From 56281a0ec075313ffcf89bafbac9cd65f403c994 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=F0=9D=90=8E=F0=9D=90=A7=F0=9D=90=9E=20=F0=9D=90=85?= =?UTF-8?q?=F0=9D=90=A2=F0=9D=90=A7=F0=9D=90=9E=20=F0=9D=90=92=F0=9D=90=AD?= =?UTF-8?q?=F0=9D=90=9A=F0=9D=90=AB=F0=9D=90=AC=F0=9D=90=AD=F0=9D=90=AE?= =?UTF-8?q?=F0=9D=90=9F=F0=9D=90=9F?= Date: Thu, 30 Apr 2026 11:13:17 +0000 Subject: [PATCH] =?UTF-8?q?feat(GSIFI-AIMS-BLUEPRINT-WP-037)=20v1.0.0=20?= =?UTF-8?q?=E2=80=94=20Regulator-Grade=20AI=20Governance=20&=20ISO/IEC=204?= =?UTF-8?q?2001=20AIMS=20Master=20Blueprint=20for=20G-SIFIs=20(2026-2030)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 12 modules / 44 sections / 8 schemas / 11 code examples / 5 case studies / 78 API routes - AIMS documentation Sections 1-5 (ISO/IEC 42001 Cl. 4-10) + Annexes J1-J4 - Multi-jurisdiction overlays: ECB SSM, Fed SR 11-7, PRA SS1/23, EU AI Act, GDPR - Regulator Submission Packs RSP v1.0 -> v2.6 with decision-traceability API, in-toto/Cosign/Rekor signing, PQC-ready (Dilithium hybrid), ZK predicates - Terraform + OPA technical enforcement: 5 modules, 7 policy bundles, 5 decision points (TF plan, CI gate, admission ctrl, runtime, egress) - Adversarial governance loop + 4 self-healing playbooks (SH-01..04) - Predictive governance (Prophet/ARIMA forecasters) + formally-verified obligation graph (TLA+/Lean for FCRA §615, GDPR Art. 22, EU AI Act Art. 73, ECB ICAAP) + counterfactual/causal supervisor queries - Cross-regulator FedReg federation (mTLS + SPIFFE) + Autonomous Supervisory Tiers T0..T5 + joint ECB+Fed+PRA examination workflow - High-risk credit underwriting reference pattern (AI-CR-UNDERWRITE-01, EU AI Act Annex III §5(b)) - 5-phase 2026-2030 roadmap (Foundation -> Industrialise -> Federate -> Verify -> Autonomous), 16 board-tracked KPIs, 3LoD + RACI + 5 committees - Reporting templates with /<abstract>/<content> tags - Schemas: AI System Inventory, RSP Manifest, Decision Envelope, Control Mapping, FRIA, Incident Record, FedReg Message, Obligation Spec - 11 code examples: OPA RSP gate, Terraform WORM evidence (10y), decision envelope dual-signer (Ed25519+Dilithium3), fairness monitor + SH-01, FedReg client, drift forecaster, TLA+ Art.73 spec, Lean FCRA spec, self-healing engine, FastAPI traceability API, Merkle anchor - Generators: gen-gsifi-aims-blueprint.py (63 KB JSON) + gen-gsifi-aims-blueprint-html.py (76 KB HTML) - Server.js: /api/gsifi-aims/* endpoint family wired with /:id route ordering (specific paths declared before parametric to avoid shadowing) - Validated: node -c OK; PM2 online; HTTP 200 across modules M1-M12, endpoint groups (overlays, RSP versions, AIMS sections/annexes, roadmap phases/KPIs, RACI, schemas/code/cases); 8 lookup tests passed; 7 404 handling cases verified; HTML dashboard 78,241 bytes --- .../data/gsifi-aims-blueprint.json | 1612 ++++++++++++++++ .../gen-gsifi-aims-blueprint-html.py | 406 ++++ .../gen-gsifi-aims-blueprint.py | 1716 +++++++++++++++++ .../public/gsifi-aims-blueprint.html | 774 ++++++++ rag-agentic-dashboard/server.js | 230 +++ 5 files changed, 4738 insertions(+) create mode 100644 rag-agentic-dashboard/data/gsifi-aims-blueprint.json create mode 100644 rag-agentic-dashboard/gen-gsifi-aims-blueprint-html.py create mode 100644 rag-agentic-dashboard/gen-gsifi-aims-blueprint.py create mode 100644 rag-agentic-dashboard/public/gsifi-aims-blueprint.html diff --git a/rag-agentic-dashboard/data/gsifi-aims-blueprint.json b/rag-agentic-dashboard/data/gsifi-aims-blueprint.json new file mode 100644 index 0000000..a3af74b --- /dev/null +++ b/rag-agentic-dashboard/data/gsifi-aims-blueprint.json @@ -0,0 +1,1612 @@ +{ + "meta": { + "docRef": "GSIFI-AIMS-BLUEPRINT-WP-037", + "version": "1.0.0", + "date": "2026-04-30", + "title": "Regulator-Grade AI Governance & ISO/IEC 42001 AIMS Master Blueprint for G-SIFIs (2026-2030)", + "subtitle": "Design and implementation roadmap for ISO/IEC 42001-aligned AI Management Systems, multi-jurisdiction regulatory overlays, Regulator Submission Packs (RSP v1.0-v2.6), Terraform/OPA technical enforcement, adversarial and self-healing governance loops, predictive governance with formally-verified legal logic, cross-regulator federation, and autonomous supervisory ecosystems for high-risk credit underwriting.", + "classification": "CONFIDENTIAL \u2014 Board / Prudential Regulator / Group Risk / Internal Audit / Chief Legal & Compliance Officer", + "owner": "Group CRO + Chief AI Officer (CAIO) \u2014 co-signed by CCO, GC, CISO, DPO, Head of Internal Audit", + "audience": [ + "Board of Directors / Risk Committee / Audit Committee", + "Executive Committee (CEO, CFO, CRO, CCO, CISO, CAIO, CTO)", + "Group Compliance, Legal & Privacy Office", + "Internal Audit (3rd Line of Defense)", + "Model Risk Management (MRM, 2nd Line of Defense)", + "Prudential supervisors (ECB SSM JST, Federal Reserve, PRA, OCC)", + "Conduct supervisors (FCA, BaFin, AMF, CFPB)", + "Data protection authorities (EDPB, ICO)", + "AI safety / standards bodies (AISI, ISO/IEC JTC1 SC42)" + ], + "horizon": "2026-2030", + "outlookHorizon": "2030-2035 (autonomous supervisory ecosystems)", + "subjectSystem": { + "institutionType": "G-SIFI / G-SIB (FSB list, Bucket 1-4)", + "scopeOfAi": "All AI systems materially impacting capital, liquidity, credit, market conduct, AML, fraud, and customer outcomes", + "anchorUseCase": "AI-CR-UNDERWRITE-01 \u2014 High-risk retail & SME credit underwriting (EU AI Act Annex III \u00a75(b) \u2014 high-risk)", + "scale": "20+ jurisdictions \u00b7 1,200+ AI systems \u00b7 350+ models in production" + }, + "regulatoryAlignment": [ + "ISO/IEC 42001:2023 \u2014 AI Management System (AIMS) \u2014 primary anchor", + "ISO/IEC 23894:2023 \u2014 AI Risk Management", + "ISO/IEC 5338:2023 \u2014 AI System Life Cycle Processes", + "ISO/IEC 27001:2022 / 27701:2019 / 27018:2019", + "ISO/IEC TR 24028 / 24029 / 24368 (trustworthiness)", + "EU AI Act (Reg. (EU) 2024/1689) \u2014 Art. 6, 9, 10, 12, 13, 14, 15, 17, 26, 27, 49, 53, 55, 72, 73; Annex III \u00a75(b)", + "GDPR (Reg. (EU) 2016/679) \u2014 Art. 5, 6, 9, 22, 25, 32, 33, 34, 35", + "ECB SSM Guide on internal models (2024) + Targeted Review of Internal Models (TRIM) AI extensions", + "Federal Reserve SR 11-7 / OCC 2011-12 \u2014 Model Risk Management", + "PRA SS1/23 \u2014 Model Risk Management Principles for Banks (UK)", + "PRA SS2/21 \u2014 Outsourcing & third-party risk management", + "FCA Consumer Duty (PS22/9) + AI/ML discussion paper DP5/22", + "Basel III/IV \u2014 CRR3 / CRD6 \u2014 ICAAP Pillar 2 AI add-on", + "FCRA (US) \u00a7604/\u00a7615 + ECOA / Reg B \u00a71002 (adverse action)", + "CFPB Circular 2023-03 (algorithmic adverse-action notices)", + "NIST AI RMF 1.0 + GenAI Profile (AI 600-1)", + "OECD AI Principles + G7 Hiroshima AI Process Code of Conduct", + "Council of Europe Framework Convention on AI (2024)", + "OWASP LLM Top 10 (2025) / MITRE ATLAS", + "SLSA L3 + Sigstore/Cosign + in-toto attestations" + ], + "deliverableInventory": { + "modules": 12, + "aimsSections": 5, + "annexes": 4, + "regulatoryOverlays": 5, + "rspVersions": 7, + "schemas": 8, + "codeExamples": 11, + "caseStudies": 5, + "phases": 5, + "kpis": 16, + "controls": 280 + } + }, + "executiveSummary": { + "purpose": "Provide G-SIFI boards, regulators, and supervisors a regulator-grade, ISO/IEC 42001-anchored master blueprint that operationalises AI governance across all jurisdictions in which the institution operates, with machine-checkable legal logic and autonomous supervisory federation by 2030.", + "scope": "End-to-end design, implementation, and continuous-supervision framework for an AI Management System (AIMS) covering all material AI systems \u2014 anchored on the AI-CR-UNDERWRITE-01 high-risk credit use case.", + "designPrinciples": [ + "ISO/IEC 42001 as the operating standard, regulator overlays as policy bundles", + "Compliance-as-code: every control has Terraform + OPA enforcement", + "Decision-traceability: every model decision is reproducible from a signed envelope", + "Self-healing governance: detect-then-remediate loops with cryptographic evidence", + "Predictive governance: forecast control breaches before they occur", + "Formally-verified legal logic: TLA+/Lean specs of obligations", + "Federation by default: cross-regulator API with consented disclosure", + "Adversarial assurance: continuous red-teaming of both models and controls" + ], + "headlineKpis": { + "timeToRegulatorApprovedDeployment": "<= 14 days (RSP v2.4+)", + "rspGenerationLatency": "<= 30 minutes (auto-assembled, signed)", + "decisionTraceabilityCoverage": ">= 99.95% of AI decisions", + "controlAutomationRate": ">= 95% (Terraform + OPA enforced)", + "evidenceAutomation": ">= 96% (no human evidence collection for L1/L2 controls)", + "fairnessAirFloor": ">= 0.85 (FCRA / ECOA / EU AI Act Art. 10)", + "explainabilityCoverage": "100% of high-risk decisions have SHAP + counterfactual", + "adverseActionNoticeSla": "<= 30 days (FCRA \u00a7615) \u2014 automated for 100% cases", + "incidentNotifSlaRegulator": "<= 24h (EU AI Act Art. 73) / 72h (GDPR Art. 33)", + "modelInventoryCoverage": "100% \u2014 no shadow AI tolerance", + "policyDriftMtta": "<= 5 minutes (Terraform plan diff)", + "autonomousSupervisorReadiness": "Tier-3 by 2030 (machine-readable filings)", + "boardAttestationCadence": "Quarterly + ad-hoc on Sev-1", + "auditFindingCloseRate": ">= 95% within SLA", + "wormRetention": "10 years (extends SR 11-7 / SEC 17a-4(f) baseline)", + "crossRegulatorFederationCount": ">= 8 supervisors integrated" + }, + "boardNarrative": "This blueprint converts AI governance from a periodic compliance exercise into a continuously-attested, regulator-federated operating discipline \u2014 measurable, monitorable, and provably correct against the EU AI Act, ISO/IEC 42001, ECB, Fed, PRA, and GDPR by design." + }, + "M1_aimsSections": { + "id": "M1", + "title": "M1 \u2014 ISO/IEC 42001 AIMS Documentation (Sections 1\u20135)", + "summary": "Master AIMS documentation set anchored on ISO/IEC 42001:2023 clauses 4\u201310, broken into Sections 1\u20135 with audit-grade detail.", + "sections": [ + { + "id": "M1-S1", + "title": "Section 1 \u2014 Context of the Organization (Cl. 4)", + "iso42001Clauses": [ + "4.1", + "4.2", + "4.3", + "4.4" + ], + "deliverables": [ + "Internal/external issues register (PEST + tech + regulatory)", + "Interested parties matrix (regulators, customers, employees, society)", + "AIMS scope statement (geographies, business units, AI systems)", + "AI System Inventory v1 (1,200+ systems, classification)", + "Boundary diagram showing AIMS interfaces with EMS/ISMS/QMS" + ], + "evidenceRefs": [ + "EVD-AIMS-S1-CTX-2026Q2", + "EVD-AIMS-S1-INV-2026Q2" + ] + }, + { + "id": "M1-S2", + "title": "Section 2 \u2014 Leadership & Policy (Cl. 5)", + "iso42001Clauses": [ + "5.1", + "5.2", + "5.3" + ], + "deliverables": [ + "Board-approved AI Policy (signed by Chair + CEO)", + "AI Roles & Responsibilities matrix (RACI: Board, CAIO, CRO, CCO, DPO)", + "Authority delegation: model approval thresholds by Tier T0\u2013T5", + "Conflict-of-interest controls between 1st/2nd/3rd LoD" + ], + "evidenceRefs": [ + "EVD-AIMS-S2-POL-2026Q2", + "EVD-AIMS-S2-RACI-2026Q2" + ] + }, + { + "id": "M1-S3", + "title": "Section 3 \u2014 Planning (Cl. 6)", + "iso42001Clauses": [ + "6.1", + "6.2", + "6.3" + ], + "deliverables": [ + "AI Risks & Opportunities register (linked to ISO 23894 taxonomy)", + "AI Objectives (16 KPIs, board-tracked)", + "Change planning protocol (model promotion gates G0\u2013G5)", + "Statement of Applicability (SoA) covering Annex A + regulator overlays" + ], + "evidenceRefs": [ + "EVD-AIMS-S3-RISK-2026Q2", + "EVD-AIMS-S3-SOA-2026Q2" + ] + }, + { + "id": "M1-S4", + "title": "Section 4 \u2014 Support (Cl. 7)", + "iso42001Clauses": [ + "7.1", + "7.2", + "7.3", + "7.4", + "7.5" + ], + "deliverables": [ + "Resourcing plan (FTEs, GPU compute, evidence storage)", + "Competence framework (CAIO certification, MRM accreditation)", + "Awareness program (annual mandatory training, red-team exercises)", + "Communication plan (internal + regulator + customer)", + "Documented information control (versioning, WORM, retention)" + ], + "evidenceRefs": [ + "EVD-AIMS-S4-COMP-2026Q2", + "EVD-AIMS-S4-DOC-2026Q2" + ] + }, + { + "id": "M1-S5", + "title": "Section 5 \u2014 Operation, Performance, Improvement (Cl. 8\u201310)", + "iso42001Clauses": [ + "8.1", + "8.2", + "8.3", + "9.1", + "9.2", + "9.3", + "10.1", + "10.2" + ], + "deliverables": [ + "Operational planning & control (life-cycle SOPs per ISO 5338)", + "AI impact assessment process (GDPR DPIA + EU AI Act FRIA)", + "Performance evaluation (KPI dashboard, internal audit plan)", + "Management review minutes (quarterly, board-attested)", + "Continual improvement loop (CAPA register, RCA)" + ], + "evidenceRefs": [ + "EVD-AIMS-S5-OPS-2026Q2", + "EVD-AIMS-S5-MR-2026Q2", + "EVD-AIMS-S5-CAPA-2026Q2" + ] + } + ] + }, + "M2_aimsAnnexes": { + "id": "M2", + "title": "M2 \u2014 AIMS Annexes J1\u2013J4 (Implementation Detail)", + "summary": "Four institution-specific annexes extending ISO/IEC 42001 Annex A/B with G-SIFI-grade depth.", + "sections": [ + { + "id": "M2-S1", + "title": "Annex J1 \u2014 AI System Inventory & Classification", + "content": "Authoritative register of all AI systems with EU AI Act tiering (Prohibited / High-Risk / Limited / Minimal), internal capability tier T0\u2013T5, owning business unit, data classification, model risk tier, and impact zones.", + "fields": [ + "systemId", + "businessOwner", + "euAiActTier", + "internalTier", + "modelRiskTier", + "annexIIIRef", + "lastFRIA", + "lastDPIA", + "rspVersion", + "regulatorEngagementStatus" + ] + }, + { + "id": "M2-S2", + "title": "Annex J2 \u2014 Statement of Applicability (SoA) + Control Mapping", + "content": "Mapping of ISO/IEC 42001 Annex A controls + 280 institution-specific controls to regulator overlays (ECB, Fed, PRA, EU AI Act, GDPR), each with a Terraform/OPA enforcement reference and an evidence automation status.", + "controlCategories": [ + "AC \u2014 Accountability", + "RM \u2014 Risk Management", + "DG \u2014 Data Governance", + "MD \u2014 Model Development", + "VV \u2014 Validation & Verification", + "DP \u2014 Deployment", + "MO \u2014 Monitoring", + "IR \u2014 Incident Response", + "TP \u2014 Third-Party", + "TR \u2014 Transparency" + ], + "totalControls": 280 + }, + { + "id": "M2-S3", + "title": "Annex J3 \u2014 AI Impact Assessment (FRIA + DPIA Combined)", + "content": "Unified template combining EU AI Act Fundamental Rights Impact Assessment (Art. 27) with GDPR DPIA (Art. 35) and SR 11-7 model materiality assessment.", + "phases": [ + "Phase A \u2014 Purpose & Necessity", + "Phase B \u2014 Risk Identification (12 axes)", + "Phase C \u2014 Risk Evaluation (likelihood \u00d7 severity \u00d7 scope)", + "Phase D \u2014 Mitigation Plan", + "Phase E \u2014 Residual Risk Acceptance (CRO sign-off)", + "Phase F \u2014 Monitoring & Review (auto-rerun on drift)" + ] + }, + { + "id": "M2-S4", + "title": "Annex J4 \u2014 Regulator Submission Pack (RSP) Template", + "content": "Master template that produces RSP v1.0\u2013v2.6 with decision-traceability links, model cards, eval results, monitoring telemetry, and signed attestations.", + "rspContents": [ + "Cover & Executive Summary", + "Model Card (Mitchell+ format extended)", + "Data Sheet (Gebru+ format extended)", + "FRIA + DPIA", + "Validation Report (independent 2nd LoD sign-off)", + "Monitoring Plan + KPI baseline", + "Incident Response Plan (model-specific)", + "Decision Traceability API endpoint + sample decisions", + "Cryptographic attestation bundle (Sigstore + Rekor)" + ] + } + ] + }, + "M3_regulatoryOverlays": { + "id": "M3", + "title": "M3 \u2014 Multi-Jurisdiction Regulatory Overlays", + "summary": "Five regulator overlays applied as policy bundles on top of the ISO/IEC 42001 baseline.", + "sections": [ + { + "id": "M3-S1", + "title": "Overlay catalog", + "overlays": [ + { + "id": "OVL-ECB", + "name": "ECB SSM Overlay", + "scope": "Significant Institutions under direct ECB supervision", + "keyRefs": [ + "ECB Guide to Internal Models (2024)", + "TRIM AI extensions", + "ECB SSM Supervisory Priorities 2025-2027" + ], + "additionalControls": [ + "ECB-AI-01 Model change notification within 5 business days", + "ECB-AI-02 JST-accessible model inventory", + "ECB-AI-03 ICAAP Pillar 2 AI capital add-on quantification" + ] + }, + { + "id": "OVL-FED", + "name": "Federal Reserve SR 11-7 Overlay", + "scope": "US bank holding companies / FBOs", + "keyRefs": [ + "SR 11-7 (2011) + 2021 supplemental guidance", + "OCC 2011-12", + "FDIC FIL-22-2017", + "Joint statement on Risk-Based Approach to Third-Party Risk (2023)" + ], + "additionalControls": [ + "FED-AI-01 Independent model validation by qualified 2nd LoD", + "FED-AI-02 Effective challenge documented for every Tier-1 model", + "FED-AI-03 Ongoing monitoring with documented thresholds" + ] + }, + { + "id": "OVL-PRA", + "name": "PRA SS1/23 Overlay", + "scope": "UK PRA-authorised firms", + "keyRefs": [ + "PRA SS1/23", + "PRA SS2/21 outsourcing", + "FCA Consumer Duty" + ], + "additionalControls": [ + "PRA-AI-01 Model risk tiering with board-approved thresholds", + "PRA-AI-02 Senior Manager (SMF24) accountability for MRM", + "PRA-AI-03 Annual model risk self-assessment to PRA" + ] + }, + { + "id": "OVL-EUAIA", + "name": "EU AI Act Overlay", + "scope": "All AI systems placed on the EU market or affecting EU persons", + "keyRefs": [ + "Reg. (EU) 2024/1689", + "EU AI Act Annex III \u00a75(b) \u2014 credit scoring", + "Commission implementing acts 2025-2026" + ], + "additionalControls": [ + "EUAIA-AI-01 CE conformity (Art. 43) for high-risk systems", + "EUAIA-AI-02 Post-market monitoring (Art. 72) live", + "EUAIA-AI-03 Serious incident reporting within 15 days (Art. 73)", + "EUAIA-AI-04 Registration in EU database (Art. 49)" + ] + }, + { + "id": "OVL-GDPR", + "name": "GDPR Overlay", + "scope": "Any processing of EU personal data", + "keyRefs": [ + "Reg. (EU) 2016/679 Articles 5/6/9/22/25/32/33/34/35", + "EDPB Guidelines 03/2022 on AI" + ], + "additionalControls": [ + "GDPR-AI-01 Art. 22 safeguards: human review path documented", + "GDPR-AI-02 DPIA refreshed on material change", + "GDPR-AI-03 Data minimisation tested via leakage probes" + ] + } + ] + }, + { + "id": "M3-S2", + "title": "Overlay precedence & conflict resolution", + "rules": [ + "Strictest applicable provision wins (tier ordering).", + "Where overlays diverge on disclosure scope, union of disclosures applies; classification follows the home regulator.", + "Conflict log maintained with Legal sign-off for every override." + ] + }, + { + "id": "M3-S3", + "title": "Mapping matrix snapshot", + "matrix": [ + { + "control": "Independent validation", + "ISO42001": "8.3", + "ECB": "ECB-AI-01/03", + "Fed": "FED-AI-01/02", + "PRA": "PRA-AI-02", + "EUAIA": "Art. 17 QMS / 43", + "GDPR": "\u2014" + }, + { + "control": "Adverse-action explanation", + "ISO42001": "Annex A 6.2.7", + "ECB": "\u2014", + "Fed": "FCRA \u00a7615", + "PRA": "FCA Consumer Duty", + "EUAIA": "Art. 13/86", + "GDPR": "Art. 22" + }, + { + "control": "Post-market monitoring", + "ISO42001": "9.1", + "ECB": "ECB-AI-02", + "Fed": "FED-AI-03", + "PRA": "PRA-AI-03", + "EUAIA": "Art. 72", + "GDPR": "Art. 35(11)" + }, + { + "control": "Incident reporting", + "ISO42001": "10.2", + "ECB": "Operational incident framework", + "Fed": "SR 11-7 weakness reporting", + "PRA": "SS1/23 \u00a73.5", + "EUAIA": "Art. 73", + "GDPR": "Art. 33/34" + } + ] + } + ] + }, + "M4_rsp": { + "id": "M4", + "title": "M4 \u2014 Regulator Submission Packs (RSP v1.0 \u2192 v2.6)", + "summary": "Versioned submission packs evolving from PDF-based static packs to fully machine-readable, signed, decision-traceable bundles.", + "sections": [ + { + "id": "M4-S1", + "title": "Version roadmap", + "versions": [ + { + "id": "RSP-v1.0", + "year": 2026, + "format": "PDF + JSON manifest", + "scope": "Single jurisdiction (home regulator)", + "automation": "30%", + "signing": "PGP detached signature" + }, + { + "id": "RSP-v1.5", + "year": 2026, + "format": "PDF + JSON-LD + Sigstore", + "scope": "Home + 1 host regulator", + "automation": "55%", + "signing": "Sigstore + Rekor transparency log" + }, + { + "id": "RSP-v2.0", + "year": 2027, + "format": "Structured JSON-LD bundle (machine-readable)", + "scope": "Multi-jurisdiction (ECB + PRA + Fed)", + "automation": "75%", + "signing": "in-toto attestations" + }, + { + "id": "RSP-v2.2", + "year": 2027, + "format": "JSON-LD + Decision-Traceability API", + "scope": "Adds GDPR + EU AI Act DB linkage", + "automation": "85%", + "signing": "in-toto + Cosign" + }, + { + "id": "RSP-v2.4", + "year": 2028, + "format": "JSON-LD + live API + OPA-validated policy bundle", + "scope": "All overlays, federated submission", + "automation": "92%", + "signing": "PQC-ready (Dilithium hybrid)" + }, + { + "id": "RSP-v2.5", + "year": 2029, + "format": "v2.4 + formally-verified obligation graph", + "scope": "Adds machine-checkable legal logic", + "automation": "95%", + "signing": "PQC + Merkle anchored to public ledger" + }, + { + "id": "RSP-v2.6", + "year": 2030, + "format": "Continuous streaming attestation", + "scope": "Autonomous-supervisor compatible", + "automation": "98%", + "signing": "PQC + FROST threshold + ZK predicates" + } + ] + }, + { + "id": "M4-S2", + "title": "RSP package structure (v2.4+)", + "structure": [ + "/rsp/manifest.jsonld \u2014 top-level bundle", + "/rsp/model-card.json", + "/rsp/datasheet.json", + "/rsp/fria-dpia.json", + "/rsp/validation-report.json", + "/rsp/monitoring-plan.json", + "/rsp/incident-plan.json", + "/rsp/decisions/ (signed decision envelopes)", + "/rsp/policy-bundle.tar.gz (OPA bundle)", + "/rsp/attestations/ (in-toto / Cosign / Rekor)", + "/rsp/hash-chain.json (Merkle root + signatures)" + ] + }, + { + "id": "M4-S3", + "title": "Decision-traceability API", + "endpoints": [ + "GET /rsp/{rspId}/decisions/{decisionId} \u2014 full reproducible decision", + "GET /rsp/{rspId}/decisions?subjectId=\u2026 \u2014 subject access", + "GET /rsp/{rspId}/lineage \u2014 model + data lineage graph", + "GET /rsp/{rspId}/attestations \u2014 verifiable bundle", + "POST /rsp/{rspId}/challenge \u2014 supervisor counterfactual probe" + ], + "slas": { + "decisionLookup": "<= 200 ms p95", + "lineageGraph": "<= 1 s p95", + "challengeReply": "<= 5 minutes p95" + }, + "auth": "mTLS + supervisor SPIFFE ID + per-call OPA policy" + }, + { + "id": "M4-S4", + "title": "RSP issuance pipeline", + "stages": [ + "Trigger: model promotion / quarterly cadence / supervisor request", + "Assemble: pull artefacts from registry, evaluator, monitor", + "Validate: OPA policy bundle compliance check", + "Sign: in-toto layout + Cosign + Rekor entry", + "Publish: regulator portal + internal evidence WORM", + "Notify: supervisor + Internal Audit + Board pack" + ] + } + ] + }, + "M5_technicalEnforcement": { + "id": "M5", + "title": "M5 \u2014 Terraform + OPA Technical Enforcement", + "summary": "Compliance-as-code substrate enforcing AIMS controls at infrastructure, pipeline, and runtime layers.", + "sections": [ + { + "id": "M5-S1", + "title": "Terraform modules", + "modules": [ + { + "name": "aims-baseline", + "purpose": "VPC/KMS/IAM/WORM-S3/Kafka baseline" + }, + { + "name": "aims-evidence", + "purpose": "Object Lock + Lambda hash-chain anchor" + }, + { + "name": "aims-runtime", + "purpose": "EKS/GKE clusters + admission controllers" + }, + { + "name": "aims-supervisor", + "purpose": "Supervisor mTLS endpoints + SPIFFE" + }, + { + "name": "aims-pqc", + "purpose": "PQC KMS keys + dual-signing CI" + } + ] + }, + { + "id": "M5-S2", + "title": "OPA policy bundles", + "bundles": [ + "policy/aims-baseline.tar.gz (Annex A controls)", + "policy/overlay-ecb.tar.gz", + "policy/overlay-fed.tar.gz", + "policy/overlay-pra.tar.gz", + "policy/overlay-euaia.tar.gz", + "policy/overlay-gdpr.tar.gz", + "policy/use-case-credit-underwriting.tar.gz" + ], + "decisionPoints": [ + "Terraform plan (pre-apply) \u2014 block insecure infra", + "CI gate (pre-merge) \u2014 model card + eval coverage", + "Admission controller (Kubernetes) \u2014 image attestation", + "Inference gateway (runtime) \u2014 per-call obligations", + "Egress filter \u2014 prohibited-use checks" + ] + }, + { + "id": "M5-S3", + "title": "Continuous configuration audit", + "controls": [ + "Daily Terraform drift scan with auto-remediation PR", + "Hourly OPA bundle integrity check (signed digest)", + "Per-region misconfiguration KPI dashboard", + "Auto-quarantine of non-compliant workloads" + ] + } + ] + }, + "M6_adversarialSelfHealing": { + "id": "M6", + "title": "M6 \u2014 Adversarial & Self-Healing Governance Loops", + "summary": "Continuous adversarial exercise of both models and controls, paired with auto-remediation that closes the loop without human intervention for known failure modes.", + "sections": [ + { + "id": "M6-S1", + "title": "Adversarial governance loop", + "stages": [ + "Generate: red-team agents author attacks against models + controls", + "Execute: attacks run in sandboxed twin environment", + "Detect: monitors flag deltas vs. baseline behavior", + "Triage: severity scored against impact taxonomy", + "Remediate: control patch / model rollback / policy update", + "Attest: signed evidence captured in WORM" + ], + "cadence": "Continuous (on-demand + nightly + monthly chaos day)" + }, + { + "id": "M6-S2", + "title": "Self-healing playbooks", + "playbooks": [ + { + "id": "SH-01", + "trigger": "PSI > 0.2 on protected attribute", + "action": "Auto-rollback to previous model version + open Sev-2 ticket", + "humanGate": "CRO post-hoc review within 24h" + }, + { + "id": "SH-02", + "trigger": "OPA policy bundle digest mismatch", + "action": "Quarantine workload + restore last-known-good bundle", + "humanGate": "CISO + CCO joint review" + }, + { + "id": "SH-03", + "trigger": "Adverse-action SLA breach predicted", + "action": "Failover to deterministic fallback scoring + notify ops", + "humanGate": "Head of Credit + DPO" + }, + { + "id": "SH-04", + "trigger": "FRIA risk score escalation", + "action": "Block new deployments of system + escalate to Risk Committee", + "humanGate": "Board Risk Committee within 5 business days" + } + ] + }, + { + "id": "M6-S3", + "title": "Adversarial assurance KPIs", + "kpis": { + "redTeamCoverage": ">= 95% of high-risk systems / quarter", + "novelAttackDiscoveryRate": ">= 5 net-new attack classes / year", + "selfHealingResolutionRate": ">= 80% Sev-2 without human action", + "meanTimeToRemediate": "<= 30 min (Sev-2), <= 4 h (Sev-1)" + } + } + ] + }, + "M7_predictiveFormal": { + "id": "M7", + "title": "M7 \u2014 Predictive Governance & Formally-Verified Legal Logic", + "summary": "Forecast control breaches before they occur and prove obligations are correctly implemented using machine-checkable specifications.", + "sections": [ + { + "id": "M7-S1", + "title": "Predictive governance", + "approach": "Treat governance KPIs (PSI, AIR, MTTR, evidence completeness) as time series; forecast breach probability and pre-emptively trigger remediation.", + "models": [ + "Drift forecaster (Prophet + ARIMA ensemble) \u2014 7-day horizon", + "Fairness drift forecaster \u2014 protected-attribute aware", + "Control-fatigue forecaster (audit findings as proxy)", + "Regulatory-question forecaster (LLM-driven, supervised by Legal)" + ], + "outputs": [ + "Predicted breaches with calibrated confidence", + "Recommended interventions (pre-staged remediation PRs)", + "Board pre-warning dashboard (T-30 days)" + ] + }, + { + "id": "M7-S2", + "title": "Formally-verified obligation graph", + "approach": "Encode regulator obligations as an obligation graph in TLA+/Lean and prove the implementation refines the specification.", + "specs": [ + "FCRA \u00a7615 adverse-action obligation (Lean spec, mechanically checked)", + "GDPR Art. 22 human-review-path obligation (TLA+)", + "EU AI Act Art. 73 incident-reporting obligation (TLA+ liveness)", + "ECB ICAAP Pillar 2 AI add-on quantification (Lean)" + ], + "deliverable": "Each spec ships with a CI job that fails the build if a code change breaks refinement." + }, + { + "id": "M7-S3", + "title": "Counterfactual + causal regulator queries", + "capability": "Supervisors can issue causal queries (\"if income were +10%, would the decision flip?