generation via Gemini Flash.
CA / AccountantAccurate payroll data, ESIC/EPF complianceImmutable Firestore ledger. Monthly export in Tally-compatible format. Statutory register auto-maintained.
Labour InspectorLeave register per Shops Act, evidence of fair treatmentAppend-only audit log with policy clause citation on every decision. 7-year retention.
TOGAF ADM — Phase B
Business Architecture.
Phase B defines the target business capability model — what the organisation must be able to do, and how the architecture closes the gap between current state and target state. Every capability maps directly to a pain point identified in the client brief.
Capability 01 · Phase 1
Leave Application & Approval
AS-IS: WhatsApp to supervisor, unrecorded
Worker sends voice note or message. System transcribes, checks policy and balance, approves or denies in < 60 seconds. HITL fires on ambiguity. Every decision is recorded with policy clause and confidence score.
Full automation — 90%
Capability 02 · Phase 1
Leave Balance Query
AS-IS: Ask supervisor verbally, often wrong
Worker asks via WhatsApp text or voice. System queries Firestore and responds in real time with casual, sick, and earned leave balances in the worker's language.
Full automation — 100%
Capability 03 · Phase 1
Policy Q&A
AS-IS: Ask supervisor, answer unreliable
Worker asks any policy question in any language. Policy RAG retrieves the governing clause and responds accurately, citing the source paragraph. Every answer is consistent and auditable.
Full automation — 95%
Capability 04 · Phase 2
Employee Onboarding
AS-IS: Paper forms, incomplete, ESIC delayed
Onboarding agent collects Aadhaar, PAN, bank details, emergency contact via WhatsApp conversation. Triggers ESIC/EPF registration. Delivers digital offer letter. Compliance from day one.
Assisted automation — 80%
Capability 05 · Phase 3
Attendance & Payroll
AS-IS: 4-hour Sunday manual process
WhatsApp check-in/out. Automated attendance ledger. Payroll calculation engine. Payslip delivered as WhatsApp PDF. Payment disbursement trigger to Priya's accounting workflow.
Full automation — 85%
Capability 06 · Phase 4
Grievance Management
AS-IS: Verbal, unrecorded, unresolved
Worker logs grievance via voice or text. Statutory register maintained. Escalation workflow routes to Priya. Resolution tracked. Labour inspection export generated on demand.
Assisted automation — 70%
Business process — leave management (target state)
Step 1
Worker initiates
Voice note or text on WhatsApp
Worker speaks naturally in any language · No script or menu · Voice or text
Step 2
System transcribes
Whisper STT + language normalisation
Audio → transcript → structured intent · Language detected · < 4 seconds
Step 3
Policy checked
RAG lookup + balance verification
HR Policy PDF queried · Leave balance retrieved · Confidence scored
Step 4
Decision made
Auto-approve / deny — or HITL
Confidence ≥ 0.8: autonomous decision · < 0.8: owner notified via WhatsApp
Step 5
Audit + confirm
Immutable log → WhatsApp confirmation
Audit log written · Worker notified in detected language · Total: < 60 seconds
Key performance indicators — Phase 1 target
End-to-end leave decision SLA < 60s
Autonomous decision rate (no HITL) ≥ 90%
Languages supported (auto-detected) 200+
Monthly infrastructure cost ≤ ₹550
New apps required for employees 0
STT confidence threshold (auto-HITL) 0.85
Policy RAG confidence threshold (HITL) 0.80
TOGAF ADM — Phase C
Information Systems Architecture.
Phase C defines the application architecture and data architecture — what systems exist, what they do, and what data they manage. This is split into two sub-phases: Application Architecture (what runs) and Data Architecture (what is stored).
