• You have a detection rule in a policy that defaults to a medium severity.
• You have also defined a Group Rule in the policy that modifies the severity to Low under certain circumstances.
• However you see that, even though the Group Rule criteria are met, the incident is created with medium severity. 

Supported versions of DLP

This is by design, modifications to the severity of the base detection rule can only be increased not decreased.

Redefine your policy so that the detection rule defaults to a lower severity than the level of the Group Rule.

See also: Severity of an incident set by number of matches by policy not by rule (broadcom.com)