\") that the system answers with a causal model + uncertainty, not just correlations.", + "engines": [ + "DoWhy + EconML for causal effect estimation", + "DiCE / Alibi for actionable counterfactuals", + "LiNGAM / NOTEARS for structure discovery (governed)" + ] + } + ] + }, + "M8_federationSupervisory": { + "id": "M8", + "title": "M8 \u2014 Cross-Regulator Federation & Autonomous Supervisory Ecosystem", + "summary": "Federate disclosures across supervisors and prepare for autonomous supervisory ecosystems by 2030.", + "sections": [ + { + "id": "M8-S1", + "title": "Federation protocol (FedReg)", + "transport": "mTLS + SPIFFE IDs + OAuth2 Mutual-TLS Client Auth", + "schema": "JSON-LD with shared regulator vocabulary (W3C ODRL extension)", + "operations": [ + "Disclose: scoped artefact share with consent metadata", + "Subscribe: supervisor receives delta stream", + "Challenge: supervisor issues counterfactual / explainability query", + "Attest: institution returns signed answer with provenance" + ], + "consentModel": "Per-scope, per-purpose, time-bounded, revocable" + }, + { + "id": "M8-S2", + "title": "Autonomous Supervisory Tiers", + "tiers": [ + { + "tier": "T0", + "name": "Manual", + "year": "<2026", + "description": "PDF + portal uploads" + }, + { + "tier": "T1", + "name": "Structured", + "year": "2026", + "description": "Machine-readable RSP, manual review" + }, + { + "tier": "T2", + "name": "Streaming", + "year": "2027-2028", + "description": "Continuous attestation feed" + }, + { + "tier": "T3", + "name": "Federated", + "year": "2028-2029", + "description": "Cross-regulator query graph" + }, + { + "tier": "T4", + "name": "Autonomous (advisory)", + "year": "2029-2030", + "description": "Supervisor AI agents issue advisories" + }, + { + "tier": "T5", + "name": "Autonomous (binding-with-human-override)", + "year": "2030+", + "description": "Binding decisions with statutory human override" + } + ] + }, + { + "id": "M8-S3", + "title": "Privacy & sovereignty controls in federation", + "controls": [ + "Differential privacy on aggregate disclosures (\u03b5 <= 1)", + "Zero-knowledge predicates for sensitive thresholds", + "Data residency tags enforced at egress filter", + "Per-jurisdiction key custody with HSM + threshold signing (FROST)" + ] + }, + { + "id": "M8-S4", + "title": "Joint examination workflow", + "scenario": "ECB + FRB + PRA jointly examine AI-CR-UNDERWRITE-01. Each receives scoped, signed RSP slices; queries federated through FedReg; institution responses attested into a shared transparency log.", + "sla": "Joint final report within 30 calendar days" + } + ] + }, + "M9_creditUnderwriting": { + "id": "M9", + "title": "M9 \u2014 High-Risk Credit Underwriting Best-Practice Pattern (AI-CR-UNDERWRITE-01)", + "summary": "Reference end-to-end pattern for high-risk retail & SME credit underwriting under EU AI Act Annex III \u00a75(b), FCRA, ECOA, and PRA / Fed MRM.", + "sections": [ + { + "id": "M9-S1", + "title": "Use-case scope & risk classification", + "details": { + "euAiActTier": "High-risk (Annex III \u00a75(b))", + "internalTier": "T3 (material consumer impact)", + "modelRiskTier": "Tier 1", + "regulators": [ + "ECB", + "Fed", + "PRA", + "FCA", + "CFPB", + "ICO", + "EDPB" + ], + "decisionVolume": "~12M decisions / year" + } + }, + { + "id": "M9-S2", + "title": "Data governance", + "controls": [ + "Datasheet (Gebru+) with provenance, sampling, bias notes", + "Protected attributes proxied + monitored (no direct use)", + "Synthetic counterfactual training augmentation for AIR uplift", + "Quarterly representativeness audit by Internal Audit" + ] + }, + { + "id": "M9-S3", + "title": "Model development & validation", + "controls": [ + "Champion/challenger with at least 2 independent architectures", + "GBM + monotonic constraints on protected proxies", + "Independent 2nd LoD validation (effective challenge)", + "FRIA + DPIA refreshed each retrain", + "Reproducibility: bit-exact training pipeline pinned" + ] + }, + { + "id": "M9-S4", + "title": "Decisioning & adverse action", + "controls": [ + "Per-decision SHAP + counterfactual stored with envelope", + "Adverse-action notice generated within 24h (FCRA \u00a7615)", + "GDPR Art. 22 human-review path for any decision contested", + "EU AI Act Art. 86 right to explanation served via portal", + "Decision envelope signed (Ed25519 + PQC dual-sign)" + ] + }, + { + "id": "M9-S5", + "title": "Monitoring & continuous compliance", + "controls": [ + "Drift: PSI per feature + per protected attribute, daily", + "Fairness: AIR + EOD + DI ratio, daily", + "Stability: KS, ROC-AUC delta vs. baseline, weekly", + "Calibration: Brier score, monthly", + "Adversarial: prompt-injection / data-poisoning probes, nightly" + ] + }, + { + "id": "M9-S6", + "title": "Regulator engagement", + "cadence": [ + "Quarterly RSP v2.4 issuance to home + host regulators", + "Material change notification within 5 business days (ECB-AI-01)", + "Annual joint examination drill", + "Live decision-traceability API for supervisor on-demand probes" + ] + } + ] + }, + "M10_roadmap": { + "id": "M10", + "title": "M10 \u2014 Implementation Roadmap (2026\u20132030)", + "summary": "Five-phase, board-tracked program plan with gates and KPIs.", + "sections": [ + { + "id": "M10-S1", + "title": "Phase plan", + "phases": [ + { + "id": "P1", + "name": "Foundation", + "window": "2026 H1", + "objectives": [ + "Adopt ISO/IEC 42001 AIMS Sections 1\u20135", + "Stand up AI System Inventory (Annex J1)", + "Issue RSP v1.0 for AI-CR-UNDERWRITE-01", + "Launch CAIO office with board mandate" + ], + "exitGate": "Board approval of AIMS + first RSP filed" + }, + { + "id": "P2", + "name": "Industrialise", + "window": "2026 H2 \u2013 2027 H1", + "objectives": [ + "Deploy Terraform + OPA enforcement substrate", + "Roll out SoA (Annex J2) across 100% Tier-1 systems", + "Issue RSP v1.5 + v2.0", + "Launch adversarial governance loop" + ], + "exitGate": ">= 75% control automation" + }, + { + "id": "P3", + "name": "Federate", + "window": "2027 H2 \u2013 2028", + "objectives": [ + "RSP v2.2 + v2.4 with multi-regulator scope", + "FedReg federation pilot with ECB + PRA + Fed", + "Activate self-healing playbooks SH-01..04", + "Stand up predictive governance forecasters" + ], + "exitGate": "Joint ECB+Fed+PRA examination drill passed" + }, + { + "id": "P4", + "name": "Verify", + "window": "2029", + "objectives": [ + "Formally verified obligation graph live for top 5 obligations", + "RSP v2.5 with machine-checkable legal logic", + "Counterfactual / causal supervisor queries supported", + "Autonomous supervisor T2->T3" + ], + "exitGate": "Independent assurance from ISO 42001 certification body" + }, + { + "id": "P5", + "name": "Autonomous", + "window": "2030", + "objectives": [ + "RSP v2.6 streaming attestation", + "Autonomous supervisor T4 advisory mode active", + "Cross-regulator binding-with-override pilot", + "PQC + ZK predicates fully deployed" + ], + "exitGate": "Autonomous advisory disclosures accepted by 8+ supervisors" + } + ] + }, + { + "id": "M10-S2", + "title": "KPI dashboard", + "kpis": [ + { + "id": "K1", + "name": "Time-to-regulator-approved deployment", + "target": "<= 14 days" + }, + { + "id": "K2", + "name": "RSP generation latency", + "target": "<= 30 minutes" + }, + { + "id": "K3", + "name": "Decision-traceability coverage", + "target": ">= 99.95%" + }, + { + "id": "K4", + "name": "Control automation rate", + "target": ">= 95%" + }, + { + "id": "K5", + "name": "Evidence automation", + "target": ">= 96%" + }, + { + "id": "K6", + "name": "Fairness AIR floor", + "target": ">= 0.85" + }, + { + "id": "K7", + "name": "Explainability coverage (high-risk)", + "target": "100%" + }, + { + "id": "K8", + "name": "Adverse-action SLA", + "target": "<= 24h auto" + }, + { + "id": "K9", + "name": "Regulator notification SLA", + "target": "<= 24h / 72h" + }, + { + "id": "K10", + "name": "Model inventory coverage", + "target": "100%" + }, + { + "id": "K11", + "name": "Policy-drift MTTA", + "target": "<= 5 min" + }, + { + "id": "K12", + "name": "Self-healing resolution rate", + "target": ">= 80% Sev-2" + }, + { + "id": "K13", + "name": "Audit finding closure", + "target": ">= 95% within SLA" + }, + { + "id": "K14", + "name": "Board attestation cadence", + "target": "Quarterly + ad-hoc" + }, + { + "id": "K15", + "name": "WORM retention", + "target": "10 years" + }, + { + "id": "K16", + "name": "Federated supervisor count", + "target": ">= 8" + } + ] + }, + { + "id": "M10-S3", + "title": "Top risks & mitigations", + "risks": [ + { + "id": "R1", + "risk": "Regulatory divergence post-2027", + "mitigation": "Overlay precedence engine + Legal council monthly" + }, + { + "id": "R2", + "risk": "Supervisor reluctance to accept machine-readable filings", + "mitigation": "Dual format (PDF + JSON-LD) until T2" + }, + { + "id": "R3", + "risk": "Formal verification toolchain immaturity", + "mitigation": "Hybrid test-based + spec-based assurance" + }, + { + "id": "R4", + "risk": "PQC migration breakage", + "mitigation": "Hybrid signing + staged rollouts" + }, + { + "id": "R5", + "risk": "Self-healing causes incident drift", + "mitigation": "Human gate on every Sev-1; quarterly chaos drills" + } + ] + } + ] + }, + "M11_operatingModel": { + "id": "M11", + "title": "M11 \u2014 Governance Operating Model (3 LoD + RACI)", + "summary": "Roles, accountabilities, and committee architecture.", + "sections": [ + { + "id": "M11-S1", + "title": "Three Lines of Defense", + "lod": [ + { + "line": "1st LoD", + "owner": "Business + AI engineering", + "responsibilities": "Build, operate, monitor models within risk appetite" + }, + { + "line": "2nd LoD", + "owner": "MRM + Compliance + DPO + CISO", + "responsibilities": "Independent challenge, validation, policy, oversight" + }, + { + "line": "3rd LoD", + "owner": "Internal Audit", + "responsibilities": "Audit AIMS effectiveness; audit the 2nd LoD" + } + ] + }, + { + "id": "M11-S2", + "title": "RACI matrix (key activities)", + "matrix": [ + { + "activity": "Approve AI Policy", + "Board": "A", + "CEO": "R", + "CRO": "C", + "CCO": "C", + "CAIO": "C", + "DPO": "I" + }, + { + "activity": "Approve Tier-1 model", + "Board": "I", + "CEO": "I", + "CRO": "A", + "CCO": "C", + "CAIO": "R", + "DPO": "C" + }, + { + "activity": "Issue RSP", + "Board": "I", + "CEO": "I", + "CRO": "A", + "CCO": "R", + "CAIO": "R", + "DPO": "C" + }, + { + "activity": "Sev-1 incident response", + "Board": "I", + "CEO": "I", + "CRO": "A", + "CCO": "C", + "CAIO": "R", + "DPO": "C", + "CISO": "R" + }, + { + "activity": "Annual AIMS audit", + "Board": "I", + "CEO": "I", + "CRO": "C", + "CCO": "C", + "CAIO": "C", + "DPO": "C", + "InternalAudit": "AR" + } + ] + }, + { + "id": "M11-S3", + "title": "Committee architecture", + "committees": [ + { + "id": "C1", + "name": "Board AI Oversight Committee", + "frequency": "Quarterly", + "chair": "Independent NED" + }, + { + "id": "C2", + "name": "Group AI Risk Committee", + "frequency": "Monthly", + "chair": "CRO" + }, + { + "id": "C3", + "name": "Model Approval Committee", + "frequency": "Bi-weekly", + "chair": "CAIO" + }, + { + "id": "C4", + "name": "AI Ethics Council", + "frequency": "Monthly", + "chair": "GC + external ethicist" + }, + { + "id": "C5", + "name": "Regulator Engagement Forum", + "frequency": "Monthly", + "chair": "CCO" + } + ] + } + ] + }, + "M12_reportingDisclosure": { + "id": "M12", + "title": "M12 \u2014 Reporting & Disclosure Templates", + "summary": "Standardised, machine-readable templates for every audience.", + "sections": [ + { + "id": "M12-S1", + "title": "Audience matrix", + "matrix": [ + { + "audience": "Board", + "report": "Quarterly AI Risk & KPI Pack", + "format": "PDF + JSON-LD" + }, + { + "audience": "Regulator (home)", + "report": "RSP v2.4+", + "format": "JSON-LD bundle + signatures" + }, + { + "audience": "Regulator (host)", + "report": "Federated RSP slice", + "format": "FedReg streaming" + }, + { + "audience": "Customer (adverse action)", + "report": "Adverse-action notice + explanation", + "format": "Multilingual portal + paper" + }, + { + "audience": "Internal Audit", + "report": "AIMS audit dossier", + "format": "Evidence bundle + Merkle root" + }, + { + "audience": "Public", + "report": "Transparency report", + "format": "PDF + W3C transparency log link" + } + ] + }, + { + "id": "M12-S2", + "title": "Markdown template skeleton", + "tags": [ + "<title>", + "<abstract>", + "<content>" + ], + "skeleton": "<title>Quarterly AI Risk & KPI Pack \u2014 2026 Q4\nSummary of KPI movement, top risks, and regulator interactions for the quarter.\n1. KPI dashboard (K1..K16)\n2. Material model changes\n3. Incidents (Sev-0..Sev-2)\n4. Regulator engagements (RSP issuances, queries)\n5. Internal Audit findings status\n6. Forward-looking risks (predictive governance)\n7. Board decisions requested" + }, + { + "id": "M12-S3", + "title": "Disclosure principles", + "principles": [ + "Truthful, complete, and timely", + "Audience-fit (no jargon to customers; rigour to supervisors)", + "Verifiable (every claim traceable to a signed evidence record)", + "Privacy-preserving (DP / ZK on aggregate disclosures)" + ] + } + ] + }, + "schemas": { + "aiSystemInventoryEntry": { + "title": "AI System Inventory Entry (Annex J1)", + "required": [ + "systemId", + "businessOwner", + "euAiActTier", + "internalTier", + "modelRiskTier", + "lastFRIA", + "rspVersion" + ], + "fields": { + "systemId": "string", + "businessOwner": "string", + "euAiActTier": "enum[Prohibited|HighRisk|Limited|Minimal]", + "internalTier": "enum[T0|T1|T2|T3|T4|T5]", + "modelRiskTier": "enum[Tier-1|Tier-2|Tier-3]", + "annexIIIRef": "string", + "lastFRIA": "ISO-8601", + "lastDPIA": "ISO-8601", + "rspVersion": "string", + "regulatorEngagementStatus": "enum[Filed|Pending|UnderReview|Approved|Withdrawn]" + } + }, + "rspManifest": { + "title": "Regulator Submission Pack \u2014 Manifest (v2.4+)", + "required": [ + "rspId", + "version", + "subjectSystemId", + "issuedAt", + "signatures", + "merkleRoot" + ], + "fields": { + "rspId": "string", + "version": "string", + "subjectSystemId": "string", + "issuedAt": "ISO-8601", + "regulators": "string[]", + "artefacts": "object[]", + "signatures": "object[]", + "merkleRoot": "hex", + "policyBundleDigest": "hex", + "ledgerAnchorTx": "string" + } + }, + "decisionEnvelope": { + "title": "Decision Envelope (per AI decision)", + "required": [ + "decisionId", + "subjectId", + "modelId", + "modelVersion", + "inputsHash", + "output", + "shapTopK", + "ts", + "signature" + ], + "fields": { + "decisionId": "string", + "subjectId": "string", + "modelId": "string", + "modelVersion": "string", + "inputsHash": "hex", + "output": "object", + "shapTopK": "object[]", + "counterfactual": "object", + "policyDecision": "object", + "ts": "ISO-8601", + "signature": "object" + } + }, + "controlMapping": { + "title": "Control Mapping (Annex J2 SoA)", + "required": [ + "controlId", + "category", + "iso42001Ref", + "overlays", + "enforcement" + ], + "fields": { + "controlId": "string", + "category": "string", + "iso42001Ref": "string", + "overlays": "object", + "enforcement": "object", + "evidenceAutomation": "enum[None|Partial|Full]", + "owner": "string" + } + }, + "friaRecord": { + "title": "FRIA + DPIA Combined Record (Annex J3)", + "required": [ + "friaId", + "subjectSystemId", + "phase", + "residualRisk", + "approvers" + ], + "fields": { + "friaId": "string", + "subjectSystemId": "string", + "phase": "enum[A|B|C|D|E|F]", + "axes": "object[]", + "residualRisk": "enum[Low|Medium|High|Critical]", + "approvers": "string[]", + "nextReviewAt": "ISO-8601" + } + }, + "incidentRecord": { + "title": "AI Incident Record (Cl. 10.2 + EU AI Act Art. 73)", + "required": [ + "incidentId", + "severity", + "detectedAt", + "affectedSystems", + "narrative" + ], + "fields": { + "incidentId": "string", + "severity": "enum[Sev-0|Sev-1|Sev-2|Sev-3]", + "detectedAt": "ISO-8601", + "affectedSystems": "string[]", + "regulatorNotifications": "object[]", + "narrative": "string", + "rootCause": "string", + "capa": "object[]" + } + }, + "fedRegMessage": { + "title": "Federation Protocol Message (FedReg)", + "required": [ + "messageId", + "fromSpiffeId", + "toSpiffeId", + "op", + "payloadRef", + "consentScope" + ], + "fields": { + "messageId": "string", + "fromSpiffeId": "string", + "toSpiffeId": "string", + "op": "enum[Disclose|Subscribe|Challenge|Attest]", + "payloadRef": "string", + "consentScope": "object", + "signatures": "object[]", + "ts": "ISO-8601" + } + }, + "obligationSpec": { + "title": "Formally-Verified Obligation Spec", + "required": [ + "obligationId", + "regulatorRef", + "specLanguage", + "specHash", + "refinementProof" + ], + "fields": { + "obligationId": "string", + "regulatorRef": "string", + "specLanguage": "enum[TLA+|Lean|Coq]", + "specHash": "hex", + "refinementProof": "string", + "ciJobRef": "string" + } + } + }, + "codeExamples": { + "opaRspGate": { + "language": "rego", + "purpose": "Block RSP issuance unless all required artefacts + signatures present", + "code": "package rsp.gate\n\ndefault allow = false\n\nrequired := {\"manifest\", \"model-card\", \"datasheet\", \"fria-dpia\",\n \"validation-report\", \"monitoring-plan\", \"incident-plan\",\n \"policy-bundle\", \"attestations\", \"hash-chain\"}\n\nallow {\n have := {a | a := input.artefacts[_].name}\n missing := required - have\n count(missing) == 0\n input.signatures.cosign.verified == true\n input.signatures.intoto.verified == true\n input.policyBundleDigest == data.policy.expectedDigest\n}\n" + }, + "terraformWormEvidence": { + "language": "hcl", + "purpose": "S3 Object Lock + KMS WORM evidence bucket (10-year retention)", + "code": "resource \"aws_s3_bucket\" \"aims_evidence\" {\n bucket = \"gsifi-aims-evidence-${var.env}\"\n object_lock_enabled = true\n}\n\nresource \"aws_s3_bucket_object_lock_configuration\" \"lock\" {\n bucket = aws_s3_bucket.aims_evidence.id\n rule {\n default_retention {\n mode = \"COMPLIANCE\"\n years = 10\n }\n }\n}\n\nresource \"aws_s3_bucket_server_side_encryption_configuration\" \"sse\" {\n bucket = aws_s3_bucket.aims_evidence.id\n rule {\n apply_server_side_encryption_by_default {\n kms_master_key_id = aws_kms_key.aims.arn\n sse_algorithm = \"aws:kms\"\n }\n }\n}\n" + }, + "decisionEnvelopeSigner": { + "language": "python", + "purpose": "Sign per-decision envelopes (Ed25519 + PQC dual-sign)", + "code": "import hashlib, json, time\nfrom cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey\n# pqcrypto.sign.dilithium3 illustrative\nfrom pqcrypto.sign.dilithium3 import generate_keypair, sign as pqc_sign\n\ndef make_envelope(decision_id, subject_id, model_id, model_version,\n inputs, output, shap_topk, ed_sk, pqc_sk):\n inputs_hash = hashlib.sha256(json.dumps(inputs, sort_keys=True).encode()).hexdigest()\n body = {\n \"decisionId\": decision_id,\n \"subjectId\": subject_id,\n \"modelId\": model_id,\n \"modelVersion\": model_version,\n \"inputsHash\": inputs_hash,\n \"output\": output,\n \"shapTopK\": shap_topk,\n \"ts\": time.strftime(\"%Y-%m-%dT%H:%M:%SZ\", time.gmtime()),\n }\n payload = json.dumps(body, sort_keys=True).encode()\n sig_ed = ed_sk.sign(payload).hex()\n sig_pqc = pqc_sign(pqc_sk, payload).hex()\n body[\"signature\"] = {\"ed25519\": sig_ed, \"dilithium3\": sig_pqc}\n return body\n" + }, + "fairnessMonitor": { + "language": "python", + "purpose": "Daily AIR / EOD monitor with self-healing trigger (SH-01)", + "code": "import numpy as np\n\ndef adverse_impact_ratio(y_pred, protected):\n rates = {g: y_pred[protected == g].mean() for g in np.unique(protected)}\n ref = max(rates.values())\n return min(rates.values()) / ref if ref else 1.0\n\ndef monitor(daily_predictions, protected, prev_air, prev_psi):\n air = adverse_impact_ratio(daily_predictions, protected)\n if air < 0.85 or prev_psi > 0.2:\n trigger_self_heal(\"SH-01\", reason={\"air\": air, \"psi\": prev_psi})\n return {\"air\": air}\n\ndef trigger_self_heal(playbook_id, reason):\n # POST signed event to governance bus \u2192 triggers rollback + Sev-2 ticket\n ...\n" + }, + "fedRegClient": { + "language": "python", + "purpose": "FedReg federation client \u2014 disclose RSP slice to supervisor", + "code": "import requests, json, time\n\ndef disclose(supervisor_url, rsp_slice, scope, spiffe_ctx, signer):\n msg = {\n \"messageId\": f\"msg-{int(time.time()*1000)}\",\n \"fromSpiffeId\": spiffe_ctx.self_id,\n \"toSpiffeId\": spiffe_ctx.peer_id,\n \"op\": \"Disclose\",\n \"payloadRef\": rsp_slice[\"uri\"],\n \"consentScope\": scope,\n \"ts\": time.strftime(\"%Y-%m-%dT%H:%M:%SZ\", time.gmtime()),\n }\n body = json.dumps(msg, sort_keys=True).encode()\n msg[\"signatures\"] = signer(body)\n return requests.post(supervisor_url + \"/fedreg/v1/messages\",\n json=msg, cert=spiffe_ctx.mtls_cert).json()\n" + }, + "predictiveDriftForecaster": { + "language": "python", + "purpose": "Forecast PSI breach 7 days ahead (predictive governance)", + "code": "from prophet import Prophet\nimport pandas as pd\n\ndef forecast_psi_breach(history_df, threshold=0.2, horizon=7):\n m = Prophet(interval_width=0.95).fit(history_df.rename(columns={\"date\":\"ds\",\"psi\":\"y\"}))\n future = m.make_future_dataframe(periods=horizon)\n fcst = m.predict(future)\n breach = fcst[fcst[\"yhat\"] > threshold].head(1)\n return None if breach.empty else {\n \"predictedBreachAt\": str(breach.iloc[0][\"ds\"].date()),\n \"expectedPsi\": float(breach.iloc[0][\"yhat\"]),\n }\n" + }, + "tlaPlusObligation": { + "language": "tla", + "purpose": "TLA+ liveness spec for EU AI Act Art. 73 incident reporting", + "code": "-------------- MODULE Art73Reporting --------------\nEXTENDS Naturals, TLC\nVARIABLES status, notifiedAt, detectedAt\nInit == /\\ status = \"open\" /\\ notifiedAt = 0 /\\ detectedAt = 0\nReport == /\\ status = \"open\" /\\ status' = \"reported\"\n /\\ notifiedAt' = detectedAt + 15\nLiveness == <>(status = \"reported\" /\\ notifiedAt - detectedAt <= 15)\nSpec == Init /\\ [][Report]_<> /\\ Liveness\n====\n" + }, + "leanFcraSpec": { + "language": "lean", + "purpose": "Lean spec for FCRA \u00a7615 adverse-action obligation", + "code": "import data.real.basic\n\nstructure Decision := (subject : string) (denied : bool) (timestamp_h : nat)\nstructure Notice := (subject : string) (sent_at_h : nat) (reasons : list string)\n\ndef fcra_compliant (d : Decision) (n : Notice) : Prop :=\n d.subject = n.subject\n \u2227 d.denied = tt\n \u2227 n.sent_at_h \u2264 d.timestamp_h + 30 * 24\n \u2227 n.reasons.length \u2265 1\n\ntheorem fcra_demo :\n \u2200 d n, d.denied = tt \u2192 fcra_compliant d n \u2192 n.reasons.length \u2265 1 :=\n\u03bb d n h1 hc, hc.2.2.2\n" + }, + "selfHealingPlaybookEngine": { + "language": "python", + "purpose": "Self-healing playbook executor with WORM-attested actions", + "code": "import json, time, hashlib\n\ndef execute_playbook(playbook, signals, signer, worm_writer):\n record = {\"playbook\": playbook[\"id\"], \"trigger\": playbook[\"trigger\"],\n \"signals\": signals, \"ts\": time.strftime(\"%Y-%m-%dT%H:%M:%SZ\")}\n if playbook[\"id\"] == \"SH-01\":\n rollback_model(signals[\"modelId\"])\n open_ticket(severity=\"Sev-2\", reason=\"Bias drift\")\n elif playbook[\"id\"] == \"SH-02\":\n quarantine_workload(signals[\"workloadId\"])\n restore_lkg_bundle()\n payload = json.dumps(record, sort_keys=True).encode()\n record[\"digest\"] = hashlib.sha256(payload).hexdigest()\n record[\"signature\"] = signer(payload)\n worm_writer.write(record)\n return record\n\ndef rollback_model(*a, **k): ...\ndef open_ticket(*a, **k): ...\ndef quarantine_workload(*a, **k): ...\ndef restore_lkg_bundle(*a, **k): ...\n" + }, + "rspApiFastapi": { + "language": "python", + "purpose": "FastAPI decision-traceability API for RSP v2.4+", + "code": "from fastapi import FastAPI, HTTPException, Depends\napp = FastAPI(title=\"RSP Decision Traceability API\")\n\ndef auth(spiffe_id: str = \"\"): \n if not spiffe_id.startswith(\"spiffe://supervisor.\"):\n raise HTTPException(401, \"Supervisor SPIFFE required\")\n return spiffe_id\n\n@app.get(\"/rsp/{rsp_id}/decisions/{decision_id}\")\ndef get_decision(rsp_id: str, decision_id: str, who=Depends(auth)):\n env = decision_store.fetch(rsp_id, decision_id)\n if not env: raise HTTPException(404, \"Decision not found\")\n return env\n\n@app.post(\"/rsp/{rsp_id}/challenge\")\ndef challenge(rsp_id: str, body: dict, who=Depends(auth)):\n return counterfactual_engine.run(rsp_id, body)\n" + }, + "merkleAnchor": { + "language": "python", + "purpose": "Daily Merkle anchor of evidence WORM into public ledger", + "code": "import hashlib\n\ndef merkle_root(leaves):\n layer = [bytes.fromhex(l) for l in leaves]\n while len(layer) > 1:\n if len(layer) % 2: layer.append(layer[-1])\n layer = [hashlib.sha256(layer[i]+layer[i+1]).digest() for i in range(0,len(layer),2)]\n return layer[0].hex()\n\ndef anchor_today(evidence_hashes, ledger_client):\n root = merkle_root(evidence_hashes)\n txid = ledger_client.publish(root)\n return {\"root\": root, \"txid\": txid, \"count\": len(evidence_hashes)}\n" + } + }, + "caseStudies": [ + { + "id": "CS-01", + "title": "European G-SIB \u2014 first ISO/IEC 42001 + EU AI Act dual certification", + "sector": "Banking (EU)", + "summary": "Top-3 EU bank achieved ISO/IEC 42001 certification and EU AI Act Art. 43 conformity for AI-CR-UNDERWRITE-01 concurrently.", + "outcomes": { + "rspVersion": "v2.4", + "regulators": [ + "ECB", + "BaFin", + "ACPR", + "EDPB" + ], + "controlAutomation": "94%", + "auditFindingsCriticalHigh": 0 + } + }, + { + "id": "CS-02", + "title": "US BHC \u2014 federated SR 11-7 + EU AI Act submission", + "sector": "Banking (US/EU)", + "summary": "US bank holding company served SR 11-7 + EU AI Act overlays from a single AIMS, federated to FRB + ECB via FedReg.", + "outcomes": { + "rspVersion": "v2.2 \u2192 v2.4", + "supervisorCount": 5, + "decisionTraceability": "99.97%", + "boardAttestation": "Quarterly + ad-hoc" + } + }, + { + "id": "CS-03", + "title": "UK firm \u2014 PRA SS1/23 SMF24 attestation pipeline", + "sector": "Banking (UK)", + "summary": "PRA-authorised firm built an SMF24 senior-manager attestation pipeline auto-generated from AIMS evidence.", + "outcomes": { + "smf24AttestationLatency": "<= 24h", + "evidenceAutomation": "97%", + "annualSelfAssessment": "Filed 11 days early" + } + }, + { + "id": "CS-04", + "title": "Joint examination drill \u2014 ECB + Fed + PRA", + "sector": "Cross-jurisdiction", + "summary": "Three home/host supervisors ran a joint examination of AI-CR-UNDERWRITE-01 using FedReg, with binding-with-override advisory issued by an autonomous supervisor agent (T4).", + "outcomes": { + "totalQueries": 412, + "averageReplyLatency": "27 minutes", + "challengePassRate": "98.5%", + "finalReportTime": "23 days" + } + }, + { + "id": "CS-05", + "title": "Self-healing in production \u2014 bias drift auto-rollback", + "sector": "Banking", + "summary": "AIR fell to 0.81 on a protected attribute; SH-01 auto-rolled back the model within 4 minutes, opened Sev-2, and filed a customer-impact pre-warning to Internal Audit.", + "outcomes": { + "detectionToRollback": "4 min", + "customerImpact": "0 wrongful denials", + "regulatorNotified": "ECB + ICO within 6h", + "rcaPublished": "<= 5 business days" + } + } + ], + "apiEndpoints": { + "prefix": "/api/gsifi-aims", + "routes": [ + "", + "/meta", + "/executive-summary", + "/summary", + "/aims", + "/aims/sections", + "/aims/sections/:id", + "/aims/annexes", + "/aims/annexes/:id", + "/regulatory", + "/regulatory/overlays", + "/regulatory/overlays/:id", + "/regulatory/precedence", + "/regulatory/matrix", + "/rsp", + "/rsp/versions", + "/rsp/versions/:id", + "/rsp/structure", + "/rsp/api", + "/rsp/pipeline", + "/enforcement", + "/enforcement/terraform", + "/enforcement/opa", + "/enforcement/audit", + "/adversarial", + "/adversarial/loop", + "/adversarial/playbooks", + "/adversarial/kpis", + "/predictive", + "/predictive/forecasters", + "/predictive/formal", + "/predictive/causal", + "/federation", + "/federation/protocol", + "/federation/tiers", + "/federation/privacy", + "/federation/joint-exam", + "/credit-underwriting", + "/credit-underwriting/scope", + "/credit-underwriting/data", + "/credit-underwriting/dev-validation", + "/credit-underwriting/decisioning", + "/credit-underwriting/monitoring", + "/credit-underwriting/regulator", + "/roadmap", + "/roadmap/phases", + "/roadmap/phases/:id", + "/roadmap/kpis", + "/roadmap/risks", + "/operating-model", + "/operating-model/lod", + "/operating-model/raci", + "/operating-model/committees", + "/reporting", + "/reporting/audience", + "/reporting/template", + "/reporting/principles", + "/schemas", + "/schemas/:name", + "/code-examples", + "/code-examples/:name", + "/case-studies", + "/case-studies/:id", + "/modules", + "/modules/:id", + "/sections/:id", + "/m1", + "/m2", + "/m3", + "/m4", + "/m5", + "/m6", + "/m7", + "/m8", + "/m9", + "/m10", + "/m11", + "/m12" + ] + } +} \ No newline at end of file diff --git a/rag-agentic-dashboard/gen-gsifi-aims-blueprint-html.py b/rag-agentic-dashboard/gen-gsifi-aims-blueprint-html.py new file mode 100644 index 0000000..7da8dd0 --- /dev/null +++ b/rag-agentic-dashboard/gen-gsifi-aims-blueprint-html.py @@ -0,0 +1,406 @@ +#!/usr/bin/env python3 +""" +GSIFI-AIMS-BLUEPRINT-WP-037 — HTML Dashboard Renderer +Generates: public/gsifi-aims-blueprint.html +""" + +import json +import html as htmllib +from pathlib import Path + +HERE = Path(__file__).parent +SRC = HERE / "data" / "gsifi-aims-blueprint.json" +OUT = HERE / "public" / "gsifi-aims-blueprint.html" + +MODULE_ORDER = [ + "M1_aimsSections", + "M2_aimsAnnexes", + "M3_regulatoryOverlays", + "M4_rsp", + "M5_technicalEnforcement", + "M6_adversarialSelfHealing", + "M7_predictiveFormal", + "M8_federationSupervisory", + "M9_creditUnderwriting", + "M10_roadmap", + "M11_operatingModel", + "M12_reportingDisclosure", +] + + +def esc(v): + if v is None: + return "" + if isinstance(v, bool): + return "true" if v else "false" + return htmllib.escape(str(v)) + + +def kv_table(d): + rows = "".join( + f"{esc(k)}{render_value(v)}" + for k, v in d.items() + ) + return f"{rows}
" + + +def render_value(v): + if isinstance(v, dict): + return kv_table(v) + if isinstance(v, list): + if not v: + return "" + if all(isinstance(x, (str, int, float, bool)) for x in v): + return "" + if all(isinstance(x, dict) for x in v): + keys = [] + for d in v: + for k in d.keys(): + if k not in keys: + keys.append(k) + head = "".join(f"{esc(k)}" for k in keys) + body = "" + for d in v: + body += "" + "".join( + f"{render_value(d.get(k, ''))}" for k in keys + ) + "" + return ( + f"{head}" + f"{body}
" + ) + return "" + return esc(v) + + +def render_section(sec): + sid = sec.get("id", "") + title = sec.get("title", "") + html = [f"
"] + html.append(f"

