KomuraSoft LLC
日本語 English 한국어 繁體中文 العربية
Contact
Menu

Best Practices for Designing Chatbots That Actually Help in Business

· · AI, Chatbot, Website Development, Inquiry Flow, Knowledge Base

April 8, 2026 10:00 · Go Komura · AI, Chatbot, Website Development, Inquiry Flow, Knowledge Base

This article lays out the general principles for building website inquiry chatbots, internal FAQ bots, and first-response bots. A chatbot that works has its role, knowledge sources, permissions, handoff conditions, and evaluation method sorted out before any question of “how smart the model is.”

When chatbots come up, it is tempting to start from “which model to use,” “should it be RAG,” or “should it be multi-agent.” But the order that pays off in practice is a little different.

What should be decided first is whose work, on what task, you intend to reduce — and by how much. When this order collapses, the conversations may sound plausible, yet they lead neither to inquiries nor to operational efficiency.

This tendency is especially strong on technical, B2B sites. The value is not in keeping small talk going. It is in describing the services accurately and, where needed, connecting people to the right page or the right person. The major development guides today also strongly assume that for production quality, evaluation, grounding, guardrails, and handoff are designed as separate concerns.123456

Table of Contents

  1. The conclusion first
  2. Put the overall picture in place first
  3. Decide first “whose work, on what, you will reduce”
  4. Conversation design comes before model selection
  5. Knowledge design determines most of the quality
  6. Prompts: short operating rules beat long persona settings
  7. Safety design is more than “blocking dangerous questions”
  8. Decide the handoff-to-human conditions from the start
  9. Improvement without evaluation is mostly luck
  10. On a website, design it as one with the inquiry flow
  11. A 90-day plan for building the foundation
  12. Common failures
  13. Summary
  14. Related articles
  15. References

1. The Conclusion First

Putting it roughly, but in a form that is easy to use in practice:

  1. A chatbot is stronger when you decide on one single purpose first.
  2. Before the model, you need to decide what it answers from.
  3. You need to separate answers that cannot cite a source from answers that should go to a human.
  4. The higher the risk of an operation, the less you should thin out permissions and confirmation steps.
  5. In production, without conversation logs and an evaluation set, improvement is mostly guesswork.
  6. On a website, helping people understand the pages and reach the inquiry flow tends to be worth more than keeping the conversation going.

A chatbot, built well, is genuinely useful. But stretch it into an answer-everything general counter and accuracy, operations, and the scope of responsibility all collapse at once. Building narrow first and expanding from the areas where it reliably helps is, in the end, faster.7

2. Put the Overall Picture in Place First

First, the overall picture.

YesNoYesNoUser questionWithin scopeKnowledge search / tool callContact page / staff referralPermissions and safety conditions metCited answer + next actionHandoff to a humanLogs / evaluation / improvement

What matters in this diagram is that a chatbot is not a single prompt — it is a system that includes funnels, knowledge, permissions, and evaluation. It must be designed not just to answer questions, but to cover the conditions under which it answers, the conditions under which it does not, and what it points to next.

The major tool stacks today are built on this thinking as well. Google Cloud carries webhooks, handoff rules, and evaluation as separate capabilities, and OpenAI advises pinning model snapshots and building evals as the basics of production operation.12834 In other words, the first best practice is not trying to solve everything with the prompt.

3. Decide First “Whose Work, on What, You Will Reduce”

Before building a chatbot, narrow the purpose down to one. While this stays vague, neither the evaluation criteria nor the knowledge design can be decided.

The purposes, roughly tabulated:

Purpose Main value Key metrics What not to do at first
Website inquiry funnel Keep readers from getting lost; route them to the right page or inquiry Key-page reach rate, inquiry rate, bounce rate Keeping small talk going
First-line support Increase self-service via FAQs and procedures Self-resolution rate, average handling time, repeat-contact rate Fully automating even the exception handling from day one
Internal knowledge search Shorten information-hunting time Time to answer, re-search rate, hours saved Cross-searching all company documents with permissions unsorted

Among these, the easiest first build is one with a narrow target and an easily decided source of truth. For example,

  • first-pass answers to product FAQs,
  • service guidance before an inquiry, and
  • search over internal procedure documents

are all easy to start with.

