Built for the regulation.
Enforced by architecture.

Gate 3 — Quality Firewall OIS — Operational Integrity Standard DCG — Decision Continuity Gate

Gate 3 applies a deterministic composite risk score across reputational, operational, and contextual dimensions before any output can proceed. The hard stop at Gate 3 cannot be overridden programmatically under any circumstance. OIS monitors framework-level integrity continuously across five dimensions. DCG extends risk monitoring through the full execution window, detecting and responding to condition changes after the decision point.

Gate 1 — Signal Extraction (MSE) Gate 2 — Contextual Alignment (CIE)

Gate 1 assesses input quality across Signal Strength, Relevance, and Timeliness with defined minimum thresholds. Inputs failing any dimension are rejected before entering the decision protocol with a SIGNAL_INSUFFICIENT reason code. Gate 2 assesses contextual alignment, ensuring inputs are appropriate for the deployment context. Both gates enforce data quality standards at the point of use, not only at model training level.

OIS — Version Control Integrity (VCI) Gate 5 — Framework Version in Record

The VCI dimension of OIS monitors that all models, prompts, contracts, schemas, and calibration baselines are current, versioned, and consistent with the certified configuration. Every change to any governed component is logged. The active framework version is captured in every Gate 5 Decision Record, enabling complete technical reconstruction of the governance state at any point in time on request from a competent authority.

Gate 5 — Immutable Decision Record DCG — Execution Continuity Log PostgreSQL — Append-Only, PITR Enabled

Gate 5 produces a cryptographically signed, append-only Decision Record for every governed decision. The record captures all gate scoring, threshold values applied, reviewer identity, confirmation rationale, timestamp, and a SHA-256 hash of the complete record. PostgreSQL enforces immutability at the database role level: UPDATE and DELETE permissions are revoked on the application role. Point-in-Time Recovery is enabled. The Execution Continuity Log extends the record through execution completion, providing end-to-end traceability from decision to action.

Gate 5 — Scored Output with Full Rationale MCP — aigf_get_decision Tool

Every AIGF output includes the complete scoring rationale across all gate dimensions, the specific threshold values applied, reason codes for any gate failures, and the full evidence basis for the ACT, WAIT, or REFRESH determination. Outputs are designed for interpretation by a qualified human reviewer. No output is presented as a black-box result. The aigf_get_decision MCP tool provides the complete Decision Record on demand, including for regulatory examination.

Gate 4 — Human Intelligence Layer HOIS — Human Oversight Integrity Standard ISVP — Intermittent State Verification

Gate 4 is mandatory and non-skippable. No output proceeds to Gate 5 without explicit human confirmation. Confirmation cannot be automated: the aigf_confirm_review tool enforces human_attestation:true and detects automation patterns including CONFIRM_TOO_FAST and AUTOMATION_PATTERN signals. HOIS addresses automation bias directly through its three-state reviewer classification model, detecting when reviewers drift from genuine critical engagement to habituated confirmation. ISVP provides empirical verification of reviewer governance capability through calibration scenarios with predetermined correct outputs.

Gate 3 — Deterministic Scoring Engine OIS — Decision Quality Integrity (DQI) Auth — SHA-256 API Key Enforcement

AIGF produces fully deterministic outputs: identical inputs against identical threshold configurations always produce identical gate results. Probabilistic interpretation is eliminated at the architecture level. The DQI dimension of OIS monitors decision quality consistency across volume and time, detecting drift against the established calibration baseline. Authentication is enforced through SHA-256 hashed API keys on all requests. The Simulation Engine provides ongoing accuracy verification through calibration scenario comparison.

OIS — Five Integrity Dimensions OIS — SUSTAINED / DEGRADED / COMPROMISED / SUSPENDED

OIS operationalises the quality management system requirement as a continuously monitored architecture across five dimensions: Decision Quality Integrity, Human Oversight Integrity, Execution Environment Integrity, Regulatory Alignment Integrity, and Version Control Integrity. The lowest dimension defines the overall framework posture. SUSPENDED posture halts all active decision cycles until integrity is restored. Monthly regulatory alignment reviews and triggered reviews on significant regulatory publications keep the RAI dimension current. This constitutes a live quality management system rather than a periodic review process.

Gate 5 — Automatic Decision Record Generation MCP Server — Call Logging on Every Request PostgreSQL — Append-Only, PITR Enabled

Every MCP request is logged automatically on receipt with no manual intervention required. Gate 5 generates an immutable Decision Record automatically for every governed decision. PostgreSQL enforces append-only logging at the database role level. Point-in-Time Recovery is enabled for the full retention period. The complete audit trail is available to competent authorities on request with no reconstruction required: every event is logged as it occurred, in sequence, with cryptographic integrity protection.

Gate 4 — Assigned Human Reviewer (Structural) DCG — SUSPEND and VOID Outputs Gate 5 — Minimum Six Month Retention HOIS — Reviewer Competence Monitoring

AIGF enforces all primary deployer obligations architecturally. Human oversight is assigned structurally at Gate 4 and cannot be bypassed. The DCG SUSPEND and VOID outputs provide the mechanism to halt use when conditions change materially, without requiring manual intervention. Decision Records are retained with full provenance for the required minimum period. HOIS monitors reviewer competence continuously across three states and intervenes when oversight quality degrades, ensuring the assigned individual remains a genuine oversight resource and not a procedural formality.

Gate 2 — Value Alignment Dimension Gate 3 — Operational Risk Dimension

AIGF's Gate 2 Value Alignment dimension assesses contextual fit against defined organisational values and risk tolerance on a per-decision basis, providing a continuous operational version of the rights impact assessment at decision level. Gate 3's operational risk dimension captures exposure to individuals affected by each decision. The AIGF Readiness Assessment provides the structured documentation baseline that a formal FRIA requires, establishing the risk classification and governance architecture evidence needed for registration.

Gate 5 — AI Origin Flag (Mandatory Field) Decision Record — Governance Output Disclosure

Every AIGF Decision Record carries the AI origin of the assessed output as a mandatory, non-removable field. The ACT, WAIT, or REFRESH output explicitly represents a governed AI-assisted determination, ensuring transparency is built into the decision artefact itself and cannot be stripped from it. The disclosure is structural rather than optional, satisfying the obligation at the architecture level.

OIS — Decision Quality Integrity (DQI) ISVP — Calibration Baseline Monitoring DCG — Real-Time Execution Monitoring

AIGF's OIS DQI dimension provides continuous post-deployment monitoring of decision quality against the established calibration baseline. ISVP system-level calibration runs detect model drift through fixed reference points that the system cannot learn from, triggering OIS alerts when outputs deviate from baseline. DCG monitors each individual decision through the execution window in real time, flagging contextual drift and risk threshold breaches as they occur. Together these constitute an active, systematic post-market monitoring system rather than a periodic review process.

Complete Audit Trail — Available on Request Cryptographic Integrity — SHA-256 Record Hash Framework Version Record — Full Reconstruction

An organisation with AIGF deployed can demonstrate compliance to a competent authority on request through the complete, cryptographically signed Decision Record for any governed decision. The immutable audit trail makes reconstruction of any governance event straightforward and immediate. No manual compilation is required. The OIS framework posture at the time of each decision is captured in the record, providing the complete governance context that Article 99 examination will require. Organisations that can demonstrate this level of governance evidence are substantially better positioned in any enforcement interaction.