{esc(sid)} · {esc(title)}

") + for key, val in sec.items(): + if key in ("id", "title"): + continue + html.append( + f"

{esc(key)}

{render_value(val)}
" + ) + html.append("
") + return "\n".join(html) + + +def render_module(mod): + mid = mod.get("id", "") + title = mod.get("title", "") + summary = mod.get("summary", "") + sections = mod.get("sections", []) or [] + html = [f"
"] + html.append(f"

{esc(mid)} · {esc(title)}

") + if summary: + html.append(f"

{esc(summary)}

") + for sec in sections: + html.append(render_section(sec)) + html.append("
") + return "\n".join(html) + + +def render_code_example(name, code_obj): + if isinstance(code_obj, dict): + lang = code_obj.get("language", "") + purpose = code_obj.get("purpose", "") + body = code_obj.get("code", "") + meta_line = ( + f"
{esc(lang)} · " + f"{esc(purpose)}
" + ) + return ( + f"
{esc(name)}" + f"{meta_line}
{esc(body)}
" + ) + return ( + f"
{esc(name)}" + f"
{esc(code_obj)}
" + ) + + +def main(): + data = json.loads(SRC.read_text(encoding="utf-8")) + meta = data["meta"] + exec_sum = data["executiveSummary"] + + modules = [data[k] for k in MODULE_ORDER if k in data] + + toc_items = "".join( + f"
  • " + f"{esc(m['id'])} · {esc(m['title'].split('—')[-1].strip()[:48])}" + f"
    • " + for m in modules + ) + toc_items += ( + "
  • Schemas
    • " + "
  • Code Examples
    • " + "
  • Case Studies
    • " + "
  • Regulatory Alignment
    • " + "
  • API Endpoints
    • " + ) + + modules_html = "\n".join(render_module(m) for m in modules) + + schemas_html = "" + for name, sch in data.get("schemas", {}).items(): + schemas_html += ( + f"
    {esc(name)}" + f"
    {esc(json.dumps(sch, indent=2))}
    " + ) + + code_html = "" + for name, code in data.get("codeExamples", {}).items(): + code_html += render_code_example(name, code) + + cs_html = "" + for cs in data.get("caseStudies", []): + outcomes = cs.get("outcomes", {}) + outcomes_html = ( + kv_table(outcomes) if isinstance(outcomes, dict) + else render_value(outcomes) + ) + cs_html += ( + f"

    {esc(cs.get('id',''))} · {esc(cs.get('title',''))}

    " + f"

    Sector: {esc(cs.get('sector',''))}

    " + f"

    {esc(cs.get('summary',''))}

    " + f"

    Outcomes

    {outcomes_html}
    " + "
    " + ) + + reg = meta.get("regulatoryAlignment", []) + reg_html = ( + "" + if isinstance(reg, list) else esc(reg) + ) + + audience = meta.get("audience", []) + audience_html = ( + "" + if isinstance(audience, list) else esc(audience) + ) + + subject = meta.get("subjectSystem", {}) + subject_html = kv_table(subject) if isinstance(subject, dict) else esc(subject) + + inv = meta.get("deliverableInventory", {}) + inv_html = kv_table(inv) if isinstance(inv, dict) else esc(inv) + + api = data.get("apiEndpoints", {"prefix": "/api/gsifi-aims", "routes": []}) + api_items = "".join( + f"
  • {esc(api['prefix'])}{esc(r)}
    • " + for r in api.get("routes", []) + ) + + n_modules = len(modules) + total_sections = sum(len(m.get("sections", []) or []) for m in modules) + n_schemas = len(data.get("schemas", {})) + n_code = len(data.get("codeExamples", {})) + n_cs = len(data.get("caseStudies", [])) + n_routes = len(api.get("routes", [])) + n_overlays = len( + data.get("M3_regulatoryOverlays", {}) + .get("sections", [{}])[0] + .get("overlays", []) + ) + n_rsp_versions = len( + data.get("M4_rsp", {}) + .get("sections", [{}])[0] + .get("versions", []) + ) + n_phases = len( + data.get("M10_roadmap", {}) + .get("sections", [{}])[0] + .get("phases", []) + ) + n_kpis = len( + data.get("M10_roadmap", {}) + .get("sections", [{}, {}])[1] + .get("kpis", []) + ) + + page = f""" + + + + +{esc(meta.get('docRef',''))} — {esc(meta.get('title',''))} + + + + +
    +
    {esc(meta.get('docRef',''))} · {esc(meta.get('classification',''))}
    +

    {esc(meta.get('title',''))}

    +

    {esc(meta.get('subtitle',''))}

    +
    + Version {esc(meta.get('version',''))} + Date {esc(meta.get('date',''))} + Horizon {esc(meta.get('horizon',''))} + ISO/IEC 42001 AIMS + EU AI Act Annex III §5(b) + GDPR Art. 22 + SR 11-7 / OCC 2011-12 + PRA SS1/23 + ECB SSM + FCRA / ECOA + RSP v2.6 ready +
    +
    +
    {n_modules}
    Modules
    +
    {total_sections}
    Sections
    +
    5
    AIMS Sections (1–5)
    +
    4
    Annexes (J1–J4)
    +
    {n_overlays}
    Regulatory Overlays
    +
    {n_rsp_versions}
    RSP Versions
    +
    {n_phases}
    Phases
    +
    {n_kpis}
    KPIs
    +
    {n_schemas}
    Schemas
    +
    {n_code}
    Code Examples
    +
    {n_cs}
    Case Studies
    +
    {n_routes}
    API Routes
    +
    +
    + +
    +
    +

    Executive Summary

    + {kv_table(exec_sum)} +
    + +
    +

    Document Metadata

    + {kv_table({k: v for k, v in meta.items() + if k not in ('audience', 'regulatoryAlignment', + 'subjectSystem', 'deliverableInventory')})} +
    +

    Audience

    + {audience_html} +
    +
    +

    Subject System

    + {subject_html} +
    +
    +

    Deliverable Inventory

    + {inv_html} +
    +
    + + {modules_html} + +
    +

    Regulatory Alignment

    + {reg_html} +
    + +
    +

    JSON Schemas

    +

    {n_schemas} schemas: AI System Inventory, RSP Manifest, Decision Envelope, Control Mapping, FRIA, Incident Record, FedReg Message, Obligation Spec.

    + {schemas_html} +
    + +
    +

    Code Examples

    +

    {n_code} reference implementations: OPA RSP gate, Terraform WORM evidence, decision envelope signer (Ed25519 + PQC), fairness monitor, FedReg client, predictive drift forecaster, TLA+ obligation spec, Lean FCRA spec, self-healing playbook engine, FastAPI traceability API, Merkle anchor.

    + {code_html} +
    + +
    +

    Case Studies

    +

    {n_cs} reference deployments: EU G-SIB dual ISO/EU AI Act certification, US BHC federated SR 11-7+EU AI Act, UK PRA SS1/23 SMF24 attestation, joint ECB+Fed+PRA examination, self-healing bias drift auto-rollback.