Conversely, things like

  • contract decisions,
  • finalizing prices,
  • exception approvals, and
  • inquiries dominated by customer-specific terms

are safer not to make the main battleground at the start.

Nor are there many cases that need to be multi-agent from day one. Microsoft likewise concludes that a single agent keeps the implementation simple, lowers the operational burden, and yields a predictable execution model, and recommends validating with a single agent first unless there is a clear reason to separate.7

4. Conversation Design Comes Before Model Selection

One reason chatbots fail is that the entrance and exit of the conversation are undecided. Going with “free-form input, ask us anything” blurs the boundary between what the bot can and cannot do.

4.1 Fix the conversation’s entrance

Things are more stable when the first message shows the scope up front. For a website bot, for example, presenting

  • the topics it can help with,
  • the pages it can point to immediately, and
  • the minimum information needed for a consultation

at the start reduces conversational drift.

If buttons or quick replies are available, placing the initial branches —

  • I want pricing
  • I want to know if you can handle X
  • I want to see case studies
  • I want to get in touch

— is considerably more stable than free-form input alone.

4.2 Ask for the minimum

The only fields worth asking the user about are the ones that change the answer or the routing. Adding fields because “it seems good to ask” increases drop-off.

For example, if

  • industry,
  • consultation type,
  • whether an existing system is present, and
  • urgency

change what comes next, asking makes sense. Information that will not be used immediately is better deferred.

4.3 Decide how answers end

A good answer does not end with the body text alone.

Ending in the order of

  1. conclusion,
  2. grounds or source, and
  3. the next available action

makes the conversation connect to the business.

For website bots in particular, the value lies less in completing everything inside the chat and more in a clear next step:

  • proceed to the relevant service page,
  • view case studies, or
  • proceed to the contact form.

4.4 Route high-risk topics down a dedicated path

High-risk areas like authentication, PII, money, contracts, and exception approvals are safer kept out of the same path as ordinary guidance. Google Cloud’s handoff rules explicitly show examples of routing high-risk requests to a specific agent.3

5. Knowledge Design Determines Most of the Quality

A chatbot’s quality collapses through its knowledge more easily than through its model. If the information behind the answers is ambiguous, no model will be stable.

5.1 First decide “what is the source of truth”

At minimum, decide these.

  • Which documents or pages are the source of truth
  • Who owns the updates
  • How often they are updated
  • When stale information gets discarded

Without this, the bot picks up old and new information at the same time. And that inconsistency is, with high probability, visible to the user.

5.2 Chunk by meaning, not by page

The classic RAG failure is dumping in PDFs and pages as is and calling it done. In practice, answers are more stable when content is handled as units of meaning:

  • one policy explanation,
  • one procedure,
  • one FAQ,
  • one caution.

Microsoft notes that RAG quality depends on content preparation, and presents chunking, vectorization, hybrid search, and semantic ranking as the baseline.5 OpenAI’s file search likewise assumes query rewriting, multiple searches, keyword + semantic search, and reranking.9 So the best practice is not “putting the documents in” but “transforming the documents into searchable knowledge.”

5.3 Show sources and update dates

What reassures users is not a bot that talks well, but a bot whose grounds can be traced.

A design that can show

  • which page it answered from,
  • which item of which document, and
  • when the information was last updated

also makes investigating wrong answers much easier.

OpenAI’s web search is designed around returning cited answers, and Microsoft Copilot Studio likewise describes grounded, cited responses.1011 When answering from your own site or internal documents too, aiming for this “traceable grounds” state is easier to operate.

For topics where freshness matters, do not answer from fixed knowledge alone.

