Image: Technical workflow configuration from a Booking.com agentic chatbot case study

Booking.com recently published a case study of an agentic AI chatbot in use to help handle and direct guest communications after a booking.

From the case study: “our team built a Generative AI (GenAI) agent that assists partners by automatically suggesting a relevant response to each guest inquiry. Depending on the message, it can surface an existing template or generate a tailored free-text answer, saving time and helping partners reply faster and more accurately.”

Booking.com’s transparency in publishing their architecture makes this one of the few production AI agent deployments where we can analyze the gap between marketing claims and operational reality. Understanding what they built – and what they carefully avoided building – offers crucial insights for any enterprise considering similar deployments. It’s an excellent example of how AI chatbots and agents and work within customer service departments right now, and demonstrates how to calibrate systems to work optimally, limitations, and flaws with the technology. (This analysis is based on Evans’ Law: A mathematical framework for predicting AI coherence collapse).

The case study, published on Medium (registration required) is a detailed technical deep-dive that highlights how enterprise teams are pragmatically managing the reliability challenges of coherence limits. Let’s break down what’s particularly significant here:

1. Aggressive Context Management

The deployment is conservative with what goes into the LLM context:

• Pre-select tools based on the query rather than dumping everything in
• Run tools concurrently and gather outputs before final reasoning
• Use k-NN with only top 8 template matches and a similarity threshold
• This is essentially context budgeting to avoid coherence collapse patterns

2. Three-Action Framework as Safety Mechanism

Their “Template Response / Custom Response / No Response” design is brilliant risk management:

• Template responses leverage pre-written content (minimal generation risk)
• Custom responses only when “enough contextual data is available”
• No Response option – they explicitly built in the ability to not answer when confidence is low

This directly addresses what we’ve found about models degrading gracefully vs. catastrophically. They’re avoiding the failure mode where the system confidently generates garbage.

3. Multimodal Avoidance

Notice what’s not in this system: images. They’re working purely with text embeddings and structured data. Given our finding of a 60-80% degradation penalty for multimodal processing, this is likely a deliberate architectural choice, not an oversight.

What This Reveals About Enterprise AI Reality

The “Human in the Loop” Framing

They emphasize this repeatedly, but look at the actual numbers: helping with “tens of thousands” out of 250,000 daily messages. That’s roughly 4-12% penetration. This isn’t really “assistance” – it’s extremely selective deployment in the easiest cases.

This aligns with our research: they’ve likely identified that most messages push models into the degradation zones, so they’re only deploying where success probability is high.

The Evaluation Infrastructure

The evaluation setup is more complex than the agent itself:

• Manual annotation rounds with SuperAnnotate
• LLM-as-a-Judge for continuous evaluation
• Arize for production monitoring
• In-tool user feedback
• Controlled experiments

This massive evaluation overhead suggests they’re very aware of drift and degradation issues. You don’t build this unless you expect the system to fail in subtle, hard-to-predict ways.

Language-Specific Embedding Models

The fact that they switched between MiniLM and E5-Small based on language suggests they’re seeing language-specific degradation patterns. This maps to our “vendor-specific drift signatures” – different models degrade differently under different conditions.

What is Not Being Said:

1. The “Do Not Answer” Categories

They mention “restricted categories” like refund requests but don’t elaborate. It’s highly possible these categories were discovered through production failures, not designed upfront. These are likely the topics where the system consistently hit coherence collapse.

2. The Confidence Threshold

The agent “steps aside” when confidence is low, but it’s not specified how they calculate confidence or what the threshold is. This is probably proprietary because it’s where the real intelligence lives – knowing when not to generate.

3. Cost Structures

They mention “keeping token usage and costs efficient” but don’t give numbers. For 10,000-40,000 messages/day going through an agentic system with multiple LLM calls, vector searches, and tool invocations, the compute cost is probably substantial.

Implications for Coherence Limits in Enterprises

1. Production Validation of Coherence Predictions

This system design is essentially an elaborate workaround for the exact coherence issues we have documented:

• Limited context windows despite “available data”
• Conservative generation (templates preferred over custom)
• Explicit no-answer capability
• Massive evaluation infrastructure to catch drift

2. The 70% Satisfaction Metric

They frame “70% boost in user satisfaction” as success, but this is relative to manual template selection. The fact that 30% of users aren’t satisfied even with AI assistance suggests the system is frequently hitting limitations – possibly the degradation boundaries we identified.

3. Future Direction: “Longer-Term Partner Memory”

They want to evolve toward “operational assistant” with “deeper contextual understanding” and “longer-term memory.” This is exactly where our predicts catastrophic failure. Planning to walk straight into the coherence collapse zone should be done with extreme caution.

Questions This Raises

1. What’s the actual message length distribution? They process 250K daily but only assist with tens of thousands. Are the excluded messages simply too long/complex?
2. What’s the failure signature? When the system chooses “No Response,” what does the reasoning trace look like? Is it hitting predicted degradation patterns?
3. What’s the retry rate? Partners can presumably reject suggestions. What percentage get rejected, and do rejections correlate with message complexity/length?
4. What’s the latency distribution? They say “within minutes” but that’s surprisingly slow for what should be subsecond inference. Are they running multiple retry loops or validation checks?

The Strategic Opportunity

Booking.com is publicly stating they want to add “longer-term partner memory” and handle “multi-step reasoning” for “requests for action.”

1. Their current conservative architecture works precisely because it avoids extended context
2. Their stated future direction will push into the failure zones we have mapped
3. They have production infrastructure to validate predictions
4. This is a high-stakes, high-visibility deployment where reliability matters

More data could offer even greater insights:

• Booking.com could be more explicit about evaluation limitations. Their evaluation stack (manual annotation, LLM-as-judge, monitoring), is not wholly clear: we don’t know how the LLM-judge correlates with real human acceptance, or what “user satisfaction +70%” means in absolute terms (e.g. from what baseline).
• Quantifying failure rates, which are lacking. The study highlights that “No Response” exists, which is good, but it doesn’t say how often that happens, or how often they mis-route or over-abstain. This would be useful data.
• We address concerns with their plan for “deeper memory” and “action handling,” but some of the biggest problems are unaddressed: state maintenance, authorization, error recovery, auditability. Those are where coherence collapse and compliance risk truly become real.
• Highlighting data-privacy and compliance. The study mentions PII redaction and “do-not-answer” categories, but doesn’t discuss what happens after — logging, audit, compliance with GDPR or regional privacy laws. Those are critical for enterprise trust.
• Consider user acceptance and partner trust: a “70% boost in satisfaction” for just some messages may still leave many partners or guests frustrated. It may create a “two-tier” experience (AI-handled vs. human-handled). That raises UX and fairness questions worth flagging.

Key Takeaway for Enterprise Leaders

Booking.com’s system works precisely because of what it doesn’t attempt. Their architecture succeeds by avoiding extended context, multimodal processing, and autonomous actions, the very features most AI vendors are marketing. Before expanding AI deployments, organizations should map their planned use cases against these known failure boundaries.

This is a highly instructive, useful look at why Booking.com’s current agent works where it works, its limitations, and this mathematical framework predicts where their planned expansions will fail – with specific recommendations for how to extend safely. Excellent learning for enterprise rollouts, and exactly the kind of enterprise validation story that makes academic research immediately actionable.​​​​​​​​​​​​​​​​

Looking forward to hearing more.

Related posts:

Marketers Should Embrace, Not Fear, Artificial Intelligence Inside the Mind Of… Justin Hartzman OpenText Charts AI Course with Magellan Launch Forrester VP: Enterprises won’t win with AI, unless . . .