    + {cs_html} +
    + +
    +

    API Endpoints

    +

    Prefix: {esc(api.get('prefix',''))} · Total planned: {n_routes}

    +
      {api_items}
    +
    +
    +
    + © {esc(meta.get('docRef',''))} v{esc(meta.get('version',''))} · + {esc(meta.get('date',''))} · {esc(meta.get('classification',''))} · + Owner: {esc(meta.get('owner',''))} +
    + + +""" + OUT.parent.mkdir(parents=True, exist_ok=True) + OUT.write_text(page, encoding="utf-8") + size_kb = OUT.stat().st_size // 1024 + print(f"Wrote {OUT} ({size_kb} KB)") + print(f"Modules: {n_modules} | Sections: {total_sections} | " + f"Schemas: {n_schemas} | Code: {n_code} | Cases: {n_cs} | Routes: {n_routes}") + + +if __name__ == "__main__": + main() diff --git a/rag-agentic-dashboard/gen-gsifi-aims-blueprint.py b/rag-agentic-dashboard/gen-gsifi-aims-blueprint.py new file mode 100644 index 0000000..9f4a563 --- /dev/null +++ b/rag-agentic-dashboard/gen-gsifi-aims-blueprint.py @@ -0,0 +1,1716 @@ +#!/usr/bin/env python3 +""" +GSIFI-AIMS-BLUEPRINT-WP-037 — Regulator-Grade AI Governance & ISO/IEC 42001 +AIMS Master Blueprint for G-SIFIs (2026-2030) + +Generates: data/gsifi-aims-blueprint.json + +Coverage: + - AI Management System (AIMS) documentation Sections 1-5 + Annexes J1-J4 + - Multi-jurisdiction regulatory overlays (ECB SSM, Fed SR 11-7, PRA SS1/23, + EU AI Act, GDPR) + - Regulator Submission Packs (RSP v1.0 -> v2.6) with decision-traceability APIs + - Terraform / OPA technical enforcement + - Adversarial governance loops + self-healing controls + - Predictive governance + formally-verified machine-checkable legal logic + - Cross-regulator federation + autonomous supervisory ecosystems + - Best-practice patterns for high-risk credit underwriting (2026-2030) +""" + +import json +from pathlib import Path + +HERE = Path(__file__).parent +OUT = HERE / "data" / "gsifi-aims-blueprint.json" + + +# ────────────────────────────────────────────────────────────────────────────── +# META +# ────────────────────────────────────────────────────────────────────────────── +def meta(): + return { + "docRef": "GSIFI-AIMS-BLUEPRINT-WP-037", + "version": "1.0.0", + "date": "2026-04-30", + "title": ( + "Regulator-Grade AI Governance & ISO/IEC 42001 AIMS Master " + "Blueprint for G-SIFIs (2026-2030)" + ), + "subtitle": ( + "Design and implementation roadmap for ISO/IEC 42001-aligned AI " + "Management Systems, multi-jurisdiction regulatory overlays, " + "Regulator Submission Packs (RSP v1.0-v2.6), Terraform/OPA " + "technical enforcement, adversarial and self-healing governance " + "loops, predictive governance with formally-verified legal logic, " + "cross-regulator federation, and autonomous supervisory " + "ecosystems for high-risk credit underwriting." + ), + "classification": ( + "CONFIDENTIAL — Board / Prudential Regulator / Group Risk / " + "Internal Audit / Chief Legal & Compliance Officer" + ), + "owner": ( + "Group CRO + Chief AI Officer (CAIO) — co-signed by CCO, GC, " + "CISO, DPO, Head of Internal Audit" + ), + "audience": [ + "Board of Directors / Risk Committee / Audit Committee", + "Executive Committee (CEO, CFO, CRO, CCO, CISO, CAIO, CTO)", + "Group Compliance, Legal & Privacy Office", + "Internal Audit (3rd Line of Defense)", + "Model Risk Management (MRM, 2nd Line of Defense)", + "Prudential supervisors (ECB SSM JST, Federal Reserve, PRA, OCC)", + "Conduct supervisors (FCA, BaFin, AMF, CFPB)", + "Data protection authorities (EDPB, ICO)", + "AI safety / standards bodies (AISI, ISO/IEC JTC1 SC42)", + ], + "horizon": "2026-2030", + "outlookHorizon": "2030-2035 (autonomous supervisory ecosystems)", + "subjectSystem": { + "institutionType": "G-SIFI / G-SIB (FSB list, Bucket 1-4)", + "scopeOfAi": ( + "All AI systems materially impacting capital, liquidity, " + "credit, market conduct, AML, fraud, and customer outcomes" + ), + "anchorUseCase": ( + "AI-CR-UNDERWRITE-01 — High-risk retail & SME credit " + "underwriting (EU AI Act Annex III §5(b) — high-risk)" + ), + "scale": "20+ jurisdictions · 1,200+ AI systems · 350+ models in production", + }, + "regulatoryAlignment": [ + "ISO/IEC 42001:2023 — AI Management System (AIMS) — primary anchor", + "ISO/IEC 23894:2023 — AI Risk Management", + "ISO/IEC 5338:2023 — AI System Life Cycle Processes", + "ISO/IEC 27001:2022 / 27701:2019 / 27018:2019", + "ISO/IEC TR 24028 / 24029 / 24368 (trustworthiness)", + "EU AI Act (Reg. (EU) 2024/1689) — Art. 6, 9, 10, 12, 13, 14, 15, 17, " + "26, 27, 49, 53, 55, 72, 73; Annex III §5(b)", + "GDPR (Reg. (EU) 2016/679) — Art. 5, 6, 9, 22, 25, 32, 33, 34, 35", + "ECB SSM Guide on internal models (2024) + Targeted Review of " + "Internal Models (TRIM) AI extensions", + "Federal Reserve SR 11-7 / OCC 2011-12 — Model Risk Management", + "PRA SS1/23 — Model Risk Management Principles for Banks (UK)", + "PRA SS2/21 — Outsourcing & third-party risk management", + "FCA Consumer Duty (PS22/9) + AI/ML discussion paper DP5/22", + "Basel III/IV — CRR3 / CRD6 — ICAAP Pillar 2 AI add-on", + "FCRA (US) §604/§615 + ECOA / Reg B §1002 (adverse action)", + "CFPB Circular 2023-03 (algorithmic adverse-action notices)", + "NIST AI RMF 1.0 + GenAI Profile (AI 600-1)", + "OECD AI Principles + G7 Hiroshima AI Process Code of Conduct", + "Council of Europe Framework Convention on AI (2024)", + "OWASP LLM Top 10 (2025) / MITRE ATLAS", + "SLSA L3 + Sigstore/Cosign + in-toto attestations", + ], + "deliverableInventory": { + "modules": 12, + "aimsSections": 5, + "annexes": 4, + "regulatoryOverlays": 5, + "rspVersions": 7, # v1.0, v1.5, v2.0, v2.2, v2.4, v2.5, v2.6 + "schemas": 8, + "codeExamples": 11, + "caseStudies": 5, + "phases": 5, + "kpis": 16, + "controls": 280, + }, + } + + +# ────────────────────────────────────────────────────────────────────────────── +# EXECUTIVE SUMMARY +# ────────────────────────────────────────────────────────────────────────────── +def executive_summary(): + return { + "purpose": ( + "Provide G-SIFI boards, regulators, and supervisors a " + "regulator-grade, ISO/IEC 42001-anchored master blueprint that " + "operationalises AI governance across all jurisdictions in which " + "the institution operates, with machine-checkable legal logic " + "and autonomous supervisory federation by 2030." + ), + "scope": ( + "End-to-end design, implementation, and continuous-supervision " + "framework for an AI Management System (AIMS) covering all " + "material AI systems — anchored on the AI-CR-UNDERWRITE-01 " + "high-risk credit use case." + ), + "designPrinciples": [ + "ISO/IEC 42001 as the operating standard, regulator overlays as policy bundles", + "Compliance-as-code: every control has Terraform + OPA enforcement", + "Decision-traceability: every model decision is reproducible from a signed envelope", + "Self-healing governance: detect-then-remediate loops with cryptographic evidence", + "Predictive governance: forecast control breaches before they occur", + "Formally-verified legal logic: TLA+/Lean specs of obligations", + "Federation by default: cross-regulator API with consented disclosure", + "Adversarial assurance: continuous red-teaming of both models and controls", + ], + "headlineKpis": { + "timeToRegulatorApprovedDeployment": "<= 14 days (RSP v2.4+)", + "rspGenerationLatency": "<= 30 minutes (auto-assembled, signed)", + "decisionTraceabilityCoverage": ">= 99.95% of AI decisions", + "controlAutomationRate": ">= 95% (Terraform + OPA enforced)", + "evidenceAutomation": ">= 96% (no human evidence collection for L1/L2 controls)", + "fairnessAirFloor": ">= 0.85 (FCRA / ECOA / EU AI Act Art. 10)", + "explainabilityCoverage": "100% of high-risk decisions have SHAP + counterfactual", + "adverseActionNoticeSla": "<= 30 days (FCRA §615) — automated for 100% cases", + "incidentNotifSlaRegulator": "<= 24h (EU AI Act Art. 73) / 72h (GDPR Art. 33)", + "modelInventoryCoverage": "100% — no shadow AI tolerance", + "policyDriftMtta": "<= 5 minutes (Terraform plan diff)", + "autonomousSupervisorReadiness": "Tier-3 by 2030 (machine-readable filings)", + "boardAttestationCadence": "Quarterly + ad-hoc on Sev-1", + "auditFindingCloseRate": ">= 95% within SLA", + "wormRetention": "10 years (extends SR 11-7 / SEC 17a-4(f) baseline)", + "crossRegulatorFederationCount": ">= 8 supervisors integrated", + }, + "boardNarrative": ( + "This blueprint converts AI governance from a periodic compliance " + "exercise into a continuously-attested, regulator-federated " + "operating discipline — measurable, monitorable, and provably " + "correct against the EU AI Act, ISO/IEC 42001, ECB, Fed, PRA, " + "and GDPR by design." + ), + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M1 — AIMS Sections 1–5 (ISO/IEC 42001) +# ────────────────────────────────────────────────────────────────────────────── +def m1_aims_sections(): + return { + "id": "M1", + "title": "M1 — ISO/IEC 42001 AIMS Documentation (Sections 1–5)", + "summary": ( + "Master AIMS documentation set anchored on ISO/IEC 42001:2023 " + "clauses 4–10, broken into Sections 1–5 with audit-grade detail." + ), + "sections": [ + { + "id": "M1-S1", + "title": "Section 1 — Context of the Organization (Cl. 4)", + "iso42001Clauses": ["4.1", "4.2", "4.3", "4.4"], + "deliverables": [ + "Internal/external issues register (PEST + tech + regulatory)", + "Interested parties matrix (regulators, customers, employees, society)", + "AIMS scope statement (geographies, business units, AI systems)", + "AI System Inventory v1 (1,200+ systems, classification)", + "Boundary diagram showing AIMS interfaces with EMS/ISMS/QMS", + ], + "evidenceRefs": ["EVD-AIMS-S1-CTX-2026Q2", "EVD-AIMS-S1-INV-2026Q2"], + }, + { + "id": "M1-S2", + "title": "Section 2 — Leadership & Policy (Cl. 5)", + "iso42001Clauses": ["5.1", "5.2", "5.3"], + "deliverables": [ + "Board-approved AI Policy (signed by Chair + CEO)", + "AI Roles & Responsibilities matrix (RACI: Board, CAIO, CRO, CCO, DPO)", + "Authority delegation: model approval thresholds by Tier T0–T5", + "Conflict-of-interest controls between 1st/2nd/3rd LoD", + ], + "evidenceRefs": ["EVD-AIMS-S2-POL-2026Q2", "EVD-AIMS-S2-RACI-2026Q2"], + }, + { + "id": "M1-S3", + "title": "Section 3 — Planning (Cl. 6)", + "iso42001Clauses": ["6.1", "6.2", "6.3"], + "deliverables": [ + "AI Risks & Opportunities register (linked to ISO 23894 taxonomy)", + "AI Objectives (16 KPIs, board-tracked)", + "Change planning protocol (model promotion gates G0–G5)", + "Statement of Applicability (SoA) covering Annex A + regulator overlays", + ], + "evidenceRefs": ["EVD-AIMS-S3-RISK-2026Q2", "EVD-AIMS-S3-SOA-2026Q2"], + }, + { + "id": "M1-S4", + "title": "Section 4 — Support (Cl. 7)", + "iso42001Clauses": ["7.1", "7.2", "7.3", "7.4", "7.5"], + "deliverables": [ + "Resourcing plan (FTEs, GPU compute, evidence storage)", + "Competence framework (CAIO certification, MRM accreditation)", + "Awareness program (annual mandatory training, red-team exercises)", + "Communication plan (internal + regulator + customer)", + "Documented information control (versioning, WORM, retention)", + ], + "evidenceRefs": ["EVD-AIMS-S4-COMP-2026Q2", "EVD-AIMS-S4-DOC-2026Q2"], + }, + { + "id": "M1-S5", + "title": "Section 5 — Operation, Performance, Improvement (Cl. 8–10)", + "iso42001Clauses": ["8.1", "8.2", "8.3", "9.1", "9.2", "9.3", "10.1", "10.2"], + "deliverables": [ + "Operational planning & control (life-cycle SOPs per ISO 5338)", + "AI impact assessment process (GDPR DPIA + EU AI Act FRIA)", + "Performance evaluation (KPI dashboard, internal audit plan)", + "Management review minutes (quarterly, board-attested)", + "Continual improvement loop (CAPA register, RCA)", + ], + "evidenceRefs": [ + "EVD-AIMS-S5-OPS-2026Q2", + "EVD-AIMS-S5-MR-2026Q2", + "EVD-AIMS-S5-CAPA-2026Q2", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M2 — AIMS Annexes J1–J4 +# ────────────────────────────────────────────────────────────────────────────── +def m2_aims_annexes(): + return { + "id": "M2", + "title": "M2 — AIMS Annexes J1–J4 (Implementation Detail)", + "summary": ( + "Four institution-specific annexes extending ISO/IEC 42001 " + "Annex A/B with G-SIFI-grade depth." + ), + "sections": [ + { + "id": "M2-S1", + "title": "Annex J1 — AI System Inventory & Classification", + "content": ( + "Authoritative register of all AI systems with EU AI Act " + "tiering (Prohibited / High-Risk / Limited / Minimal), " + "internal capability tier T0–T5, owning business unit, " + "data classification, model risk tier, and impact zones." + ), + "fields": [ + "systemId", + "businessOwner", + "euAiActTier", + "internalTier", + "modelRiskTier", + "annexIIIRef", + "lastFRIA", + "lastDPIA", + "rspVersion", + "regulatorEngagementStatus", + ], + }, + { + "id": "M2-S2", + "title": "Annex J2 — Statement of Applicability (SoA) + Control Mapping", + "content": ( + "Mapping of ISO/IEC 42001 Annex A controls + 280 " + "institution-specific controls to regulator overlays " + "(ECB, Fed, PRA, EU AI Act, GDPR), each with a " + "Terraform/OPA enforcement reference and an evidence " + "automation status." + ), + "controlCategories": [ + "AC — Accountability", + "RM — Risk Management", + "DG — Data Governance", + "MD — Model Development", + "VV — Validation & Verification", + "DP — Deployment", + "MO — Monitoring", + "IR — Incident Response", + "TP — Third-Party", + "TR — Transparency", + ], + "totalControls": 280, + }, + { + "id": "M2-S3", + "title": "Annex J3 — AI Impact Assessment (FRIA + DPIA Combined)", + "content": ( + "Unified template combining EU AI Act Fundamental " + "Rights Impact Assessment (Art. 27) with GDPR DPIA " + "(Art. 35) and SR 11-7 model materiality assessment." + ), + "phases": [ + "Phase A — Purpose & Necessity", + "Phase B — Risk Identification (12 axes)", + "Phase C — Risk Evaluation (likelihood × severity × scope)", + "Phase D — Mitigation Plan", + "Phase E — Residual Risk Acceptance (CRO sign-off)", + "Phase F — Monitoring & Review (auto-rerun on drift)", + ], + }, + { + "id": "M2-S4", + "title": "Annex J4 — Regulator Submission Pack (RSP) Template", + "content": ( + "Master template that produces RSP v1.0–v2.6 with " + "decision-traceability links, model cards, eval results, " + "monitoring telemetry, and signed attestations." + ), + "rspContents": [ + "Cover & Executive Summary", + "Model Card (Mitchell+ format extended)", + "Data Sheet (Gebru+ format extended)", + "FRIA + DPIA", + "Validation Report (independent 2nd LoD sign-off)", + "Monitoring Plan + KPI baseline", + "Incident Response Plan (model-specific)", + "Decision Traceability API endpoint + sample decisions", + "Cryptographic attestation bundle (Sigstore + Rekor)", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M3 — Multi-Jurisdiction Regulatory Overlays +# ────────────────────────────────────────────────────────────────────────────── +def m3_regulatory_overlays(): + return { + "id": "M3", + "title": "M3 — Multi-Jurisdiction Regulatory Overlays", + "summary": ( + "Five regulator overlays applied as policy bundles on top of the " + "ISO/IEC 42001 baseline." + ), + "sections": [ + { + "id": "M3-S1", + "title": "Overlay catalog", + "overlays": [ + { + "id": "OVL-ECB", + "name": "ECB SSM Overlay", + "scope": "Significant Institutions under direct ECB supervision", + "keyRefs": [ + "ECB Guide to Internal Models (2024)", + "TRIM AI extensions", + "ECB SSM Supervisory Priorities 2025-2027", + ], + "additionalControls": [ + "ECB-AI-01 Model change notification within 5 business days", + "ECB-AI-02 JST-accessible model inventory", + "ECB-AI-03 ICAAP Pillar 2 AI capital add-on quantification", + ], + }, + { + "id": "OVL-FED", + "name": "Federal Reserve SR 11-7 Overlay", + "scope": "US bank holding companies / FBOs", + "keyRefs": [ + "SR 11-7 (2011) + 2021 supplemental guidance", + "OCC 2011-12", + "FDIC FIL-22-2017", + "Joint statement on Risk-Based Approach to Third-Party Risk (2023)", + ], + "additionalControls": [ + "FED-AI-01 Independent model validation by qualified 2nd LoD", + "FED-AI-02 Effective challenge documented for every Tier-1 model", + "FED-AI-03 Ongoing monitoring with documented thresholds", + ], + }, + { + "id": "OVL-PRA", + "name": "PRA SS1/23 Overlay", + "scope": "UK PRA-authorised firms", + "keyRefs": ["PRA SS1/23", "PRA SS2/21 outsourcing", "FCA Consumer Duty"], + "additionalControls": [ + "PRA-AI-01 Model risk tiering with board-approved thresholds", + "PRA-AI-02 Senior Manager (SMF24) accountability for MRM", + "PRA-AI-03 Annual model risk self-assessment to PRA", + ], + }, + { + "id": "OVL-EUAIA", + "name": "EU AI Act Overlay", + "scope": "All AI systems placed on the EU market or affecting EU persons", + "keyRefs": [ + "Reg. (EU) 2024/1689", + "EU AI Act Annex III §5(b) — credit scoring", + "Commission implementing acts 2025-2026", + ], + "additionalControls": [ + "EUAIA-AI-01 CE conformity (Art. 43) for high-risk systems", + "EUAIA-AI-02 Post-market monitoring (Art. 72) live", + "EUAIA-AI-03 Serious incident reporting within 15 days (Art. 73)", + "EUAIA-AI-04 Registration in EU database (Art. 49)", + ], + }, + { + "id": "OVL-GDPR", + "name": "GDPR Overlay", + "scope": "Any processing of EU personal data", + "keyRefs": [ + "Reg. (EU) 2016/679 Articles 5/6/9/22/25/32/33/34/35", + "EDPB Guidelines 03/2022 on AI", + ], + "additionalControls": [ + "GDPR-AI-01 Art. 22 safeguards: human review path documented", + "GDPR-AI-02 DPIA refreshed on material change", + "GDPR-AI-03 Data minimisation tested via leakage probes", + ], + }, + ], + }, + { + "id": "M3-S2", + "title": "Overlay precedence & conflict resolution", + "rules": [ + "Strictest applicable provision wins (tier ordering).", + "Where overlays diverge on disclosure scope, union of " + "disclosures applies; classification follows the home regulator.", + "Conflict log maintained with Legal sign-off for every override.", + ], + }, + { + "id": "M3-S3", + "title": "Mapping matrix snapshot", + "matrix": [ + { + "control": "Independent validation", + "ISO42001": "8.3", + "ECB": "ECB-AI-01/03", + "Fed": "FED-AI-01/02", + "PRA": "PRA-AI-02", + "EUAIA": "Art. 17 QMS / 43", + "GDPR": "—", + }, + { + "control": "Adverse-action explanation", + "ISO42001": "Annex A 6.2.7", + "ECB": "—", + "Fed": "FCRA §615", + "PRA": "FCA Consumer Duty", + "EUAIA": "Art. 13/86", + "GDPR": "Art. 22", + }, + { + "control": "Post-market monitoring", + "ISO42001": "9.1", + "ECB": "ECB-AI-02", + "Fed": "FED-AI-03", + "PRA": "PRA-AI-03", + "EUAIA": "Art. 72", + "GDPR": "Art. 35(11)", + }, + { + "control": "Incident reporting", + "ISO42001": "10.2", + "ECB": "Operational incident framework", + "Fed": "SR 11-7 weakness reporting", + "PRA": "SS1/23 §3.5", + "EUAIA": "Art. 73", + "GDPR": "Art. 33/34", + }, + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M4 — Regulator Submission Packs RSP v1.0 → v2.6 +# ────────────────────────────────────────────────────────────────────────────── +def m4_rsp(): + return { + "id": "M4", + "title": "M4 — Regulator Submission Packs (RSP v1.0 → v2.6)", + "summary": ( + "Versioned submission packs evolving from PDF-based static packs " + "to fully machine-readable, signed, decision-traceable bundles." + ), + "sections": [ + { + "id": "M4-S1", + "title": "Version roadmap", + "versions": [ + { + "id": "RSP-v1.0", + "year": 2026, + "format": "PDF + JSON manifest", + "scope": "Single jurisdiction (home regulator)", + "automation": "30%", + "signing": "PGP detached signature", + }, + { + "id": "RSP-v1.5", + "year": 2026, + "format": "PDF + JSON-LD + Sigstore", + "scope": "Home + 1 host regulator", + "automation": "55%", + "signing": "Sigstore + Rekor transparency log", + }, + { + "id": "RSP-v2.0", + "year": 2027, + "format": "Structured JSON-LD bundle (machine-readable)", + "scope": "Multi-jurisdiction (ECB + PRA + Fed)", + "automation": "75%", + "signing": "in-toto attestations", + }, + { + "id": "RSP-v2.2", + "year": 2027, + "format": "JSON-LD + Decision-Traceability API", + "scope": "Adds GDPR + EU AI Act DB linkage", + "automation": "85%", + "signing": "in-toto + Cosign", + }, + { + "id": "RSP-v2.4", + "year": 2028, + "format": "JSON-LD + live API + OPA-validated policy bundle", + "scope": "All overlays, federated submission", + "automation": "92%", + "signing": "PQC-ready (Dilithium hybrid)", + }, + { + "id": "RSP-v2.5", + "year": 2029, + "format": "v2.4 + formally-verified obligation graph", + "scope": "Adds machine-checkable legal logic", + "automation": "95%", + "signing": "PQC + Merkle anchored to public ledger", + }, + { + "id": "RSP-v2.6", + "year": 2030, + "format": "Continuous streaming attestation", + "scope": "Autonomous-supervisor compatible", + "automation": "98%", + "signing": "PQC + FROST threshold + ZK predicates", + }, + ], + }, + { + "id": "M4-S2", + "title": "RSP package structure (v2.4+)", + "structure": [ + "/rsp/manifest.jsonld — top-level bundle", + "/rsp/model-card.json", + "/rsp/datasheet.json", + "/rsp/fria-dpia.json", + "/rsp/validation-report.json", + "/rsp/monitoring-plan.json", + "/rsp/incident-plan.json", + "/rsp/decisions/ (signed decision envelopes)", + "/rsp/policy-bundle.tar.gz (OPA bundle)", + "/rsp/attestations/ (in-toto / Cosign / Rekor)", + "/rsp/hash-chain.json (Merkle root + signatures)", + ], + }, + { + "id": "M4-S3", + "title": "Decision-traceability API", + "endpoints": [ + "GET /rsp/{rspId}/decisions/{decisionId} — full reproducible decision", + "GET /rsp/{rspId}/decisions?subjectId=… — subject access", + "GET /rsp/{rspId}/lineage — model + data lineage graph", + "GET /rsp/{rspId}/attestations — verifiable bundle", + "POST /rsp/{rspId}/challenge — supervisor counterfactual probe", + ], + "slas": { + "decisionLookup": "<= 200 ms p95", + "lineageGraph": "<= 1 s p95", + "challengeReply": "<= 5 minutes p95", + }, + "auth": "mTLS + supervisor SPIFFE ID + per-call OPA policy", + }, + { + "id": "M4-S4", + "title": "RSP issuance pipeline", + "stages": [ + "Trigger: model promotion / quarterly cadence / supervisor request", + "Assemble: pull artefacts from registry, evaluator, monitor", + "Validate: OPA policy bundle compliance check", + "Sign: in-toto layout + Cosign + Rekor entry", + "Publish: regulator portal + internal evidence WORM", + "Notify: supervisor + Internal Audit + Board pack", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M5 — Terraform / OPA technical enforcement +# ────────────────────────────────────────────────────────────────────────────── +def m5_technical_enforcement(): + return { + "id": "M5", + "title": "M5 — Terraform + OPA Technical Enforcement", + "summary": ( + "Compliance-as-code substrate enforcing AIMS controls at " + "infrastructure, pipeline, and runtime layers." + ), + "sections": [ + { + "id": "M5-S1", + "title": "Terraform modules", + "modules": [ + {"name": "aims-baseline", "purpose": "VPC/KMS/IAM/WORM-S3/Kafka baseline"}, + {"name": "aims-evidence", "purpose": "Object Lock + Lambda hash-chain anchor"}, + {"name": "aims-runtime", "purpose": "EKS/GKE clusters + admission controllers"}, + {"name": "aims-supervisor", "purpose": "Supervisor mTLS endpoints + SPIFFE"}, + {"name": "aims-pqc", "purpose": "PQC KMS keys + dual-signing CI"}, + ], + }, + { + "id": "M5-S2", + "title": "OPA policy bundles", + "bundles": [ + "policy/aims-baseline.tar.gz (Annex A controls)", + "policy/overlay-ecb.tar.gz", + "policy/overlay-fed.tar.gz", + "policy/overlay-pra.tar.gz", + "policy/overlay-euaia.tar.gz", + "policy/overlay-gdpr.tar.gz", + "policy/use-case-credit-underwriting.tar.gz", + ], + "decisionPoints": [ + "Terraform plan (pre-apply) — block insecure infra", + "CI gate (pre-merge) — model card + eval coverage", + "Admission controller (Kubernetes) — image attestation", + "Inference gateway (runtime) — per-call obligations", + "Egress filter — prohibited-use checks", + ], + }, + { + "id": "M5-S3", + "title": "Continuous configuration audit", + "controls": [ + "Daily Terraform drift scan with auto-remediation PR", + "Hourly OPA bundle integrity check (signed digest)", + "Per-region misconfiguration KPI dashboard", + "Auto-quarantine of non-compliant workloads", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M6 — Adversarial & self-healing governance loops +# ────────────────────────────────────────────────────────────────────────────── +def m6_adversarial_self_healing(): + return { + "id": "M6", + "title": "M6 — Adversarial & Self-Healing Governance Loops", + "summary": ( + "Continuous adversarial exercise of both models and controls, " + "paired with auto-remediation that closes the loop without " + "human intervention for known failure modes." + ), + "sections": [ + { + "id": "M6-S1", + "title": "Adversarial governance loop", + "stages": [ + "Generate: red-team agents author attacks against models + controls", + "Execute: attacks run in sandboxed twin environment", + "Detect: monitors flag deltas vs. baseline behavior", + "Triage: severity scored against impact taxonomy", + "Remediate: control patch / model rollback / policy update", + "Attest: signed evidence captured in WORM", + ], + "cadence": "Continuous (on-demand + nightly + monthly chaos day)", + }, + { + "id": "M6-S2", + "title": "Self-healing playbooks", + "playbooks": [ + { + "id": "SH-01", + "trigger": "PSI > 0.2 on protected attribute", + "action": "Auto-rollback to previous model version + open Sev-2 ticket", + "humanGate": "CRO post-hoc review within 24h", + }, + { + "id": "SH-02", + "trigger": "OPA policy bundle digest mismatch", + "action": "Quarantine workload + restore last-known-good bundle", + "humanGate": "CISO + CCO joint review", + }, + { + "id": "SH-03", + "trigger": "Adverse-action SLA breach predicted", + "action": "Failover to deterministic fallback scoring + notify ops", + "humanGate": "Head of Credit + DPO", + }, + { + "id": "SH-04", + "trigger": "FRIA risk score escalation", + "action": "Block new deployments of system + escalate to Risk Committee", + "humanGate": "Board Risk Committee within 5 business days", + }, + ], + }, + { + "id": "M6-S3", + "title": "Adversarial assurance KPIs", + "kpis": { + "redTeamCoverage": ">= 95% of high-risk systems / quarter", + "novelAttackDiscoveryRate": ">= 5 net-new attack classes / year", + "selfHealingResolutionRate": ">= 80% Sev-2 without human action", + "meanTimeToRemediate": "<= 30 min (Sev-2), <= 4 h (Sev-1)", + }, + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M7 — Predictive governance & formally-verified legal logic +# ────────────────────────────────────────────────────────────────────────────── +def m7_predictive_formal(): + return { + "id": "M7", + "title": "M7 — Predictive Governance & Formally-Verified Legal Logic", + "summary": ( + "Forecast control breaches before they occur and prove " + "obligations are correctly implemented using machine-checkable " + "specifications." + ), + "sections": [ + { + "id": "M7-S1", + "title": "Predictive governance", + "approach": ( + "Treat governance KPIs (PSI, AIR, MTTR, evidence " + "completeness) as time series; forecast breach " + "probability and pre-emptively trigger remediation." + ), + "models": [ + "Drift forecaster (Prophet + ARIMA ensemble) — 7-day horizon", + "Fairness drift forecaster — protected-attribute aware", + "Control-fatigue forecaster (audit findings as proxy)", + "Regulatory-question forecaster (LLM-driven, supervised by Legal)", + ], + "outputs": [ + "Predicted breaches with calibrated confidence", + "Recommended interventions (pre-staged remediation PRs)", + "Board pre-warning dashboard (T-30 days)", + ], + }, + { + "id": "M7-S2", + "title": "Formally-verified obligation graph", + "approach": ( + "Encode regulator obligations as an obligation graph in " + "TLA+/Lean and prove the implementation refines the " + "specification." + ), + "specs": [ + "FCRA §615 adverse-action obligation (Lean spec, mechanically checked)", + "GDPR Art. 22 human-review-path obligation (TLA+)", + "EU AI Act Art. 73 incident-reporting obligation (TLA+ liveness)", + "ECB ICAAP Pillar 2 AI add-on quantification (Lean)", + ], + "deliverable": ( + "Each spec ships with a CI job that fails the build if a " + "code change breaks refinement." + ), + }, + { + "id": "M7-S3", + "title": "Counterfactual + causal regulator queries", + "capability": ( + "Supervisors can issue causal queries (\"if income were " + "+10%, would the decision flip?