Phase C1 · Application Architecture
L1
Channel Layer
WhatsApp Business API · IVR Voice Gateway
Meta WhatsApp Cloud API — receives inbound audio/text, sends outbound confirmations and HITL alerts
Exotel / Plivo SIP — handles inbound IVR calls, streams audio to STT service via WebSocket
Both channels are abstracted behind a gateway interface — channel layer is provider-agnostic
L2
Speech Layer
Whisper large-v3 · NLLB-200 (Meta OSS)
Whisper: audio → transcript, language detection, confidence score — containerised on Cloud Run GPU spot
NLLB-200: normalises code-switched speech (Hinglish, Tenglish) to structured English intent
Fallback: Google STT v2 on Whisper service error — SLA maintained at managed-service level
L3
Orchestration
Gemini 1.5 Flash · LangGraph · Leave Agent
Intent Router (Gemini Flash): classifies intent, extracts entities, routes to specialist agent
Leave Agent (LangGraph state machine): queries balance, calls Policy RAG, decides, triggers audit write
HITL Manager: composes owner brief, sends WhatsApp escalation, waits for resolution webhook
L4
Policy Layer
pgvector (Supabase) · Gemini Flash Embeddings
HR Policy PDF ingested: chunked (256 tokens), embedded via Gemini Flash, stored in Supabase pgvector
On policy update: owner uploads new PDF → re-indexing triggered automatically → behaviour updates immediately
Every query returns: answer, source clause, page reference, confidence score
L5
Data Layer
Firestore · Cloud Functions · Pub/Sub
Firestore: employee records, leave ledger, HITL queue, session state, append-only audit log
Cloud Functions: notification dispatcher, audit log writer, owner HITL webhook handler
Pub/Sub: event bus decoupling all services — inbound messages, STT results, agent decisions, audit triggers
Phase C2 · Data Architecture
EntityStoreKey fieldsRetention
Employee Firestore /employees/{id} name, mobile, language_pref, dept, joining_date, leave_balance {casual, sick, earned}, esic_number Duration + 3 years
Leave Request Firestore /leave_requests/{id} employee_id, type, dates[], status, policy_clause, rag_confidence, decision_by (AI|HUMAN), timestamp 5 years (labour law)
Policy Document Supabase pgvector chunk_text, embedding[1536], source_doc_version, clause_id, page_number All versions retained
Audit Log Firestore /audit_log/{id} timestamp, actor, action, entity_id, policy_clause_ids[], rag_confidence, outcome, escalated(bool) 7 years (tax compliance)
HITL Queue Firestore /hitl_queue/{id} request_id, context_json, ai_recommendation, owner_notified_at, resolved_at, resolution, timeout_at 1 year post-resolution
Conversation Session Firestore /sessions/{id} channel, employee_id, state_machine_node, context, created_at, ttl: 24h 24 hours (TTL auto-delete)
TOGAF ADM — Phase D
Technology Architecture.
Phase D maps every application component to a named infrastructure service or OSS technology. Every component has a justification, an alternative that was considered, and a reason it was rejected. This is the layer that makes the architecture buildable.
Compute · GCP
Cloud Run (asia-south1)
Scale-to-zero serverless. All agents, STT container, translation container, notification service. Free tier: 180K vCPU-seconds/month absorbs the majority of SMB workload. P99 response time for warm instances: < 3 seconds.
Scale-to-zero99.95% SLAGCP managed
LLM · GCP Vertex AI
Gemini 1.5 Flash
Intent routing and agent reasoning. Retained as managed GCP service for predictable latency SLA. At $0.075/1M input tokens — cheapest capable hosted LLM. OSS alternative (Llama 3.1 8B) rejected: P99 CPU latency exceeds 8s for complex policy queries.
$0.075/1M tokensVertex SLA
STT · OSS on Cloud Run
Whisper large-v3
OpenAI OSS model containerised on Cloud Run GPU spot. WER < 8% across 99 languages including Hindi, Telugu, Marathi. 83% cheaper than Google STT v2 at this interaction volume. Fallback to Google STT on error. Min-instance warm: eliminates cold start.
OSSGPU spot83% cost saving
Translation · OSS
NLLB-200 (Meta AI)
200-language translation model purpose-built for low-resource languages. Superior to Google Translate for Indic language code-switching (Hinglish, Tenglish). Bundled in Cloud Run container — zero marginal cost. Replaces Cloud Translation API entirely.