For example:

  • business days,
  • price revisions,
  • hiring information,
  • outage information, and
  • legal or policy changes.

For this class of question, it is safer to consult the source site or API via a separate path, or to explicitly reply “please check this page for the latest information.” When using public websites as a knowledge source, narrow in advance which domains you trust. Copilot Studio likewise assumes search restricted to configured domains, with citations and a relevance check.11

6. Prompts: Short Operating Rules Beat Long Persona Settings

What really works in a chatbot’s prompt is not a long persona but short, clear operating rules.

At minimum, splitting into these four layers keeps things organized.

  1. Role
  2. The knowledge and tools it may consult
  3. The conditions for answering / the conditions for handing off
  4. The response format

For example, the role can be written briefly: “guide visitors before they inquire,” “guide staff through internal procedures.” The response format too — “conclusion → grounds → next action” is enough.

Weak prompts, by contrast, tend to look like this:

  • only the persona is long,
  • the grounds for answers are vague,
  • the conditions for using tools are unclear, and
  • the handoff conditions are not written down.

6.1 Use structured output

In situations that feed downstream processing — order status, booking slots, inquiry classification — it is safer not to rely on free text alone. OpenAI likewise describes returning JSON via Structured Outputs.1

The text shown to humans and the values consumed by machines are best separated. For example, even just splitting into

  • display text: the explanation shown to the user,
  • intent: the inquiry type,
  • confidence: the classification confidence, and
  • next_action: the next step in the funnel

stabilizes operations.

6.2 Pin the model version; evaluate before changing it

In production systems, “the answers are slightly different today than yesterday” is an incident. OpenAI recommends pinning a model snapshot for production applications and building evals that measure the prompt’s behavior.1 It also explicitly frames optimization as a continuous loop of evals → prompt engineering → fine-tuning.2

6.3 Split models by job

There is also no need to load everything onto one model. OpenAI likewise advises using GPT-family models for low-latency, well-defined processing and reasoning models for complex, ambiguity-heavy judgment.12

In practice, splitting like

  • a light model for FAQ replies and classification,
  • a reasoning model for exception detection and complex summarization, and
  • a human for high-risk judgment

tends to stabilize both cost and quality.

7. Safety Design Is More Than “Blocking Dangerous Questions”

“Safety design” tends to conjure only the blocking of harmful questions. But that is not all that matters in practice.

7.1 Assume prompt injection

For LLM-based bots, it is best to assume prompt injection. Microsoft distinguishes the direct and indirect kinds, and notes that hidden instructions embedded in external sites or files can even hijack the session.613

So for a bot that reads external documents or web pages, you need to

  • not treat external content on a par with system instructions,
  • minimize tool execution permissions, and
  • insert confirmation before high-risk operations.

7.2 Minimize permissions

“It can read every document it can reach” and “it can execute every operation it can call” are dangerous. Microsoft’s security guidance likewise stresses least privilege and isolating the influence of external content.6

For internal bots especially, you want to decide in advance:

  • viewing permissions per department,
  • information separation per customer, and
  • exclusion of documents containing personal data.

7.3 Handle personal data and authentication in a separate layer

It is safer not to assume “the bot will mask things nicely.” Microsoft’s documentation on public website grounding states explicitly that personal data entered by users is not automatically scrubbed / masked.11

If you handle personal data or customer-specific data, the design needs to

  • perform authentication on the application side,
  • restrict what information can be retrieved,
  • keep audit logs, and
  • satisfy identity-verification conditions before answering.

7.4 Safety runs from the start, not at the end of development

NIST’s Generative AI Profile likewise assumes risk is managed at every stage: design, development, use, and evaluation.14 So safety design is not a final pre-release checklist item — it belongs in the specification from the start.

8. Decide the Handoff-to-Human Conditions from the Start

A design that ends with the single sentence “if unsure, we will hand off to a staff member” is weak. In reality, you need to decide under what conditions, to whom, and with what attached.

For example, these conditions are easy to put in place from day one.