\") that the system " + "answers with a causal model + uncertainty, not just " + "correlations." + ), + "engines": [ + "DoWhy + EconML for causal effect estimation", + "DiCE / Alibi for actionable counterfactuals", + "LiNGAM / NOTEARS for structure discovery (governed)", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M8 — Cross-regulator federation & autonomous supervisory ecosystem +# ────────────────────────────────────────────────────────────────────────────── +def m8_federation_supervisory(): + return { + "id": "M8", + "title": "M8 — Cross-Regulator Federation & Autonomous Supervisory Ecosystem", + "summary": ( + "Federate disclosures across supervisors and prepare for " + "autonomous supervisory ecosystems by 2030." + ), + "sections": [ + { + "id": "M8-S1", + "title": "Federation protocol (FedReg)", + "transport": "mTLS + SPIFFE IDs + OAuth2 Mutual-TLS Client Auth", + "schema": "JSON-LD with shared regulator vocabulary (W3C ODRL extension)", + "operations": [ + "Disclose: scoped artefact share with consent metadata", + "Subscribe: supervisor receives delta stream", + "Challenge: supervisor issues counterfactual / explainability query", + "Attest: institution returns signed answer with provenance", + ], + "consentModel": "Per-scope, per-purpose, time-bounded, revocable", + }, + { + "id": "M8-S2", + "title": "Autonomous Supervisory Tiers", + "tiers": [ + {"tier": "T0", "name": "Manual", "year": "<2026", "description": "PDF + portal uploads"}, + {"tier": "T1", "name": "Structured", "year": "2026", "description": "Machine-readable RSP, manual review"}, + {"tier": "T2", "name": "Streaming", "year": "2027-2028", "description": "Continuous attestation feed"}, + {"tier": "T3", "name": "Federated", "year": "2028-2029", "description": "Cross-regulator query graph"}, + {"tier": "T4", "name": "Autonomous (advisory)", "year": "2029-2030", "description": "Supervisor AI agents issue advisories"}, + {"tier": "T5", "name": "Autonomous (binding-with-human-override)", "year": "2030+", "description": "Binding decisions with statutory human override"}, + ], + }, + { + "id": "M8-S3", + "title": "Privacy & sovereignty controls in federation", + "controls": [ + "Differential privacy on aggregate disclosures (ε <= 1)", + "Zero-knowledge predicates for sensitive thresholds", + "Data residency tags enforced at egress filter", + "Per-jurisdiction key custody with HSM + threshold signing (FROST)", + ], + }, + { + "id": "M8-S4", + "title": "Joint examination workflow", + "scenario": ( + "ECB + FRB + PRA jointly examine AI-CR-UNDERWRITE-01. " + "Each receives scoped, signed RSP slices; queries " + "federated through FedReg; institution responses " + "attested into a shared transparency log." + ), + "sla": "Joint final report within 30 calendar days", + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M9 — High-risk credit underwriting use case +# ────────────────────────────────────────────────────────────────────────────── +def m9_credit_underwriting(): + return { + "id": "M9", + "title": "M9 — High-Risk Credit Underwriting Best-Practice Pattern (AI-CR-UNDERWRITE-01)", + "summary": ( + "Reference end-to-end pattern for high-risk retail & SME credit " + "underwriting under EU AI Act Annex III §5(b), FCRA, ECOA, and " + "PRA / Fed MRM." + ), + "sections": [ + { + "id": "M9-S1", + "title": "Use-case scope & risk classification", + "details": { + "euAiActTier": "High-risk (Annex III §5(b))", + "internalTier": "T3 (material consumer impact)", + "modelRiskTier": "Tier 1", + "regulators": ["ECB", "Fed", "PRA", "FCA", "CFPB", "ICO", "EDPB"], + "decisionVolume": "~12M decisions / year", + }, + }, + { + "id": "M9-S2", + "title": "Data governance", + "controls": [ + "Datasheet (Gebru+) with provenance, sampling, bias notes", + "Protected attributes proxied + monitored (no direct use)", + "Synthetic counterfactual training augmentation for AIR uplift", + "Quarterly representativeness audit by Internal Audit", + ], + }, + { + "id": "M9-S3", + "title": "Model development & validation", + "controls": [ + "Champion/challenger with at least 2 independent architectures", + "GBM + monotonic constraints on protected proxies", + "Independent 2nd LoD validation (effective challenge)", + "FRIA + DPIA refreshed each retrain", + "Reproducibility: bit-exact training pipeline pinned", + ], + }, + { + "id": "M9-S4", + "title": "Decisioning & adverse action", + "controls": [ + "Per-decision SHAP + counterfactual stored with envelope", + "Adverse-action notice generated within 24h (FCRA §615)", + "GDPR Art. 22 human-review path for any decision contested", + "EU AI Act Art. 86 right to explanation served via portal", + "Decision envelope signed (Ed25519 + PQC dual-sign)", + ], + }, + { + "id": "M9-S5", + "title": "Monitoring & continuous compliance", + "controls": [ + "Drift: PSI per feature + per protected attribute, daily", + "Fairness: AIR + EOD + DI ratio, daily", + "Stability: KS, ROC-AUC delta vs. baseline, weekly", + "Calibration: Brier score, monthly", + "Adversarial: prompt-injection / data-poisoning probes, nightly", + ], + }, + { + "id": "M9-S6", + "title": "Regulator engagement", + "cadence": [ + "Quarterly RSP v2.4 issuance to home + host regulators", + "Material change notification within 5 business days (ECB-AI-01)", + "Annual joint examination drill", + "Live decision-traceability API for supervisor on-demand probes", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M10 — Implementation roadmap (5 phases) +# ────────────────────────────────────────────────────────────────────────────── +def m10_roadmap(): + return { + "id": "M10", + "title": "M10 — Implementation Roadmap (2026–2030)", + "summary": "Five-phase, board-tracked program plan with gates and KPIs.", + "sections": [ + { + "id": "M10-S1", + "title": "Phase plan", + "phases": [ + { + "id": "P1", + "name": "Foundation", + "window": "2026 H1", + "objectives": [ + "Adopt ISO/IEC 42001 AIMS Sections 1–5", + "Stand up AI System Inventory (Annex J1)", + "Issue RSP v1.0 for AI-CR-UNDERWRITE-01", + "Launch CAIO office with board mandate", + ], + "exitGate": "Board approval of AIMS + first RSP filed", + }, + { + "id": "P2", + "name": "Industrialise", + "window": "2026 H2 – 2027 H1", + "objectives": [ + "Deploy Terraform + OPA enforcement substrate", + "Roll out SoA (Annex J2) across 100% Tier-1 systems", + "Issue RSP v1.5 + v2.0", + "Launch adversarial governance loop", + ], + "exitGate": ">= 75% control automation", + }, + { + "id": "P3", + "name": "Federate", + "window": "2027 H2 – 2028", + "objectives": [ + "RSP v2.2 + v2.4 with multi-regulator scope", + "FedReg federation pilot with ECB + PRA + Fed", + "Activate self-healing playbooks SH-01..04", + "Stand up predictive governance forecasters", + ], + "exitGate": "Joint ECB+Fed+PRA examination drill passed", + }, + { + "id": "P4", + "name": "Verify", + "window": "2029", + "objectives": [ + "Formally verified obligation graph live for top 5 obligations", + "RSP v2.5 with machine-checkable legal logic", + "Counterfactual / causal supervisor queries supported", + "Autonomous supervisor T2->T3", + ], + "exitGate": "Independent assurance from ISO 42001 certification body", + }, + { + "id": "P5", + "name": "Autonomous", + "window": "2030", + "objectives": [ + "RSP v2.6 streaming attestation", + "Autonomous supervisor T4 advisory mode active", + "Cross-regulator binding-with-override pilot", + "PQC + ZK predicates fully deployed", + ], + "exitGate": "Autonomous advisory disclosures accepted by 8+ supervisors", + }, + ], + }, + { + "id": "M10-S2", + "title": "KPI dashboard", + "kpis": [ + {"id": "K1", "name": "Time-to-regulator-approved deployment", "target": "<= 14 days"}, + {"id": "K2", "name": "RSP generation latency", "target": "<= 30 minutes"}, + {"id": "K3", "name": "Decision-traceability coverage", "target": ">= 99.95%"}, + {"id": "K4", "name": "Control automation rate", "target": ">= 95%"}, + {"id": "K5", "name": "Evidence automation", "target": ">= 96%"}, + {"id": "K6", "name": "Fairness AIR floor", "target": ">= 0.85"}, + {"id": "K7", "name": "Explainability coverage (high-risk)", "target": "100%"}, + {"id": "K8", "name": "Adverse-action SLA", "target": "<= 24h auto"}, + {"id": "K9", "name": "Regulator notification SLA", "target": "<= 24h / 72h"}, + {"id": "K10", "name": "Model inventory coverage", "target": "100%"}, + {"id": "K11", "name": "Policy-drift MTTA", "target": "<= 5 min"}, + {"id": "K12", "name": "Self-healing resolution rate", "target": ">= 80% Sev-2"}, + {"id": "K13", "name": "Audit finding closure", "target": ">= 95% within SLA"}, + {"id": "K14", "name": "Board attestation cadence", "target": "Quarterly + ad-hoc"}, + {"id": "K15", "name": "WORM retention", "target": "10 years"}, + {"id": "K16", "name": "Federated supervisor count", "target": ">= 8"}, + ], + }, + { + "id": "M10-S3", + "title": "Top risks & mitigations", + "risks": [ + {"id": "R1", "risk": "Regulatory divergence post-2027", "mitigation": "Overlay precedence engine + Legal council monthly"}, + {"id": "R2", "risk": "Supervisor reluctance to accept machine-readable filings", "mitigation": "Dual format (PDF + JSON-LD) until T2"}, + {"id": "R3", "risk": "Formal verification toolchain immaturity", "mitigation": "Hybrid test-based + spec-based assurance"}, + {"id": "R4", "risk": "PQC migration breakage", "mitigation": "Hybrid signing + staged rollouts"}, + {"id": "R5", "risk": "Self-healing causes incident drift", "mitigation": "Human gate on every Sev-1; quarterly chaos drills"}, + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M11 — Governance operating model (RACI + 3 LoD) +# ────────────────────────────────────────────────────────────────────────────── +def m11_operating_model(): + return { + "id": "M11", + "title": "M11 — Governance Operating Model (3 LoD + RACI)", + "summary": "Roles, accountabilities, and committee architecture.", + "sections": [ + { + "id": "M11-S1", + "title": "Three Lines of Defense", + "lod": [ + {"line": "1st LoD", "owner": "Business + AI engineering", "responsibilities": "Build, operate, monitor models within risk appetite"}, + {"line": "2nd LoD", "owner": "MRM + Compliance + DPO + CISO", "responsibilities": "Independent challenge, validation, policy, oversight"}, + {"line": "3rd LoD", "owner": "Internal Audit", "responsibilities": "Audit AIMS effectiveness; audit the 2nd LoD"}, + ], + }, + { + "id": "M11-S2", + "title": "RACI matrix (key activities)", + "matrix": [ + {"activity": "Approve AI Policy", "Board": "A", "CEO": "R", "CRO": "C", "CCO": "C", "CAIO": "C", "DPO": "I"}, + {"activity": "Approve Tier-1 model", "Board": "I", "CEO": "I", "CRO": "A", "CCO": "C", "CAIO": "R", "DPO": "C"}, + {"activity": "Issue RSP", "Board": "I", "CEO": "I", "CRO": "A", "CCO": "R", "CAIO": "R", "DPO": "C"}, + {"activity": "Sev-1 incident response", "Board": "I", "CEO": "I", "CRO": "A", "CCO": "C", "CAIO": "R", "DPO": "C", "CISO": "R"}, + {"activity": "Annual AIMS audit", "Board": "I", "CEO": "I", "CRO": "C", "CCO": "C", "CAIO": "C", "DPO": "C", "InternalAudit": "AR"}, + ], + }, + { + "id": "M11-S3", + "title": "Committee architecture", + "committees": [ + {"id": "C1", "name": "Board AI Oversight Committee", "frequency": "Quarterly", "chair": "Independent NED"}, + {"id": "C2", "name": "Group AI Risk Committee", "frequency": "Monthly", "chair": "CRO"}, + {"id": "C3", "name": "Model Approval Committee", "frequency": "Bi-weekly", "chair": "CAIO"}, + {"id": "C4", "name": "AI Ethics Council", "frequency": "Monthly", "chair": "GC + external ethicist"}, + {"id": "C5", "name": "Regulator Engagement Forum", "frequency": "Monthly", "chair": "CCO"}, + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# M12 — Reporting & disclosure templates +# ────────────────────────────────────────────────────────────────────────────── +def m12_reporting_disclosure(): + return { + "id": "M12", + "title": "M12 — Reporting & Disclosure Templates", + "summary": "Standardised, machine-readable templates for every audience.", + "sections": [ + { + "id": "M12-S1", + "title": "Audience matrix", + "matrix": [ + {"audience": "Board", "report": "Quarterly AI Risk & KPI Pack", "format": "PDF + JSON-LD"}, + {"audience": "Regulator (home)", "report": "RSP v2.4+", "format": "JSON-LD bundle + signatures"}, + {"audience": "Regulator (host)", "report": "Federated RSP slice", "format": "FedReg streaming"}, + {"audience": "Customer (adverse action)", "report": "Adverse-action notice + explanation", "format": "Multilingual portal + paper"}, + {"audience": "Internal Audit", "report": "AIMS audit dossier", "format": "Evidence bundle + Merkle root"}, + {"audience": "Public", "report": "Transparency report", "format": "PDF + W3C transparency log link"}, + ], + }, + { + "id": "M12-S2", + "title": "Markdown template skeleton", + "tags": ["", "<abstract>", "<content>"], + "skeleton": ( + "<title>Quarterly AI Risk & KPI Pack — 2026 Q4\n" + "Summary of KPI movement, top risks, and " + "regulator interactions for the quarter.\n" + "1. KPI dashboard (K1..K16)\n" + "2. Material model changes\n" + "3. Incidents (Sev-0..Sev-2)\n" + "4. Regulator engagements (RSP issuances, queries)\n" + "5. Internal Audit findings status\n" + "6. Forward-looking risks (predictive governance)\n" + "7. Board decisions requested" + ), + }, + { + "id": "M12-S3", + "title": "Disclosure principles", + "principles": [ + "Truthful, complete, and timely", + "Audience-fit (no jargon to customers; rigour to supervisors)", + "Verifiable (every claim traceable to a signed evidence record)", + "Privacy-preserving (DP / ZK on aggregate disclosures)", + ], + }, + ], + } + + +# ────────────────────────────────────────────────────────────────────────────── +# Schemas +# ────────────────────────────────────────────────────────────────────────────── +def schemas(): + return { + "aiSystemInventoryEntry": { + "title": "AI System Inventory Entry (Annex J1)", + "required": [ + "systemId", "businessOwner", "euAiActTier", "internalTier", + "modelRiskTier", "lastFRIA", "rspVersion", + ], + "fields": { + "systemId": "string", + "businessOwner": "string", + "euAiActTier": "enum[Prohibited|HighRisk|Limited|Minimal]", + "internalTier": "enum[T0|T1|T2|T3|T4|T5]", + "modelRiskTier": "enum[Tier-1|Tier-2|Tier-3]", + "annexIIIRef": "string", + "lastFRIA": "ISO-8601", + "lastDPIA": "ISO-8601", + "rspVersion": "string", + "regulatorEngagementStatus": "enum[Filed|Pending|UnderReview|Approved|Withdrawn]", + }, + }, + "rspManifest": { + "title": "Regulator Submission Pack — Manifest (v2.4+)", + "required": ["rspId", "version", "subjectSystemId", "issuedAt", "signatures", "merkleRoot"], + "fields": { + "rspId": "string", + "version": "string", + "subjectSystemId": "string", + "issuedAt": "ISO-8601", + "regulators": "string[]", + "artefacts": "object[]", + "signatures": "object[]", + "merkleRoot": "hex", + "policyBundleDigest": "hex", + "ledgerAnchorTx": "string", + }, + }, + "decisionEnvelope": { + "title": "Decision Envelope (per AI decision)", + "required": [ + "decisionId", "subjectId", "modelId", "modelVersion", + "inputsHash", "output", "shapTopK", "ts", "signature", + ], + "fields": { + "decisionId": "string", + "subjectId": "string", + "modelId": "string", + "modelVersion": "string", + "inputsHash": "hex", + "output": "object", + "shapTopK": "object[]", + "counterfactual": "object", + "policyDecision": "object", + "ts": "ISO-8601", + "signature": "object", + }, + }, + "controlMapping": { + "title": "Control Mapping (Annex J2 SoA)", + "required": ["controlId", "category", "iso42001Ref", "overlays", "enforcement"], + "fields": { + "controlId": "string", + "category": "string", + "iso42001Ref": "string", + "overlays": "object", + "enforcement": "object", + "evidenceAutomation": "enum[None|Partial|Full]", + "owner": "string", + }, + }, + "friaRecord": { + "title": "FRIA + DPIA Combined Record (Annex J3)", + "required": ["friaId", "subjectSystemId", "phase", "residualRisk", "approvers"], + "fields": { + "friaId": "string", + "subjectSystemId": "string", + "phase": "enum[A|B|C|D|E|F]", + "axes": "object[]", + "residualRisk": "enum[Low|Medium|High|Critical]", + "approvers": "string[]", + "nextReviewAt": "ISO-8601", + }, + }, + "incidentRecord": { + "title": "AI Incident Record (Cl. 10.2 + EU AI Act Art. 73)", + "required": ["incidentId", "severity", "detectedAt", "affectedSystems", "narrative"], + "fields": { + "incidentId": "string", + "severity": "enum[Sev-0|Sev-1|Sev-2|Sev-3]", + "detectedAt": "ISO-8601", + "affectedSystems": "string[]", + "regulatorNotifications": "object[]", + "narrative": "string", + "rootCause": "string", + "capa": "object[]", + }, + }, + "fedRegMessage": { + "title": "Federation Protocol Message (FedReg)", + "required": ["messageId", "fromSpiffeId", "toSpiffeId", "op", "payloadRef", "consentScope"], + "fields": { + "messageId": "string", + "fromSpiffeId": "string", + "toSpiffeId": "string", + "op": "enum[Disclose|Subscribe|Challenge|Attest]", + "payloadRef": "string", + "consentScope": "object", + "signatures": "object[]", + "ts": "ISO-8601", + }, + }, + "obligationSpec": { + "title": "Formally-Verified Obligation Spec", + "required": ["obligationId", "regulatorRef", "specLanguage", "specHash", "refinementProof"], + "fields": { + "obligationId": "string", + "regulatorRef": "string", + "specLanguage": "enum[TLA+|Lean|Coq]", + "specHash": "hex", + "refinementProof": "string", + "ciJobRef": "string", + }, + }, + } + + +# ────────────────────────────────────────────────────────────────────────────── +# Code examples +# ────────────────────────────────────────────────────────────────────────────── +def code_examples(): + return { + "opaRspGate": { + "language": "rego", + "purpose": "Block RSP issuance unless all required artefacts + signatures present", + "code": """package rsp.gate + +default allow = false + +required := {"manifest", "model-card", "datasheet", "fria-dpia", + "validation-report", "monitoring-plan", "incident-plan", + "policy-bundle", "attestations", "hash-chain"} + +allow { + have := {a | a := input.artefacts[_].name} + missing := required - have + count(missing) == 0 + input.signatures.cosign.verified == true + input.signatures.intoto.verified == true + input.policyBundleDigest == data.policy.expectedDigest +} +""", + }, + "terraformWormEvidence": { + "language": "hcl", + "purpose": "S3 Object Lock + KMS WORM evidence bucket (10-year retention)", + "code": """resource "aws_s3_bucket" "aims_evidence" { + bucket = "gsifi-aims-evidence-${var.env}" + object_lock_enabled = true +} + +resource "aws_s3_bucket_object_lock_configuration" "lock" { + bucket = aws_s3_bucket.aims_evidence.id + rule { + default_retention { + mode = "COMPLIANCE" + years = 10 + } + } +} + +resource "aws_s3_bucket_server_side_encryption_configuration" "sse" { + bucket = aws_s3_bucket.aims_evidence.id + rule { + apply_server_side_encryption_by_default { + kms_master_key_id = aws_kms_key.aims.arn + sse_algorithm = "aws:kms" + } + } +} +""", + }, + "decisionEnvelopeSigner": { + "language": "python", + "purpose": "Sign per-decision envelopes (Ed25519 + PQC dual-sign)", + "code": """import hashlib, json, time +from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey +# pqcrypto.sign.dilithium3 illustrative +from pqcrypto.sign.dilithium3 import generate_keypair, sign as pqc_sign + +def make_envelope(decision_id, subject_id, model_id, model_version, + inputs, output, shap_topk, ed_sk, pqc_sk): + inputs_hash = hashlib.sha256(json.dumps(inputs, sort_keys=True).encode()).hexdigest() + body = { + "decisionId": decision_id, + "subjectId": subject_id, + "modelId": model_id, + "modelVersion": model_version, + "inputsHash": inputs_hash, + "output": output, + "shapTopK": shap_topk, + "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()), + } + payload = json.dumps(body, sort_keys=True).encode() + sig_ed = ed_sk.sign(payload).hex() + sig_pqc = pqc_sign(pqc_sk, payload).hex() + body["signature"] = {"ed25519": sig_ed, "dilithium3": sig_pqc} + return body +""", + }, + "fairnessMonitor": { + "language": "python", + "purpose": "Daily AIR / EOD monitor with self-healing trigger (SH-01)", + "code": """import numpy as np + +def adverse_impact_ratio(y_pred, protected): + rates = {g: y_pred[protected == g].mean() for g in np.unique(protected)} + ref = max(rates.values()) + return min(rates.values()) / ref if ref else 1.0 + +def monitor(daily_predictions, protected, prev_air, prev_psi): + air = adverse_impact_ratio(daily_predictions, protected) + if air < 0.85 or prev_psi > 0.2: + trigger_self_heal("SH-01", reason={"air": air, "psi": prev_psi}) + return {"air": air} + +def trigger_self_heal(playbook_id, reason): + # POST signed event to governance bus → triggers rollback + Sev-2 ticket + ... +""", + }, + "fedRegClient": { + "language": "python", + "purpose": "FedReg federation client — disclose RSP slice to supervisor", + "code": """import requests, json, time + +def disclose(supervisor_url, rsp_slice, scope, spiffe_ctx, signer): + msg = { + "messageId": f"msg-{int(time.time()*1000)}", + "fromSpiffeId": spiffe_ctx.self_id, + "toSpiffeId": spiffe_ctx.peer_id, + "op": "Disclose", + "payloadRef": rsp_slice["uri"], + "consentScope": scope, + "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()), + } + body = json.dumps(msg, sort_keys=True).encode() + msg["signatures"] = signer(body) + return requests.post(supervisor_url + "/fedreg/v1/messages", + json=msg, cert=spiffe_ctx.mtls_cert).json() +""", + }, + "predictiveDriftForecaster": { + "language": "python", + "purpose": "Forecast PSI breach 7 days ahead (predictive governance)", + "code": """from prophet import Prophet +import pandas as pd + +def forecast_psi_breach(history_df, threshold=0.2, horizon=7): + m = Prophet(interval_width=0.95).fit(history_df.rename(columns={"date":"ds","psi":"y"})) + future = m.make_future_dataframe(periods=horizon) + fcst = m.predict(future) + breach = fcst[fcst["yhat"] > threshold].head(1) + return None if breach.empty else { + "predictedBreachAt": str(breach.iloc[0]["ds"].date()), + "expectedPsi": float(breach.iloc[0]["yhat"]), + } +""", + }, + "tlaPlusObligation": { + "language": "tla", + "purpose": "TLA+ liveness spec for EU AI Act Art. 73 incident reporting", + "code": """-------------- MODULE Art73Reporting -------------- +EXTENDS Naturals, TLC +VARIABLES status, notifiedAt, detectedAt +Init == /\\ status = "open" /\\ notifiedAt = 0 /\\ detectedAt = 0 +Report == /\\ status = "open" /\\ status' = "reported" + /\\ notifiedAt' = detectedAt + 15 +Liveness == <>(status = "reported" /\\ notifiedAt - detectedAt <= 15) +Spec == Init /\\ [][Report]_<> /\\ Liveness +==== +""", + }, + "leanFcraSpec": { + "language": "lean", + "purpose": "Lean spec for FCRA §615 adverse-action obligation", + "code": """import data.real.basic + +structure Decision := (subject : string) (denied : bool) (timestamp_h : nat) +structure Notice := (subject : string) (sent_at_h : nat) (reasons : list string) + +def fcra_compliant (d : Decision) (n : Notice) : Prop := + d.subject = n.subject + ∧ d.denied = tt + ∧ n.sent_at_h ≤ d.timestamp_h + 30 * 24 + ∧ n.reasons.length ≥ 1 + +theorem fcra_demo : + ∀ d n, d.denied = tt → fcra_compliant d n → n.reasons.length ≥ 1 := +λ d n h1 hc, hc.2.2.2 +""", + }, + "selfHealingPlaybookEngine": { + "language": "python", + "purpose": "Self-healing playbook executor with WORM-attested actions", + "code": """import json, time, hashlib + +def execute_playbook(playbook, signals, signer, worm_writer): + record = {"playbook": playbook["id"], "trigger": playbook["trigger"], + "signals": signals, "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ")} + if playbook["id"] == "SH-01": + rollback_model(signals["modelId"]) + open_ticket(severity="Sev-2", reason="Bias drift") + elif playbook["id"] == "SH-02": + quarantine_workload(signals["workloadId"]) + restore_lkg_bundle() + payload = json.dumps(record, sort_keys=True).encode() + record["digest"] = hashlib.sha256(payload).hexdigest() + record["signature"] = signer(payload) + worm_writer.write(record) + return record + +def rollback_model(*a, **k): ... +def open_ticket(*a, **k): ... +def quarantine_workload(*a, **k): ... +def restore_lkg_bundle(*a, **k): ... +""", + }, + "rspApiFastapi": { + "language": "python", + "purpose": "FastAPI decision-traceability API for RSP v2.4+", + "code": """from fastapi import FastAPI, HTTPException, Depends +app = FastAPI(title="RSP Decision Traceability API") + +def auth(spiffe_id: str = ""): + if not spiffe_id.startswith("spiffe://supervisor."): + raise HTTPException(401, "Supervisor SPIFFE required") + return spiffe_id + +@app.get("/rsp/{rsp_id}/decisions/{decision_id}") +def get_decision(rsp_id: str, decision_id: str, who=Depends(auth)): + env = decision_store.fetch(rsp_id, decision_id) + if not env: raise HTTPException(404, "Decision not found") + return env + +@app.post("/rsp/{rsp_id}/challenge") +def challenge(rsp_id: str, body: dict, who=Depends(auth)): + return counterfactual_engine.run(rsp_id, body) +""", + }, + "merkleAnchor": { + "language": "python", + "purpose": "Daily Merkle anchor of evidence WORM into public ledger", + "code": """import hashlib + +def merkle_root(leaves): + layer = [bytes.fromhex(l) for l in leaves] + while len(layer) > 1: + if len(layer) % 2: layer.append(layer[-1]) + layer = [hashlib.sha256(layer[i]+layer[i+1]).digest() for i in range(0,len(layer),2)] + return layer[0].hex() + +def anchor_today(evidence_hashes, ledger_client): + root = merkle_root(evidence_hashes) + txid = ledger_client.publish(root) + return {"root": root, "txid": txid, "count": len(evidence_hashes)} +""", + }, + } + + +# ────────────────────────────────────────────────────────────────────────────── +# Case studies +# ────────────────────────────────────────────────────────────────────────────── +def case_studies(): + return [ + { + "id": "CS-01", + "title": "European G-SIB — first ISO/IEC 42001 + EU AI Act dual certification", + "sector": "Banking (EU)", + "summary": ( + "Top-3 EU bank achieved ISO/IEC 42001 certification and EU " + "AI Act Art. 43 conformity for AI-CR-UNDERWRITE-01 " + "concurrently." + ), + "outcomes": { + "rspVersion": "v2.4", + "regulators": ["ECB", "BaFin", "ACPR", "EDPB"], + "controlAutomation": "94%", + "auditFindingsCriticalHigh": 0, + }, + }, + { + "id": "CS-02", + "title": "US BHC — federated SR 11-7 + EU AI Act submission", + "sector": "Banking (US/EU)", + "summary": ( + "US bank holding company served SR 11-7 + EU AI Act overlays " + "from a single AIMS, federated to FRB + ECB via FedReg." + ), + "outcomes": { + "rspVersion": "v2.2 → v2.4", + "supervisorCount": 5, + "decisionTraceability": "99.97%", + "boardAttestation": "Quarterly + ad-hoc", + }, + }, + { + "id": "CS-03", + "title": "UK firm — PRA SS1/23 SMF24 attestation pipeline", + "sector": "Banking (UK)", + "summary": ( + "PRA-authorised firm built an SMF24 senior-manager attestation " + "pipeline auto-generated from AIMS evidence." + ), + "outcomes": { + "smf24AttestationLatency": "<= 24h", + "evidenceAutomation": "97%", + "annualSelfAssessment": "Filed 11 days early", + }, + }, + { + "id": "CS-04", + "title": "Joint examination drill — ECB + Fed + PRA", + "sector": "Cross-jurisdiction", + "summary": ( + "Three home/host supervisors ran a joint examination of " + "AI-CR-UNDERWRITE-01 using FedReg, with binding-with-override " + "advisory issued by an autonomous supervisor agent (T4)." + ), + "outcomes": { + "totalQueries": 412, + "averageReplyLatency": "27 minutes", + "challengePassRate": "98.5%", + "finalReportTime": "23 days", + }, + }, + { + "id": "CS-05", + "title": "Self-healing in production — bias drift auto-rollback", + "sector": "Banking", + "summary": ( + "AIR fell to 0.81 on a protected attribute; SH-01 auto-" + "rolled back the model within 4 minutes, opened Sev-2, and " + "filed a customer-impact pre-warning to Internal Audit." + ), + "outcomes": { + "detectionToRollback": "4 min", + "customerImpact": "0 wrongful denials", + "regulatorNotified": "ECB + ICO within 6h", + "rcaPublished": "<= 5 business days", + }, + }, + ] + + +# ────────────────────────────────────────────────────────────────────────────── +# API endpoints +# ────────────────────────────────────────────────────────────────────────────── +def api_endpoints(): + routes = [ + "", "/meta", "/executive-summary", "/summary", + "/aims", "/aims/sections", "/aims/sections/:id", + "/aims/annexes", "/aims/annexes/:id", + "/regulatory", "/regulatory/overlays", "/regulatory/overlays/:id", + "/regulatory/precedence", "/regulatory/matrix", + "/rsp", "/rsp/versions", "/rsp/versions/:id", + "/rsp/structure", "/rsp/api", "/rsp/pipeline", + "/enforcement", "/enforcement/terraform", "/enforcement/opa", + "/enforcement/audit", + "/adversarial", "/adversarial/loop", "/adversarial/playbooks", + "/adversarial/kpis", + "/predictive", "/predictive/forecasters", "/predictive/formal", + "/predictive/causal", + "/federation", "/federation/protocol", "/federation/tiers", + "/federation/privacy", "/federation/joint-exam", + "/credit-underwriting", "/credit-underwriting/scope", + "/credit-underwriting/data", "/credit-underwriting/dev-validation", + "/credit-underwriting/decisioning", "/credit-underwriting/monitoring", + "/credit-underwriting/regulator", + "/roadmap", "/roadmap/phases", "/roadmap/phases/:id", + "/roadmap/kpis", "/roadmap/risks", + "/operating-model", "/operating-model/lod", + "/operating-model/raci", "/operating-model/committees", + "/reporting", "/reporting/audience", "/reporting/template", + "/reporting/principles", + "/schemas", "/schemas/:name", + "/code-examples", "/code-examples/:name", + "/case-studies", "/case-studies/:id", + "/modules", "/modules/:id", "/sections/:id", + ] + for i in range(1, 13): + routes.append(f"/m{i}") + return {"prefix": "/api/gsifi-aims", "routes": routes} + + +# ────────────────────────────────────────────────────────────────────────────── +# Main +# ────────────────────────────────────────────────────────────────────────────── +def main(): + data = { + "meta": meta(), + "executiveSummary": executive_summary(), + "M1_aimsSections": m1_aims_sections(), + "M2_aimsAnnexes": m2_aims_annexes(), + "M3_regulatoryOverlays": m3_regulatory_overlays(), + "M4_rsp": m4_rsp(), + "M5_technicalEnforcement": m5_technical_enforcement(), + "M6_adversarialSelfHealing": m6_adversarial_self_healing(), + "M7_predictiveFormal": m7_predictive_formal(), + "M8_federationSupervisory": m8_federation_supervisory(), + "M9_creditUnderwriting": m9_credit_underwriting(), + "M10_roadmap": m10_roadmap(), + "M11_operatingModel": m11_operating_model(), + "M12_reportingDisclosure": m12_reporting_disclosure(), + "schemas": schemas(), + "codeExamples": code_examples(), + "caseStudies": case_studies(), + "apiEndpoints": api_endpoints(), + } + OUT.parent.mkdir(parents=True, exist_ok=True) + OUT.write_text(json.dumps(data, indent=2), encoding="utf-8") + size_kb = OUT.stat().st_size // 1024 + n_modules = sum(1 for k in data if k.startswith("M") and "_" in k) + n_sections = sum(len(data[k].get("sections", [])) for k in data if k.startswith("M") and "_" in k) + print(f"Wrote {OUT} ({size_kb} KB)") + print( + f"Modules: {n_modules} | Sections: {n_sections} | " + f"Schemas: {len(data['schemas'])} | " + f"Code: {len(data['codeExamples'])} | " + f"Cases: {len(data['caseStudies'])} | " + f"Routes: {len(data['apiEndpoints']['routes'])}" + ) + + +if __name__ == "__main__": + main() diff --git a/rag-agentic-dashboard/public/gsifi-aims-blueprint.html b/rag-agentic-dashboard/public/gsifi-aims-blueprint.html new file mode 100644 index 0000000..8a356ec --- /dev/null +++ b/rag-agentic-dashboard/public/gsifi-aims-blueprint.html @@ -0,0 +1,774 @@ + + + + + +GSIFI-AIMS-BLUEPRINT-WP-037 — Regulator-Grade AI Governance & ISO/IEC 42001 AIMS Master Blueprint for G-SIFIs (2026-2030) + + + + +
    +
    GSIFI-AIMS-BLUEPRINT-WP-037 · CONFIDENTIAL — Board / Prudential Regulator / Group Risk / Internal Audit / Chief Legal & Compliance Officer
    +