OSS200 languages~100% saving
Vector Store · OSS
pgvector on Supabase
Postgres + pgvector extension for HR Policy PDF RAG. Supabase free tier: 500MB database, adequate for any SMB policy document (~2MB). Equivalent retrieval quality to Vertex AI RAG Engine at SMB scale. ~60% cost reduction vs managed alternative.
OSSFree tierSupabase managed
Database · GCP
Firestore
Messaging · GCP
Pub/Sub
Firestore: serverless NoSQL. Free tier covers 50K reads/day — 83× our estimated daily volume. Append-only security rules on audit log. Pub/Sub: native GCP event fabric. Guaranteed delivery. First 10GB/month free — covers SMB entirely.
Free tierGCP nativeServerless
Voice Gateway · Regional
Exotel (India) / Plivo
India-local SIP with Mumbai and Chennai data centres. ~₹0.35/min vs Twilio's ~₹1.10/min — 68% cheaper. Lower latency via local PSTN. Provider-agnostic IVR layer: substituting with regional operator requires only gateway config change, no application code change.
India-local68% saving vs Twilio
Channel · Meta
WhatsApp Business API
Meta Cloud API — user-initiated service messages carry zero Meta fee from Nov 2024. Utility templates within 24h service window: free from Jul 2025. Business-initiated HITL alerts: ~$0.011/message in India. At < 50 escalations/month, WhatsApp cost rounds to negligible.
Free for service msgsMeta managed
Security · GCP
Secret Manager · IAM · Firestore Rules
Zero credentials in source code or environment variables. Per-service IAM identities (minimum permissions). Firestore security rules deny update/delete on audit collection. WhatsApp sender number as employee identity — verified by Meta. No passwords, no tokens for workers.
Zero-credential codeAppend-only audit
TOGAF ADM — Phase E · Migration Planning
From paper register
to autonomous system.
Migration is not a technical challenge. It is a change management challenge. The workforce has never interacted with a formal HR system. The transition must be invisible — the system must feel like an improvement on WhatsApp, not a replacement of it.
Migration sequence — Rathi Textiles deployment
Week 1–2
Owner onboarding. Priya creates the HR Policy PDF using the provided template. System indexes the document. WhatsApp Business number activated. Owner reviews HITL interface on mobile browser.
Pre-go-live
Week 3
Employee registration. Each worker sends one WhatsApp message to the system number. Their mobile number is registered as their identity. Mohammed Irfan (supervisor) acts as floor champion — introduces the system to weaving unit staff.
Go-live prep
Week 4
Soft launch — leave queries only. Workers use the system to check leave balances only. No leave applications processed yet. Builds familiarity with the interaction pattern. Priya monitors HITL queue — should be empty at this stage.
Phase 1A
Week 5–8
Full Phase 1 live. Leave applications open. All decisions processed by the system. HITL fires on < 3% of interactions. Priya receives weekly summary on WhatsApp. Old paper register retired. Labour notice risk eliminated.
Phase 1 live
Q3 2026
Phase 2 — Onboarding agent. Document collection via WhatsApp replaces paper forms. ESIC/EPF registration trigger automated. New joinee experience: entire onboarding completed on their phone before day one.
Phase 2
Q3–Q4 2026
Phase 3 — Payroll automation. WhatsApp check-in/out replaces attendance register. Payroll calculation automated. Priya's Sunday evening is freed. Payslips delivered to all 52 workers on WhatsApp — first time any of them have received a payslip.
Phase 3
Migration risk — and why it is low
The primary migration risk is worker non-adoption. This risk is structurally mitigated by the channel choice: workers are not adopting a new platform. They are using WhatsApp — which they already open 24 times a day — to interact with a new number. The behavioural change is minimal. The system does not ask workers to change how they communicate; it inserts itself into communication they were already having.
← Previous Client Brief Next → Agent Architecture