  • Questions requiring authentication
  • Questions requiring contract or price finalization
  • Questions for which no source can be cited
  • Questions the bot failed to guide twice or more
  • Complaints and highly urgent consultations
  • Consultations in high-risk domains such as legal, labor, or medical

Google Cloud’s handoff rules state explicitly that deterministic control can be used instead of instruction-based handoff.3 The higher the risk of the domain, the easier it is to operate with “always hand off under these conditions” rather than “probably hand off.”

It also pays to decide in advance what information goes to the human at handoff.

  • The conversation history so far
  • The fields already collected
  • The pages and documents consulted
  • The reason the bot got stuck
  • What to verify next

Even just having these five in place sharply reduces the rework after handoff.

9. Improvement Without Evaluation Is Mostly Luck

The most dangerous habit in chatbot improvement is reading a handful of conversations and proceeding on “it feels a lot better.” That way, every prompt tweak breaks something else.

OpenAI recommends writing evals first and running them on inputs close to real usage.2 That is, the starting point of improvement is the evaluation set, not the prompt.

9.1 The minimum metrics you want

Aspect Metric Why it matters
Conversation outcome User goal satisfaction Whether the user’s goal was achieved
Tool use Tool correctness Whether the right tool was used with the right arguments
Groundedness Citation presence, hallucination rate Reduce plausible-sounding wrong answers
Operations Escalation rate, drop-off rate, average turns Whether the conversation experience is too heavy
Business outcome Inquiry rate, self-resolution rate, handling time Measure the value of the bot

Google Cloud’s CX Agent Studio likewise organizes user goal satisfaction, tool correctness, hallucinations, and more as evaluation metrics.4 This way of thinking transfers well to any implementation.

9.2 Improvement is a loop, not a silver bullet

For the order of improvement, roughly this is enough.

Build an evaluation setMeasure the current prompt / modelClassify the failure casesFix knowledge / prompt / routing / handoffRe-evaluateProduction monitoring

Without this loop, improvement depends on individual intuition. With it, “what got better and what got worse” becomes traceable.

10. On a Website, Design It as One with the Inquiry Flow

For a chatbot on a company site, the chat itself is not necessarily the star. In most cases, it is more natural to design it as a supporting line that

  • conveys what kind of company this is,
  • points to the right service page,
  • surfaces case studies and FAQs, and
  • reduces anxiety before the inquiry.

On technical, B2B sites in particular, the service descriptions are complex. So pointing to the right page often beats trying to say everything in chat.

For example, this flow is a very good fit.

  1. Confirm the consultation type
  2. Point to the relevant service page
  3. Surface related case studies or FAQs where needed
  4. If questions remain, ask only the minimum
  5. Connect to the contact form

In this shape, the chat becomes an assistant to the sales and inquiry funnel. Place it disconnected from the page flow, and it easily becomes “a box that can talk but goes nowhere.”

11. A 90-Day Plan for Building the Foundation

There is no need to start big. For building the foundation in 90 days, this order is realistic.

Weeks 0-2: Decide the purpose and the source of truth

  • Decide which inquiries to reduce
  • Decide the target users
  • Decide the source-of-truth documents and the update owner
  • Decide the handoff-to-human conditions

Weeks 3-6: Prototype small

  • Build a prototype covering only the main scenarios
  • Build the entrance message and the branches
  • Make cited answers possible
  • Build an evaluation set of 20-50 cases

Weeks 7-10: Tighten in a pilot

  • Read real users’ logs
  • Classify the questions where it gets stuck
  • Fix the knowledge and routing before the prompt
  • Where it underperforms, strengthen the handoff conditions

Weeks 11-12: Set the production operating pattern

  • Decide the metrics reviewed weekly
  • Pin and manage the prompt / model versions
  • Decide the update flow and its owner
  • Decide whether to expand to a second purpose

Proceeding in this order lowers the odds of building big from the start and collapsing.

12. Common Failures

Finally, the failures we see most often.