    Regulator-Grade AI Governance & ISO/IEC 42001 AIMS Master Blueprint for G-SIFIs (2026-2030)

    +

    Design and implementation roadmap for ISO/IEC 42001-aligned AI Management Systems, multi-jurisdiction regulatory overlays, Regulator Submission Packs (RSP v1.0-v2.6), Terraform/OPA technical enforcement, adversarial and self-healing governance loops, predictive governance with formally-verified legal logic, cross-regulator federation, and autonomous supervisory ecosystems for high-risk credit underwriting.

    +
    + Version 1.0.0 + Date 2026-04-30 + Horizon 2026-2030 + ISO/IEC 42001 AIMS + EU AI Act Annex III §5(b) + GDPR Art. 22 + SR 11-7 / OCC 2011-12 + PRA SS1/23 + ECB SSM + FCRA / ECOA + RSP v2.6 ready +
    +
    +
    12
    Modules
    +
    44
    Sections
    +
    5
    AIMS Sections (1–5)
    +
    4
    Annexes (J1–J4)
    +
    5
    Regulatory Overlays
    +
    7
    RSP Versions
    +
    5
    Phases
    +
    16
    KPIs
    +
    8
    Schemas
    +
    11
    Code Examples
    +
    5
    Case Studies
    +
    78
    API Routes
    +
    +
    + +
    +
    +

    Executive Summary

    +
    purposeProvide G-SIFI boards, regulators, and supervisors a regulator-grade, ISO/IEC 42001-anchored master blueprint that operationalises AI governance across all jurisdictions in which the institution operates, with machine-checkable legal logic and autonomous supervisory federation by 2030.
    scopeEnd-to-end design, implementation, and continuous-supervision framework for an AI Management System (AIMS) covering all material AI systems — anchored on the AI-CR-UNDERWRITE-01 high-risk credit use case.
    designPrinciples
    • ISO/IEC 42001 as the operating standard, regulator overlays as policy bundles
    • Compliance-as-code: every control has Terraform + OPA enforcement
    • Decision-traceability: every model decision is reproducible from a signed envelope
    • Self-healing governance: detect-then-remediate loops with cryptographic evidence
    • Predictive governance: forecast control breaches before they occur
    • Formally-verified legal logic: TLA+/Lean specs of obligations
    • Federation by default: cross-regulator API with consented disclosure
    • Adversarial assurance: continuous red-teaming of both models and controls
    headlineKpis
    timeToRegulatorApprovedDeployment<= 14 days (RSP v2.4+)
    rspGenerationLatency<= 30 minutes (auto-assembled, signed)
    decisionTraceabilityCoverage>= 99.95% of AI decisions
    controlAutomationRate>= 95% (Terraform + OPA enforced)
    evidenceAutomation>= 96% (no human evidence collection for L1/L2 controls)
    fairnessAirFloor>= 0.85 (FCRA / ECOA / EU AI Act Art. 10)
    explainabilityCoverage100% of high-risk decisions have SHAP + counterfactual
    adverseActionNoticeSla<= 30 days (FCRA §615) — automated for 100% cases
    incidentNotifSlaRegulator<= 24h (EU AI Act Art. 73) / 72h (GDPR Art. 33)
    modelInventoryCoverage100% — no shadow AI tolerance
    policyDriftMtta<= 5 minutes (Terraform plan diff)
    autonomousSupervisorReadinessTier-3 by 2030 (machine-readable filings)
    boardAttestationCadenceQuarterly + ad-hoc on Sev-1
    auditFindingCloseRate>= 95% within SLA
    wormRetention10 years (extends SR 11-7 / SEC 17a-4(f) baseline)
    crossRegulatorFederationCount>= 8 supervisors integrated
    boardNarrativeThis blueprint converts AI governance from a periodic compliance exercise into a continuously-attested, regulator-federated operating discipline — measurable, monitorable, and provably correct against the EU AI Act, ISO/IEC 42001, ECB, Fed, PRA, and GDPR by design.
    +
    + +
    +

    Document Metadata

    +
    docRefGSIFI-AIMS-BLUEPRINT-WP-037
    version1.0.0
    date2026-04-30
    titleRegulator-Grade AI Governance & ISO/IEC 42001 AIMS Master Blueprint for G-SIFIs (2026-2030)
    subtitleDesign and implementation roadmap for ISO/IEC 42001-aligned AI Management Systems, multi-jurisdiction regulatory overlays, Regulator Submission Packs (RSP v1.0-v2.6), Terraform/OPA technical enforcement, adversarial and self-healing governance loops, predictive governance with formally-verified legal logic, cross-regulator federation, and autonomous supervisory ecosystems for high-risk credit underwriting.
    classificationCONFIDENTIAL — Board / Prudential Regulator / Group Risk / Internal Audit / Chief Legal & Compliance Officer
    ownerGroup CRO + Chief AI Officer (CAIO) — co-signed by CCO, GC, CISO, DPO, Head of Internal Audit
    horizon2026-2030
    outlookHorizon2030-2035 (autonomous supervisory ecosystems)
    +
    +

    Audience

    +
    • Board of Directors / Risk Committee / Audit Committee
    • Executive Committee (CEO, CFO, CRO, CCO, CISO, CAIO, CTO)
    • Group Compliance, Legal & Privacy Office
    • Internal Audit (3rd Line of Defense)
    • Model Risk Management (MRM, 2nd Line of Defense)
    • Prudential supervisors (ECB SSM JST, Federal Reserve, PRA, OCC)
    • Conduct supervisors (FCA, BaFin, AMF, CFPB)
    • Data protection authorities (EDPB, ICO)
    • AI safety / standards bodies (AISI, ISO/IEC JTC1 SC42)
    +
    +
    +

    Subject System

    +
    institutionTypeG-SIFI / G-SIB (FSB list, Bucket 1-4)
    scopeOfAiAll AI systems materially impacting capital, liquidity, credit, market conduct, AML, fraud, and customer outcomes
    anchorUseCaseAI-CR-UNDERWRITE-01 — High-risk retail & SME credit underwriting (EU AI Act Annex III §5(b) — high-risk)
    scale20+ jurisdictions · 1,200+ AI systems · 350+ models in production
    +
    +
    +

    Deliverable Inventory

    +
    modules12
    aimsSections5
    annexes4
    regulatoryOverlays5
    rspVersions7
    schemas8
    codeExamples11
    caseStudies5
    phases5
    kpis16
    controls280
    +
    +
    + +
    +

    M1 · M1 — ISO/IEC 42001 AIMS Documentation (Sections 1–5)

    +

    Master AIMS documentation set anchored on ISO/IEC 42001:2023 clauses 4–10, broken into Sections 1–5 with audit-grade detail.

    +
    +

    M1-S1 · Section 1 — Context of the Organization (Cl. 4)

    +

    iso42001Clauses

    • 4.1
    • 4.2
    • 4.3
    • 4.4
    +

    deliverables

    • Internal/external issues register (PEST + tech + regulatory)
    • Interested parties matrix (regulators, customers, employees, society)
    • AIMS scope statement (geographies, business units, AI systems)
    • AI System Inventory v1 (1,200+ systems, classification)
    • Boundary diagram showing AIMS interfaces with EMS/ISMS/QMS
    +

    evidenceRefs

    • EVD-AIMS-S1-CTX-2026Q2
    • EVD-AIMS-S1-INV-2026Q2
    +
    +
    +

    M1-S2 · Section 2 — Leadership & Policy (Cl. 5)

    +

    iso42001Clauses

    • 5.1
    • 5.2
    • 5.3
    +

    deliverables

    • Board-approved AI Policy (signed by Chair + CEO)
    • AI Roles & Responsibilities matrix (RACI: Board, CAIO, CRO, CCO, DPO)
    • Authority delegation: model approval thresholds by Tier T0–T5
    • Conflict-of-interest controls between 1st/2nd/3rd LoD
    +

    evidenceRefs

    • EVD-AIMS-S2-POL-2026Q2
    • EVD-AIMS-S2-RACI-2026Q2
    +
    +
    +

    M1-S3 · Section 3 — Planning (Cl. 6)

    +

    iso42001Clauses

    • 6.1
    • 6.2
    • 6.3
    +

    deliverables

    • AI Risks & Opportunities register (linked to ISO 23894 taxonomy)
    • AI Objectives (16 KPIs, board-tracked)
    • Change planning protocol (model promotion gates G0–G5)
    • Statement of Applicability (SoA) covering Annex A + regulator overlays
    +

    evidenceRefs

    • EVD-AIMS-S3-RISK-2026Q2
    • EVD-AIMS-S3-SOA-2026Q2
    +
    +
    +

    M1-S4 · Section 4 — Support (Cl. 7)

    +

    iso42001Clauses

    • 7.1
    • 7.2
    • 7.3
    • 7.4
    • 7.5
    +

    deliverables

    • Resourcing plan (FTEs, GPU compute, evidence storage)
    • Competence framework (CAIO certification, MRM accreditation)
    • Awareness program (annual mandatory training, red-team exercises)
    • Communication plan (internal + regulator + customer)
    • Documented information control (versioning, WORM, retention)
    +

    evidenceRefs

    • EVD-AIMS-S4-COMP-2026Q2
    • EVD-AIMS-S4-DOC-2026Q2
    +
    +
    +

    M1-S5 · Section 5 — Operation, Performance, Improvement (Cl. 8–10)

    +

    iso42001Clauses

    • 8.1
    • 8.2
    • 8.3
    • 9.1
    • 9.2
    • 9.3
    • 10.1
    • 10.2
    +

    deliverables

    • Operational planning & control (life-cycle SOPs per ISO 5338)
    • AI impact assessment process (GDPR DPIA + EU AI Act FRIA)
    • Performance evaluation (KPI dashboard, internal audit plan)
    • Management review minutes (quarterly, board-attested)
    • Continual improvement loop (CAPA register, RCA)
    +

    evidenceRefs

    • EVD-AIMS-S5-OPS-2026Q2
    • EVD-AIMS-S5-MR-2026Q2
    • EVD-AIMS-S5-CAPA-2026Q2
    +
    +
    +
    +

    M2 · M2 — AIMS Annexes J1–J4 (Implementation Detail)

    +

    Four institution-specific annexes extending ISO/IEC 42001 Annex A/B with G-SIFI-grade depth.

    +
    +

    M2-S1 · Annex J1 — AI System Inventory & Classification

    +

    content

    Authoritative register of all AI systems with EU AI Act tiering (Prohibited / High-Risk / Limited / Minimal), internal capability tier T0–T5, owning business unit, data classification, model risk tier, and impact zones.
    +

    fields

    • systemId
    • businessOwner
    • euAiActTier
    • internalTier
    • modelRiskTier
    • annexIIIRef
    • lastFRIA
    • lastDPIA
    • rspVersion
    • regulatorEngagementStatus
    +
    +
    +

    M2-S2 · Annex J2 — Statement of Applicability (SoA) + Control Mapping

    +

    content

    Mapping of ISO/IEC 42001 Annex A controls + 280 institution-specific controls to regulator overlays (ECB, Fed, PRA, EU AI Act, GDPR), each with a Terraform/OPA enforcement reference and an evidence automation status.
    +

    controlCategories

    • AC — Accountability
    • RM — Risk Management
    • DG — Data Governance
    • MD — Model Development
    • VV — Validation & Verification
    • DP — Deployment
    • MO — Monitoring
    • IR — Incident Response
    • TP — Third-Party
    • TR — Transparency
    +

    totalControls

    280
    +
    +
    +

    M2-S3 · Annex J3 — AI Impact Assessment (FRIA + DPIA Combined)

    +

    content

    Unified template combining EU AI Act Fundamental Rights Impact Assessment (Art. 27) with GDPR DPIA (Art. 35) and SR 11-7 model materiality assessment.
    +

    phases

    • Phase A — Purpose & Necessity
    • Phase B — Risk Identification (12 axes)
    • Phase C — Risk Evaluation (likelihood × severity × scope)
    • Phase D — Mitigation Plan
    • Phase E — Residual Risk Acceptance (CRO sign-off)
    • Phase F — Monitoring & Review (auto-rerun on drift)
    +
    +
    +

    M2-S4 · Annex J4 — Regulator Submission Pack (RSP) Template

    +

    content

    Master template that produces RSP v1.0–v2.6 with decision-traceability links, model cards, eval results, monitoring telemetry, and signed attestations.
    +

    rspContents

    • Cover & Executive Summary
    • Model Card (Mitchell+ format extended)
    • Data Sheet (Gebru+ format extended)
    • FRIA + DPIA
    • Validation Report (independent 2nd LoD sign-off)
    • Monitoring Plan + KPI baseline
    • Incident Response Plan (model-specific)
    • Decision Traceability API endpoint + sample decisions
    • Cryptographic attestation bundle (Sigstore + Rekor)
    +
    +
    +
    +

    M3 · M3 — Multi-Jurisdiction Regulatory Overlays

    +

    Five regulator overlays applied as policy bundles on top of the ISO/IEC 42001 baseline.

    +
    +

    M3-S1 · Overlay catalog

    +

    overlays

    idnamescopekeyRefsadditionalControls
    OVL-ECBECB SSM OverlaySignificant Institutions under direct ECB supervision
    • ECB Guide to Internal Models (2024)
    • TRIM AI extensions
    • ECB SSM Supervisory Priorities 2025-2027
    • ECB-AI-01 Model change notification within 5 business days
    • ECB-AI-02 JST-accessible model inventory
    • ECB-AI-03 ICAAP Pillar 2 AI capital add-on quantification
    OVL-FEDFederal Reserve SR 11-7 OverlayUS bank holding companies / FBOs
    • SR 11-7 (2011) + 2021 supplemental guidance
    • OCC 2011-12
    • FDIC FIL-22-2017
    • Joint statement on Risk-Based Approach to Third-Party Risk (2023)
    • FED-AI-01 Independent model validation by qualified 2nd LoD
    • FED-AI-02 Effective challenge documented for every Tier-1 model
    • FED-AI-03 Ongoing monitoring with documented thresholds
    OVL-PRAPRA SS1/23 OverlayUK PRA-authorised firms
    • PRA SS1/23
    • PRA SS2/21 outsourcing
    • FCA Consumer Duty
    • PRA-AI-01 Model risk tiering with board-approved thresholds
    • PRA-AI-02 Senior Manager (SMF24) accountability for MRM
    • PRA-AI-03 Annual model risk self-assessment to PRA
    OVL-EUAIAEU AI Act OverlayAll AI systems placed on the EU market or affecting EU persons
    • Reg. (EU) 2024/1689
    • EU AI Act Annex III §5(b) — credit scoring
    • Commission implementing acts 2025-2026
    • EUAIA-AI-01 CE conformity (Art. 43) for high-risk systems
    • EUAIA-AI-02 Post-market monitoring (Art. 72) live
    • EUAIA-AI-03 Serious incident reporting within 15 days (Art. 73)
    • EUAIA-AI-04 Registration in EU database (Art. 49)
    OVL-GDPRGDPR OverlayAny processing of EU personal data
    • Reg. (EU) 2016/679 Articles 5/6/9/22/25/32/33/34/35
    • EDPB Guidelines 03/2022 on AI
    • GDPR-AI-01 Art. 22 safeguards: human review path documented
    • GDPR-AI-02 DPIA refreshed on material change
    • GDPR-AI-03 Data minimisation tested via leakage probes
    +
    +
    +

    M3-S2 · Overlay precedence & conflict resolution

    +

    rules

    • Strictest applicable provision wins (tier ordering).
    • Where overlays diverge on disclosure scope, union of disclosures applies; classification follows the home regulator.
    • Conflict log maintained with Legal sign-off for every override.
    +
    +
    +

    M3-S3 · Mapping matrix snapshot

    +

    matrix

    controlISO42001ECBFedPRAEUAIAGDPR
    Independent validation8.3ECB-AI-01/03FED-AI-01/02PRA-AI-02Art. 17 QMS / 43
    Adverse-action explanationAnnex A 6.2.7FCRA §615FCA Consumer DutyArt. 13/86Art. 22
    Post-market monitoring9.1ECB-AI-02FED-AI-03PRA-AI-03Art. 72Art. 35(11)
    Incident reporting10.2Operational incident frameworkSR 11-7 weakness reportingSS1/23 §3.5Art. 73Art. 33/34
    +
    +
    +
    +

    M4 · M4 — Regulator Submission Packs (RSP v1.0 → v2.6)

    +

    Versioned submission packs evolving from PDF-based static packs to fully machine-readable, signed, decision-traceable bundles.

    +
    +

    M4-S1 · Version roadmap

    +

    versions

    idyearformatscopeautomationsigning
    RSP-v1.02026PDF + JSON manifestSingle jurisdiction (home regulator)30%PGP detached signature
    RSP-v1.52026PDF + JSON-LD + SigstoreHome + 1 host regulator55%Sigstore + Rekor transparency log
    RSP-v2.02027Structured JSON-LD bundle (machine-readable)Multi-jurisdiction (ECB + PRA + Fed)75%in-toto attestations
    RSP-v2.22027JSON-LD + Decision-Traceability APIAdds GDPR + EU AI Act DB linkage85%in-toto + Cosign
    RSP-v2.42028JSON-LD + live API + OPA-validated policy bundleAll overlays, federated submission92%PQC-ready (Dilithium hybrid)
    RSP-v2.52029v2.4 + formally-verified obligation graphAdds machine-checkable legal logic95%PQC + Merkle anchored to public ledger
    RSP-v2.62030Continuous streaming attestationAutonomous-supervisor compatible98%PQC + FROST threshold + ZK predicates
    +
    +
    +

    M4-S2 · RSP package structure (v2.4+)

    +

    structure

    • /rsp/manifest.jsonld — top-level bundle
    • /rsp/model-card.json
    • /rsp/datasheet.json
    • /rsp/fria-dpia.json
    • /rsp/validation-report.json
    • /rsp/monitoring-plan.json
    • /rsp/incident-plan.json
    • /rsp/decisions/ (signed decision envelopes)
    • /rsp/policy-bundle.tar.gz (OPA bundle)
    • /rsp/attestations/ (in-toto / Cosign / Rekor)
    • /rsp/hash-chain.json (Merkle root + signatures)
    +
    +
    +

    M4-S3 · Decision-traceability API

    +

    endpoints

    • GET /rsp/{rspId}/decisions/{decisionId} — full reproducible decision
    • GET /rsp/{rspId}/decisions?subjectId=… — subject access
    • GET /rsp/{rspId}/lineage — model + data lineage graph
    • GET /rsp/{rspId}/attestations — verifiable bundle
    • POST /rsp/{rspId}/challenge — supervisor counterfactual probe
    +

    slas

    decisionLookup<= 200 ms p95
    lineageGraph<= 1 s p95
    challengeReply<= 5 minutes p95
    +

    auth

    mTLS + supervisor SPIFFE ID + per-call OPA policy
    +
    +
    +

    M4-S4 · RSP issuance pipeline

    +

    stages

    • Trigger: model promotion / quarterly cadence / supervisor request
    • Assemble: pull artefacts from registry, evaluator, monitor
    • Validate: OPA policy bundle compliance check
    • Sign: in-toto layout + Cosign + Rekor entry
    • Publish: regulator portal + internal evidence WORM
    • Notify: supervisor + Internal Audit + Board pack
    +
    +
    +
    +

    M5 · M5 — Terraform + OPA Technical Enforcement

    +

    Compliance-as-code substrate enforcing AIMS controls at infrastructure, pipeline, and runtime layers.

    +
    +

    M5-S1 · Terraform modules

    +

    modules

    namepurpose
    aims-baselineVPC/KMS/IAM/WORM-S3/Kafka baseline
    aims-evidenceObject Lock + Lambda hash-chain anchor
    aims-runtimeEKS/GKE clusters + admission controllers
    aims-supervisorSupervisor mTLS endpoints + SPIFFE
    aims-pqcPQC KMS keys + dual-signing CI
    +
    +
    +

    M5-S2 · OPA policy bundles

    +

    bundles

    • policy/aims-baseline.tar.gz (Annex A controls)
    • policy/overlay-ecb.tar.gz
    • policy/overlay-fed.tar.gz
    • policy/overlay-pra.tar.gz
    • policy/overlay-euaia.tar.gz
    • policy/overlay-gdpr.tar.gz
    • policy/use-case-credit-underwriting.tar.gz
    +

    decisionPoints

    • Terraform plan (pre-apply) — block insecure infra
    • CI gate (pre-merge) — model card + eval coverage
    • Admission controller (Kubernetes) — image attestation
    • Inference gateway (runtime) — per-call obligations
    • Egress filter — prohibited-use checks
    +
    +
    +

    M5-S3 · Continuous configuration audit

    +

    controls

    • Daily Terraform drift scan with auto-remediation PR
    • Hourly OPA bundle integrity check (signed digest)
    • Per-region misconfiguration KPI dashboard
    • Auto-quarantine of non-compliant workloads
    +
    +
    +
    +

    M6 · M6 — Adversarial & Self-Healing Governance Loops

    +

    Continuous adversarial exercise of both models and controls, paired with auto-remediation that closes the loop without human intervention for known failure modes.

    +
    +

    M6-S1 · Adversarial governance loop

    +

    stages

    • Generate: red-team agents author attacks against models + controls
    • Execute: attacks run in sandboxed twin environment
    • Detect: monitors flag deltas vs. baseline behavior
    • Triage: severity scored against impact taxonomy
    • Remediate: control patch / model rollback / policy update
    • Attest: signed evidence captured in WORM
    +

    cadence

    Continuous (on-demand + nightly + monthly chaos day)
    +
    +
    +

    M6-S2 · Self-healing playbooks

    +

    playbooks

    idtriggeractionhumanGate
    SH-01PSI > 0.2 on protected attributeAuto-rollback to previous model version + open Sev-2 ticketCRO post-hoc review within 24h
    SH-02OPA policy bundle digest mismatchQuarantine workload + restore last-known-good bundleCISO + CCO joint review
    SH-03Adverse-action SLA breach predictedFailover to deterministic fallback scoring + notify opsHead of Credit + DPO
    SH-04FRIA risk score escalationBlock new deployments of system + escalate to Risk CommitteeBoard Risk Committee within 5 business days
    +
    +
    +

    M6-S3 · Adversarial assurance KPIs

    +

    kpis

    redTeamCoverage>= 95% of high-risk systems / quarter
    novelAttackDiscoveryRate>= 5 net-new attack classes / year
    selfHealingResolutionRate>= 80% Sev-2 without human action
    meanTimeToRemediate<= 30 min (Sev-2), <= 4 h (Sev-1)
    +
    +
    +
    +

    M7 · M7 — Predictive Governance & Formally-Verified Legal Logic

    +

    Forecast control breaches before they occur and prove obligations are correctly implemented using machine-checkable specifications.

    +
    +

    M7-S1 · Predictive governance

    +

    approach

    Treat governance KPIs (PSI, AIR, MTTR, evidence completeness) as time series; forecast breach probability and pre-emptively trigger remediation.
    +

    models

    • Drift forecaster (Prophet + ARIMA ensemble) — 7-day horizon
    • Fairness drift forecaster — protected-attribute aware
    • Control-fatigue forecaster (audit findings as proxy)
    • Regulatory-question forecaster (LLM-driven, supervised by Legal)
    +

    outputs

    • Predicted breaches with calibrated confidence
    • Recommended interventions (pre-staged remediation PRs)
    • Board pre-warning dashboard (T-30 days)
    +
    +
    +

    M7-S2 · Formally-verified obligation graph

    +

    approach

    Encode regulator obligations as an obligation graph in TLA+/Lean and prove the implementation refines the specification.
    +

    specs

    • FCRA §615 adverse-action obligation (Lean spec, mechanically checked)
    • GDPR Art. 22 human-review-path obligation (TLA+)
    • EU AI Act Art. 73 incident-reporting obligation (TLA+ liveness)
    • ECB ICAAP Pillar 2 AI add-on quantification (Lean)
    +

    deliverable

    Each spec ships with a CI job that fails the build if a code change breaks refinement.
    +
    +
    +

    M7-S3 · Counterfactual + causal regulator queries

    +

    capability

    Supervisors can issue causal queries ("if income were +10%, would the decision flip?") that the system answers with a causal model + uncertainty, not just correlations.
    +

    engines

    • DoWhy + EconML for causal effect estimation
    • DiCE / Alibi for actionable counterfactuals
    • LiNGAM / NOTEARS for structure discovery (governed)
    +
    +
    +
    +

    M8 · M8 — Cross-Regulator Federation & Autonomous Supervisory Ecosystem

    +

    Federate disclosures across supervisors and prepare for autonomous supervisory ecosystems by 2030.

    +
    +

    M8-S1 · Federation protocol (FedReg)

    +

    transport

    mTLS + SPIFFE IDs + OAuth2 Mutual-TLS Client Auth
    +

    schema

    JSON-LD with shared regulator vocabulary (W3C ODRL extension)
    +

    operations

    • Disclose: scoped artefact share with consent metadata
    • Subscribe: supervisor receives delta stream
    • Challenge: supervisor issues counterfactual / explainability query
    • Attest: institution returns signed answer with provenance
    +

    consentModel

    Per-scope, per-purpose, time-bounded, revocable
    +
    +
    +

    M8-S2 · Autonomous Supervisory Tiers

    +

    tiers

    tiernameyeardescription
    T0Manual<2026PDF + portal uploads
    T1Structured2026Machine-readable RSP, manual review
    T2Streaming2027-2028Continuous attestation feed
    T3Federated2028-2029Cross-regulator query graph
    T4Autonomous (advisory)2029-2030Supervisor AI agents issue advisories
    T5Autonomous (binding-with-human-override)2030+Binding decisions with statutory human override
    +
    +
    +

    M8-S3 · Privacy & sovereignty controls in federation

    +

    controls

    • Differential privacy on aggregate disclosures (ε <= 1)
    • Zero-knowledge predicates for sensitive thresholds
    • Data residency tags enforced at egress filter
    • Per-jurisdiction key custody with HSM + threshold signing (FROST)
    +
    +
    +

    M8-S4 · Joint examination workflow

    +

    scenario

    ECB + FRB + PRA jointly examine AI-CR-UNDERWRITE-01. Each receives scoped, signed RSP slices; queries federated through FedReg; institution responses attested into a shared transparency log.
    +

    sla

    Joint final report within 30 calendar days
    +
    +
    +
    +

    M9 · M9 — High-Risk Credit Underwriting Best-Practice Pattern (AI-CR-UNDERWRITE-01)

    +

    Reference end-to-end pattern for high-risk retail & SME credit underwriting under EU AI Act Annex III §5(b), FCRA, ECOA, and PRA / Fed MRM.

    +
    +

    M9-S1 · Use-case scope & risk classification

    +

    details

    euAiActTierHigh-risk (Annex III §5(b))
    internalTierT3 (material consumer impact)
    modelRiskTierTier 1
    regulators
    • ECB
    • Fed
    • PRA
    • FCA
    • CFPB
    • ICO
    • EDPB
    decisionVolume~12M decisions / year
    +
    +
    +

    M9-S2 · Data governance

    +

    controls

    • Datasheet (Gebru+) with provenance, sampling, bias notes
    • Protected attributes proxied + monitored (no direct use)
    • Synthetic counterfactual training augmentation for AIR uplift
    • Quarterly representativeness audit by Internal Audit
    +
    +
    +

    M9-S3 · Model development & validation

    +

    controls

    • Champion/challenger with at least 2 independent architectures
    • GBM + monotonic constraints on protected proxies
    • Independent 2nd LoD validation (effective challenge)
    • FRIA + DPIA refreshed each retrain
    • Reproducibility: bit-exact training pipeline pinned
    +
    +
    +

    M9-S4 · Decisioning & adverse action

    +

    controls

    • Per-decision SHAP + counterfactual stored with envelope
    • Adverse-action notice generated within 24h (FCRA §615)
    • GDPR Art. 22 human-review path for any decision contested
    • EU AI Act Art. 86 right to explanation served via portal
    • Decision envelope signed (Ed25519 + PQC dual-sign)
    +
    +
    +

    M9-S5 · Monitoring & continuous compliance

    +

    controls

    • Drift: PSI per feature + per protected attribute, daily
    • Fairness: AIR + EOD + DI ratio, daily
    • Stability: KS, ROC-AUC delta vs. baseline, weekly
    • Calibration: Brier score, monthly
    • Adversarial: prompt-injection / data-poisoning probes, nightly
    +
    +
    +

    M9-S6 · Regulator engagement

    +

    cadence

    • Quarterly RSP v2.4 issuance to home + host regulators
    • Material change notification within 5 business days (ECB-AI-01)
    • Annual joint examination drill
    • Live decision-traceability API for supervisor on-demand probes
    +
    +
    +
    +

    M10 · M10 — Implementation Roadmap (2026–2030)

    +

    Five-phase, board-tracked program plan with gates and KPIs.

    +
    +

    M10-S1 · Phase plan

    +

    phases

    idnamewindowobjectivesexitGate
    P1Foundation2026 H1
    • Adopt ISO/IEC 42001 AIMS Sections 1–5
    • Stand up AI System Inventory (Annex J1)
    • Issue RSP v1.0 for AI-CR-UNDERWRITE-01
    • Launch CAIO office with board mandate
    		Board approval of AIMS + first RSP filed
    P2Industrialise2026 H2 – 2027 H1
    • Deploy Terraform + OPA enforcement substrate
    • Roll out SoA (Annex J2) across 100% Tier-1 systems
    • Issue RSP v1.5 + v2.0
    • Launch adversarial governance loop
    		>= 75% control automation
    P3Federate2027 H2 – 2028
    • RSP v2.2 + v2.4 with multi-regulator scope
    • FedReg federation pilot with ECB + PRA + Fed
    • Activate self-healing playbooks SH-01..04
    • Stand up predictive governance forecasters
    		Joint ECB+Fed+PRA examination drill passed
    P4Verify2029
    • Formally verified obligation graph live for top 5 obligations
    • RSP v2.5 with machine-checkable legal logic
    • Counterfactual / causal supervisor queries supported
    • Autonomous supervisor T2->T3
    		Independent assurance from ISO 42001 certification body
    P5Autonomous2030
    • RSP v2.6 streaming attestation
    • Autonomous supervisor T4 advisory mode active
    • Cross-regulator binding-with-override pilot
    • PQC + ZK predicates fully deployed
    		Autonomous advisory disclosures accepted by 8+ supervisors
    +
    +
    +

    M10-S2 · KPI dashboard

    +

    kpis

    idnametarget
    K1Time-to-regulator-approved deployment<= 14 days
    K2RSP generation latency<= 30 minutes
    K3Decision-traceability coverage>= 99.95%
    K4Control automation rate>= 95%
    K5Evidence automation>= 96%
    K6Fairness AIR floor>= 0.85
    K7Explainability coverage (high-risk)100%
    K8Adverse-action SLA<= 24h auto
    K9Regulator notification SLA<= 24h / 72h
    K10Model inventory coverage100%
    K11Policy-drift MTTA<= 5 min
    K12Self-healing resolution rate>= 80% Sev-2
    K13Audit finding closure>= 95% within SLA
    K14Board attestation cadenceQuarterly + ad-hoc
    K15WORM retention10 years
    K16Federated supervisor count>= 8
    +
    +
    +

    M10-S3 · Top risks & mitigations

    +

    risks

    idriskmitigation
    R1Regulatory divergence post-2027Overlay precedence engine + Legal council monthly
    R2Supervisor reluctance to accept machine-readable filingsDual format (PDF + JSON-LD) until T2
    R3Formal verification toolchain immaturityHybrid test-based + spec-based assurance
    R4PQC migration breakageHybrid signing + staged rollouts
    R5Self-healing causes incident driftHuman gate on every Sev-1; quarterly chaos drills
    +
    +
    +
    +

    M11 · M11 — Governance Operating Model (3 LoD + RACI)

    +

    Roles, accountabilities, and committee architecture.

    +
    +

    M11-S1 · Three Lines of Defense

    +

    lod

    lineownerresponsibilities
    1st LoDBusiness + AI engineeringBuild, operate, monitor models within risk appetite
    2nd LoDMRM + Compliance + DPO + CISOIndependent challenge, validation, policy, oversight
    3rd LoDInternal AuditAudit AIMS effectiveness; audit the 2nd LoD
    +
    +
    +

    M11-S2 · RACI matrix (key activities)

    +

    matrix

    activityBoardCEOCROCCOCAIODPOCISOInternalAudit
    Approve AI PolicyARCCCI
    Approve Tier-1 modelIIACRC
    Issue RSPIIARRC
    Sev-1 incident responseIIACRCR
    Annual AIMS auditIICCCCAR
    +
    +
    +

    M11-S3 · Committee architecture

    +

    committees

    idnamefrequencychair
    C1Board AI Oversight CommitteeQuarterlyIndependent NED
    C2Group AI Risk CommitteeMonthlyCRO
    C3Model Approval CommitteeBi-weeklyCAIO
    C4AI Ethics CouncilMonthlyGC + external ethicist
    C5Regulator Engagement ForumMonthlyCCO
    +
    +
    +
    +

    M12 · M12 — Reporting & Disclosure Templates

    +

    Standardised, machine-readable templates for every audience.

    +
    +

    M12-S1 · Audience matrix

    +

    matrix

    audiencereportformat
    BoardQuarterly AI Risk & KPI PackPDF + JSON-LD
    Regulator (home)RSP v2.4+JSON-LD bundle + signatures
    Regulator (host)Federated RSP sliceFedReg streaming
    Customer (adverse action)Adverse-action notice + explanationMultilingual portal + paper
    Internal AuditAIMS audit dossierEvidence bundle + Merkle root
    PublicTransparency reportPDF + W3C transparency log link
    +
    +
    +

    M12-S2 · Markdown template skeleton

    +

    tags

    • <title>
    • <abstract>
    • <content>
    +

    skeleton

    <title>Quarterly AI Risk & KPI Pack — 2026 Q4</title> +<abstract>Summary of KPI movement, top risks, and regulator interactions for the quarter.</abstract> +<content>1. KPI dashboard (K1..K16) +2. Material model changes +3. Incidents (Sev-0..Sev-2) +4. Regulator engagements (RSP issuances, queries) +5. Internal Audit findings status +6. Forward-looking risks (predictive governance) +7. Board decisions requested</content>
    +
    +
    +

    M12-S3 · Disclosure principles

    +

    principles

    • Truthful, complete, and timely
    • Audience-fit (no jargon to customers; rigour to supervisors)
    • Verifiable (every claim traceable to a signed evidence record)
    • Privacy-preserving (DP / ZK on aggregate disclosures)
    +
    +
    + +
    +

    Regulatory Alignment

    +
    • ISO/IEC 42001:2023 — AI Management System (AIMS) — primary anchor
    • ISO/IEC 23894:2023 — AI Risk Management
    • ISO/IEC 5338:2023 — AI System Life Cycle Processes
    • ISO/IEC 27001:2022 / 27701:2019 / 27018:2019
    • ISO/IEC TR 24028 / 24029 / 24368 (trustworthiness)
    • EU AI Act (Reg. (EU) 2024/1689) — Art. 6, 9, 10, 12, 13, 14, 15, 17, 26, 27, 49, 53, 55, 72, 73; Annex III §5(b)
    • GDPR (Reg. (EU) 2016/679) — Art. 5, 6, 9, 22, 25, 32, 33, 34, 35
    • ECB SSM Guide on internal models (2024) + Targeted Review of Internal Models (TRIM) AI extensions
    • Federal Reserve SR 11-7 / OCC 2011-12 — Model Risk Management
    • PRA SS1/23 — Model Risk Management Principles for Banks (UK)
    • PRA SS2/21 — Outsourcing & third-party risk management
    • FCA Consumer Duty (PS22/9) + AI/ML discussion paper DP5/22
    • Basel III/IV — CRR3 / CRD6 — ICAAP Pillar 2 AI add-on
    • FCRA (US) §604/§615 + ECOA / Reg B §1002 (adverse action)
    • CFPB Circular 2023-03 (algorithmic adverse-action notices)
    • NIST AI RMF 1.0 + GenAI Profile (AI 600-1)
    • OECD AI Principles + G7 Hiroshima AI Process Code of Conduct
    • Council of Europe Framework Convention on AI (2024)
    • OWASP LLM Top 10 (2025) / MITRE ATLAS
    • SLSA L3 + Sigstore/Cosign + in-toto attestations
    +
    + +
    +

    JSON Schemas

    +

    8 schemas: AI System Inventory, RSP Manifest, Decision Envelope, Control Mapping, FRIA, Incident Record, FedReg Message, Obligation Spec.

    +
    aiSystemInventoryEntry
    {
+  "title": "AI System Inventory Entry (Annex J1)",
+  "required": [
+    "systemId",
+    "businessOwner",
+    "euAiActTier",
+    "internalTier",
+    "modelRiskTier",
+    "lastFRIA",
+    "rspVersion"
+  ],
+  "fields": {
+    "systemId": "string",
+    "businessOwner": "string",
+    "euAiActTier": "enum[Prohibited|HighRisk|Limited|Minimal]",
+    "internalTier": "enum[T0|T1|T2|T3|T4|T5]",
+    "modelRiskTier": "enum[Tier-1|Tier-2|Tier-3]",
+    "annexIIIRef": "string",
+    "lastFRIA": "ISO-8601",
+    "lastDPIA": "ISO-8601",
+    "rspVersion": "string",
+    "regulatorEngagementStatus": "enum[Filed|Pending|UnderReview|Approved|Withdrawn]"
+  }
+}
    rspManifest
    {
+  "title": "Regulator Submission Pack \u2014 Manifest (v2.4+)",
+  "required": [
+    "rspId",
+    "version",
+    "subjectSystemId",
+    "issuedAt",
+    "signatures",
+    "merkleRoot"
+  ],
+  "fields": {
+    "rspId": "string",
+    "version": "string",
+    "subjectSystemId": "string",
+    "issuedAt": "ISO-8601",
+    "regulators": "string[]",
+    "artefacts": "object[]",
+    "signatures": "object[]",
+    "merkleRoot": "hex",
+    "policyBundleDigest": "hex",
+    "ledgerAnchorTx": "string"
+  }
+}
    decisionEnvelope
    {
+  "title": "Decision Envelope (per AI decision)",
+  "required": [
+    "decisionId",
+    "subjectId",
+    "modelId",
+    "modelVersion",
+    "inputsHash",
+    "output",
+    "shapTopK",
+    "ts",
+    "signature"
+  ],
+  "fields": {
+    "decisionId": "string",
+    "subjectId": "string",
+    "modelId": "string",
+    "modelVersion": "string",
+    "inputsHash": "hex",
+    "output": "object",
+    "shapTopK": "object[]",
+    "counterfactual": "object",
+    "policyDecision": "object",
+    "ts": "ISO-8601",
+    "signature": "object"
+  }
+}
    controlMapping
    {
+  "title": "Control Mapping (Annex J2 SoA)",
+  "required": [
+    "controlId",
+    "category",
+    "iso42001Ref",
+    "overlays",
+    "enforcement"
+  ],
+  "fields": {
+    "controlId": "string",
+    "category": "string",
+    "iso42001Ref": "string",
+    "overlays": "object",
+    "enforcement": "object",
+    "evidenceAutomation": "enum[None|Partial|Full]",
+    "owner": "string"
+  }
+}
    friaRecord
    {
+  "title": "FRIA + DPIA Combined Record (Annex J3)",
+  "required": [
+    "friaId",
+    "subjectSystemId",
+    "phase",
+    "residualRisk",
+    "approvers"
+  ],
+  "fields": {
+    "friaId": "string",
+    "subjectSystemId": "string",
+    "phase": "enum[A|B|C|D|E|F]",
+    "axes": "object[]",
+    "residualRisk": "enum[Low|Medium|High|Critical]",
+    "approvers": "string[]",
+    "nextReviewAt": "ISO-8601"
+  }
+}
    incidentRecord
    {
+  "title": "AI Incident Record (Cl. 10.2 + EU AI Act Art. 73)",
+  "required": [
+    "incidentId",
+    "severity",
+    "detectedAt",
+    "affectedSystems",
+    "narrative"
+  ],
+  "fields": {
+    "incidentId": "string",
+    "severity": "enum[Sev-0|Sev-1|Sev-2|Sev-3]",
+    "detectedAt": "ISO-8601",
+    "affectedSystems": "string[]",
+    "regulatorNotifications": "object[]",
+    "narrative": "string",
+    "rootCause": "string",
+    "capa": "object[]"
+  }
+}
    fedRegMessage
    {
+  "title": "Federation Protocol Message (FedReg)",
+  "required": [
+    "messageId",
+    "fromSpiffeId",
+    "toSpiffeId",
+    "op",
+    "payloadRef",
+    "consentScope"
+  ],
+  "fields": {
+    "messageId": "string",
+    "fromSpiffeId": "string",
+    "toSpiffeId": "string",
+    "op": "enum[Disclose|Subscribe|Challenge|Attest]",
+    "payloadRef": "string",
+    "consentScope": "object",
+    "signatures": "object[]",
+    "ts": "ISO-8601"
+  }
+}
    obligationSpec
    {
+  "title": "Formally-Verified Obligation Spec",
+  "required": [
+    "obligationId",
+    "regulatorRef",
+    "specLanguage",
+    "specHash",
+    "refinementProof"
+  ],
+  "fields": {
+    "obligationId": "string",
+    "regulatorRef": "string",
+    "specLanguage": "enum[TLA+|Lean|Coq]",
+    "specHash": "hex",
+    "refinementProof": "string",
+    "ciJobRef": "string"
+  }
+}
    +
    + +
    +

    Code Examples

    +

    11 reference implementations: OPA RSP gate, Terraform WORM evidence, decision envelope signer (Ed25519 + PQC), fairness monitor, FedReg client, predictive drift forecaster, TLA+ obligation spec, Lean FCRA spec, self-healing playbook engine, FastAPI traceability API, Merkle anchor.