12.1 Making it an answer-everything general counter

Stretch the scope too wide from the start, and both accuracy and the scope of responsibility blur. Narrowing to one purpose is stronger.

12.2 No source of truth, no update owner

Even with a RAG pipeline, things will not stabilize if the underlying information is unsorted. Knowledge operations are a separate job.

12.3 Asserting without sources

Plausible-sounding answers are the most dangerous thing in operations. Answers whose grounds cannot be traced are hard to fix afterwards.

12.4 Letting it execute high-risk operations outright

Operations like transfers, contract renewals, and personal-data lookups must not lose their confirmation or human-approval steps.

12.5 Vague handoff to humans

If all it says is “to a staff member as needed,” the field gets stuck. The conditions, the destination, and the attached information all need to be decided.

12.6 No evaluation set

Every improvement leaves you unable to tell whether things got better or worse. This one is extremely common.

12.7 Going multi-agent from the start

More agents means more design freedom. But latency, state management, monitoring, debugging, and permission management all get heavier too. Unless there is a necessary reason to separate, testing with one first is safer.7

13. Summary

Best practice for chatbot building, in one sentence: decide the role, knowledge, permissions, handoff, and evaluation before selecting the model.

The five points that matter most:

  • Narrow the purpose to one
  • Decide the source of truth and the citations
  • Separate the high-risk domains
  • Write down the handoff-to-human conditions
  • Run evaluation close to real usage

Whether for a website or for internal use, this order is largely the same. Design the chatbot not as “something that talks well” but as “something that sorts out where it shortens the work and where it connects to a human,” and it becomes much harder to fail.

References

Services Connected to This Topic

This article connects to the following service pages. Please enter through whichever is closest.

Website Inquiry Flow Improvement

A chatbot on a website is more effective when designed to cover guidance to the FAQ, the service pages, and the contact page.

See Website Inquiry Flow Improvement Contact

Website Development

A chatbot on a website is more effective when designed together with the page structure, CTAs, and the contact page.

See Website Development Contact

Website Development (SEO and Inquiry Flow Review)

A chatbot is deeply tied to funnel design: how to guide users arriving from search or ads and how to lead them to an inquiry.

See Website Development Contact

Author Profile

The author’s profile page.

Go Komura

Representative, KomuraSoft LLC

Centered on Windows software development, technical consulting, and bug investigation, with strengths in projects involving existing assets and in investigating failures whose causes are hard to see. Also a good fit for distilling businesses with complex technical backgrounds into page structures and copy that communicate.

See the profile Contact

Public links

Back to the blog index

Contact

  1. OpenAI, Prompt engineering  2 3 4

  2. OpenAI, Model optimization  2 3 4

  3. Google Cloud, Handoff rules  2 3 4

  4. Google Cloud, Evaluation  2 3

  5. Microsoft Learn, RAG and Generative AI - Azure AI Search  2

  6. Microsoft Learn, Security planning for LLM-based applications  2 3

  7. Microsoft Learn, Single agent or multiple agents  2 3

  8. Google Cloud, General agent design best practices 

  9. OpenAI, File search. For the details of the search behavior, Assistants File Search also covers query rewriting, multiple searches, keyword + semantic search, and reranking 

  10. OpenAI, Web search 

  11. Microsoft Learn, Use public websites to improve generative answers  2 3

  12. OpenAI, Reasoning best practices 

  13. Microsoft Learn, Prompt Shields in Microsoft Foundry 

  14. NIST, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile (NIST AI 600-1) 

Related Articles

Recent articles sharing the same tags. Deepen your understanding with closely related topics.

Related Topics

These topic pages place the article in a broader service and decision context.

Where This Topic Connects

This article connects naturally to the following service pages.

Author Profile

Profile page for the article author.

Go Komura

Representative of KomuraSoft LLC

Focused on Windows software development, technical consulting, and investigations into failures that are difficult to reproduce.

Contact
Back to the Blog