    +
    opaRspGate
    rego · Block RSP issuance unless all required artefacts + signatures present
    package rsp.gate
+
+default allow = false
+
+required := {"manifest", "model-card", "datasheet", "fria-dpia",
+             "validation-report", "monitoring-plan", "incident-plan",
+             "policy-bundle", "attestations", "hash-chain"}
+
+allow {
+    have := {a | a := input.artefacts[_].name}
+    missing := required - have
+    count(missing) == 0
+    input.signatures.cosign.verified == true
+    input.signatures.intoto.verified == true
+    input.policyBundleDigest == data.policy.expectedDigest
+}
+
    terraformWormEvidence
    hcl · S3 Object Lock + KMS WORM evidence bucket (10-year retention)
    resource "aws_s3_bucket" "aims_evidence" {
+  bucket = "gsifi-aims-evidence-${var.env}"
+  object_lock_enabled = true
+}
+
+resource "aws_s3_bucket_object_lock_configuration" "lock" {
+  bucket = aws_s3_bucket.aims_evidence.id
+  rule {
+    default_retention {
+      mode = "COMPLIANCE"
+      years = 10
+    }
+  }
+}
+
+resource "aws_s3_bucket_server_side_encryption_configuration" "sse" {
+  bucket = aws_s3_bucket.aims_evidence.id
+  rule {
+    apply_server_side_encryption_by_default {
+      kms_master_key_id = aws_kms_key.aims.arn
+      sse_algorithm     = "aws:kms"
+    }
+  }
+}
+
    decisionEnvelopeSigner
    python · Sign per-decision envelopes (Ed25519 + PQC dual-sign)
    import hashlib, json, time
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
+# pqcrypto.sign.dilithium3 illustrative
+from pqcrypto.sign.dilithium3 import generate_keypair, sign as pqc_sign
+
+def make_envelope(decision_id, subject_id, model_id, model_version,
+                  inputs, output, shap_topk, ed_sk, pqc_sk):
+    inputs_hash = hashlib.sha256(json.dumps(inputs, sort_keys=True).encode()).hexdigest()
+    body = {
+        "decisionId": decision_id,
+        "subjectId": subject_id,
+        "modelId": model_id,
+        "modelVersion": model_version,
+        "inputsHash": inputs_hash,
+        "output": output,
+        "shapTopK": shap_topk,
+        "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()),
+    }
+    payload = json.dumps(body, sort_keys=True).encode()
+    sig_ed = ed_sk.sign(payload).hex()
+    sig_pqc = pqc_sign(pqc_sk, payload).hex()
+    body["signature"] = {"ed25519": sig_ed, "dilithium3": sig_pqc}
+    return body
+
    fairnessMonitor
    python · Daily AIR / EOD monitor with self-healing trigger (SH-01)
    import numpy as np
+
+def adverse_impact_ratio(y_pred, protected):
+    rates = {g: y_pred[protected == g].mean() for g in np.unique(protected)}
+    ref = max(rates.values())
+    return min(rates.values()) / ref if ref else 1.0
+
+def monitor(daily_predictions, protected, prev_air, prev_psi):
+    air = adverse_impact_ratio(daily_predictions, protected)
+    if air < 0.85 or prev_psi > 0.2:
+        trigger_self_heal("SH-01", reason={"air": air, "psi": prev_psi})
+    return {"air": air}
+
+def trigger_self_heal(playbook_id, reason):
+    # POST signed event to governance bus → triggers rollback + Sev-2 ticket
+    ...
+
    fedRegClient
    python · FedReg federation client — disclose RSP slice to supervisor
    import requests, json, time
+
+def disclose(supervisor_url, rsp_slice, scope, spiffe_ctx, signer):
+    msg = {
+        "messageId": f"msg-{int(time.time()*1000)}",
+        "fromSpiffeId": spiffe_ctx.self_id,
+        "toSpiffeId":   spiffe_ctx.peer_id,
+        "op": "Disclose",
+        "payloadRef": rsp_slice["uri"],
+        "consentScope": scope,
+        "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()),
+    }
+    body = json.dumps(msg, sort_keys=True).encode()
+    msg["signatures"] = signer(body)
+    return requests.post(supervisor_url + "/fedreg/v1/messages",
+                         json=msg, cert=spiffe_ctx.mtls_cert).json()
+
    predictiveDriftForecaster
    python · Forecast PSI breach 7 days ahead (predictive governance)
    from prophet import Prophet
+import pandas as pd
+
+def forecast_psi_breach(history_df, threshold=0.2, horizon=7):
+    m = Prophet(interval_width=0.95).fit(history_df.rename(columns={"date":"ds","psi":"y"}))
+    future = m.make_future_dataframe(periods=horizon)
+    fcst = m.predict(future)
+    breach = fcst[fcst["yhat"] > threshold].head(1)
+    return None if breach.empty else {
+        "predictedBreachAt": str(breach.iloc[0]["ds"].date()),
+        "expectedPsi": float(breach.iloc[0]["yhat"]),
+    }
+
    tlaPlusObligation
    tla · TLA+ liveness spec for EU AI Act Art. 73 incident reporting
    -------------- MODULE Art73Reporting --------------
+EXTENDS Naturals, TLC
+VARIABLES status, notifiedAt, detectedAt
+Init == /\ status = "open" /\ notifiedAt = 0 /\ detectedAt = 0
+Report == /\ status = "open" /\ status' = "reported"
+          /\ notifiedAt' = detectedAt + 15
+Liveness == <>(status = "reported" /\ notifiedAt - detectedAt <= 15)
+Spec == Init /\ [][Report]_<<status, notifiedAt, detectedAt>> /\ Liveness
+====
+
    leanFcraSpec
    lean · Lean spec for FCRA §615 adverse-action obligation
    import data.real.basic
+
+structure Decision := (subject : string) (denied : bool) (timestamp_h : nat)
+structure Notice   := (subject : string) (sent_at_h : nat) (reasons : list string)
+
+def fcra_compliant (d : Decision) (n : Notice) : Prop :=
+  d.subject = n.subject
+  ∧ d.denied = tt
+  ∧ n.sent_at_h ≤ d.timestamp_h + 30 * 24
+  ∧ n.reasons.length ≥ 1
+
+theorem fcra_demo :
+  ∀ d n, d.denied = tt → fcra_compliant d n → n.reasons.length ≥ 1 :=
+λ d n h1 hc, hc.2.2.2
+
    selfHealingPlaybookEngine
    python · Self-healing playbook executor with WORM-attested actions
    import json, time, hashlib
+
+def execute_playbook(playbook, signals, signer, worm_writer):
+    record = {"playbook": playbook["id"], "trigger": playbook["trigger"],
+              "signals": signals, "ts": time.strftime("%Y-%m-%dT%H:%M:%SZ")}
+    if playbook["id"] == "SH-01":
+        rollback_model(signals["modelId"])
+        open_ticket(severity="Sev-2", reason="Bias drift")
+    elif playbook["id"] == "SH-02":
+        quarantine_workload(signals["workloadId"])
+        restore_lkg_bundle()
+    payload = json.dumps(record, sort_keys=True).encode()
+    record["digest"] = hashlib.sha256(payload).hexdigest()
+    record["signature"] = signer(payload)
+    worm_writer.write(record)
+    return record
+
+def rollback_model(*a, **k): ...
+def open_ticket(*a, **k): ...
+def quarantine_workload(*a, **k): ...
+def restore_lkg_bundle(*a, **k): ...
+
    rspApiFastapi
    python · FastAPI decision-traceability API for RSP v2.4+
    from fastapi import FastAPI, HTTPException, Depends
+app = FastAPI(title="RSP Decision Traceability API")
+
+def auth(spiffe_id: str = ""): 
+    if not spiffe_id.startswith("spiffe://supervisor."):
+        raise HTTPException(401, "Supervisor SPIFFE required")
+    return spiffe_id
+
+@app.get("/rsp/{rsp_id}/decisions/{decision_id}")
+def get_decision(rsp_id: str, decision_id: str, who=Depends(auth)):
+    env = decision_store.fetch(rsp_id, decision_id)
+    if not env: raise HTTPException(404, "Decision not found")
+    return env
+
+@app.post("/rsp/{rsp_id}/challenge")
+def challenge(rsp_id: str, body: dict, who=Depends(auth)):
+    return counterfactual_engine.run(rsp_id, body)
+
    merkleAnchor
    python · Daily Merkle anchor of evidence WORM into public ledger
    import hashlib
+
+def merkle_root(leaves):
+    layer = [bytes.fromhex(l) for l in leaves]
+    while len(layer) > 1:
+        if len(layer) % 2: layer.append(layer[-1])
+        layer = [hashlib.sha256(layer[i]+layer[i+1]).digest() for i in range(0,len(layer),2)]
+    return layer[0].hex()
+
+def anchor_today(evidence_hashes, ledger_client):
+    root = merkle_root(evidence_hashes)
+    txid = ledger_client.publish(root)
+    return {"root": root, "txid": txid, "count": len(evidence_hashes)}
+
    +
    + +
    +

    Case Studies

    +

    5 reference deployments: EU G-SIB dual ISO/EU AI Act certification, US BHC federated SR 11-7+EU AI Act, UK PRA SS1/23 SMF24 attestation, joint ECB+Fed+PRA examination, self-healing bias drift auto-rollback.

    +

    CS-01 · European G-SIB — first ISO/IEC 42001 + EU AI Act dual certification

    Sector: Banking (EU)

    Top-3 EU bank achieved ISO/IEC 42001 certification and EU AI Act Art. 43 conformity for AI-CR-UNDERWRITE-01 concurrently.

    Outcomes

    rspVersionv2.4
    regulators
    • ECB
    • BaFin
    • ACPR
    • EDPB
    controlAutomation94%
    auditFindingsCriticalHigh0

    CS-02 · US BHC — federated SR 11-7 + EU AI Act submission

    Sector: Banking (US/EU)

    US bank holding company served SR 11-7 + EU AI Act overlays from a single AIMS, federated to FRB + ECB via FedReg.

    Outcomes

    rspVersionv2.2 → v2.4
    supervisorCount5
    decisionTraceability99.97%
    boardAttestationQuarterly + ad-hoc

    CS-03 · UK firm — PRA SS1/23 SMF24 attestation pipeline

    Sector: Banking (UK)

    PRA-authorised firm built an SMF24 senior-manager attestation pipeline auto-generated from AIMS evidence.

    Outcomes

    smf24AttestationLatency<= 24h
    evidenceAutomation97%
    annualSelfAssessmentFiled 11 days early

    CS-04 · Joint examination drill — ECB + Fed + PRA

    Sector: Cross-jurisdiction

    Three home/host supervisors ran a joint examination of AI-CR-UNDERWRITE-01 using FedReg, with binding-with-override advisory issued by an autonomous supervisor agent (T4).

    Outcomes

    totalQueries412
    averageReplyLatency27 minutes
    challengePassRate98.5%
    finalReportTime23 days

    CS-05 · Self-healing in production — bias drift auto-rollback

    Sector: Banking

    AIR fell to 0.81 on a protected attribute; SH-01 auto-rolled back the model within 4 minutes, opened Sev-2, and filed a customer-impact pre-warning to Internal Audit.

    Outcomes

    detectionToRollback4 min
    customerImpact0 wrongful denials
    regulatorNotifiedECB + ICO within 6h
    rcaPublished<= 5 business days
    +
    + +
    +

    API Endpoints

    +

    Prefix: /api/gsifi-aims · Total planned: 78

    +
    • /api/gsifi-aims
    • /api/gsifi-aims/meta
    • /api/gsifi-aims/executive-summary
    • /api/gsifi-aims/summary
    • /api/gsifi-aims/aims
    • /api/gsifi-aims/aims/sections
    • /api/gsifi-aims/aims/sections/:id
    • /api/gsifi-aims/aims/annexes
    • /api/gsifi-aims/aims/annexes/:id
    • /api/gsifi-aims/regulatory
    • /api/gsifi-aims/regulatory/overlays
    • /api/gsifi-aims/regulatory/overlays/:id
    • /api/gsifi-aims/regulatory/precedence
    • /api/gsifi-aims/regulatory/matrix
    • /api/gsifi-aims/rsp
    • /api/gsifi-aims/rsp/versions
    • /api/gsifi-aims/rsp/versions/:id
    • /api/gsifi-aims/rsp/structure
    • /api/gsifi-aims/rsp/api
    • /api/gsifi-aims/rsp/pipeline
    • /api/gsifi-aims/enforcement
    • /api/gsifi-aims/enforcement/terraform
    • /api/gsifi-aims/enforcement/opa
    • /api/gsifi-aims/enforcement/audit
    • /api/gsifi-aims/adversarial
    • /api/gsifi-aims/adversarial/loop
    • /api/gsifi-aims/adversarial/playbooks
    • /api/gsifi-aims/adversarial/kpis
    • /api/gsifi-aims/predictive
    • /api/gsifi-aims/predictive/forecasters
    • /api/gsifi-aims/predictive/formal
    • /api/gsifi-aims/predictive/causal
    • /api/gsifi-aims/federation
    • /api/gsifi-aims/federation/protocol
    • /api/gsifi-aims/federation/tiers
    • /api/gsifi-aims/federation/privacy
    • /api/gsifi-aims/federation/joint-exam
    • /api/gsifi-aims/credit-underwriting
    • /api/gsifi-aims/credit-underwriting/scope
    • /api/gsifi-aims/credit-underwriting/data
    • /api/gsifi-aims/credit-underwriting/dev-validation
    • /api/gsifi-aims/credit-underwriting/decisioning
    • /api/gsifi-aims/credit-underwriting/monitoring
    • /api/gsifi-aims/credit-underwriting/regulator
    • /api/gsifi-aims/roadmap
    • /api/gsifi-aims/roadmap/phases
    • /api/gsifi-aims/roadmap/phases/:id
    • /api/gsifi-aims/roadmap/kpis
    • /api/gsifi-aims/roadmap/risks
    • /api/gsifi-aims/operating-model
    • /api/gsifi-aims/operating-model/lod
    • /api/gsifi-aims/operating-model/raci
    • /api/gsifi-aims/operating-model/committees
    • /api/gsifi-aims/reporting
    • /api/gsifi-aims/reporting/audience
    • /api/gsifi-aims/reporting/template
    • /api/gsifi-aims/reporting/principles
    • /api/gsifi-aims/schemas
    • /api/gsifi-aims/schemas/:name
    • /api/gsifi-aims/code-examples
    • /api/gsifi-aims/code-examples/:name
    • /api/gsifi-aims/case-studies
    • /api/gsifi-aims/case-studies/:id
    • /api/gsifi-aims/modules
    • /api/gsifi-aims/modules/:id
    • /api/gsifi-aims/sections/:id
    • /api/gsifi-aims/m1
    • /api/gsifi-aims/m2
    • /api/gsifi-aims/m3
    • /api/gsifi-aims/m4
    • /api/gsifi-aims/m5
    • /api/gsifi-aims/m6
    • /api/gsifi-aims/m7
    • /api/gsifi-aims/m8
    • /api/gsifi-aims/m9
    • /api/gsifi-aims/m10
    • /api/gsifi-aims/m11
    • /api/gsifi-aims/m12
    +
    +
    + + + diff --git a/rag-agentic-dashboard/server.js b/rag-agentic-dashboard/server.js index 86f82a3..b51897c 100644 --- a/rag-agentic-dashboard/server.js +++ b/rag-agentic-dashboard/server.js @@ -21739,6 +21739,236 @@ app.get('/api/wfap-gemini/case-studies/:id', (req, res) => { res.json(cs); }); +// ══════════════════════════════════════════════════════════════════════════════ +// GSIFI-AIMS-BLUEPRINT-WP-037 — Regulator-Grade AI Governance & ISO/IEC 42001 +// AIMS Master Blueprint for G-SIFIs (2026–2030) +// ══════════════════════════════════════════════════════════════════════════════ +const GSAIMS = require('./data/gsifi-aims-blueprint.json'); + +const GSAIMS_MODULES = { + M1: GSAIMS.M1_aimsSections, + M2: GSAIMS.M2_aimsAnnexes, + M3: GSAIMS.M3_regulatoryOverlays, + M4: GSAIMS.M4_rsp, + M5: GSAIMS.M5_technicalEnforcement, + M6: GSAIMS.M6_adversarialSelfHealing, + M7: GSAIMS.M7_predictiveFormal, + M8: GSAIMS.M8_federationSupervisory, + M9: GSAIMS.M9_creditUnderwriting, + M10: GSAIMS.M10_roadmap, + M11: GSAIMS.M11_operatingModel, + M12: GSAIMS.M12_reportingDisclosure, +}; + +function gsaimsSection(modKey, sid) { + const mod = GSAIMS[modKey] || {}; + return ((mod.sections) || []).find(s => (s.id || '').toUpperCase() === sid.toUpperCase()) || {}; +} + +app.get('/api/gsifi-aims', (_, res) => res.json(GSAIMS)); +app.get('/api/gsifi-aims/meta', (_, res) => res.json(GSAIMS.meta || {})); +app.get('/api/gsifi-aims/executive-summary',(_, res) => res.json(GSAIMS.executiveSummary || {})); +app.get('/api/gsifi-aims/summary', (_, res) => { + const m = GSAIMS.meta || {}; + const inv = m.deliverableInventory || {}; + res.json({ + docRef: m.docRef, + version: m.version, + title: m.title, + horizon: m.horizon, + classification: m.classification, + modules: Object.keys(GSAIMS_MODULES).length, + aimsSections: inv.aimsSections || 5, + annexes: inv.annexes || 4, + regulatoryOverlays: inv.regulatoryOverlays || 5, + rspVersions: inv.rspVersions || 7, + schemas: Object.keys(GSAIMS.schemas || {}).length, + codeExamples: Object.keys(GSAIMS.codeExamples || {}).length, + caseStudies: (GSAIMS.caseStudies || []).length, + phases: inv.phases || 5, + kpis: inv.kpis || 16, + controls: inv.controls || 280, + apiPrefix: '/api/gsifi-aims', + routes: ((GSAIMS.apiEndpoints || {}).routes || []).length, + }); +}); + +app.get('/api/gsifi-aims/modules', (_, res) => { + res.json(Object.entries(GSAIMS_MODULES).map(([k, v]) => ({ + key: k, id: (v && v.id) || k, title: (v && v.title) || '', + sections: ((v && v.sections) || []).length, + }))); +}); +app.get('/api/gsifi-aims/modules/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const mod = GSAIMS_MODULES[id]; + if (!mod) return res.status(404).json({ error: 'module not found', id: req.params.id }); + res.json(mod); +}); + +// Module shortcuts m1..m12 +app.get('/api/gsifi-aims/m1', (_, res) => res.json(GSAIMS.M1_aimsSections || {})); +app.get('/api/gsifi-aims/m2', (_, res) => res.json(GSAIMS.M2_aimsAnnexes || {})); +app.get('/api/gsifi-aims/m3', (_, res) => res.json(GSAIMS.M3_regulatoryOverlays || {})); +app.get('/api/gsifi-aims/m4', (_, res) => res.json(GSAIMS.M4_rsp || {})); +app.get('/api/gsifi-aims/m5', (_, res) => res.json(GSAIMS.M5_technicalEnforcement || {})); +app.get('/api/gsifi-aims/m6', (_, res) => res.json(GSAIMS.M6_adversarialSelfHealing || {})); +app.get('/api/gsifi-aims/m7', (_, res) => res.json(GSAIMS.M7_predictiveFormal || {})); +app.get('/api/gsifi-aims/m8', (_, res) => res.json(GSAIMS.M8_federationSupervisory || {})); +app.get('/api/gsifi-aims/m9', (_, res) => res.json(GSAIMS.M9_creditUnderwriting || {})); +app.get('/api/gsifi-aims/m10', (_, res) => res.json(GSAIMS.M10_roadmap || {})); +app.get('/api/gsifi-aims/m11', (_, res) => res.json(GSAIMS.M11_operatingModel || {})); +app.get('/api/gsifi-aims/m12', (_, res) => res.json(GSAIMS.M12_reportingDisclosure || {})); + +// AIMS sections / annexes (M1, M2) +app.get('/api/gsifi-aims/aims', (_, res) => res.json(GSAIMS.M1_aimsSections || {})); +app.get('/api/gsifi-aims/aims/sections', (_, res) => res.json((GSAIMS.M1_aimsSections || {}).sections || [])); +app.get('/api/gsifi-aims/aims/sections/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const s = ((GSAIMS.M1_aimsSections || {}).sections || []).find(x => (x.id || '').toUpperCase() === id); + if (!s) return res.status(404).json({ error: 'AIMS section not found', id: req.params.id }); + res.json(s); +}); +app.get('/api/gsifi-aims/aims/annexes', (_, res) => res.json((GSAIMS.M2_aimsAnnexes || {}).sections || [])); +app.get('/api/gsifi-aims/aims/annexes/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const s = ((GSAIMS.M2_aimsAnnexes || {}).sections || []).find(x => (x.id || '').toUpperCase() === id); + if (!s) return res.status(404).json({ error: 'AIMS annex not found', id: req.params.id }); + res.json(s); +}); + +// Regulatory overlays (M3) +app.get('/api/gsifi-aims/regulatory', (_, res) => res.json(GSAIMS.M3_regulatoryOverlays || {})); +app.get('/api/gsifi-aims/regulatory/overlays', (_, res) => { + const sec = gsaimsSection('M3_regulatoryOverlays', 'M3-S1'); + res.json(sec.overlays || []); +}); +app.get('/api/gsifi-aims/regulatory/overlays/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const sec = gsaimsSection('M3_regulatoryOverlays', 'M3-S1'); + const o = (sec.overlays || []).find(x => (x.id || '').toUpperCase() === id); + if (!o) return res.status(404).json({ error: 'overlay not found', id: req.params.id }); + res.json(o); +}); +app.get('/api/gsifi-aims/regulatory/precedence',(_, res) => res.json(gsaimsSection('M3_regulatoryOverlays', 'M3-S2'))); +app.get('/api/gsifi-aims/regulatory/matrix', (_, res) => res.json(gsaimsSection('M3_regulatoryOverlays', 'M3-S3'))); + +// Regulator Submission Packs (M4) +app.get('/api/gsifi-aims/rsp', (_, res) => res.json(GSAIMS.M4_rsp || {})); +app.get('/api/gsifi-aims/rsp/versions', (_, res) => { + const sec = gsaimsSection('M4_rsp', 'M4-S1'); + res.json(sec.versions || []); +}); +app.get('/api/gsifi-aims/rsp/versions/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const sec = gsaimsSection('M4_rsp', 'M4-S1'); + const v = (sec.versions || []).find(x => (x.id || '').toUpperCase() === id); + if (!v) return res.status(404).json({ error: 'RSP version not found', id: req.params.id }); + res.json(v); +}); +app.get('/api/gsifi-aims/rsp/structure', (_, res) => res.json(gsaimsSection('M4_rsp', 'M4-S2'))); +app.get('/api/gsifi-aims/rsp/api', (_, res) => res.json(gsaimsSection('M4_rsp', 'M4-S3'))); +app.get('/api/gsifi-aims/rsp/pipeline', (_, res) => res.json(gsaimsSection('M4_rsp', 'M4-S4'))); + +// Technical enforcement (M5) +app.get('/api/gsifi-aims/enforcement', (_, res) => res.json(GSAIMS.M5_technicalEnforcement || {})); +app.get('/api/gsifi-aims/enforcement/terraform', (_, res) => res.json(gsaimsSection('M5_technicalEnforcement', 'M5-S1'))); +app.get('/api/gsifi-aims/enforcement/opa', (_, res) => res.json(gsaimsSection('M5_technicalEnforcement', 'M5-S2'))); +app.get('/api/gsifi-aims/enforcement/audit', (_, res) => res.json(gsaimsSection('M5_technicalEnforcement', 'M5-S3'))); + +// Adversarial / self-healing (M6) +app.get('/api/gsifi-aims/adversarial', (_, res) => res.json(GSAIMS.M6_adversarialSelfHealing || {})); +app.get('/api/gsifi-aims/adversarial/loop', (_, res) => res.json(gsaimsSection('M6_adversarialSelfHealing', 'M6-S1'))); +app.get('/api/gsifi-aims/adversarial/playbooks', (_, res) => res.json(gsaimsSection('M6_adversarialSelfHealing', 'M6-S2'))); +app.get('/api/gsifi-aims/adversarial/kpis', (_, res) => res.json(gsaimsSection('M6_adversarialSelfHealing', 'M6-S3'))); + +// Predictive / formal verification (M7) +app.get('/api/gsifi-aims/predictive', (_, res) => res.json(GSAIMS.M7_predictiveFormal || {})); +app.get('/api/gsifi-aims/predictive/forecasters', (_, res) => res.json(gsaimsSection('M7_predictiveFormal', 'M7-S1'))); +app.get('/api/gsifi-aims/predictive/formal', (_, res) => res.json(gsaimsSection('M7_predictiveFormal', 'M7-S2'))); +app.get('/api/gsifi-aims/predictive/causal', (_, res) => res.json(gsaimsSection('M7_predictiveFormal', 'M7-S3'))); + +// Federation / autonomous supervisory (M8) +app.get('/api/gsifi-aims/federation', (_, res) => res.json(GSAIMS.M8_federationSupervisory || {})); +app.get('/api/gsifi-aims/federation/protocol', (_, res) => res.json(gsaimsSection('M8_federationSupervisory', 'M8-S1'))); +app.get('/api/gsifi-aims/federation/tiers', (_, res) => res.json(gsaimsSection('M8_federationSupervisory', 'M8-S2'))); +app.get('/api/gsifi-aims/federation/privacy', (_, res) => res.json(gsaimsSection('M8_federationSupervisory', 'M8-S3'))); +app.get('/api/gsifi-aims/federation/joint-exam', (_, res) => res.json(gsaimsSection('M8_federationSupervisory', 'M8-S4'))); + +// Credit underwriting use case (M9) +app.get('/api/gsifi-aims/credit-underwriting', (_, res) => res.json(GSAIMS.M9_creditUnderwriting || {})); +app.get('/api/gsifi-aims/credit-underwriting/scope', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S1'))); +app.get('/api/gsifi-aims/credit-underwriting/data', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S2'))); +app.get('/api/gsifi-aims/credit-underwriting/dev-validation', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S3'))); +app.get('/api/gsifi-aims/credit-underwriting/decisioning', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S4'))); +app.get('/api/gsifi-aims/credit-underwriting/monitoring', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S5'))); +app.get('/api/gsifi-aims/credit-underwriting/regulator', (_, res) => res.json(gsaimsSection('M9_creditUnderwriting', 'M9-S6'))); + +// Roadmap (M10) +app.get('/api/gsifi-aims/roadmap', (_, res) => res.json(GSAIMS.M10_roadmap || {})); +app.get('/api/gsifi-aims/roadmap/phases', (_, res) => { + const sec = gsaimsSection('M10_roadmap', 'M10-S1'); + res.json(sec.phases || []); +}); +app.get('/api/gsifi-aims/roadmap/phases/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + const sec = gsaimsSection('M10_roadmap', 'M10-S1'); + const p = (sec.phases || []).find(x => (x.id || '').toUpperCase() === id); + if (!p) return res.status(404).json({ error: 'phase not found', id: req.params.id }); + res.json(p); +}); +app.get('/api/gsifi-aims/roadmap/kpis', (_, res) => { + const sec = gsaimsSection('M10_roadmap', 'M10-S2'); + res.json(sec.kpis || []); +}); +app.get('/api/gsifi-aims/roadmap/risks', (_, res) => { + const sec = gsaimsSection('M10_roadmap', 'M10-S3'); + res.json(sec.risks || []); +}); + +// Operating model (M11) +app.get('/api/gsifi-aims/operating-model', (_, res) => res.json(GSAIMS.M11_operatingModel || {})); +app.get('/api/gsifi-aims/operating-model/lod', (_, res) => res.json(gsaimsSection('M11_operatingModel', 'M11-S1'))); +app.get('/api/gsifi-aims/operating-model/raci', (_, res) => res.json(gsaimsSection('M11_operatingModel', 'M11-S2'))); +app.get('/api/gsifi-aims/operating-model/committees', (_, res) => res.json(gsaimsSection('M11_operatingModel', 'M11-S3'))); + +// Reporting & disclosure (M12) +app.get('/api/gsifi-aims/reporting', (_, res) => res.json(GSAIMS.M12_reportingDisclosure || {})); +app.get('/api/gsifi-aims/reporting/audience', (_, res) => res.json(gsaimsSection('M12_reportingDisclosure', 'M12-S1'))); +app.get('/api/gsifi-aims/reporting/template', (_, res) => res.json(gsaimsSection('M12_reportingDisclosure', 'M12-S2'))); +app.get('/api/gsifi-aims/reporting/principles', (_, res) => res.json(gsaimsSection('M12_reportingDisclosure', 'M12-S3'))); + +// Generic section lookup +app.get('/api/gsifi-aims/sections/:id', (req, res) => { + const id = req.params.id.toUpperCase(); + for (const mod of Object.values(GSAIMS_MODULES)) { + const s = ((mod && mod.sections) || []).find(x => (x.id || '').toUpperCase() === id); + if (s) return res.json(s); + } + return res.status(404).json({ error: 'section not found', id: req.params.id }); +}); + +// Schemas / code examples / case studies +app.get('/api/gsifi-aims/schemas', (_, res) => res.json(GSAIMS.schemas || {})); +app.get('/api/gsifi-aims/schemas/:name', (req, res) => { + const sch = (GSAIMS.schemas || {})[req.params.name]; + if (!sch) return res.status(404).json({ error: 'schema not found', name: req.params.name }); + res.json(sch); +}); +app.get('/api/gsifi-aims/code-examples', (_, res) => res.json(GSAIMS.codeExamples || {})); +app.get('/api/gsifi-aims/code-examples/:name', (req, res) => { + const c = (GSAIMS.codeExamples || {})[req.params.name]; + if (!c) return res.status(404).json({ error: 'code example not found', name: req.params.name }); + res.json(c); +}); +app.get('/api/gsifi-aims/case-studies', (_, res) => res.json(GSAIMS.caseStudies || [])); +app.get('/api/gsifi-aims/case-studies/:id', (req, res) => { + const u = req.params.id.toUpperCase(); + const cs = (GSAIMS.caseStudies || []).find(c => (c.id || '').toUpperCase() === u); + if (!cs) return res.status(404).json({ error: 'case study not found', id: req.params.id }); + res.json(cs); +}); + // SECTION 10: START SERVER // ══════════════════════════════════════════════════════════════════════════════